From c5648d5c9f1e5c8a08690618f8ab0b76e4d8bacd Mon Sep 17 00:00:00 2001 From: Petr Drastil Date: Tue, 10 Jan 2023 09:58:45 +0100 Subject: [PATCH 001/373] chore(argo-cd): Consolidate cluster-wide RBAC (#1597) Signed-off-by: Petr Drastil --- charts/argo-cd/Chart.yaml | 9 ++++--- charts/argo-cd/README.md | 6 ++--- charts/argo-cd/templates/NOTES.txt | 12 +++++++++ .../clusterrole.yaml | 27 ++++++++++--------- .../clusterrolebinding.yaml | 11 ++++---- .../argocd-repo-server/clusterrole.yaml | 27 ++++++++++--------- .../clusterrolebinding.yaml | 9 ++++--- .../templates/argocd-server/clusterrole.yaml | 3 ++- .../argocd-server/clusterrolebinding.yaml | 11 ++++---- charts/argo-cd/values.yaml | 21 +++------------ 10 files changed, 70 insertions(+), 66 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index a3f338f0c..912ffeff7 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -3,7 +3,7 @@ appVersion: v2.5.5 kubeVersion: ">=1.22.0-0" description: A Helm chart for Argo CD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 5.16.14 +version: 5.16.15 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png sources: @@ -23,6 +23,7 @@ dependencies: condition: redis-ha.enabled annotations: artifacthub.io/changes: | - - "[Docs]: Added sample how to provide K8s credentials plugin" - - "[Docs]: Added sample how to provide Argo config management plugin" - - "[Docs]: Removed samples that injects tools into incorrect controllers" + - "[Added]: Option createClusterRoles to enable cluster roles from one place" + - "[Deprecated]: Option controller.clusterAdminAccess.enabled" + - "[Deprecated]: Option server.clusterAdminAccess.enabled" + - "[Deprecated]: Option repoServer.clusterAdminAccess.enabled" diff --git a/charts/argo-cd/README.md b/charts/argo-cd/README.md index f71184f36..ec1213f84 100644 --- a/charts/argo-cd/README.md +++ b/charts/argo-cd/README.md @@ -362,7 +362,8 @@ NAME: my-release | crds.annotations | object | `{}` | Annotations to be added to all CRDs | | crds.install | bool | `true` | Install and upgrade CRDs | | crds.keep | bool | `true` | Keep CRDs on chart uninstall | -| createAggregateRoles | bool | `false` | Create clusterroles that extend existing clusterroles to interact with argo-cd crds | +| createAggregateRoles | bool | `false` | Create aggregated roles that extend existing cluster roles to interact with argo-cd resources | +| createClusterRoles | bool | `true` | Create cluster roles for cluster-wide installation. | | extraObjects | list | `[]` | Array of extra K8s manifests to deploy | | fullnameOverride | string | `""` | String to fully override `"argo-cd.fullname"` | | kubeVersionOverride | string | `""` | Override the Kubernetes version, which is used to evaluate certain manifests | @@ -451,7 +452,6 @@ NAME: my-release |-----|------|---------|-------------| | controller.affinity | object | `{}` | Assign custom [affinity] rules to the deployment | | controller.args | object | `{}` | DEPRECATED - Application controller commandline flags | -| controller.clusterAdminAccess.enabled | bool | `true` | Enable RBAC for local cluster deployments | | controller.clusterRoleRules.enabled | bool | `false` | Enable custom rules for the application controller's ClusterRole resource | | controller.clusterRoleRules.rules | list | `[]` | List of custom rules for the application controller's ClusterRole resource | | controller.containerPort | int | `8082` | Application controller listening port | @@ -529,7 +529,6 @@ NAME: my-release | repoServer.certificateSecret.enabled | bool | `false` | Create argocd-repo-server-tls secret | | repoServer.certificateSecret.key | string | `""` | Certificate private key | | repoServer.certificateSecret.labels | object | `{}` | Labels to be added to argocd-repo-server-tls secret | -| repoServer.clusterAdminAccess.enabled | bool | `false` | Enable RBAC for local cluster deployments | | repoServer.clusterRoleRules.enabled | bool | `false` | Enable custom rules for the Repo server's Cluster Role resource | | repoServer.clusterRoleRules.rules | list | `[]` | List of custom rules for the Repo server's Cluster Role resource | | repoServer.containerPort | int | `8081` | Configures the repo server port | @@ -631,7 +630,6 @@ NAME: my-release | server.certificateSecret.enabled | bool | `false` | Create argocd-server-tls secret | | server.certificateSecret.key | string | `""` | Private Key of the certificate | | server.certificateSecret.labels | object | `{}` | Labels to be added to argocd-server-tls secret | -| server.clusterAdminAccess.enabled | bool | `true` | Enable RBAC for local cluster deployments | | server.containerPort | int | `8080` | Configures the server port | | server.containerSecurityContext | object | See [values.yaml] | Server container-level security context | | server.deploymentAnnotations | object | `{}` | Annotations to be added to server Deployment | diff --git a/charts/argo-cd/templates/NOTES.txt b/charts/argo-cd/templates/NOTES.txt index 98bbb96a3..30138ee4e 100644 --- a/charts/argo-cd/templates/NOTES.txt +++ b/charts/argo-cd/templates/NOTES.txt @@ -52,6 +52,18 @@ DEPRECATED option configs.gpgKeys - Use config.gpg.keys {{- if .Values.configs.gpgKeysAnnotations }} DEPRECATED option configs.gpgKeysAnnotations - Use config.gpg.annotations {{- end }} +{{- if hasKey .Values "createAggregateRoles" }} +DEPRECATED option createAggregateRoles - Use global.rbac.aggregatedRoles +{{- end }} +{{- if hasKey (.Values.controller.clusterAdminAccess | default dict) "enabled" }} +DEPRECATED option .controller.clusterAdminAccess.enabled - Use createClusterRoles +{{- end }} +{{- if hasKey (.Values.server.clusterAdminAccess | default dict) "enabled" }} +DEPRECATED option .server.clusterAdminAccess.enabled - Use createClusterRoles +{{- end }} +{{- if hasKey (.Values.repoServer.clusterAdminAccess | default dict) "enabled" }} +DEPRECATED option .server.clusterAdminAccess.enabled - Use createClusterRoles +{{- end }} {{- if .Values.controller.service }} REMOVED option controller.service - Use controller.metrics {{- end }} diff --git a/charts/argo-cd/templates/argocd-application-controller/clusterrole.yaml b/charts/argo-cd/templates/argocd-application-controller/clusterrole.yaml index 0aa82961b..5ebe00b3f 100644 --- a/charts/argo-cd/templates/argocd-application-controller/clusterrole.yaml +++ b/charts/argo-cd/templates/argocd-application-controller/clusterrole.yaml @@ -1,23 +1,24 @@ -{{- if .Values.controller.clusterAdminAccess.enabled }} +{{- $config := .Values.controller.clusterAdminAccess | default dict -}} +{{- if hasKey $config "enabled" | ternary $config.enabled .Values.createClusterRoles }} apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRole metadata: - name: {{ template "argo-cd.controller.fullname" . }} + name: {{ include "argo-cd.controller.fullname" . }} labels: {{- include "argo-cd.labels" (dict "context" . "component" .Values.controller.name "name" .Values.controller.name) | nindent 4 }} rules: {{- if .Values.controller.clusterRoleRules.enabled }} - {{- toYaml .Values.controller.clusterRoleRules.rules | nindent 0 }} + {{- toYaml .Values.controller.clusterRoleRules.rules | nindent 2 }} {{- else }} -- apiGroups: - - '*' - resources: - - '*' - verbs: - - '*' -- nonResourceURLs: - - '*' - verbs: - - '*' + - apiGroups: + - '*' + resources: + - '*' + verbs: + - '*' + - nonResourceURLs: + - '*' + verbs: + - '*' {{- end }} {{- end }} diff --git a/charts/argo-cd/templates/argocd-application-controller/clusterrolebinding.yaml b/charts/argo-cd/templates/argocd-application-controller/clusterrolebinding.yaml index 86d7c8839..39ee80a67 100644 --- a/charts/argo-cd/templates/argocd-application-controller/clusterrolebinding.yaml +++ b/charts/argo-cd/templates/argocd-application-controller/clusterrolebinding.yaml @@ -1,16 +1,17 @@ -{{- if .Values.controller.clusterAdminAccess.enabled }} +{{- $config := .Values.controller.clusterAdminAccess | default dict -}} +{{- if hasKey $config "enabled" | ternary $config.enabled .Values.createClusterRoles }} apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRoleBinding metadata: - name: {{ template "argo-cd.controller.fullname" . }} + name: {{ include "argo-cd.controller.fullname" . }} labels: {{- include "argo-cd.labels" (dict "context" . "component" .Values.controller.name "name" .Values.controller.name) | nindent 4 }} roleRef: apiGroup: rbac.authorization.k8s.io kind: ClusterRole - name: {{ template "argo-cd.controller.fullname" . }} + name: {{ include "argo-cd.controller.fullname" . }} subjects: - kind: ServiceAccount - name: {{ template "argo-cd.controllerServiceAccountName" . }} + name: {{ include "argo-cd.controllerServiceAccountName" . }} namespace: {{ .Release.Namespace }} -{{- end }} \ No newline at end of file +{{- end }} diff --git a/charts/argo-cd/templates/argocd-repo-server/clusterrole.yaml b/charts/argo-cd/templates/argocd-repo-server/clusterrole.yaml index 4ea41da32..21dff1a92 100644 --- a/charts/argo-cd/templates/argocd-repo-server/clusterrole.yaml +++ b/charts/argo-cd/templates/argocd-repo-server/clusterrole.yaml @@ -1,23 +1,24 @@ -{{- if and .Values.repoServer.serviceAccount.create .Values.repoServer.clusterAdminAccess.enabled }} +{{- $config := .Values.repoServer.clusterAdminAccess | default dict -}} +{{- if hasKey $config "enabled" | ternary $config.enabled .Values.createClusterRoles }} apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRole metadata: - name: {{ template "argo-cd.repoServer.fullname" . }} + name: {{ include "argo-cd.repoServer.fullname" . }} labels: {{- include "argo-cd.labels" (dict "context" . "component" .Values.repoServer.name "name" .Values.repoServer.name) | nindent 4 }} rules: {{- if .Values.repoServer.clusterRoleRules.enabled }} - {{- toYaml .Values.repoServer.clusterRoleRules.rules | nindent 0 }} + {{- toYaml .Values.repoServer.clusterRoleRules.rules | nindent 2 }} {{- else }} -- apiGroups: - - '*' - resources: - - '*' - verbs: - - '*' -- nonResourceURLs: - - '*' - verbs: - - '*' + - apiGroups: + - '*' + resources: + - '*' + verbs: + - '*' + - nonResourceURLs: + - '*' + verbs: + - '*' {{- end }} {{- end }} diff --git a/charts/argo-cd/templates/argocd-repo-server/clusterrolebinding.yaml b/charts/argo-cd/templates/argocd-repo-server/clusterrolebinding.yaml index 9757912e1..c3e21edbc 100644 --- a/charts/argo-cd/templates/argocd-repo-server/clusterrolebinding.yaml +++ b/charts/argo-cd/templates/argocd-repo-server/clusterrolebinding.yaml @@ -1,16 +1,17 @@ -{{- if and .Values.repoServer.serviceAccount.create .Values.repoServer.clusterAdminAccess.enabled }} +{{- $config := .Values.repoServer.clusterAdminAccess | default dict -}} +{{- if hasKey $config "enabled" | ternary $config.enabled .Values.createClusterRoles }} apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRoleBinding metadata: - name: {{ template "argo-cd.repoServer.fullname" . }} + name: {{ include "argo-cd.repoServer.fullname" . }} labels: {{- include "argo-cd.labels" (dict "context" . "component" .Values.repoServer.name "name" .Values.repoServer.name) | nindent 4 }} roleRef: apiGroup: rbac.authorization.k8s.io kind: ClusterRole - name: {{ template "argo-cd.repoServer.fullname" . }} + name: {{ include "argo-cd.repoServer.fullname" . }} subjects: - kind: ServiceAccount - name: {{ template "argo-cd.repoServerServiceAccountName" . }} + name: {{ include "argo-cd.repoServerServiceAccountName" . }} namespace: {{ .Release.Namespace }} {{- end }} diff --git a/charts/argo-cd/templates/argocd-server/clusterrole.yaml b/charts/argo-cd/templates/argocd-server/clusterrole.yaml index 2caa4dd04..0f26d4707 100644 --- a/charts/argo-cd/templates/argocd-server/clusterrole.yaml +++ b/charts/argo-cd/templates/argocd-server/clusterrole.yaml @@ -1,4 +1,5 @@ -{{- if .Values.server.clusterAdminAccess.enabled }} +{{- $config := .Values.server.clusterAdminAccess | default dict -}} +{{- if hasKey $config "enabled" | ternary $config.enabled .Values.createClusterRoles }} apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRole metadata: diff --git a/charts/argo-cd/templates/argocd-server/clusterrolebinding.yaml b/charts/argo-cd/templates/argocd-server/clusterrolebinding.yaml index 9f5a960db..72e4d4504 100644 --- a/charts/argo-cd/templates/argocd-server/clusterrolebinding.yaml +++ b/charts/argo-cd/templates/argocd-server/clusterrolebinding.yaml @@ -1,16 +1,17 @@ -{{- if .Values.server.clusterAdminAccess.enabled }} +{{- $config := .Values.server.clusterAdminAccess | default dict -}} +{{- if hasKey $config "enabled" | ternary $config.enabled .Values.createClusterRoles }} apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRoleBinding metadata: - name: {{ template "argo-cd.server.fullname" . }} + name: {{ include "argo-cd.server.fullname" . }} labels: {{- include "argo-cd.labels" (dict "context" . "component" .Values.server.name "name" .Values.server.name) | nindent 4 }} roleRef: apiGroup: rbac.authorization.k8s.io kind: ClusterRole - name: {{ template "argo-cd.server.fullname" . }} + name: {{ include "argo-cd.server.fullname" . }} subjects: - kind: ServiceAccount - name: {{ template "argo-cd.serverServiceAccountName" . }} + name: {{ include "argo-cd.serverServiceAccountName" . }} namespace: {{ .Release.Namespace }} -{{- end }} \ No newline at end of file +{{- end }} diff --git a/charts/argo-cd/values.yaml b/charts/argo-cd/values.yaml index 010d7cbe0..d799dcb90 100755 --- a/charts/argo-cd/values.yaml +++ b/charts/argo-cd/values.yaml @@ -19,9 +19,12 @@ apiVersionOverrides: # -- String to override apiVersion of autoscaling rendered by this helm chart autoscaling: "" # autoscaling/v2 -# -- Create clusterroles that extend existing clusterroles to interact with argo-cd crds +# -- Create aggregated roles that extend existing cluster roles to interact with argo-cd resources ## Ref: https://kubernetes.io/docs/reference/access-authn-authz/rbac/#aggregated-clusterroles createAggregateRoles: false +# -- Create cluster roles for cluster-wide installation. +## Used when you manage applications in the same cluster where Argo CD runs +createClusterRoles: true openshift: # -- enables using arbitrary uid for argo repo server @@ -718,11 +721,6 @@ controller: # additionalLabels: {} # annotations: {} - ## Enable if you would like to grant rights to Argo CD to deploy to the local Kubernetes cluster. - clusterAdminAccess: - # -- Enable RBAC for local cluster deployments - enabled: true - ## Enable this and set the rules: to whatever custom rules you want for the Cluster Role resource. ## Defaults to off clusterRoleRules: @@ -1732,12 +1730,6 @@ server: # -- Termination policy of Openshift Route termination_policy: None - ## Enable Admin ClusterRole resources. - ## Enable if you would like to grant rights to Argo CD to deploy to the local Kubernetes cluster. - clusterAdminAccess: - # -- Enable RBAC for local cluster deployments - enabled: true - GKEbackendConfig: # -- Enable BackendConfig custom resource for Google Kubernetes Engine enabled: false @@ -2031,11 +2023,6 @@ repoServer: # -- Prometheus ServiceMonitor annotations annotations: {} - ## Enable Admin ClusterRole resources. - ## Enable if you would like to grant cluster rights to Argo CD repo server. - clusterAdminAccess: - # -- Enable RBAC for local cluster deployments - enabled: false ## Enable Custom Rules for the Repo server's Cluster Role resource ## Enable this and set the rules: to whatever custom rules you want for the Cluster Role resource. ## Defaults to off From 31242020c44e75815945aed42a8244a7c13d9dd7 Mon Sep 17 00:00:00 2001 From: Petr Drastil Date: Tue, 10 Jan 2023 13:31:57 +0100 Subject: [PATCH 002/373] feat(argo-cd): Allow templated values for init and extra containers (#1749) --- charts/argo-cd/Chart.yaml | 9 ++-- charts/argo-cd/README.md | 3 ++ .../statefulset.yaml | 10 ++-- .../argocd-applicationset/deployment.yaml | 6 ++- .../argocd-notifications/deployment.yaml | 51 +++++++++++-------- .../argocd-repo-server/deployment.yaml | 48 ++++++++--------- .../templates/argocd-server/deployment.yaml | 14 ++--- charts/argo-cd/templates/dex/deployment.yaml | 44 ++++++++-------- .../argo-cd/templates/redis/deployment.yaml | 10 ++-- charts/argo-cd/values.yaml | 26 +++++++++- 10 files changed, 128 insertions(+), 93 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index 912ffeff7..45ff44466 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -3,7 +3,7 @@ appVersion: v2.5.5 kubeVersion: ">=1.22.0-0" description: A Helm chart for Argo CD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 5.16.15 +version: 5.17.0 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png sources: @@ -23,7 +23,6 @@ dependencies: condition: redis-ha.enabled annotations: artifacthub.io/changes: | - - "[Added]: Option createClusterRoles to enable cluster roles from one place" - - "[Deprecated]: Option controller.clusterAdminAccess.enabled" - - "[Deprecated]: Option server.clusterAdminAccess.enabled" - - "[Deprecated]: Option repoServer.clusterAdminAccess.enabled" + - "[Added]: Support for extraContainers and initContainers for applicationSet and notifications" + - "[Added]: Support for use of Helm templates for extraContainers and initContainers" + - "[Docs]: Added notes about custom Helm template support" diff --git a/charts/argo-cd/README.md b/charts/argo-cd/README.md index ec1213f84..dabacfe76 100644 --- a/charts/argo-cd/README.md +++ b/charts/argo-cd/README.md @@ -970,6 +970,7 @@ If you want to use an existing Redis (eg. a managed service from a cloud provide | applicationSet.image.repository | string | `""` (defaults to global.image.repository) | Repository to use for the ApplicationSet controller | | applicationSet.image.tag | string | `""` (defaults to global.image.tag) | Tag to use for the ApplicationSet controller | | applicationSet.imagePullSecrets | list | `[]` (defaults to global.imagePullSecrets) | If defined, uses a Secret to pull an image from a private Docker registry or repository. | +| applicationSet.initContainers | list | `[]` | Init containers to add to the ApplicationSet controller pod | | applicationSet.livenessProbe.enabled | bool | `false` | Enable Kubernetes liveness probe for ApplicationSet controller | | applicationSet.livenessProbe.failureThreshold | int | `3` | Minimum consecutive failures for the [probe] to be considered failed after having succeeded | | applicationSet.livenessProbe.initialDelaySeconds | int | `10` | Number of seconds after the container has started before [probe] is initiated | @@ -1063,6 +1064,7 @@ If you want to use an existing Redis (eg. a managed service from a cloud provide | notifications.deploymentAnnotations | object | `{}` | Annotations to be applied to the notifications controller Deployment | | notifications.enabled | bool | `true` | Enable notifications controller | | notifications.extraArgs | list | `[]` | Extra arguments to provide to the notifications controller | +| notifications.extraContainers | list | `[]` | Additional containers to be added to the notifications controller pod | | notifications.extraEnv | list | `[]` | Additional container environment variables | | notifications.extraEnvFrom | list | `[]` (See [values.yaml]) | envFrom to pass to the notifications controller | | notifications.extraVolumeMounts | list | `[]` | List of extra mounts to add (normally used with extraVolumes) | @@ -1071,6 +1073,7 @@ If you want to use an existing Redis (eg. a managed service from a cloud provide | notifications.image.repository | string | `""` (defaults to global.image.repository) | Repository to use for the notifications controller | | notifications.image.tag | string | `""` (defaults to global.image.tag) | Tag to use for the notifications controller | | notifications.imagePullSecrets | list | `[]` (defaults to global.imagePullSecrets) | Secrets with credentials to pull images from a private registry | +| notifications.initContainers | list | `[]` | Init containers to add to the notifications controller pod | | notifications.logFormat | string | `""` (defaults to global.logging.format) | Notifications controller log format. Either `text` or `json` | | notifications.logLevel | string | `""` (defaults to global.logging.level) | Notifications controller log level. One of: `debug`, `info`, `warn`, `error` | | notifications.metrics.enabled | bool | `false` | Enables prometheus metrics server | diff --git a/charts/argo-cd/templates/argocd-application-controller/statefulset.yaml b/charts/argo-cd/templates/argocd-application-controller/statefulset.yaml index 66486b535..208545e08 100644 --- a/charts/argo-cd/templates/argocd-application-controller/statefulset.yaml +++ b/charts/argo-cd/templates/argocd-application-controller/statefulset.yaml @@ -257,7 +257,11 @@ spec: - mountPath: /home/argocd name: argocd-home {{- with .Values.controller.extraContainers }} - {{- toYaml . | nindent 6 }} + {{- tpl (toYaml .) $ | nindent 6 }} + {{- end }} + {{- with .Values.controller.initContainers }} + initContainers: + {{- tpl (toYaml .) $ | nindent 6 }} {{- end }} {{- with .Values.controller.nodeSelector }} nodeSelector: @@ -304,10 +308,6 @@ spec: path: tls.key - key: ca.crt path: ca.crt - {{- with .Values.controller.initContainers }} - initContainers: - {{- toYaml . | nindent 6 }} - {{- end }} {{- with .Values.controller.priorityClassName }} priorityClassName: {{ . }} {{- end }} diff --git a/charts/argo-cd/templates/argocd-applicationset/deployment.yaml b/charts/argo-cd/templates/argocd-applicationset/deployment.yaml index ce4cd8214..0c3862de3 100644 --- a/charts/argo-cd/templates/argocd-applicationset/deployment.yaml +++ b/charts/argo-cd/templates/argocd-applicationset/deployment.yaml @@ -125,8 +125,12 @@ spec: - mountPath: /tmp name: tmp {{- with .Values.applicationSet.extraContainers }} - {{- toYaml . | nindent 8 }} + {{- tpl (toYaml .) $ | nindent 8 }} {{- end }} + {{- with .Values.applicationSet.initContainers }} + initContainers: + {{- tpl (toYaml .) $ | nindent 6 }} + {{- end }} {{- with .Values.applicationSet.nodeSelector }} nodeSelector: {{- toYaml . | nindent 8 }} diff --git a/charts/argo-cd/templates/argocd-notifications/deployment.yaml b/charts/argo-cd/templates/argocd-notifications/deployment.yaml index 2be14fdd0..7ee9f8f47 100644 --- a/charts/argo-cd/templates/argocd-notifications/deployment.yaml +++ b/charts/argo-cd/templates/argocd-notifications/deployment.yaml @@ -81,12 +81,39 @@ spec: {{- with .Values.notifications.extraVolumeMounts }} {{- toYaml . | nindent 12 }} {{- end }} + {{- with .Values.notifications.extraContainers }} + {{- tpl (toYaml . ) $ | nindent 8 }} + {{- end }} + {{- with .Values.notifications.initContainers }} + initContainers: + {{- tpl (toYaml . ) $ | nindent 8 }} + {{- end }} + {{- with .Values.notifications.nodeSelector }} + nodeSelector: + {{- toYaml . | nindent 8 }} + {{- end }} + {{- with .Values.notifications.affinity }} + affinity: + {{- toYaml . | nindent 8 }} + {{- end }} + {{- with .Values.notifications.tolerations }} + tolerations: + {{- toYaml . | nindent 8 }} + {{- end }} + {{- with .Values.notifications.priorityClassName }} + priorityClassName: {{ . }} + {{- end }} volumes: - - configMap: + {{- with .Values.notifications.extraVolumes }} + {{- toYaml . | nindent 8 }} + {{- end }} + - name: tls-certs + configMap: name: argocd-tls-certs-cm - name: tls-certs - name: argocd-repo-server-tls secret: + secretName: argocd-repo-server-tls + optional: true items: - key: tls.crt path: tls.crt @@ -94,24 +121,4 @@ spec: path: tls.key - key: ca.crt path: ca.crt - optional: true - secretName: argocd-repo-server-tls - {{- with .Values.notifications.extraVolumes }} - {{- toYaml . | nindent 8 }} - {{- end }} - {{- with .Values.notifications.nodeSelector }} - nodeSelector: - {{- toYaml . | nindent 8 }} - {{- end }} - {{- with .Values.notifications.affinity }} - affinity: - {{- toYaml . | nindent 8 }} - {{- end }} - {{- with .Values.notifications.tolerations }} - tolerations: - {{- toYaml . | nindent 8 }} - {{- end }} - {{- with .Values.notifications.priorityClassName }} - priorityClassName: {{ . }} - {{- end }} {{- end }} diff --git a/charts/argo-cd/templates/argocd-repo-server/deployment.yaml b/charts/argo-cd/templates/argocd-repo-server/deployment.yaml index d8cbb97dd..04117ba36 100755 --- a/charts/argo-cd/templates/argocd-repo-server/deployment.yaml +++ b/charts/argo-cd/templates/argocd-repo-server/deployment.yaml @@ -264,7 +264,30 @@ spec: securityContext: {{- toYaml .Values.repoServer.containerSecurityContext | nindent 10 }} {{- with .Values.repoServer.extraContainers }} - {{- toYaml . | nindent 6 }} + {{- tpl (toYaml .) $ | nindent 6 }} + {{- end }} + initContainers: + - command: + - cp + - -n + - /usr/local/bin/argocd + - /var/run/argocd/argocd-cmp-server + image: {{ default .Values.global.image.repository .Values.repoServer.image.repository }}:{{ default (include "argo-cd.defaultTag" .) .Values.repoServer.image.tag }} + imagePullPolicy: {{ default .Values.global.image.imagePullPolicy .Values.repoServer.image.imagePullPolicy }} + name: copyutil + {{- with .Values.repoServer.resources }} + resources: + {{- toYaml . | nindent 10 }} + {{- end }} + {{- with .Values.repoServer.containerSecurityContext }} + securityContext: + {{- toYaml . | nindent 10 }} + {{- end }} + volumeMounts: + - mountPath: /var/run/argocd + name: var-files + {{- with .Values.repoServer.initContainers }} + {{- tpl (toYaml .) $ | nindent 6 }} {{- end }} {{- with .Values.repoServer.nodeSelector }} nodeSelector: @@ -328,29 +351,6 @@ spec: path: tls.key - key: ca.crt path: ca.crt - initContainers: - - command: - - cp - - -n - - /usr/local/bin/argocd - - /var/run/argocd/argocd-cmp-server - image: {{ default .Values.global.image.repository .Values.repoServer.image.repository }}:{{ default (include "argo-cd.defaultTag" .) .Values.repoServer.image.tag }} - imagePullPolicy: {{ default .Values.global.image.imagePullPolicy .Values.repoServer.image.imagePullPolicy }} - name: copyutil - {{- with .Values.repoServer.resources }} - resources: - {{- toYaml . | nindent 10 }} - {{- end }} - {{- with .Values.repoServer.containerSecurityContext }} - securityContext: - {{- toYaml . | nindent 10 }} - {{- end }} - volumeMounts: - - mountPath: /var/run/argocd - name: var-files - {{- with .Values.repoServer.initContainers }} - {{- toYaml . | nindent 6 }} - {{- end }} {{- with .Values.repoServer.priorityClassName }} priorityClassName: {{ . }} {{- end }} diff --git a/charts/argo-cd/templates/argocd-server/deployment.yaml b/charts/argo-cd/templates/argocd-server/deployment.yaml index 7793b11ac..c38d9348f 100755 --- a/charts/argo-cd/templates/argocd-server/deployment.yaml +++ b/charts/argo-cd/templates/argocd-server/deployment.yaml @@ -319,9 +319,6 @@ spec: lifecycle: {{- toYaml . | nindent 10 }} {{- end }} - {{- with .Values.server.extraContainers }} - {{- toYaml . | nindent 6 }} - {{- end }} {{- if .Values.server.extensions.enabled }} - name: argocd-extensions image: {{ .Values.server.extensions.image.repository }}:{{ .Values.server.extensions.image.tag }} @@ -336,6 +333,13 @@ spec: - name: tmp mountPath: /tmp {{- end }} + {{- with .Values.server.extraContainers }} + {{- tpl (toYaml .) $ | nindent 6 }} + {{- end }} + {{- with .Values.server.initContainers }} + initContainers: + {{- tpl (toYaml .) $ | nindent 6 }} + {{- end }} {{- with .Values.server.nodeSelector }} nodeSelector: {{- toYaml . | nindent 8 }} @@ -406,10 +410,6 @@ spec: path: tls.crt - key: ca.crt path: ca.crt - {{- with .Values.server.initContainers }} - initContainers: - {{- toYaml . | nindent 6 }} - {{- end }} {{- with .Values.server.priorityClassName }} priorityClassName: {{ . }} {{- end }} diff --git a/charts/argo-cd/templates/dex/deployment.yaml b/charts/argo-cd/templates/dex/deployment.yaml index 5900070f1..bd0362b3c 100755 --- a/charts/argo-cd/templates/dex/deployment.yaml +++ b/charts/argo-cd/templates/dex/deployment.yaml @@ -43,27 +43,6 @@ spec: securityContext: {{- toYaml . | nindent 8 }} {{- end }} - initContainers: - - name: copyutil - image: {{ default .Values.global.image.repository .Values.dex.initImage.repository }}:{{ default (include "argo-cd.defaultTag" .) .Values.dex.initImage.tag }} - imagePullPolicy: {{ default .Values.global.image.imagePullPolicy .Values.dex.initImage.imagePullPolicy }} - command: - - cp - - -n - - /usr/local/bin/argocd - - /shared/argocd-dex - volumeMounts: - - mountPath: /shared - name: static-files - - mountPath: /tmp - name: dexconfig - resources: - {{- toYaml .Values.dex.resources | nindent 10 }} - securityContext: - {{- toYaml .Values.dex.containerSecurityContext | nindent 10 }} - {{- with .Values.dex.initContainers }} - {{- toYaml . | nindent 6 }} - {{- end }} containers: - name: {{ .Values.dex.name }} image: {{ .Values.dex.image.repository }}:{{ .Values.dex.image.tag }} @@ -136,7 +115,28 @@ spec: - name: argocd-dex-server-tls mountPath: /tls {{- with .Values.dex.extraContainers }} - {{- toYaml . | nindent 6 }} + {{- tpl (toYaml .) $ | nindent 6 }} + {{- end }} + initContainers: + - name: copyutil + image: {{ default .Values.global.image.repository .Values.dex.initImage.repository }}:{{ default (include "argo-cd.defaultTag" .) .Values.dex.initImage.tag }} + imagePullPolicy: {{ default .Values.global.image.imagePullPolicy .Values.dex.initImage.imagePullPolicy }} + command: + - cp + - -n + - /usr/local/bin/argocd + - /shared/argocd-dex + volumeMounts: + - mountPath: /shared + name: static-files + - mountPath: /tmp + name: dexconfig + resources: + {{- toYaml .Values.dex.resources | nindent 10 }} + securityContext: + {{- toYaml .Values.dex.containerSecurityContext | nindent 10 }} + {{- with .Values.dex.initContainers }} + {{- tpl (toYaml .) $ | nindent 6 }} {{- end }} {{- with .Values.dex.nodeSelector }} nodeSelector: diff --git a/charts/argo-cd/templates/redis/deployment.yaml b/charts/argo-cd/templates/redis/deployment.yaml index 38ba73bea..6c6a4dbe5 100755 --- a/charts/argo-cd/templates/redis/deployment.yaml +++ b/charts/argo-cd/templates/redis/deployment.yaml @@ -41,10 +41,6 @@ spec: {{- toYaml . | nindent 8 }} {{- end }} serviceAccountName: {{ include "argo-cd.redisServiceAccountName" . }} - {{- with .Values.redis.initContainers }} - initContainers: - {{- toYaml . | nindent 6 }} - {{- end }} containers: - name: {{ .Values.redis.name }} image: {{ .Values.redis.image.repository }}:{{ .Values.redis.image.tag }} @@ -96,7 +92,11 @@ spec: {{- toYaml .Values.redis.metrics.containerSecurityContext | nindent 10 }} {{- end }} {{- with .Values.redis.extraContainers }} - {{- toYaml . | nindent 6 }} + {{- tpl (toYaml .) $ | nindent 6 }} + {{- end }} + {{- with .Values.redis.initContainers }} + initContainers: + {{- tpl (toYaml .) $ | nindent 6 }} {{- end }} {{- with .Values.redis.nodeSelector }} nodeSelector: diff --git a/charts/argo-cd/values.yaml b/charts/argo-cd/values.yaml index d799dcb90..9fad462e5 100755 --- a/charts/argo-cd/values.yaml +++ b/charts/argo-cd/values.yaml @@ -439,6 +439,7 @@ configs: # } # -- Array of extra K8s manifests to deploy +## Note: Supports use of custom Helm templates extraObjects: [] # - apiVersion: secrets-store.csi.x-k8s.io/v1 # kind: SecretProviderClass @@ -538,12 +539,14 @@ controller: # name: secret-name # -- Additional containers to be added to the application controller pod + ## Note: Supports use of custom Helm templates extraContainers: [] # -- Init containers to add to the application controller pod ## If your target Kubernetes cluster(s) require a custom credential (exec) plugin ## you could use this (and the same in the server pod) to provide such executable ## Ref: https://kubernetes.io/docs/reference/access-authn-authz/authentication/#client-go-credential-plugins + ## Note: Supports use of custom Helm templates initContainers: [] # - name: download-tools # image: alpine:3 @@ -827,9 +830,11 @@ dex: # name: secret-name # -- Additional containers to be added to the dex pod + ## Note: Supports use of custom Helm templates extraContainers: [] # -- Init containers to add to the dex pod + ## Note: Supports use of custom Helm templates initContainers: [] # -- Additional volumeMounts to the dex main container @@ -1012,9 +1017,11 @@ redis: # name: secret-name # -- Additional containers to be added to the redis pod + ## Note: Supports use of custom Helm templates extraContainers: [] # -- Init containers to add to the redis pod + ## Note: Supports use of custom Helm templates initContainers: [] # -- Additional volumeMounts to the redis container @@ -1353,7 +1360,7 @@ server: # memory: 64Mi # -- Additional containers to be added to the server pod - ## See https://github.com/lemonldap-ng-controller/lemonldap-ng-controller as example. + ## Note: Supports use of custom Helm templates extraContainers: [] # - name: my-sidecar # image: nginx:latest @@ -1846,11 +1853,13 @@ repoServer: # -- Additional containers to be added to the repo server pod ## Ref: https://argo-cd.readthedocs.io/en/stable/user-guide/config-management-plugins/ + ## Note: Supports use of custom Helm templates extraContainers: [] # - name: cmp # # Entrypoint should be Argo CD lightweight CMP server i.e. argocd-cmp-server # command: [/var/run/argocd/argocd-cmp-server] - # image: busybox # This can be off-the-shelf or custom-built image + # # This can be off-the-shelf or custom-built image + # image: busybox # securityContext: # runAsNonRoot: true # runAsUser: 999 @@ -2134,8 +2143,13 @@ applicationSet: # name: secret-name # -- Additional containers to be added to the ApplicationSet controller pod + ## Note: Supports use of custom Helm templates extraContainers: [] + # -- Init containers to add to the ApplicationSet controller pod + ## Note: Supports use of custom Helm templates + initContainers: [] + # -- List of extra mounts to add (normally used with extraVolumes) extraVolumeMounts: [] @@ -2382,6 +2396,14 @@ notifications: # - secretRef: # name: secret-name + # -- Additional containers to be added to the notifications controller pod + ## Note: Supports use of custom Helm templates + extraContainers: [] + + # -- Init containers to add to the notifications controller pod + ## Note: Supports use of custom Helm templates + initContainers: [] + # -- List of extra mounts to add (normally used with extraVolumes) extraVolumeMounts: [] From 136d8c4fca96cfad3736ba44ea4df17195c343da Mon Sep 17 00:00:00 2001 From: Aikawa Date: Wed, 11 Jan 2023 15:33:30 +0900 Subject: [PATCH 003/373] chore(argo-cd): Update Argo CD to v2.5.6 (#1757) Signed-off-by: yu-croco --- charts/argo-cd/Chart.yaml | 8 +++----- 1 file changed, 3 insertions(+), 5 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index 45ff44466..7e45a5871 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -1,9 +1,9 @@ apiVersion: v2 -appVersion: v2.5.5 +appVersion: v2.5.6 kubeVersion: ">=1.22.0-0" description: A Helm chart for Argo CD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 5.17.0 +version: 5.17.1 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png sources: @@ -23,6 +23,4 @@ dependencies: condition: redis-ha.enabled annotations: artifacthub.io/changes: | - - "[Added]: Support for extraContainers and initContainers for applicationSet and notifications" - - "[Added]: Support for use of Helm templates for extraContainers and initContainers" - - "[Docs]: Added notes about custom Helm template support" + - "[Changed]: Update Argo CD to v2.5.6" From 5c6ad38b15fccd082da657bc577d23a803808d09 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Wed, 11 Jan 2023 07:39:58 +0100 Subject: [PATCH 004/373] chore(deps): bump helm/chart-releaser-action from 1.4.1 to 1.5.0 (#1752) Bumps [helm/chart-releaser-action](https://github.com/helm/chart-releaser-action) from 1.4.1 to 1.5.0. - [Release notes](https://github.com/helm/chart-releaser-action/releases) - [Commits](https://github.com/helm/chart-releaser-action/compare/v1.4.1...v1.5.0) --- updated-dependencies: - dependency-name: helm/chart-releaser-action dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Marco Kilchhofer --- .github/workflows/publish.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/publish.yml b/.github/workflows/publish.yml index ac6f01373..cb56596bc 100644 --- a/.github/workflows/publish.yml +++ b/.github/workflows/publish.yml @@ -39,7 +39,7 @@ jobs: git checkout origin/gh-pages index.yaml - name: Run chart-releaser - uses: helm/chart-releaser-action@v1.4.1 + uses: helm/chart-releaser-action@v1.5.0 with: config: "./.github/configs/cr.yaml" env: From 2777121707ccb8a9cdc45e84b496fea2568db483 Mon Sep 17 00:00:00 2001 From: Kiyoshi Muranaka Date: Wed, 18 Jan 2023 11:38:50 +0900 Subject: [PATCH 005/373] feat(argo-rollouts): Add support for topologySpreadConstraints (#1755) --- charts/argo-rollouts/Chart.yaml | 4 ++-- charts/argo-rollouts/README.md | 3 +++ charts/argo-rollouts/README.md.gotmpl | 1 + .../templates/controller/deployment.yaml | 12 ++++++++++++ .../templates/dashboard/deployment.yaml | 12 ++++++++++++ charts/argo-rollouts/values.yaml | 18 ++++++++++++++++++ 6 files changed, 48 insertions(+), 2 deletions(-) diff --git a/charts/argo-rollouts/Chart.yaml b/charts/argo-rollouts/Chart.yaml index 6688d9b0b..913a190a9 100644 --- a/charts/argo-rollouts/Chart.yaml +++ b/charts/argo-rollouts/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v2 appVersion: v1.3.1 description: A Helm chart for Argo Rollouts name: argo-rollouts -version: 2.21.1 +version: 2.21.2 home: https://github.com/argoproj/argo-helm icon: https://argoproj.github.io/argo-rollouts/assets/logo.png keywords: @@ -15,4 +15,4 @@ maintainers: url: https://argoproj.github.io/ annotations: artifacthub.io/changes: | - - "[Changed]: Upgrade ArgoRollouts to v1.3.1" + - "[Added]: Add support for topologySpreadConstraints" diff --git a/charts/argo-rollouts/README.md b/charts/argo-rollouts/README.md index e471d2841..43f68a05e 100644 --- a/charts/argo-rollouts/README.md +++ b/charts/argo-rollouts/README.md @@ -88,6 +88,7 @@ If dashboard is installed by `--set dashboard.enabled=true`, checkout the argo-r | controller.replicas | int | `2` | The number of controller pods to run | | controller.resources | object | `{}` | Resource limits and requests for the controller pods. | | controller.tolerations | list | `[]` | [Tolerations] for use with node taints | +| controller.topologySpreadConstraints | list | `[]` | Assign custom [TopologySpreadConstraints] rules to the controller | | podAnnotations | object | `{}` | Annotations to be added to the Rollout pods | | podLabels | object | `{}` | Labels to be added to the Rollout pods | | podSecurityContext | object | `{"runAsNonRoot":true}` | Security Context to set on pod level | @@ -145,6 +146,7 @@ If dashboard is installed by `--set dashboard.enabled=true`, checkout the argo-r | dashboard.serviceAccount.create | bool | `true` | Specifies whether a dashboard service account should be created | | dashboard.serviceAccount.name | string | `""` | The name of the service account to use. If not set and create is true, a name is generated using the fullname template | | dashboard.tolerations | list | `[]` | [Tolerations] for use with node taints | +| dashboard.topologySpreadConstraints | list | `[]` | Assign custom [TopologySpreadConstraints] rules to the dashboard server | ## Upgrading @@ -174,6 +176,7 @@ Autogenerated from chart metadata using [helm-docs](https://github.com/norwoodj/ [Node selector]: https://kubernetes.io/docs/user-guide/node-selection/ [probe]: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle/#container-probes [Tolerations]: https://kubernetes.io/docs/concepts/configuration/taint-and-toleration/ +[TopologySpreadConstraints]: https://kubernetes.io/docs/concepts/workloads/pods/pod-topology-spread-constraints/ [priorityClassName]: https://kubernetes.io/docs/concepts/scheduling-eviction/pod-priority-preemption/ [Pod Disruption Budget]: https://kubernetes.io/docs/concepts/workloads/pods/disruptions/#pod-disruption-budgets [values.yaml]: values.yaml diff --git a/charts/argo-rollouts/README.md.gotmpl b/charts/argo-rollouts/README.md.gotmpl index 445c84dbd..1a587350f 100644 --- a/charts/argo-rollouts/README.md.gotmpl +++ b/charts/argo-rollouts/README.md.gotmpl @@ -96,6 +96,7 @@ Autogenerated from chart metadata using [helm-docs](https://github.com/norwoodj/ [Node selector]: https://kubernetes.io/docs/user-guide/node-selection/ [probe]: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle/#container-probes [Tolerations]: https://kubernetes.io/docs/concepts/configuration/taint-and-toleration/ +[TopologySpreadConstraints]: https://kubernetes.io/docs/concepts/workloads/pods/pod-topology-spread-constraints/ [priorityClassName]: https://kubernetes.io/docs/concepts/scheduling-eviction/pod-priority-preemption/ [Pod Disruption Budget]: https://kubernetes.io/docs/concepts/workloads/pods/disruptions/#pod-disruption-budgets [values.yaml]: values.yaml diff --git a/charts/argo-rollouts/templates/controller/deployment.yaml b/charts/argo-rollouts/templates/controller/deployment.yaml index d06c0c920..d6adf9cfa 100644 --- a/charts/argo-rollouts/templates/controller/deployment.yaml +++ b/charts/argo-rollouts/templates/controller/deployment.yaml @@ -83,6 +83,18 @@ spec: affinity: {{- toYaml .Values.controller.affinity | nindent 8 }} {{- end }} + {{- with .Values.controller.topologySpreadConstraints }} + topologySpreadConstraints: + {{- range $constraint := . }} + - {{ toYaml $constraint | nindent 8 | trim }} + {{- if not $constraint.labelSelector }} + labelSelector: + matchLabels: + app.kubernetes.io/component: {{ $.Values.controller.component }} + {{- include "argo-rollouts.selectorLabels" $ | nindent 12 }} + {{- end }} + {{- end }} + {{- end }} {{- with .Values.controller.priorityClassName }} priorityClassName: {{ . }} {{- end }} diff --git a/charts/argo-rollouts/templates/dashboard/deployment.yaml b/charts/argo-rollouts/templates/dashboard/deployment.yaml index a84d4bbff..ebf9ce8b2 100644 --- a/charts/argo-rollouts/templates/dashboard/deployment.yaml +++ b/charts/argo-rollouts/templates/dashboard/deployment.yaml @@ -65,6 +65,18 @@ spec: affinity: {{- toYaml .Values.dashboard.affinity | nindent 8 }} {{- end }} + {{- with .Values.dashboard.topologySpreadConstraints }} + topologySpreadConstraints: + {{- range $constraint := . }} + - {{ toYaml $constraint | nindent 8 | trim }} + {{- if not $constraint.labelSelector }} + labelSelector: + matchLabels: + {{- include "argo-rollouts.selectorLabels" $ | nindent 12 }} + app.kubernetes.io/component: {{ $.Values.dashboard.component }} + {{- end }} + {{- end }} + {{- end }} {{- with .Values.dashboard.priorityClassName }} priorityClassName: {{ . }} {{- end }} diff --git a/charts/argo-rollouts/values.yaml b/charts/argo-rollouts/values.yaml index f74ed7a15..43d322c24 100644 --- a/charts/argo-rollouts/values.yaml +++ b/charts/argo-rollouts/values.yaml @@ -47,6 +47,15 @@ controller: tolerations: [] # -- Assign custom [affinity] rules to the deployment affinity: {} + + # -- Assign custom [TopologySpreadConstraints] rules to the controller + ## Ref: https://kubernetes.io/docs/concepts/workloads/pods/pod-topology-spread-constraints/ + ## If labelSelector is left out, it will default to the labelSelector configuration of the deployment + topologySpreadConstraints: [] + # - maxSkew: 1 + # topologyKey: topology.kubernetes.io/zone + # whenUnsatisfiable: DoNotSchedule + # -- [priorityClassName] for the controller priorityClassName: "" # -- The number of controller pods to run @@ -194,6 +203,15 @@ dashboard: tolerations: [] # -- Assign custom [affinity] rules to the deployment affinity: {} + + # -- Assign custom [TopologySpreadConstraints] rules to the dashboard server + ## Ref: https://kubernetes.io/docs/concepts/workloads/pods/pod-topology-spread-constraints/ + ## If labelSelector is left out, it will default to the labelSelector configuration of the deployment + topologySpreadConstraints: [] + # - maxSkew: 1 + # topologyKey: topology.kubernetes.io/zone + # whenUnsatisfiable: DoNotSchedule + # -- [priorityClassName] for the dashboard server priorityClassName: "" From 0d57f6ec17d24ae0786ceb85615991bf1d6a24b7 Mon Sep 17 00:00:00 2001 From: Aikawa Date: Wed, 18 Jan 2023 15:44:21 +0900 Subject: [PATCH 006/373] chore(argo-cd): Update Argo CD to v2.5.7 (#1769) Signed-off-by: yu-croco --- charts/argo-cd/Chart.yaml | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index 7e45a5871..0f294c96c 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -1,9 +1,9 @@ apiVersion: v2 -appVersion: v2.5.6 +appVersion: v2.5.7 kubeVersion: ">=1.22.0-0" description: A Helm chart for Argo CD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 5.17.1 +version: 5.17.2 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png sources: @@ -23,4 +23,4 @@ dependencies: condition: redis-ha.enabled annotations: artifacthub.io/changes: | - - "[Changed]: Update Argo CD to v2.5.6" + - "[Changed]: Update Argo CD to v2.5.7" From f3888bc99609cb82e1bda47a30dfc8c88c3cefb6 Mon Sep 17 00:00:00 2001 From: Victor Login Date: Wed, 18 Jan 2023 19:00:59 +0600 Subject: [PATCH 007/373] chore(argo-cd): Update Argo CD extensions to v0.2.1 (#1770) Signed-off-by: Victor Login Signed-off-by: Victor Login --- charts/argo-cd/Chart.yaml | 4 ++-- charts/argo-cd/README.md | 2 +- charts/argo-cd/values.yaml | 2 +- 3 files changed, 4 insertions(+), 4 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index 0f294c96c..bc3ac6d1e 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -3,7 +3,7 @@ appVersion: v2.5.7 kubeVersion: ">=1.22.0-0" description: A Helm chart for Argo CD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 5.17.2 +version: 5.17.4 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png sources: @@ -23,4 +23,4 @@ dependencies: condition: redis-ha.enabled annotations: artifacthub.io/changes: | - - "[Changed]: Update Argo CD to v2.5.7" + - "[Changed]: Update Argo CD extensions to v0.2.1" diff --git a/charts/argo-cd/README.md b/charts/argo-cd/README.md index dabacfe76..d1ad8c146 100644 --- a/charts/argo-cd/README.md +++ b/charts/argo-cd/README.md @@ -639,7 +639,7 @@ NAME: my-release | server.extensions.enabled | bool | `false` | Enable support for Argo UI extensions | | server.extensions.image.imagePullPolicy | string | `""` (defaults to global.image.imagePullPolicy) | Image pull policy for extensions | | server.extensions.image.repository | string | `"ghcr.io/argoproj-labs/argocd-extensions"` | Repository to use for extensions image | -| server.extensions.image.tag | string | `"v0.1.0"` | Tag to use for extensions image | +| server.extensions.image.tag | string | `"v0.2.1"` | Tag to use for extensions image | | server.extensions.resources | object | `{}` | Resource limits and requests for the argocd-extensions container | | server.extraArgs | list | `[]` | Additional command line arguments to pass to Argo CD server | | server.extraContainers | list | `[]` | Additional containers to be added to the server pod | diff --git a/charts/argo-cd/values.yaml b/charts/argo-cd/values.yaml index 9fad462e5..cd0bee81f 100755 --- a/charts/argo-cd/values.yaml +++ b/charts/argo-cd/values.yaml @@ -1333,7 +1333,7 @@ server: # -- Repository to use for extensions image repository: "ghcr.io/argoproj-labs/argocd-extensions" # -- Tag to use for extensions image - tag: "v0.1.0" + tag: "v0.2.1" # -- Image pull policy for extensions # @default -- `""` (defaults to global.image.imagePullPolicy) imagePullPolicy: "" From 206d4922bfdf0b757ea9885204cc3f4cfc56a7e1 Mon Sep 17 00:00:00 2001 From: Pedro Date: Thu, 19 Jan 2023 04:37:18 -0600 Subject: [PATCH 008/373] fix(argo-rollouts): avoid label exceeding maximum length (#1694) * fix(argo-rollouts): generated value for app.kubernetes.io/version label for argo-rollouts will not exceed maximum length and support passing a SHA digest. Signed-off-by: Pedro Salgado * fix: Add missing double quote in changelog Signed-off-by: Marco Kilchhofer Signed-off-by: Pedro Salgado Signed-off-by: Marco Kilchhofer Co-authored-by: Marco Kilchhofer --- charts/argo-rollouts/Chart.yaml | 5 +++-- charts/argo-rollouts/templates/_helpers.tpl | 16 +++++++++++++++- 2 files changed, 18 insertions(+), 3 deletions(-) diff --git a/charts/argo-rollouts/Chart.yaml b/charts/argo-rollouts/Chart.yaml index 913a190a9..a15ecf9b5 100644 --- a/charts/argo-rollouts/Chart.yaml +++ b/charts/argo-rollouts/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v2 appVersion: v1.3.1 description: A Helm chart for Argo Rollouts name: argo-rollouts -version: 2.21.2 +version: 2.21.3 home: https://github.com/argoproj/argo-helm icon: https://argoproj.github.io/argo-rollouts/assets/logo.png keywords: @@ -15,4 +15,5 @@ maintainers: url: https://argoproj.github.io/ annotations: artifacthub.io/changes: | - - "[Added]: Add support for topologySpreadConstraints" + - "[Fixed]: avoid app.kubernetes.io/version kubernetes label from exceeding maximum length (63)" + - "[Fixed]: generated value for app.kubernetes.io/version label is now valid even when defining a controller.image.tag with a SHA digest" diff --git a/charts/argo-rollouts/templates/_helpers.tpl b/charts/argo-rollouts/templates/_helpers.tpl index 94733603d..46ebaea51 100644 --- a/charts/argo-rollouts/templates/_helpers.tpl +++ b/charts/argo-rollouts/templates/_helpers.tpl @@ -31,6 +31,20 @@ Create chart name and version as used by the chart label. {{- printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 63 | trimSuffix "-" -}} {{- end -}} +{{/* +Create kubernetes friendly chart version label. + +Examples: +image.tag = v1.3.1 +output = v1.3.1 + +image.tag = v1.3.1@sha256:38828e693b02e6f858d89fa22a9d9811d3d7a2430a1d4c7d687b6f509775c6ce +output = v1.3.1 +*/}} +{{- define "argo-rollouts.chart_version_label" -}} +{{- regexReplaceAll "[^a-zA-Z0-9-_.]+" (regexReplaceAll "@sha256:[a-f0-9]+" (default .Chart.AppVersion $.Values.controller.image.tag) "") "" | trunc 63 | quote -}} +{{- end -}} + {{/* Common labels */}} @@ -38,7 +52,7 @@ Common labels helm.sh/chart: {{ include "argo-rollouts.chart" . }} {{ include "argo-rollouts.selectorLabels" . }} {{- if .Chart.AppVersion }} -app.kubernetes.io/version: {{ default .Chart.AppVersion $.Values.controller.image.tag | quote }} +app.kubernetes.io/version: {{ include "argo-rollouts.chart_version_label" . }} {{- end }} app.kubernetes.io/managed-by: {{ .Release.Service }} app.kubernetes.io/part-of: argo-rollouts From 132449caccd9cbb65499c7b1ac625fbc5dc76809 Mon Sep 17 00:00:00 2001 From: Jason Meridth Date: Thu, 19 Jan 2023 15:14:02 -0600 Subject: [PATCH 009/373] chore(argo-rollouts): Upgrade argo-rollouts to 1.4.0 (#1774) Fixes #1763 Signed-off-by: jmeridth Signed-off-by: jmeridth --- charts/argo-rollouts/Chart.yaml | 7 +- .../templates/controller/clusterrole.yaml | 22 ++++- .../templates/controller/role.yaml | 99 +++++++++++++++++-- .../templates/crds/analysis-run-crd.yaml | 3 + .../templates/crds/analysis-template-crd.yaml | 3 + .../crds/cluster-analysis-template-crd.yaml | 3 + .../templates/crds/rollout-crd.yaml | 39 ++++++++ .../templates/dashboard/clusterrole.yaml | 7 +- 8 files changed, 166 insertions(+), 17 deletions(-) diff --git a/charts/argo-rollouts/Chart.yaml b/charts/argo-rollouts/Chart.yaml index a15ecf9b5..89ff80efd 100644 --- a/charts/argo-rollouts/Chart.yaml +++ b/charts/argo-rollouts/Chart.yaml @@ -1,8 +1,8 @@ apiVersion: v2 -appVersion: v1.3.1 +appVersion: v1.4.0 description: A Helm chart for Argo Rollouts name: argo-rollouts -version: 2.21.3 +version: 2.22.0 home: https://github.com/argoproj/argo-helm icon: https://argoproj.github.io/argo-rollouts/assets/logo.png keywords: @@ -15,5 +15,4 @@ maintainers: url: https://argoproj.github.io/ annotations: artifacthub.io/changes: | - - "[Fixed]: avoid app.kubernetes.io/version kubernetes label from exceeding maximum length (63)" - - "[Fixed]: generated value for app.kubernetes.io/version label is now valid even when defining a controller.image.tag with a SHA digest" + - "[Changed]: Upgrade ArgoRollouts to v1.4.0" diff --git a/charts/argo-rollouts/templates/controller/clusterrole.yaml b/charts/argo-rollouts/templates/controller/clusterrole.yaml index b8fdf475a..eaaadd240 100644 --- a/charts/argo-rollouts/templates/controller/clusterrole.yaml +++ b/charts/argo-rollouts/templates/controller/clusterrole.yaml @@ -89,7 +89,7 @@ rules: - create - get - update -# secret access to run analysis templates which reference secrets, allow init containers to manipulate secrets +# secret read access to run analysis templates which reference secrets - apiGroups: - "" resources: @@ -99,9 +99,6 @@ rules: - get - list - watch - - create - - patch - - update # pod list/update needed for updating ephemeral data - apiGroups: - "" @@ -110,6 +107,7 @@ rules: verbs: - list - update + - watch # pods eviction needed for restart - apiGroups: - "" @@ -223,4 +221,20 @@ rules: - list - update - patch +- apiGroups: + - traefik.containo.us + resources: + - traefikservices + verbs: + - watch + - get + - update +- apiGroups: + - apisix.apache.org + resources: + - apisixroutes + verbs: + - watch + - get + - update {{- end }} diff --git a/charts/argo-rollouts/templates/controller/role.yaml b/charts/argo-rollouts/templates/controller/role.yaml index 81ce85420..8c7aa9d47 100644 --- a/charts/argo-rollouts/templates/controller/role.yaml +++ b/charts/argo-rollouts/templates/controller/role.yaml @@ -56,7 +56,19 @@ rules: - update - patch - delete +# deployments and podtemplates read access needed for workload reference support +- apiGroups: + - "" + - apps + resources: + - deployments + - podtemplates + verbs: + - get + - list + - watch # services patch needed to update selector of canary/stable/active/preview services +# services create needed to create and delete services for experiments - apiGroups: - "" resources: @@ -66,8 +78,18 @@ rules: - list - watch - patch -# secret access to run analysis templates which reference secrets -# configmap access to read notification-engine configuration + - create + - delete +# leases create/get/update needed for leader election +- apiGroups: + - coordination.k8s.io + resources: + - leases + verbs: + - create + - get + - update +# secret read access to run analysis templates which reference secrets - apiGroups: - "" resources: @@ -77,9 +99,6 @@ rules: - get - list - watch - - create - - patch - - update # pod list/update needed for updating ephemeral data - apiGroups: - "" @@ -88,6 +107,7 @@ rules: verbs: - list - update + - watch # pods eviction needed for restart - apiGroups: - "" @@ -129,15 +149,17 @@ rules: - update - patch - delete -# virtualservice access needed for using the Istio provider +# virtualservice/destinationrule access needed for using the Istio provider - apiGroups: - networking.istio.io resources: - virtualservices + - destinationrules verbs: - watch - get - update + - patch - list # trafficsplit access needed for using the SMI provider - apiGroups: @@ -150,4 +172,69 @@ rules: - get - update - patch +# ambassador access needed for Ambassador provider +- apiGroups: + - getambassador.io + - x.getambassador.io + resources: + - mappings + - ambassadormappings + verbs: + - create + - watch + - get + - update + - list + - delete +# Endpoints and TargetGroupBindings needed for ALB target group verification +- apiGroups: + - "" + resources: + - endpoints + verbs: + - get +- apiGroups: + - elbv2.k8s.aws + resources: + - targetgroupbindings + verbs: + - list + - get +# AppMesh virtualservices/virtualrouter CRD read-only access needed for using the App Mesh provider +- apiGroups: + - appmesh.k8s.aws + resources: + - virtualservices + verbs: + - watch + - get + - list +# AppMesh virtualnode CRD r/w access needed for using the App Mesh provider +- apiGroups: + - appmesh.k8s.aws + resources: + - virtualnodes + - virtualrouters + verbs: + - watch + - get + - list + - update + - patch +- apiGroups: + - traefik.containo.us + resources: + - traefikservices + verbs: + - watch + - get + - update +- apiGroups: + - apisix.apache.org + resources: + - apisixroutes + verbs: + - watch + - get + - update {{- end }} diff --git a/charts/argo-rollouts/templates/crds/analysis-run-crd.yaml b/charts/argo-rollouts/templates/crds/analysis-run-crd.yaml index 0d95f6f53..70187985c 100644 --- a/charts/argo-rollouts/templates/crds/analysis-run-crd.yaml +++ b/charts/argo-rollouts/templates/crds/analysis-run-crd.yaml @@ -2742,6 +2742,9 @@ spec: type: array insecure: type: boolean + jsonBody: + type: object + x-kubernetes-preserve-unknown-fields: true jsonPath: type: string method: diff --git a/charts/argo-rollouts/templates/crds/analysis-template-crd.yaml b/charts/argo-rollouts/templates/crds/analysis-template-crd.yaml index 862af976d..c28461860 100644 --- a/charts/argo-rollouts/templates/crds/analysis-template-crd.yaml +++ b/charts/argo-rollouts/templates/crds/analysis-template-crd.yaml @@ -2738,6 +2738,9 @@ spec: type: array insecure: type: boolean + jsonBody: + type: object + x-kubernetes-preserve-unknown-fields: true jsonPath: type: string method: diff --git a/charts/argo-rollouts/templates/crds/cluster-analysis-template-crd.yaml b/charts/argo-rollouts/templates/crds/cluster-analysis-template-crd.yaml index 60604611c..a00f68fe0 100644 --- a/charts/argo-rollouts/templates/crds/cluster-analysis-template-crd.yaml +++ b/charts/argo-rollouts/templates/crds/cluster-analysis-template-crd.yaml @@ -2738,6 +2738,9 @@ spec: type: array insecure: type: boolean + jsonBody: + type: object + x-kubernetes-preserve-unknown-fields: true jsonPath: type: string method: diff --git a/charts/argo-rollouts/templates/crds/rollout-crd.yaml b/charts/argo-rollouts/templates/crds/rollout-crd.yaml index ec58d318a..3f6ea7496 100644 --- a/charts/argo-rollouts/templates/crds/rollout-crd.yaml +++ b/charts/argo-rollouts/templates/crds/rollout-crd.yaml @@ -89,6 +89,12 @@ spec: revisionHistoryLimit: format: int32 type: integer + rollbackWindow: + properties: + revisions: + format: int32 + type: integer + type: object selector: properties: matchExpressions: @@ -397,6 +403,9 @@ spec: - type: integer - type: string x-kubernetes-int-or-string: true + minPodsPerReplicaSet: + format: int32 + type: integer pingPong: properties: pingService: @@ -713,6 +722,20 @@ spec: required: - mappings type: object + apisix: + properties: + route: + properties: + name: + type: string + rules: + items: + type: string + type: array + required: + - name + type: object + type: object appMesh: properties: virtualNodeGroup: @@ -770,6 +793,14 @@ spec: items: type: string type: array + tcpRoutes: + items: + properties: + port: + format: int64 + type: integer + type: object + type: array tlsRoutes: items: properties: @@ -794,6 +825,14 @@ spec: items: type: string type: array + tcpRoutes: + items: + properties: + port: + format: int64 + type: integer + type: object + type: array tlsRoutes: items: properties: diff --git a/charts/argo-rollouts/templates/dashboard/clusterrole.yaml b/charts/argo-rollouts/templates/dashboard/clusterrole.yaml index 6a84102d3..5f05d6e6e 100644 --- a/charts/argo-rollouts/templates/dashboard/clusterrole.yaml +++ b/charts/argo-rollouts/templates/dashboard/clusterrole.yaml @@ -44,17 +44,18 @@ rules: - get - list - watch - # deployments and podtemplates read access needed for workload reference support - apiGroups: - - "" - apps resources: - deployments - - podtemplates verbs: - get - list - watch + {{- if not .Values.dashboard.readonly }} + - update + - patch + {{- end }} - apiGroups: - apps resources: From 45c1534eeb03ee2a6cf89d2a2f10de2a00d206f3 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?carlos=20gonz=C3=A1lez?= Date: Thu, 19 Jan 2023 23:14:49 +0100 Subject: [PATCH 010/373] feat(argo-cd): Add labels for argocd-secret (#1779) MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit * feat(argo-cd): add secret labels field (#1778) Signed-off-by: carlos gonzález Co-authored-by: Petr Drastil --- charts/argo-cd/Chart.yaml | 4 ++-- charts/argo-cd/README.md | 1 + charts/argo-cd/templates/argocd-configs/argocd-secret.yaml | 3 +++ charts/argo-cd/values.yaml | 2 ++ 4 files changed, 8 insertions(+), 2 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index bc3ac6d1e..0b495196b 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -3,7 +3,7 @@ appVersion: v2.5.7 kubeVersion: ">=1.22.0-0" description: A Helm chart for Argo CD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 5.17.4 +version: 5.18.0 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png sources: @@ -23,4 +23,4 @@ dependencies: condition: redis-ha.enabled annotations: artifacthub.io/changes: | - - "[Changed]: Update Argo CD extensions to v0.2.1" + - "[Added]: Extra secret labels with .Values.configs.secret.labels" diff --git a/charts/argo-cd/README.md b/charts/argo-cd/README.md index d1ad8c146..278f1680d 100644 --- a/charts/argo-cd/README.md +++ b/charts/argo-cd/README.md @@ -442,6 +442,7 @@ NAME: my-release | configs.secret.githubSecret | string | `""` | Shared secret for authenticating GitHub webhook events | | configs.secret.gitlabSecret | string | `""` | Shared secret for authenticating GitLab webhook events | | configs.secret.gogsSecret | string | `""` | Shared secret for authenticating Gogs webhook events | +| configs.secret.labels | object | `{}` | Labels to be added to argocd-secret | | configs.styles | string | `""` (See [values.yaml]) | Define custom [CSS styles] for your argo instance. This setting will automatically mount the provided CSS and reference it in the argo configuration. | | configs.tlsCerts | object | See [values.yaml] | TLS certificate | | configs.tlsCertsAnnotations | object | `{}` | TLS certificate configmap annotations | diff --git a/charts/argo-cd/templates/argocd-configs/argocd-secret.yaml b/charts/argo-cd/templates/argocd-configs/argocd-secret.yaml index f289480d1..84a51197c 100644 --- a/charts/argo-cd/templates/argocd-configs/argocd-secret.yaml +++ b/charts/argo-cd/templates/argocd-configs/argocd-secret.yaml @@ -5,6 +5,9 @@ metadata: name: argocd-secret labels: {{- include "argo-cd.labels" (dict "context" . "component" .Values.server.name "name" "secret") | nindent 4 }} + {{- with .Values.configs.secret.labels }} + {{- toYaml . | nindent 4 }} + {{- end }} {{- with .Values.configs.secret.annotations }} annotations: {{- range $key, $value := . }} diff --git a/charts/argo-cd/values.yaml b/charts/argo-cd/values.yaml index cd0bee81f..98b62c1ea 100755 --- a/charts/argo-cd/values.yaml +++ b/charts/argo-cd/values.yaml @@ -392,6 +392,8 @@ configs: secret: # -- Create the argocd-secret createSecret: true + # -- Labels to be added to argocd-secret + labels: {} # -- Annotations to be added to argocd-secret annotations: {} From 9905dcca8eae8f2499c18c31475ad117b12611ad Mon Sep 17 00:00:00 2001 From: Jason Meridth Date: Fri, 20 Jan 2023 08:33:55 -0600 Subject: [PATCH 011/373] fix(argo-cd): Update CONTRIBUTING docs (#1782) * Update CONTRIBUTING - [x] versioning details - [x] remove broken links - [x] fix markdown linting errors - [x] README.md updating clarification * Rename variable in helm-docs script * Update argo-cd README * Add blurb about mandatory Chart versioning * Reword artifacthub changes section in CONTRIBUTING * Reorder/restructure CONTRIBUTING.md * Update argo-cd chart version * Add section in CONTRIBUTING about semantic title linting Signed-off-by: jmeridth Co-authored-by: Josh Soref <2119212+jsoref@users.noreply.github.com> --- CONTRIBUTING.md | 125 +++++++++++++++++++------------- charts/argo-cd/Chart.yaml | 4 +- charts/argo-cd/README.md | 5 +- charts/argo-cd/README.md.gotmpl | 5 +- scripts/helm-docs.sh | 6 +- 5 files changed, 85 insertions(+), 60 deletions(-) diff --git a/CONTRIBUTING.md b/CONTRIBUTING.md index 49c0577bc..f8753d60b 100644 --- a/CONTRIBUTING.md +++ b/CONTRIBUTING.md @@ -2,38 +2,87 @@ Argo Helm is a collection of **community maintained** charts. Therefore we rely on you to test your changes sufficiently. - -# Pull Requests +## Pull Requests All submissions, including submissions by project members, require review. We use GitHub pull requests for this purpose. Consult [GitHub Help](https://help.github.com/articles/about-pull-requests/) for more information on using pull requests. See the above stated requirements for PR on this project. +### Pull Request Title Linting + +We lint the title of your pull request to ensure it follows the [Conventional Commits](https://www.conventionalcommits.org/en/v1.0.0/) specification. This is done using GitHub actions and the [action-semantic-pull-request](.github/workflows/pr-title.yml) workflow. We require the scope of the change to be included in the title. The scope should be the name of the chart you are changing. For example, if you are changing the `argo-cd` chart, the title of your pull request should be `fix(argo-cd): Fix typo in values.yaml`. + +## Documentation + +The documentation for each chart is generated with [helm-docs](https://github.com/norwoodj/helm-docs). This way we can ensure that values are consistent with the chart documentation. + +We have a script on the repository which will execute the helm-docs docker container, so that you don't have to worry about downloading the binary etc. Simply execute the script (Bash compatible, might require sudo privileges): + +```shell +./scripts/helm-docs.sh +``` + +> **Note** +> When creating your own `README.md.gotmpl`, don't forget to add it to your `.helmignore` file. + +### Updating a chart README.md + +When updating the `README.md.gotmpl` inside a chart directory you must to run the `helm-docs` script to generate the updated `README.md` file. To reiterate, you should not edit the `README.md` file manually. It will be generated by the following command: + +```shell +./scripts/helm-docs.sh +``` + +> **Note** +> If you see changes to unrelated chart `README.md` files you may have accidentally updated a `README.md.gotmpl` file in another chart's folder unintentionally or someone else failed to run this script. Please revert those changes if you do not intend them to be a part of your pull request. + ## Versioning -Each chart's version follows the [semver standard](https://semver.org/). New charts should start at version `1.0.0`, if it's considered stable. If it's not considered stable, it must be released as [prerelease](#prerelease). +Each chart's version follows the [semver standard](https://semver.org/). + +New charts should start at version `1.0.0`, if it's considered stable. If it isn't considered stable, it must be released as `prerelease`. Any breaking changes to a chart (backwards incompatible) require: - * Bump of the current Major version of the chart - * State possible manual changes for this chart version in the `Upgrading` section of the chart's `README.md.gotmpl` ([See Upgrade](#upgrades)) +* Bump of the current Major version of the chart +* State possible manual changes for this chart version in the `Upgrading` section of the chart's `README.md.gotmpl` + +### New Application Versions + +When selecting new application versions ensure you make the following changes: + +* `values.yaml`: Bump all instances of the container image version +* `Chart.yaml`: Ensure `appVersion` matches the above container image and bump `version` + +Please ensure chart version changes adhere to semantic versioning standards: + +* Major: Large chart rewrites, major non-backwards compatible or destructive changes +* Minor: New chart functionality (sidecars), major application updates or minor non-backwards compatible changes +* Patch: App version patch updates, backwards compatible optional chart features ### Immutability Each release for each chart must be immutable. Any change to a chart (even just documentation) requires a version bump. Trying to release the same version twice will result in an error. +### Chart Versioning + +Currently we require a chart version bump for every change to a chart, including updating information for older verions. This may change in the future. ### Artifact Hub Annotations Since we release our charts on Artifact Hub we encourage making use of the provided chart annotations for Artifact Hub. - * [https://artifacthub.io/docs/topics/annotations/helm/](https://artifacthub.io/docs/topics/annotations/helm/) +* [https://artifacthub.io/docs/topics/annotations/helm/](https://artifacthub.io/docs/topics/annotations/helm/) #### Changelog We want to deliver transparent chart releases for our chart consumers. Therefore we require a changelog per new chart release. -Changes on a chart must be documented in a chart specific changelog in the `Chart.yaml` [Annotation Section](https://helm.sh/docs/topics/charts/#the-chartyaml-file). For every new release the entire `artifacthub.io/changes` needs to be rewritten. Each change requires a new bullet point following the pattern `- "[{type}]: {description}"`. You can use the following template: +Changes on a chart must be documented in a chart specific changelog in the `Chart.yaml` [Annotation Section](https://helm.sh/docs/topics/charts/#the-chartyaml-file). -``` +A new `artifacthub.io/changes` needs to be written covering only the changes since the previous release. + +Each change requires a new bullet point following the pattern `- "[{type}]: {description}"`. You can use the following template: + +```yaml name: argo-cd version: 3.4.1 ... @@ -45,67 +94,54 @@ annotations: - "[Deprecated]: Something deprecated" - "[Removed]: Something was removed" - "[Fixed]: Something was fixed" - - "[Security]": Some Security Patch was included" + - "[Security]: Some Security Patch was included" ``` -## Documentation - -The documentation for each chart is done with [helm-docs](https://github.com/norwoodj/helm-docs). This way we can ensure that values are consistent with the chart documentation. +## Testing -We have a script on the repository which will execute the helm-docs docker container, so that you don't have to worry about downloading the binary etc. Simply execute the script (Bash compatible, might require sudo privileges): - -``` -bash scripts/helm-docs.sh -``` - -**NOTE**: When creating your own `README.md.gotmpl`, don't forget to add it to your `.helmignore` file. - - - -# Testing - -## Testing Argo Workflows Changes +### Testing Argo Workflows Changes Minimally: -``` +```shell helm install charts/argo-workflows -n argo argo version ``` Follow this instructions for running a hello world workflow. -## Testing Argo CD Changes +### Testing Argo CD Changes Clean-up: -``` +```shell helm delete argo-cd --purge kubectl delete crd -l app.kubernetes.io/part-of=argocd ``` Pre-requisites: -``` + +```shell helm repo add redis-ha https://dandydeveloper.github.io/charts/ helm dependency update ``` Minimally: -``` +```shell helm install argocd argo/argo-cd -n argocd --create-namespace kubectl port-forward service/argo-cd-argocd-server -n argocd 8080:443 ``` In a new terminal: -``` +```shell argocd version --server localhost:8080 --insecure # reset password to 'Password1!' kubectl -n argocd patch secret argocd-secret \ -p '{"stringData": { - "admin.password": "$2a$10$hDj12Tw9xVmvybSahN1Y0.f9DZixxN8oybyA32Uy/eqWklFU4Mo8O", - "admin.passwordMtime": "'$(date +%FT%T%Z)'" + "admin.password": "$2a$10$hDj12Tw9xVmvybSahN1Y0.f9DZixxN8oybyA32Uy/eqWklFU4Mo8O", + "admin.passwordMtime": "'$(date +%FT%T%Z)'" }}' argocd login localhost:8080 --username admin --password 'Password1!' @@ -114,38 +150,25 @@ argocd login localhost:8080 --username admin --password 'Password1!' Create and sync app: -``` +```shell argocd app create guestbook --dest-namespace default --dest-server https://kubernetes.default.svc --path guestbook --project default --repo https://github.com/argoproj/argocd-example-apps.git argocd app sync guestbook ``` -## New Application Versions - -When raising application versions ensure you make the following changes: - -- `values.yaml`: Bump all instances of the container image version -- `Chart.yaml`: Ensure `appVersion` matches the above container image and bump `version` - -Please ensure chart version changes adhere to semantic versioning standards: - -- Patch: App version patch updates, backwards compatible optional chart features -- Minor: New chart functionality (sidecars), major application updates or minor non-backwards compatible changes -- Major: Large chart rewrites, major non-backwards compatible or destructive changes - -## Testing Charts +### Testing Charts As part of the Continuous Integration system we run Helm's [Chart Testing](https://github.com/helm/chart-testing) tool. -The checks for this tool are stricter than the standard Helm requirements, where fields normally considered optional like `maintainer` are required in the standard spec and must be valid GitHub usernames. +The checks for Chart Testing are stricter than the standard Helm requirements. For example, fields normally considered optional like `maintainer` are required in the standard spec and must be valid GitHub usernames. Linting configuration can be found in [ct-lint.yaml](./.github/configs/ct-lint.yaml) The linting can be invoked manually with the following command: -``` +```shell ./scripts/lint.sh ``` ## Publishing Changes -Changes are automatically publish whenever a commit is merged to main. The CI job (see `./.github/workflows/publish.yml`). +Changes are automatically publish whenever a commit is merged to the `main` branch by the CI job (see `./.github/workflows/publish.yml`). diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index 0b495196b..df9f69edb 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -3,7 +3,7 @@ appVersion: v2.5.7 kubeVersion: ">=1.22.0-0" description: A Helm chart for Argo CD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 5.18.0 +version: 5.18.1 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png sources: @@ -23,4 +23,4 @@ dependencies: condition: redis-ha.enabled annotations: artifacthub.io/changes: | - - "[Added]: Extra secret labels with .Values.configs.secret.labels" + - "[Fixed]: README information about 5.12.0 TLS changes" diff --git a/charts/argo-cd/README.md b/charts/argo-cd/README.md index 278f1680d..ec342a3d5 100644 --- a/charts/argo-cd/README.md +++ b/charts/argo-cd/README.md @@ -111,8 +111,9 @@ This version reduces history limit for Argo CD deployment replicas to 3 to provi ### 5.12.0 -This version deprecates the `configs.secret.argocdServerTlsConfig` option. Use `server.certificate` or `server.certificateSecret` to provide custom TLS configuration for Argo CD server. -If you terminate TLS on ingress please use `argocd-server-tls` secret instead of `argocd-secret` secret. +If Argo CD is managing termination of TLS and you are using `configs.secret.argocdServerTlsConfig` option to provide custom TLS configuration for this chart, please use `server.certificate` or `server.certificateSecret` instead. +For the secrets for tls termination, please use a secret named `argocd-server-tls` instead of `argocd-secret`. +For the technical details please check the [Argo CD documentation](https://argo-cd.readthedocs.io/en/stable/operator-manual/tls/#tls-certificates-used-by-argocd-server). When transitioning from the one secret to the other pay attention to `tls.key` and `tls.crt` keys. ### 5.10.0 diff --git a/charts/argo-cd/README.md.gotmpl b/charts/argo-cd/README.md.gotmpl index a844449af..b41f82c0f 100644 --- a/charts/argo-cd/README.md.gotmpl +++ b/charts/argo-cd/README.md.gotmpl @@ -110,8 +110,9 @@ This version reduces history limit for Argo CD deployment replicas to 3 to provi ### 5.12.0 -This version deprecates the `configs.secret.argocdServerTlsConfig` option. Use `server.certificate` or `server.certificateSecret` to provide custom TLS configuration for Argo CD server. -If you terminate TLS on ingress please use `argocd-server-tls` secret instead of `argocd-secret` secret. +If Argo CD is managing termination of TLS and you are using `configs.secret.argocdServerTlsConfig` option to provide custom TLS configuration for this chart, please use `server.certificate` or `server.certificateSecret` instead. +For the secrets for tls termination, please use a secret named `argocd-server-tls` instead of `argocd-secret`. +For the technical details please check the [Argo CD documentation](https://argo-cd.readthedocs.io/en/stable/operator-manual/tls/#tls-certificates-used-by-argocd-server). When transitioning from the one secret to the other pay attention to `tls.key` and `tls.crt` keys. ### 5.10.0 diff --git a/scripts/helm-docs.sh b/scripts/helm-docs.sh index e8ade437c..5669f91c7 100755 --- a/scripts/helm-docs.sh +++ b/scripts/helm-docs.sh @@ -1,11 +1,11 @@ #!/bin/bash ## Reference: https://github.com/norwoodj/helm-docs set -eux -CHART_DIR="$(cd "$(dirname "$0")/.." && pwd)" -echo "$CHART_DIR" +REPO_ROOT="$(cd "$(dirname "$0")/.." && pwd)" +echo "$REPO_ROOT" echo "Running Helm-Docs" docker run \ - -v "$CHART_DIR:/helm-docs" \ + -v "$REPO_ROOT:/helm-docs" \ -u $(id -u) \ jnorwood/helm-docs:v1.9.1 From 4dd31571b3ce2d90bd3598ca020e70cd887c6d23 Mon Sep 17 00:00:00 2001 From: Richard Johansson Date: Fri, 20 Jan 2023 17:41:52 +0100 Subject: [PATCH 012/373] feat(argo-rollouts): Added flags to toggle provider-specific RBAC (#1777) * Toggle for provider-specific RBAC + Added missing RBAC rules Signed-off-by: Richard Johansson * Updated docs with new Helm values Signed-off-by: Richard Johansson * Added a general flag providerRBAC.enabled to toggle all of the providers Signed-off-by: Richard Johansson * Aligned with main Signed-off-by: Richard Johansson * Corrected inline comments Signed-off-by: Richard Johansson * Fixed incorrect inline comments Signed-off-by: Richard Johansson Signed-off-by: Richard Johansson --- charts/argo-rollouts/Chart.yaml | 4 ++-- charts/argo-rollouts/README.md | 8 ++++++++ .../templates/controller/clusterrole.yaml | 20 ++++++++++++++++++- .../templates/controller/role.yaml | 20 ++++++++++++++++++- charts/argo-rollouts/values.yaml | 20 +++++++++++++++++++ 5 files changed, 68 insertions(+), 4 deletions(-) diff --git a/charts/argo-rollouts/Chart.yaml b/charts/argo-rollouts/Chart.yaml index 89ff80efd..a9968a4f4 100644 --- a/charts/argo-rollouts/Chart.yaml +++ b/charts/argo-rollouts/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v2 appVersion: v1.4.0 description: A Helm chart for Argo Rollouts name: argo-rollouts -version: 2.22.0 +version: 2.22.1 home: https://github.com/argoproj/argo-helm icon: https://argoproj.github.io/argo-rollouts/assets/logo.png keywords: @@ -15,4 +15,4 @@ maintainers: url: https://argoproj.github.io/ annotations: artifacthub.io/changes: | - - "[Changed]: Upgrade ArgoRollouts to v1.4.0" + - "[Added]: Flags to toggle provider-specific RBAC rules in Role and ClusterRole" diff --git a/charts/argo-rollouts/README.md b/charts/argo-rollouts/README.md index 43f68a05e..73581f4ee 100644 --- a/charts/argo-rollouts/README.md +++ b/charts/argo-rollouts/README.md @@ -55,6 +55,14 @@ If dashboard is installed by `--set dashboard.enabled=true`, checkout the argo-r | notifications.secret.items | object | `{}` | Generic key:value pairs to be inserted into the notifications secret | | notifications.templates | object | `{}` | Notification templates | | notifications.triggers | object | `{}` | The trigger defines the condition when the notification should be sent | +| providerRBAC.enabled | bool | `true` | Toggles addition of provider-specific RBAC rules to the controller Role and ClusterRole | +| providerRBAC.providers.ambassador | bool | `true` | Adds RBAC rules for the Ambassador provider | +| providerRBAC.providers.apisix | bool | `true` | Adds RBAC rules for the Apisix provider | +| providerRBAC.providers.awsAppMesh | bool | `true` | Adds RBAC rules for the AWS App Mesh provider | +| providerRBAC.providers.awsLoadBalancerController | bool | `true` | Adds RBAC rules for the AWS Load Balancer Controller provider | +| providerRBAC.providers.istio | bool | `true` | Adds RBAC rules for the Istio provider | +| providerRBAC.providers.smi | bool | `true` | Adds RBAC rules for the SMI provider | +| providerRBAC.providers.traefik | bool | `true` | Adds RBAC rules for the Traefik provider | ### Controller diff --git a/charts/argo-rollouts/templates/controller/clusterrole.yaml b/charts/argo-rollouts/templates/controller/clusterrole.yaml index eaaadd240..964daed3d 100644 --- a/charts/argo-rollouts/templates/controller/clusterrole.yaml +++ b/charts/argo-rollouts/templates/controller/clusterrole.yaml @@ -149,6 +149,8 @@ rules: - update - patch - delete +{{- if .Values.providerRBAC.enabled }} +{{- if .Values.providerRBAC.providers.istio }} # virtualservice/destinationrule access needed for using the Istio provider - apiGroups: - networking.istio.io @@ -161,6 +163,8 @@ rules: - update - patch - list +{{- end }} +{{- if .Values.providerRBAC.providers.smi }} # trafficsplit access needed for using the SMI provider - apiGroups: - split.smi-spec.io @@ -172,6 +176,8 @@ rules: - get - update - patch +{{- end }} +{{- if .Values.providerRBAC.providers.ambassador }} # ambassador access needed for Ambassador provider - apiGroups: - getambassador.io @@ -186,7 +192,9 @@ rules: - update - list - delete -# Endpoints and TargetGroupBindings needed for ALB target group verification +{{- end }} +{{- if .Values.providerRBAC.providers.awsLoadBalancerController }} +# Endpoints and TargetGroupBindings needed for ALB target group verification when using AWS Load Balancer Controller - apiGroups: - "" resources: @@ -200,6 +208,8 @@ rules: verbs: - list - get +{{- end }} +{{- if .Values.providerRBAC.providers.awsAppMesh }} # AppMesh virtualservices/virtualrouter CRD read-only access needed for using the App Mesh provider - apiGroups: - appmesh.k8s.aws @@ -221,6 +231,9 @@ rules: - list - update - patch +{{- end }} +{{- if .Values.providerRBAC.providers.traefik }} +# Traefik access needed when using the Traefik provider - apiGroups: - traefik.containo.us resources: @@ -229,6 +242,9 @@ rules: - watch - get - update +{{- end }} +{{- if .Values.providerRBAC.providers.apisix }} +# Access needed when using the Apisix provider - apiGroups: - apisix.apache.org resources: @@ -238,3 +254,5 @@ rules: - get - update {{- end }} +{{- end }} +{{- end }} diff --git a/charts/argo-rollouts/templates/controller/role.yaml b/charts/argo-rollouts/templates/controller/role.yaml index 8c7aa9d47..72ebdbc94 100644 --- a/charts/argo-rollouts/templates/controller/role.yaml +++ b/charts/argo-rollouts/templates/controller/role.yaml @@ -149,6 +149,8 @@ rules: - update - patch - delete +{{- if .Values.providerRBAC.enabled }} +{{- if .Values.providerRBAC.providers.istio }} # virtualservice/destinationrule access needed for using the Istio provider - apiGroups: - networking.istio.io @@ -161,6 +163,8 @@ rules: - update - patch - list +{{- end }} +{{- if .Values.providerRBAC.providers.smi }} # trafficsplit access needed for using the SMI provider - apiGroups: - split.smi-spec.io @@ -172,6 +176,8 @@ rules: - get - update - patch +{{- end }} +{{- if .Values.providerRBAC.providers.ambassador }} # ambassador access needed for Ambassador provider - apiGroups: - getambassador.io @@ -186,7 +192,9 @@ rules: - update - list - delete -# Endpoints and TargetGroupBindings needed for ALB target group verification +{{- end }} +{{- if .Values.providerRBAC.providers.awsLoadBalancerController }} +# Endpoints and TargetGroupBindings needed for ALB target group verification when using AWS Load Balancer Controller - apiGroups: - "" resources: @@ -200,6 +208,8 @@ rules: verbs: - list - get +{{- end }} +{{- if .Values.providerRBAC.providers.awsAppMesh }} # AppMesh virtualservices/virtualrouter CRD read-only access needed for using the App Mesh provider - apiGroups: - appmesh.k8s.aws @@ -221,6 +231,9 @@ rules: - list - update - patch +{{- end }} +{{- if .Values.providerRBAC.providers.traefik }} +# Traefik access needed when using the Traefik provider - apiGroups: - traefik.containo.us resources: @@ -229,6 +242,9 @@ rules: - watch - get - update +{{- end }} +{{- if .Values.providerRBAC.providers.apisix }} +# Access needed when using the Apisix provider - apiGroups: - apisix.apache.org resources: @@ -238,3 +254,5 @@ rules: - get - update {{- end }} +{{- end }} +{{- end }} diff --git a/charts/argo-rollouts/values.yaml b/charts/argo-rollouts/values.yaml index 43d322c24..eb077221d 100644 --- a/charts/argo-rollouts/values.yaml +++ b/charts/argo-rollouts/values.yaml @@ -190,6 +190,26 @@ podLabels: {} imagePullSecrets: [] # - name: argo-pull-secret +providerRBAC: + # -- Toggles addition of provider-specific RBAC rules to the controller Role and ClusterRole + enabled: true + # providerRBAC.enabled must be true in order to toggle the individual providers + providers: + # -- Adds RBAC rules for the Istio provider + istio: true + # -- Adds RBAC rules for the SMI provider + smi: true + # -- Adds RBAC rules for the Ambassador provider + ambassador: true + # -- Adds RBAC rules for the AWS Load Balancer Controller provider + awsLoadBalancerController: true + # -- Adds RBAC rules for the AWS App Mesh provider + awsAppMesh: true + # -- Adds RBAC rules for the Traefik provider + traefik: true + # -- Adds RBAC rules for the Apisix provider + apisix: true + dashboard: # -- Deploy dashboard server enabled: false From 5b9f624ba21f167bb55d948f0c5042383c87678d Mon Sep 17 00:00:00 2001 From: Petr Drastil Date: Sat, 21 Jan 2023 10:24:46 +0100 Subject: [PATCH 013/373] feat(argo-cd): Consolidate certificate config for repositories (#1786) Signed-off-by: Petr Drastil --- charts/argo-cd/Chart.yaml | 6 +- charts/argo-cd/README.md | 14 ++- charts/argo-cd/README.md.gotmpl | 5 + charts/argo-cd/templates/NOTES.txt | 12 +++ .../argocd-ssh-known-hosts-cm.yaml | 15 ++- .../argocd-configs/argocd-tls-certs-cm.yaml | 15 ++- charts/argo-cd/values.yaml | 102 ++++++++---------- 7 files changed, 98 insertions(+), 71 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index df9f69edb..daad23a9c 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -3,7 +3,7 @@ appVersion: v2.5.7 kubeVersion: ">=1.22.0-0" description: A Helm chart for Argo CD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 5.18.1 +version: 5.19.0 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png sources: @@ -23,4 +23,6 @@ dependencies: condition: redis-ha.enabled annotations: artifacthub.io/changes: | - - "[Fixed]: README information about 5.12.0 TLS changes" + - "[Added]: Option configs.ssh.extraHosts that allows to keep original SSH known list" + - "[Changed]: Option configs.knownHosts deprecated as moved to configs.ssh" + - "[Changed]: Option configs.tlsCerts deprecated as moved to configs.tls" diff --git a/charts/argo-cd/README.md b/charts/argo-cd/README.md index ec342a3d5..37a2dc19b 100644 --- a/charts/argo-cd/README.md +++ b/charts/argo-cd/README.md @@ -105,6 +105,11 @@ For full list of changes please check ArtifactHub [changelog]. Highlighted versions provide information about additional steps that should be performed by user when upgrading to newer version. +### 5.19.0 + +This version consolidates config for custom repository TLS certificates and SSH known hosts. If you provide this values please move them into new `configs.ssh` and `configs.tls` sections. +You can also use new option `configs.ssh.extraHosts` to configure your SSH keys without maintaing / overwritting keys for public Git repositories. + ### 5.13.0 This version reduces history limit for Argo CD deployment replicas to 3 to provide more visibility for Argo CD deployments that manage itself. If you need more deployment revisions for rollbacks set `global.revisionHistoryLimit` parameter. @@ -410,8 +415,6 @@ NAME: my-release | configs.credentialTemplatesAnnotations | object | `{}` | Annotations to be added to `configs.credentialTemplates` Secret | | configs.gpg.annotations | object | `{}` | Annotations to be added to argocd-gpg-keys-cm configmap | | configs.gpg.keys | object | `{}` (See [values.yaml]) | [GnuPG] public keys to add to the keyring | -| configs.knownHosts.data.ssh_known_hosts | string | See [values.yaml] | Known Hosts | -| configs.knownHostsAnnotations | object | `{}` | Known Hosts configmap annotations | | configs.params."controller.operation.processors" | int | `10` | Number of application operation processors | | configs.params."controller.repo.server.timeout.seconds" | int | `60` | Repo server RPC call timeout seconds. | | configs.params."controller.self.heal.timeout.seconds" | int | `5` | Specifies timeout between application self heal attempts | @@ -444,9 +447,12 @@ NAME: my-release | configs.secret.gitlabSecret | string | `""` | Shared secret for authenticating GitLab webhook events | | configs.secret.gogsSecret | string | `""` | Shared secret for authenticating Gogs webhook events | | configs.secret.labels | object | `{}` | Labels to be added to argocd-secret | +| configs.ssh.annotations | object | `{}` | Annotations to be added to argocd-ssh-known-hosts-cm configmap | +| configs.ssh.extraHosts | string | `""` | Additional known hosts for private repositories | +| configs.ssh.knownHosts | string | See [values.yaml] | Known hosts to be added to the known host list by default. | | configs.styles | string | `""` (See [values.yaml]) | Define custom [CSS styles] for your argo instance. This setting will automatically mount the provided CSS and reference it in the argo configuration. | -| configs.tlsCerts | object | See [values.yaml] | TLS certificate | -| configs.tlsCertsAnnotations | object | `{}` | TLS certificate configmap annotations | +| configs.tls.annotations | object | `{}` | Annotations to be added to argocd-tls-certs-cm configmap | +| configs.tls.certificates | object | `{}` (See [values.yaml]) | TLS certificates for Git repositories | ## Argo CD Controller diff --git a/charts/argo-cd/README.md.gotmpl b/charts/argo-cd/README.md.gotmpl index b41f82c0f..fde0c0c88 100644 --- a/charts/argo-cd/README.md.gotmpl +++ b/charts/argo-cd/README.md.gotmpl @@ -104,6 +104,11 @@ For full list of changes please check ArtifactHub [changelog]. Highlighted versions provide information about additional steps that should be performed by user when upgrading to newer version. +### 5.19.0 + +This version consolidates config for custom repository TLS certificates and SSH known hosts. If you provide this values please move them into new `configs.ssh` and `configs.tls` sections. +You can also use new option `configs.ssh.extraHosts` to configure your SSH keys without maintaing / overwritting keys for public Git repositories. + ### 5.13.0 This version reduces history limit for Argo CD deployment replicas to 3 to provide more visibility for Argo CD deployments that manage itself. If you need more deployment revisions for rollbacks set `global.revisionHistoryLimit` parameter. diff --git a/charts/argo-cd/templates/NOTES.txt b/charts/argo-cd/templates/NOTES.txt index 30138ee4e..c5c5e7c54 100644 --- a/charts/argo-cd/templates/NOTES.txt +++ b/charts/argo-cd/templates/NOTES.txt @@ -64,6 +64,18 @@ DEPRECATED option .server.clusterAdminAccess.enabled - Use createClusterRoles {{- if hasKey (.Values.repoServer.clusterAdminAccess | default dict) "enabled" }} DEPRECATED option .server.clusterAdminAccess.enabled - Use createClusterRoles {{- end }} +{{- if .Values.configs.knownHostsAnnotations }} +DEPRECATED option configs.knownHostsAnnotations - Use configs.ssh.annotations +{{- end }} +{{- if hasKey .Values.configs "knownHosts" }} +DEPRECATED option configs.knownHosts.data.ssh_known_hosts - Use configs.ssh.knownHosts +{{- end }} +{{- if .Values.configs.tlsCertsAnnotations }} +DEPRECATED option configs.tlsCertsAnnotations - Use configs.tls.annotations +{{- end }} +{{- if hasKey .Values.configs "tlsCerts" }} +DEPRECATED option configs.tlsCerts.data - Use configs.tls.certificates +{{- end }} {{- if .Values.controller.service }} REMOVED option controller.service - Use controller.metrics {{- end }} diff --git a/charts/argo-cd/templates/argocd-configs/argocd-ssh-known-hosts-cm.yaml b/charts/argo-cd/templates/argocd-configs/argocd-ssh-known-hosts-cm.yaml index 844f492da..03c306d41 100644 --- a/charts/argo-cd/templates/argocd-configs/argocd-ssh-known-hosts-cm.yaml +++ b/charts/argo-cd/templates/argocd-configs/argocd-ssh-known-hosts-cm.yaml @@ -3,11 +3,20 @@ kind: ConfigMap metadata: name: argocd-ssh-known-hosts-cm labels: - {{- include "argo-cd.labels" (dict "context" . "component" .Values.server.name "name" "ssh-known-hosts-cm") | nindent 4 }} - {{- with .Values.configs.knownHostsAnnotations }} + {{- include "argo-cd.labels" (dict "context" . "name" "ssh-known-hosts-cm") | nindent 4 }} + {{- with (mergeOverwrite (deepCopy .Values.configs.ssh.annotations) (.Values.configs.knownHostsAnnotations | default dict)) -}} annotations: {{- range $key, $value := . }} {{ $key }}: {{ $value | quote }} {{- end }} {{- end }} -{{- toYaml .Values.configs.knownHosts | nindent 0 }} +data: + ssh_known_hosts: | + {{- if hasKey .Values.configs "knownHosts" }} + {{- .Values.configs.knownHosts.data.ssh_known_hosts | nindent 4 }} + {{- else }} + {{- .Values.configs.ssh.knownHosts | nindent 4 }} + {{- end }} + {{- with .Values.configs.ssh.extraHosts }} + {{- . | nindent 4 }} + {{- end }} diff --git a/charts/argo-cd/templates/argocd-configs/argocd-tls-certs-cm.yaml b/charts/argo-cd/templates/argocd-configs/argocd-tls-certs-cm.yaml index 74b211813..8e5c7c884 100644 --- a/charts/argo-cd/templates/argocd-configs/argocd-tls-certs-cm.yaml +++ b/charts/argo-cd/templates/argocd-configs/argocd-tls-certs-cm.yaml @@ -3,13 +3,20 @@ kind: ConfigMap metadata: name: argocd-tls-certs-cm labels: - {{- include "argo-cd.labels" (dict "context" . "component" .Values.server.name "name" "tls-certs-cm") | nindent 4 }} - {{- with .Values.configs.tlsCertsAnnotations }} + {{- include "argo-cd.labels" (dict "context" . "name" "tls-certs-cm") | nindent 4 }} + {{- with (mergeOverwrite (deepCopy .Values.configs.ssh.annotations) (.Values.configs.tlsCertsAnnotations | default dict)) -}} annotations: {{- range $key, $value := . }} {{ $key }}: {{ $value | quote }} {{- end }} {{- end }} -{{- with .Values.configs.tlsCerts }} -{{- toYaml . | nindent 0 }} +{{- if hasKey .Values.configs "tlsCerts" }} + {{- with .Values.configs.tlsCerts }} + {{- toYaml . | nindent 0 }} + {{- end }} +{{- else }} +{{- with .Values.configs.tls.certificates }} +data: + {{- toYaml . | nindent 2 }} +{{- end }} {{- end }} diff --git a/charts/argo-cd/values.yaml b/charts/argo-cd/values.yaml index 98b62c1ea..5e73d2187 100755 --- a/charts/argo-cd/values.yaml +++ b/charts/argo-cd/values.yaml @@ -254,6 +254,41 @@ configs: # ... # -----END PGP PUBLIC KEY BLOCK----- + # SSH known hosts for Git repositories + ## Ref: https://argo-cd.readthedocs.io/en/stable/operator-manual/declarative-setup/#ssh-known-host-public-keys + ssh: + # -- Annotations to be added to argocd-ssh-known-hosts-cm configmap + annotations: {} + + # -- Known hosts to be added to the known host list by default. + # @default -- See [values.yaml] + knownHosts: | + bitbucket.org ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAQEAubiN81eDcafrgMeLzaFPsw2kNvEcqTKl/VqLat/MaB33pZy0y3rJZtnqwR2qOOvbwKZYKiEO1O6VqNEBxKvJJelCq0dTXWT5pbO2gDXC6h6QDXCaHo6pOHGPUy+YBaGQRGuSusMEASYiWunYN0vCAI8QaXnWMXNMdFP3jHAJH0eDsoiGnLPBlBp4TNm6rYI74nMzgz3B9IikW4WVK+dc8KZJZWYjAuORU3jc1c/NPskD2ASinf8v3xnfXeukU0sJ5N6m5E8VLjObPEO+mN2t/FZTMZLiFqPWc/ALSqnMnnhwrNi2rbfg/rd/IpL8Le3pSBne8+seeFVBoGqzHM9yXw== + github.com ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBEmKSENjQEezOmxkZMy7opKgwFB9nkt5YRrYMjNuG5N87uRgg6CLrbo5wAdT/y6v0mKV0U2w0WZ2YB/++Tpockg= + github.com ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIOMqqnkVzrm0SdG6UOoqKLsabgH5C9okWi0dh2l9GKJl + github.com ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAQEAq2A7hRGmdnm9tUDbO9IDSwBK6TbQa+PXYPCPy6rbTrTtw7PHkccKrpp0yVhp5HdEIcKr6pLlVDBfOLX9QUsyCOV0wzfjIJNlGEYsdlLJizHhbn2mUjvSAHQqZETYP81eFzLQNnPHt4EVVUh7VfDESU84KezmD5QlWpXLmvU31/yMf+Se8xhHTvKSCZIFImWwoG6mbUoWf9nzpIoaSjB+weqqUUmpaaasXVal72J+UX2B+2RPW3RcT0eOzQgqlJL3RKrTJvdsjE3JEAvGq3lGHSZXy28G3skua2SmVi/w4yCE6gbODqnTWlg7+wC604ydGXA8VJiS5ap43JXiUFFAaQ== + gitlab.com ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBFSMqzJeV9rUzU4kWitGjeR4PWSa29SPqJ1fVkhtj3Hw9xjLVXVYrU9QlYWrOLXBpQ6KWjbjTDTdDkoohFzgbEY= + gitlab.com ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIAfuCHKVTjquxvt6CM6tdG4SLp1Btn/nOeHHE5UOzRdf + gitlab.com ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCsj2bNKTBSpIYDEGk9KxsGh3mySTRgMtXL583qmBpzeQ+jqCMRgBqB98u3z++J1sKlXHWfM9dyhSevkMwSbhoR8XIq/U0tCNyokEi/ueaBMCvbcTHhO7FcwzY92WK4Yt0aGROY5qX2UKSeOvuP4D6TPqKF1onrSzH9bx9XUf2lEdWT/ia1NEKjunUqu1xOB/StKDHMoX4/OKyIzuS0q/T1zOATthvasJFoPrAjkohTyaDUz2LN5JoH839hViyEG82yB+MjcFV5MU3N1l1QL3cVUCh93xSaua1N85qivl+siMkPGbO5xR/En4iEY6K2XPASUEMaieWVNTRCtJ4S8H+9 + ssh.dev.azure.com ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQC7Hr1oTWqNqOlzGJOfGJ4NakVyIzf1rXYd4d7wo6jBlkLvCA4odBlL0mDUyZ0/QUfTTqeu+tm22gOsv+VrVTMk6vwRU75gY/y9ut5Mb3bR5BV58dKXyq9A9UeB5Cakehn5Zgm6x1mKoVyf+FFn26iYqXJRgzIZZcZ5V6hrE0Qg39kZm4az48o0AUbf6Sp4SLdvnuMa2sVNwHBboS7EJkm57XQPVU3/QpyNLHbWDdzwtrlS+ez30S3AdYhLKEOxAG8weOnyrtLJAUen9mTkol8oII1edf7mWWbWVf0nBmly21+nZcmCTISQBtdcyPaEno7fFQMDD26/s0lfKob4Kw8H + vs-ssh.visualstudio.com ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQC7Hr1oTWqNqOlzGJOfGJ4NakVyIzf1rXYd4d7wo6jBlkLvCA4odBlL0mDUyZ0/QUfTTqeu+tm22gOsv+VrVTMk6vwRU75gY/y9ut5Mb3bR5BV58dKXyq9A9UeB5Cakehn5Zgm6x1mKoVyf+FFn26iYqXJRgzIZZcZ5V6hrE0Qg39kZm4az48o0AUbf6Sp4SLdvnuMa2sVNwHBboS7EJkm57XQPVU3/QpyNLHbWDdzwtrlS+ez30S3AdYhLKEOxAG8weOnyrtLJAUen9mTkol8oII1edf7mWWbWVf0nBmly21+nZcmCTISQBtdcyPaEno7fFQMDD26/s0lfKob4Kw8H + + # -- Additional known hosts for private repositories + extraHosts: '' + + # Repository TLS certificates + # Ref: https://argo-cd.readthedocs.io/en/stable/operator-manual/declarative-setup/#repositories-using-self-signed-tls-certificates-or-are-signed-by-custom-ca + tls: + # -- Annotations to be added to argocd-tls-certs-cm configmap + annotations: {} + + # -- TLS certificates for Git repositories + # @default -- `{}` (See [values.yaml]) + certificates: {} + # server.example.com: | + # -----BEGIN CERTIFICATE----- + # ... + # -----END CERTIFICATE----- # -- Provide one or multiple [external cluster credentials] # @default -- `[]` (See [values.yaml]) @@ -282,64 +317,15 @@ configs: # insecure: false # caData: "" - # -- Known Hosts configmap annotations - knownHostsAnnotations: {} - knownHosts: - data: - # -- Known Hosts - # @default -- See [values.yaml] - ssh_known_hosts: | - bitbucket.org ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAQEAubiN81eDcafrgMeLzaFPsw2kNvEcqTKl/VqLat/MaB33pZy0y3rJZtnqwR2qOOvbwKZYKiEO1O6VqNEBxKvJJelCq0dTXWT5pbO2gDXC6h6QDXCaHo6pOHGPUy+YBaGQRGuSusMEASYiWunYN0vCAI8QaXnWMXNMdFP3jHAJH0eDsoiGnLPBlBp4TNm6rYI74nMzgz3B9IikW4WVK+dc8KZJZWYjAuORU3jc1c/NPskD2ASinf8v3xnfXeukU0sJ5N6m5E8VLjObPEO+mN2t/FZTMZLiFqPWc/ALSqnMnnhwrNi2rbfg/rd/IpL8Le3pSBne8+seeFVBoGqzHM9yXw== - github.com ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBEmKSENjQEezOmxkZMy7opKgwFB9nkt5YRrYMjNuG5N87uRgg6CLrbo5wAdT/y6v0mKV0U2w0WZ2YB/++Tpockg= - github.com ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIOMqqnkVzrm0SdG6UOoqKLsabgH5C9okWi0dh2l9GKJl - github.com ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAQEAq2A7hRGmdnm9tUDbO9IDSwBK6TbQa+PXYPCPy6rbTrTtw7PHkccKrpp0yVhp5HdEIcKr6pLlVDBfOLX9QUsyCOV0wzfjIJNlGEYsdlLJizHhbn2mUjvSAHQqZETYP81eFzLQNnPHt4EVVUh7VfDESU84KezmD5QlWpXLmvU31/yMf+Se8xhHTvKSCZIFImWwoG6mbUoWf9nzpIoaSjB+weqqUUmpaaasXVal72J+UX2B+2RPW3RcT0eOzQgqlJL3RKrTJvdsjE3JEAvGq3lGHSZXy28G3skua2SmVi/w4yCE6gbODqnTWlg7+wC604ydGXA8VJiS5ap43JXiUFFAaQ== - gitlab.com ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBFSMqzJeV9rUzU4kWitGjeR4PWSa29SPqJ1fVkhtj3Hw9xjLVXVYrU9QlYWrOLXBpQ6KWjbjTDTdDkoohFzgbEY= - gitlab.com ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIAfuCHKVTjquxvt6CM6tdG4SLp1Btn/nOeHHE5UOzRdf - gitlab.com ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCsj2bNKTBSpIYDEGk9KxsGh3mySTRgMtXL583qmBpzeQ+jqCMRgBqB98u3z++J1sKlXHWfM9dyhSevkMwSbhoR8XIq/U0tCNyokEi/ueaBMCvbcTHhO7FcwzY92WK4Yt0aGROY5qX2UKSeOvuP4D6TPqKF1onrSzH9bx9XUf2lEdWT/ia1NEKjunUqu1xOB/StKDHMoX4/OKyIzuS0q/T1zOATthvasJFoPrAjkohTyaDUz2LN5JoH839hViyEG82yB+MjcFV5MU3N1l1QL3cVUCh93xSaua1N85qivl+siMkPGbO5xR/En4iEY6K2XPASUEMaieWVNTRCtJ4S8H+9 - ssh.dev.azure.com ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQC7Hr1oTWqNqOlzGJOfGJ4NakVyIzf1rXYd4d7wo6jBlkLvCA4odBlL0mDUyZ0/QUfTTqeu+tm22gOsv+VrVTMk6vwRU75gY/y9ut5Mb3bR5BV58dKXyq9A9UeB5Cakehn5Zgm6x1mKoVyf+FFn26iYqXJRgzIZZcZ5V6hrE0Qg39kZm4az48o0AUbf6Sp4SLdvnuMa2sVNwHBboS7EJkm57XQPVU3/QpyNLHbWDdzwtrlS+ez30S3AdYhLKEOxAG8weOnyrtLJAUen9mTkol8oII1edf7mWWbWVf0nBmly21+nZcmCTISQBtdcyPaEno7fFQMDD26/s0lfKob4Kw8H - vs-ssh.visualstudio.com ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQC7Hr1oTWqNqOlzGJOfGJ4NakVyIzf1rXYd4d7wo6jBlkLvCA4odBlL0mDUyZ0/QUfTTqeu+tm22gOsv+VrVTMk6vwRU75gY/y9ut5Mb3bR5BV58dKXyq9A9UeB5Cakehn5Zgm6x1mKoVyf+FFn26iYqXJRgzIZZcZ5V6hrE0Qg39kZm4az48o0AUbf6Sp4SLdvnuMa2sVNwHBboS7EJkm57XQPVU3/QpyNLHbWDdzwtrlS+ez30S3AdYhLKEOxAG8weOnyrtLJAUen9mTkol8oII1edf7mWWbWVf0nBmly21+nZcmCTISQBtdcyPaEno7fFQMDD26/s0lfKob4Kw8H - # -- TLS certificate configmap annotations - tlsCertsAnnotations: {} - # -- TLS certificate - # @default -- See [values.yaml] - tlsCerts: - {} - # data: - # argocd.example.com: | - # -----BEGIN CERTIFICATE----- - # MIIF1zCCA7+gAwIBAgIUQdTcSHY2Sxd3Tq/v1eIEZPCNbOowDQYJKoZIhvcNAQEL - # BQAwezELMAkGA1UEBhMCREUxFTATBgNVBAgMDExvd2VyIFNheG9ueTEQMA4GA1UE - # BwwHSGFub3ZlcjEVMBMGA1UECgwMVGVzdGluZyBDb3JwMRIwEAYDVQQLDAlUZXN0 - # c3VpdGUxGDAWBgNVBAMMD2Jhci5leGFtcGxlLmNvbTAeFw0xOTA3MDgxMzU2MTda - # Fw0yMDA3MDcxMzU2MTdaMHsxCzAJBgNVBAYTAkRFMRUwEwYDVQQIDAxMb3dlciBT - # YXhvbnkxEDAOBgNVBAcMB0hhbm92ZXIxFTATBgNVBAoMDFRlc3RpbmcgQ29ycDES - # MBAGA1UECwwJVGVzdHN1aXRlMRgwFgYDVQQDDA9iYXIuZXhhbXBsZS5jb20wggIi - # MA0GCSqGSIb3DQEBAQUAA4ICDwAwggIKAoICAQCv4mHMdVUcafmaSHVpUM0zZWp5 - # NFXfboxA4inuOkE8kZlbGSe7wiG9WqLirdr39Ts+WSAFA6oANvbzlu3JrEQ2CHPc - # CNQm6diPREFwcDPFCe/eMawbwkQAPVSHPts0UoRxnpZox5pn69ghncBR+jtvx+/u - # P6HdwW0qqTvfJnfAF1hBJ4oIk2AXiip5kkIznsAh9W6WRy6nTVCeetmIepDOGe0G - # ZJIRn/OfSz7NzKylfDCat2z3EAutyeT/5oXZoWOmGg/8T7pn/pR588GoYYKRQnp+ - # YilqCPFX+az09EqqK/iHXnkdZ/Z2fCuU+9M/Zhrnlwlygl3RuVBI6xhm/ZsXtL2E - # Gxa61lNy6pyx5+hSxHEFEJshXLtioRd702VdLKxEOuYSXKeJDs1x9o6cJ75S6hko - # Ml1L4zCU+xEsMcvb1iQ2n7PZdacqhkFRUVVVmJ56th8aYyX7KNX6M9CD+kMpNm6J - # kKC1li/Iy+RI138bAvaFplajMF551kt44dSvIoJIbTr1LigudzWPqk31QaZXV/4u - # kD1n4p/XMc9HYU/was/CmQBFqmIZedTLTtK7clkuFN6wbwzdo1wmUNgnySQuMacO - # gxhHxxzRWxd24uLyk9Px+9U3BfVPaRLiOPaPoC58lyVOykjSgfpgbus7JS69fCq7 - # bEH4Jatp/10zkco+UQIDAQABo1MwUTAdBgNVHQ4EFgQUjXH6PHi92y4C4hQpey86 - # r6+x1ewwHwYDVR0jBBgwFoAUjXH6PHi92y4C4hQpey86r6+x1ewwDwYDVR0TAQH/ - # BAUwAwEB/zANBgkqhkiG9w0BAQsFAAOCAgEAFE4SdKsX9UsLy+Z0xuHSxhTd0jfn - # Iih5mtzb8CDNO5oTw4z0aMeAvpsUvjJ/XjgxnkiRACXh7K9hsG2r+ageRWGevyvx - # CaRXFbherV1kTnZw4Y9/pgZTYVWs9jlqFOppz5sStkfjsDQ5lmPJGDii/StENAz2 - # XmtiPOgfG9Upb0GAJBCuKnrU9bIcT4L20gd2F4Y14ccyjlf8UiUi192IX6yM9OjT - # +TuXwZgqnTOq6piVgr+FTSa24qSvaXb5z/mJDLlk23npecTouLg83TNSn3R6fYQr - # d/Y9eXuUJ8U7/qTh2Ulz071AO9KzPOmleYPTx4Xty4xAtWi1QE5NHW9/Ajlv5OtO - # OnMNWIs7ssDJBsB7VFC8hcwf79jz7kC0xmQqDfw51Xhhk04kla+v+HZcFW2AO9so - # 6ZdVHHQnIbJa7yQJKZ+hK49IOoBR6JgdB5kymoplLLiuqZSYTcwSBZ72FYTm3iAr - # jzvt1hxpxVDmXvRnkhRrIRhK4QgJL0jRmirBjDY+PYYd7bdRIjN7WNZLFsgplnS8 - # 9w6CwG32pRlm0c8kkiQ7FXA6BYCqOsDI8f1VGQv331OpR2Ck+FTv+L7DAmg6l37W - # +LB9LGh4OAp68ImTjqf6ioGKG0RBSznwME+r4nXtT1S/qLR6ASWUS4ViWRhbRlNK - # XWyb96wrUlv+E8I= - # -----END CERTIFICATE----- + # DEPRECATED - Moved to configs.ssh.annotations + # knownHostsAnnotations: {} + # DEPRECATED - Moved to configs.ssh.knownHosts + # knownHosts: {} + + # DEPRECATED - Moved to configs.tls.annotations + # tlsCertsAnnotations: {} + # DEPRECATED - Moved to configs.tls.certificates + # tlsCerts: {} # -- Repository credentials to be used as Templates for other repos ## Creates a secret for each key/value specified below to create repository credentials From e91bc78a4a337ab014adb19611dfb8f2b5ce707f Mon Sep 17 00:00:00 2001 From: Pedro Date: Sat, 21 Jan 2023 05:37:52 -0600 Subject: [PATCH 014/373] feat(argocd-image-updater): prevent generation of label value of invalid length (#1691) * feat(argocd-image-updater): prevent label from being greater than 63 characters. Signed-off-by: Pedro Salgado * fix: Add missing double quote in changelog Signed-off-by: Marco Kilchhofer Signed-off-by: Pedro Salgado Signed-off-by: Marco Kilchhofer Co-authored-by: Marco Kilchhofer Co-authored-by: Jason Meridth --- charts/argocd-image-updater/Chart.yaml | 4 ++-- charts/argocd-image-updater/templates/_helpers.tpl | 2 +- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/charts/argocd-image-updater/Chart.yaml b/charts/argocd-image-updater/Chart.yaml index 049ed8cea..5147ea828 100644 --- a/charts/argocd-image-updater/Chart.yaml +++ b/charts/argocd-image-updater/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v2 name: argocd-image-updater description: A Helm chart for Argo CD Image Updater, a tool to automatically update the container images of Kubernetes workloads which are managed by Argo CD type: application -version: 0.8.1 +version: 0.8.2 appVersion: v0.12.0 home: https://github.com/argoproj-labs/argocd-image-updater icon: https://argocd-image-updater.readthedocs.io/en/stable/assets/logo.png @@ -15,4 +15,4 @@ maintainers: url: https://argoproj.github.io/ annotations: artifacthub.io/changes: | - - "[Added]: Add support for additional initContainers and additional volume/volumeMounts" + - "[Changed]: avoid app.kubernetes.io/version kubernetes label from exceeding maximum length (63)" diff --git a/charts/argocd-image-updater/templates/_helpers.tpl b/charts/argocd-image-updater/templates/_helpers.tpl index 5c0be1da6..934d894c0 100644 --- a/charts/argocd-image-updater/templates/_helpers.tpl +++ b/charts/argocd-image-updater/templates/_helpers.tpl @@ -38,7 +38,7 @@ Common labels helm.sh/chart: {{ include "argocd-image-updater.chart" . }} {{ include "argocd-image-updater.selectorLabels" . }} {{- if .Chart.AppVersion }} -app.kubernetes.io/version: {{ .Chart.AppVersion | quote }} +app.kubernetes.io/version: {{ .Chart.AppVersion | trunc 63 | quote }} {{- end }} app.kubernetes.io/managed-by: {{ .Release.Service }} {{- end }} From 58f587618fbabe601d0f433d8a2d935069fbffdf Mon Sep 17 00:00:00 2001 From: Petr Drastil Date: Sat, 21 Jan 2023 13:07:14 +0100 Subject: [PATCH 015/373] fix(argo-cd): Consolidate and fix container ports (#1788) Signed-off-by: Petr Drastil --- charts/argo-cd/Chart.yaml | 7 +- charts/argo-cd/README.md | 25 ++-- charts/argo-cd/templates/NOTES.txt | 21 +++ .../statefulset.yaml | 15 ++- .../argocd-applicationset/deployment.yaml | 11 +- .../argocd-notifications/deployment.yaml | 4 +- .../argocd-repo-server/deployment.yaml | 6 +- .../templates/argocd-server/aws/service.yaml | 4 +- .../templates/argocd-server/deployment.yaml | 12 +- .../templates/argocd-server/service.yaml | 6 +- charts/argo-cd/templates/dex/deployment.yaml | 6 +- .../argo-cd/templates/redis/deployment.yaml | 8 +- charts/argo-cd/values.yaml | 124 +++++++++++------- 13 files changed, 152 insertions(+), 97 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index daad23a9c..e75156e7c 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -3,7 +3,7 @@ appVersion: v2.5.7 kubeVersion: ">=1.22.0-0" description: A Helm chart for Argo CD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 5.19.0 +version: 5.19.1 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png sources: @@ -23,6 +23,5 @@ dependencies: condition: redis-ha.enabled annotations: artifacthub.io/changes: | - - "[Added]: Option configs.ssh.extraHosts that allows to keep original SSH known list" - - "[Changed]: Option configs.knownHosts deprecated as moved to configs.ssh" - - "[Changed]: Option configs.tlsCerts deprecated as moved to configs.tls" + - "[Fixed]: Container port configuration now properly sets the listening port" + - "[Changed]: Container ports consolidated from various places to new containerPorts sections" diff --git a/charts/argo-cd/README.md b/charts/argo-cd/README.md index 37a2dc19b..ca54a9bce 100644 --- a/charts/argo-cd/README.md +++ b/charts/argo-cd/README.md @@ -462,7 +462,7 @@ NAME: my-release | controller.args | object | `{}` | DEPRECATED - Application controller commandline flags | | controller.clusterRoleRules.enabled | bool | `false` | Enable custom rules for the application controller's ClusterRole resource | | controller.clusterRoleRules.rules | list | `[]` | List of custom rules for the application controller's ClusterRole resource | -| controller.containerPort | int | `8082` | Application controller listening port | +| controller.containerPorts.metrics | int | `8082` | Metrics container port | | controller.containerSecurityContext | object | See [values.yaml] | Application controller container-level security context | | controller.env | list | `[]` | Environment variables to pass to application controller | | controller.envFrom | list | `[]` (See [values.yaml]) | envFrom to pass to application controller | @@ -539,7 +539,8 @@ NAME: my-release | repoServer.certificateSecret.labels | object | `{}` | Labels to be added to argocd-repo-server-tls secret | | repoServer.clusterRoleRules.enabled | bool | `false` | Enable custom rules for the Repo server's Cluster Role resource | | repoServer.clusterRoleRules.rules | list | `[]` | List of custom rules for the Repo server's Cluster Role resource | -| repoServer.containerPort | int | `8081` | Configures the repo server port | +| repoServer.containerPorts.metrics | int | `8084` | Metrics container port | +| repoServer.containerPorts.server | int | `8081` | Repo server container port | | repoServer.containerSecurityContext | object | See [values.yaml] | Repo server container-level security context | | repoServer.deploymentAnnotations | object | `{}` | Annotations to be added to repo server Deployment | | repoServer.env | list | `[]` | Environment variables to pass to repo server | @@ -638,7 +639,8 @@ NAME: my-release | server.certificateSecret.enabled | bool | `false` | Create argocd-server-tls secret | | server.certificateSecret.key | string | `""` | Private Key of the certificate | | server.certificateSecret.labels | object | `{}` | Labels to be added to argocd-server-tls secret | -| server.containerPort | int | `8080` | Configures the server port | +| server.containerPorts.metrics | int | `8082` | Metrics container port | +| server.containerPorts.server | int | `8080` | Server container port | | server.containerSecurityContext | object | See [values.yaml] | Server container-level security context | | server.deploymentAnnotations | object | `{}` | Annotations to be added to server Deployment | | server.env | list | `[]` | Environment variables to pass to Argo CD server | @@ -728,7 +730,6 @@ NAME: my-release | server.service.labels | object | `{}` | Server service labels | | server.service.loadBalancerIP | string | `""` | LoadBalancer will get created with the IP specified in this field | | server.service.loadBalancerSourceRanges | list | `[]` | Source IP ranges to allow access to service from | -| server.service.namedTargetPort | bool | `true` | Use named target port for argocd | | server.service.nodePortHttp | int | `30080` | Server service http port for NodePort service type (only if `server.service.type` is set to "NodePort") | | server.service.nodePortHttps | int | `30443` | Server service https port for NodePort service type (only if `server.service.type` is set to "NodePort") | | server.service.servicePortHttp | int | `80` | Server service http port | @@ -780,9 +781,9 @@ server: | dex.certificateSecret.enabled | bool | `false` | Create argocd-dex-server-tls secret | | dex.certificateSecret.key | string | `""` | Certificate private key | | dex.certificateSecret.labels | object | `{}` | Labels to be added to argocd-dex-server-tls secret | -| dex.containerPortGrpc | int | `5557` | Container port for gRPC access | -| dex.containerPortHttp | int | `5556` | Container port for HTTP access | -| dex.containerPortMetrics | int | `5558` | Container port for metrics access | +| dex.containerPorts.grpc | int | `5557` | gRPC container port | +| dex.containerPorts.http | int | `5556` | HTTP container port | +| dex.containerPorts.metrics | int | `5558` | Metrics container port | | dex.containerSecurityContext | object | See [values.yaml] | Dex container-level security context | | dex.deploymentAnnotations | object | `{}` | Annotations to be added to the Dex server Deployment | | dex.enabled | bool | `true` | Enable dex | @@ -856,7 +857,8 @@ server: | Key | Type | Default | Description | |-----|------|---------|-------------| | redis.affinity | object | `{}` | Assign custom [affinity] rules to the deployment | -| redis.containerPort | int | `6379` | Redis container port | +| redis.containerPorts.metrics | int | `9121` | Metrics container port | +| redis.containerPorts.redis | int | `6379` | Redis container port | | redis.containerSecurityContext | object | See [values.yaml] | Redis container-level security context | | redis.deploymentAnnotations | object | `{}` | Annotations to be added to the Redis server Deployment | | redis.enabled | bool | `true` | Enable redis | @@ -869,7 +871,6 @@ server: | redis.image.tag | string | `"7.0.5-alpine"` | Redis tag | | redis.imagePullSecrets | list | `[]` (defaults to global.imagePullSecrets) | Secrets with credentials to pull images from a private registry | | redis.initContainers | list | `[]` | Init containers to add to the redis pod | -| redis.metrics.containerPort | int | `9121` | Port to use for redis-exporter sidecar | | redis.metrics.containerSecurityContext | object | See [values.yaml] | Redis exporter security context | | redis.metrics.enabled | bool | `false` | Deploy metrics service and redis-exporter sidecar | | redis.metrics.image.imagePullPolicy | string | `"IfNotPresent"` | redis-exporter image PullPolicy | @@ -962,9 +963,10 @@ If you want to use an existing Redis (eg. a managed service from a cloud provide |-----|------|---------|-------------| | applicationSet.affinity | object | `{}` | Assign custom [affinity] rules | | applicationSet.args.dryRun | bool | `false` | Enable dry run mode | -| applicationSet.args.metricsAddr | string | `":8080"` | The default metric address | | applicationSet.args.policy | string | `"sync"` | How application is synced between the generator and the cluster | -| applicationSet.args.probeBindAddr | string | `":8081"` | The default health check port | +| applicationSet.containerPorts.metrics | int | `8080` | Metrics container port | +| applicationSet.containerPorts.probe | int | `8081` | Probe container port | +| applicationSet.containerPorts.webhook | int | `7000` | Webhook container port | | applicationSet.containerSecurityContext | object | See [values.yaml] | ApplicationSet controller container-level security context | | applicationSet.deploymentAnnotations | object | `{}` | Annotations to be added to ApplicationSet controller Deployment | | applicationSet.enabled | bool | `true` | Enable ApplicationSet controller | @@ -1067,6 +1069,7 @@ If you want to use an existing Redis (eg. a managed service from a cloud provide | notifications.bots.slack.serviceAccount.name | string | `"argocd-notifications-bot"` | The name of the service account to use. | | notifications.bots.slack.tolerations | list | `[]` | [Tolerations] for use with node taints | | notifications.cm.create | bool | `true` | Whether helm chart creates notifications controller config map | +| notifications.containerPorts.metrics | int | `9001` | Metrics container port | | notifications.containerSecurityContext | object | See [values.yaml] | Notification controller container-level security Context | | notifications.context | object | `{}` | Define user-defined context | | notifications.deploymentAnnotations | object | `{}` | Annotations to be applied to the notifications controller Deployment | diff --git a/charts/argo-cd/templates/NOTES.txt b/charts/argo-cd/templates/NOTES.txt index c5c5e7c54..210cf3bbe 100644 --- a/charts/argo-cd/templates/NOTES.txt +++ b/charts/argo-cd/templates/NOTES.txt @@ -88,6 +88,27 @@ REMOVED option applicationSet.args.debug - Use applicationSet.logLevel: debug {{- if .Values.applicationSet.args.enableLeaderElection }} REMOVED option applicationSet.args.enableLeaderElection - Value determined based on replicas {{- end }} +{{- if .Values.controller.containerPort }} +REMOVED option controller.containerPort - Use controller.containerPorts +{{- end }} +{{- if .Values.server.containerPort }} +REMOVED option server.containerPort - Use server.containerPorts +{{- end }} +{{- if .Values.repoServer.containerPort }} +REMOVED option repoServer.containerPort - Use repoServer.containerPorts +{{- end }} +{{- if .Values.applicationSet.args.metricsAddr }} +REMOVED option applicationSet.args.metricsAddr - Use applicationSet.containerPorts +{{- end }} +{{- if .Values.applicationSet.args.probeBindAddr }} +REMOVED option applicationSet.args.probeBindAddr - Use applicationSet.containerPorts +{{- end }} +{{- if .Values.redis.containerPort }} +REMOVED option redis.containerPort - Use redis.containerPorts +{{- end }} +{{- if .Values.redis.metrics.containerPort }} +REMOVED option redis.metrics.containerPort - Use redis.containerPorts +{{- end }} In order to access the server UI you have the following options: diff --git a/charts/argo-cd/templates/argocd-application-controller/statefulset.yaml b/charts/argo-cd/templates/argocd-application-controller/statefulset.yaml index 208545e08..d853a8560 100644 --- a/charts/argo-cd/templates/argocd-application-controller/statefulset.yaml +++ b/charts/argo-cd/templates/argocd-application-controller/statefulset.yaml @@ -44,6 +44,13 @@ spec: containers: - command: - argocd-application-controller + - --metrics-port={{ .Values.controller.containerPorts.metrics }} + {{- if .Values.controller.metrics.applicationLabels.enabled }} + {{- range .Values.controller.metrics.applicationLabels.labels }} + - --metrics-application-labels + - {{ . }} + {{- end }} + {{- end }} {{- with .Values.controller.args.statusProcessors }} - --status-processors - {{ . | quote }} @@ -76,12 +83,6 @@ spec: - --loglevel - {{ . | quote }} {{- end }} - {{- if .Values.controller.metrics.applicationLabels.enabled }} - {{- range .Values.controller.metrics.applicationLabels.labels }} - - --metrics-application-labels - - {{ . }} - {{- end }} - {{- end }} {{- with .Values.controller.extraArgs }} {{- toYaml . | nindent 8 }} {{- end }} @@ -232,7 +233,7 @@ spec: {{- end }} ports: - name: metrics - containerPort: {{ .Values.controller.containerPort }} + containerPort: {{ .Values.controller.containerPorts.metrics }} protocol: TCP readinessProbe: httpGet: diff --git a/charts/argo-cd/templates/argocd-applicationset/deployment.yaml b/charts/argo-cd/templates/argocd-applicationset/deployment.yaml index 0c3862de3..6fd9170c4 100644 --- a/charts/argo-cd/templates/argocd-applicationset/deployment.yaml +++ b/charts/argo-cd/templates/argocd-applicationset/deployment.yaml @@ -51,10 +51,11 @@ spec: command: - entrypoint.sh - argocd-applicationset-controller + - --metrics-addr=:{{ .Values.applicationSet.containerPorts.metrics }} + - --probe-addr=:{{ .Values.applicationSet.containerPorts.probe }} + - --webhook-addr=:{{ .Values.applicationSet.containerPorts.webhook }} - --argocd-repo-server={{ template "argo-cd.repoServer.fullname" . }}:{{ .Values.repoServer.service.port }} - --enable-leader-election={{ gt ( .Values.applicationSet.replicaCount | int64) 1 }} - - --metrics-addr={{ .Values.applicationSet.args.metricsAddr }} - - --probe-addr={{ .Values.applicationSet.args.probeBindAddr }} - --policy={{ .Values.applicationSet.args.policy }} - --dry-run={{ .Values.applicationSet.args.dryRun }} - --logformat @@ -78,13 +79,13 @@ spec: {{- end }} ports: - name: metrics - containerPort: {{ (split ":" .Values.applicationSet.args.metricsAddr)._1 }} + containerPort: {{ .Values.applicationSet.containerPorts.metrics }} protocol: TCP - name: probe - containerPort: {{ (split ":" .Values.applicationSet.args.probeBindAddr)._1 }} + containerPort: {{ .Values.applicationSet.containerPorts.probe }} protocol: TCP - name: webhook - containerPort: 7000 + containerPort: {{ .Values.applicationSet.containerPorts.webhook }} protocol: TCP {{- if .Values.applicationSet.livenessProbe.enabled }} livenessProbe: diff --git a/charts/argo-cd/templates/argocd-notifications/deployment.yaml b/charts/argo-cd/templates/argocd-notifications/deployment.yaml index 7ee9f8f47..85d586ccc 100644 --- a/charts/argo-cd/templates/argocd-notifications/deployment.yaml +++ b/charts/argo-cd/templates/argocd-notifications/deployment.yaml @@ -48,9 +48,9 @@ spec: imagePullPolicy: {{ default .Values.global.image.imagePullPolicy .Values.notifications.image.imagePullPolicy }} command: - argocd-notifications + - --metrics-port={{ .Values.notifications.containerPorts.metrics }} - --loglevel={{ default .Values.global.logging.level .Values.notifications.logLevel }} - --logformat={{ default .Values.global.logging.format .Values.notifications.logFormat }} - - --metrics-port={{ .Values.notifications.metrics.port }} - --namespace={{ .Release.Namespace }} - --argocd-repo-server={{ template "argo-cd.repoServer.fullname" . }}:{{ .Values.repoServer.service.port }} {{- range .Values.notifications.extraArgs }} @@ -66,7 +66,7 @@ spec: {{- end }} ports: - name: metrics - containerPort: {{ .Values.notifications.metrics.port }} + containerPort: {{ .Values.notifications.containerPorts.metrics }} protocol: TCP resources: {{- toYaml .Values.notifications.resources | nindent 12 }} diff --git a/charts/argo-cd/templates/argocd-repo-server/deployment.yaml b/charts/argo-cd/templates/argocd-repo-server/deployment.yaml index 04117ba36..c786d7143 100755 --- a/charts/argo-cd/templates/argocd-repo-server/deployment.yaml +++ b/charts/argo-cd/templates/argocd-repo-server/deployment.yaml @@ -53,6 +53,8 @@ spec: - entrypoint.sh args: - argocd-repo-server + - --port={{ .Values.repoServer.containerPorts.server }} + - --metrics-port={{ .Values.repoServer.containerPorts.metrics }} {{- with .Values.repoServer.logFormat }} - --logformat - {{ . | quote }} @@ -236,10 +238,10 @@ spec: name: tmp ports: - name: repo-server - containerPort: {{ .Values.repoServer.containerPort }} + containerPort: {{ .Values.repoServer.containerPorts.server }} protocol: TCP - name: metrics - containerPort: 8084 + containerPort: {{ .Values.repoServer.containerPorts.metrics }} protocol: TCP livenessProbe: httpGet: diff --git a/charts/argo-cd/templates/argocd-server/aws/service.yaml b/charts/argo-cd/templates/argocd-server/aws/service.yaml index 4adcd82d5..a0368023c 100644 --- a/charts/argo-cd/templates/argocd-server/aws/service.yaml +++ b/charts/argo-cd/templates/argocd-server/aws/service.yaml @@ -12,11 +12,11 @@ spec: - name: {{ .Values.server.service.servicePortHttpName }} protocol: TCP port: {{ .Values.server.service.servicePortHttp }} - targetPort: {{- if .Values.server.service.namedTargetPort }} {{ .Values.server.name }} {{- else }} {{ .Values.server.containerPort }} {{- end }} + targetPort: server - name: {{ .Values.server.service.servicePortHttpsName }} protocol: TCP port: {{ .Values.server.service.servicePortHttps }} - targetPort: {{- if .Values.server.service.namedTargetPort }} {{ .Values.server.name }} {{- else }} {{ .Values.server.containerPort }} {{- end }} + targetPort: server selector: {{- include "argo-cd.selectorLabels" (dict "context" . "name" .Values.server.name) | nindent 4 }} sessionAffinity: None diff --git a/charts/argo-cd/templates/argocd-server/deployment.yaml b/charts/argo-cd/templates/argocd-server/deployment.yaml index c38d9348f..2f510bc37 100755 --- a/charts/argo-cd/templates/argocd-server/deployment.yaml +++ b/charts/argo-cd/templates/argocd-server/deployment.yaml @@ -47,6 +47,8 @@ spec: imagePullPolicy: {{ default .Values.global.image.imagePullPolicy .Values.server.image.imagePullPolicy }} command: - argocd-server + - --port={{ .Values.server.containerPorts.server }} + - --metrics-port={{ .Values.server.containerPorts.metrics }} {{- with .Values.server.logFormat }} - --logformat - {{ . | quote }} @@ -287,16 +289,16 @@ spec: name: extensions {{- end }} ports: - - name: {{ .Values.server.name }} - containerPort: {{ .Values.server.containerPort }} + - name: server + containerPort: {{ .Values.server.containerPorts.server }} protocol: TCP - name: metrics - containerPort: 8083 + containerPort: {{ .Values.server.containerPorts.metrics }} protocol: TCP livenessProbe: httpGet: path: /healthz?full=true - port: {{ .Values.server.containerPort }} + port: server initialDelaySeconds: {{ .Values.server.livenessProbe.initialDelaySeconds }} periodSeconds: {{ .Values.server.livenessProbe.periodSeconds }} timeoutSeconds: {{ .Values.server.livenessProbe.timeoutSeconds }} @@ -305,7 +307,7 @@ spec: readinessProbe: httpGet: path: /healthz - port: {{ .Values.server.containerPort }} + port: server initialDelaySeconds: {{ .Values.server.readinessProbe.initialDelaySeconds }} periodSeconds: {{ .Values.server.readinessProbe.periodSeconds }} timeoutSeconds: {{ .Values.server.readinessProbe.timeoutSeconds }} diff --git a/charts/argo-cd/templates/argocd-server/service.yaml b/charts/argo-cd/templates/argocd-server/service.yaml index 1dc041168..879bdb32e 100644 --- a/charts/argo-cd/templates/argocd-server/service.yaml +++ b/charts/argo-cd/templates/argocd-server/service.yaml @@ -19,14 +19,14 @@ spec: - name: {{ .Values.server.service.servicePortHttpName }} protocol: TCP port: {{ .Values.server.service.servicePortHttp }} - targetPort: {{- if .Values.server.service.namedTargetPort }} {{ .Values.server.name }} {{- else }} {{ .Values.server.containerPort }} {{- end }} + targetPort: {{ .Values.server.containerPorts.server }} {{- if eq .Values.server.service.type "NodePort" }} nodePort: {{ .Values.server.service.nodePortHttp }} {{- end }} - name: {{ .Values.server.service.servicePortHttpsName }} protocol: TCP port: {{ .Values.server.service.servicePortHttps }} - targetPort: {{- if .Values.server.service.namedTargetPort }} {{ .Values.server.name }} {{- else }} {{ .Values.server.containerPort }} {{- end }} + targetPort: {{ .Values.server.containerPorts.server }} {{- if eq .Values.server.service.type "NodePort" }} nodePort: {{ .Values.server.service.nodePortHttps }} {{- end }} @@ -49,4 +49,4 @@ spec: {{- end }} {{- with .Values.server.service.sessionAffinity }} sessionAffinity: {{ . }} -{{- end }} \ No newline at end of file +{{- end }} diff --git a/charts/argo-cd/templates/dex/deployment.yaml b/charts/argo-cd/templates/dex/deployment.yaml index bd0362b3c..1b3b43380 100755 --- a/charts/argo-cd/templates/dex/deployment.yaml +++ b/charts/argo-cd/templates/dex/deployment.yaml @@ -70,13 +70,13 @@ spec: {{- end }} ports: - name: http - containerPort: {{ .Values.dex.containerPortHttp }} + containerPort: {{ .Values.dex.containerPorts.http }} protocol: TCP - name: grpc - containerPort: {{ .Values.dex.containerPortGrpc }} + containerPort: {{ .Values.dex.containerPorts.grpc }} protocol: TCP - name: metrics - containerPort: {{ .Values.dex.containerPortMetrics }} + containerPort: {{ .Values.dex.containerPorts.metrics }} protocol: TCP {{- if .Values.dex.livenessProbe.enabled }} livenessProbe: diff --git a/charts/argo-cd/templates/redis/deployment.yaml b/charts/argo-cd/templates/redis/deployment.yaml index 6c6a4dbe5..c2f17a455 100755 --- a/charts/argo-cd/templates/redis/deployment.yaml +++ b/charts/argo-cd/templates/redis/deployment.yaml @@ -63,7 +63,7 @@ spec: {{- end }} ports: - name: redis - containerPort: {{ .Values.redis.containerPort }} + containerPort: {{ .Values.redis.containerPorts.redis }} protocol: TCP resources: {{- toYaml .Values.redis.resources | nindent 10 }} @@ -79,12 +79,12 @@ spec: imagePullPolicy: {{ default .Values.global.image.imagePullPolicy .Values.redis.metrics.image.imagePullPolicy }} env: - name: REDIS_ADDR - value: {{ printf "redis://localhost:%v" .Values.redis.containerPort }} + value: {{ printf "redis://localhost:%v" .Values.redis.containerPorts.redis }} - name: REDIS_EXPORTER_WEB_LISTEN_ADDRESS - value: {{ printf "0.0.0.0:%v" .Values.redis.metrics.containerPort }} + value: {{ printf "0.0.0.0:%v" .Values.redis.containerPorts.metrics }} ports: - name: metrics - containerPort: {{ .Values.redis.metrics.containerPort }} + containerPort: {{ .Values.redis.containerPorts.metrics }} protocol: TCP resources: {{- toYaml .Values.redis.metrics.resources | nindent 10 }} diff --git a/charts/argo-cd/values.yaml b/charts/argo-cd/values.yaml index 5e73d2187..e7207863e 100755 --- a/charts/argo-cd/values.yaml +++ b/charts/argo-cd/values.yaml @@ -575,6 +575,11 @@ controller: # cpu: 250m # memory: 256Mi + # Application controller container ports + containerPorts: + # -- Metrics container port + metrics: 8082 + # -- Application controller container-level security context # @default -- See [values.yaml] containerSecurityContext: @@ -587,9 +592,6 @@ controller: drop: - ALL - # -- Application controller listening port - containerPort: 8082 - # Rediness probe for application controller ## Ref: https://kubernetes.io/docs/tasks/configure-pod-container/configure-liveness-readiness-probes/ readinessProbe: @@ -866,6 +868,16 @@ dex: # cpu: 10m # memory: 32Mi + # Dex container ports + # NOTE: These ports are currently hardcoded and cannot be changed + containerPorts: + # -- HTTP container port + http: 5556 + # -- gRPC container port + grpc: 5557 + # -- Metrics container port + metrics: 5558 + # -- Dex container-level security context # @default -- See [values.yaml] containerSecurityContext: @@ -893,6 +905,7 @@ dex: successThreshold: 1 # -- Number of seconds after which the [probe] times out timeoutSeconds: 1 + readinessProbe: # -- Enable Kubernetes readiness probe for Dex >= 2.28.0 enabled: false @@ -917,20 +930,14 @@ dex: # -- Automount API credentials for the Service Account automountServiceAccountToken: true - # -- Container port for HTTP access - containerPortHttp: 5556 # -- Service port for HTTP access servicePortHttp: 5556 # -- Service port name for HTTP access servicePortHttpName: http - # -- Container port for gRPC access - containerPortGrpc: 5557 # -- Service port for gRPC access servicePortGrpc: 5557 # -- Service port name for gRPC access servicePortGrpcName: grpc - # -- Container port for metrics access - containerPortMetrics: 5558 # -- Service port for metrics access servicePortMetrics: 5558 @@ -1044,6 +1051,13 @@ redis: seccompProfile: type: RuntimeDefault + # Redis container ports + containerPorts: + # -- Redis container port + redis: 6379 + # -- Metrics container port + metrics: 9121 + # -- Redis container-level security context # @default -- See [values.yaml] containerSecurityContext: @@ -1052,8 +1066,6 @@ redis: drop: - ALL - # -- Redis container port - containerPort: 6379 # -- Redis service port servicePort: 6379 @@ -1103,8 +1115,6 @@ redis: tag: 1.26.0-debian-10-r2 # -- redis-exporter image PullPolicy imagePullPolicy: IfNotPresent - # -- Port to use for redis-exporter sidecar - containerPort: 9121 # -- Redis exporter security context # @default -- See [values.yaml] @@ -1415,8 +1425,24 @@ server: # cpu: 50m # memory: 64Mi - # -- Configures the server port - containerPort: 8080 + # Server container ports + containerPorts: + # -- Server container port + server: 8080 + # -- Metrics container port + metrics: 8082 + + # -- Server container-level security context + # @default -- See [values.yaml] + containerSecurityContext: + runAsNonRoot: true + readOnlyRootFilesystem: true + allowPrivilegeEscalation: false + seccompProfile: + type: RuntimeDefault + capabilities: + drop: + - ALL ## Readiness and liveness probes for default backend ## Ref: https://kubernetes.io/docs/tasks/configure-pod-container/configure-liveness-readiness-probes/ @@ -1431,6 +1457,7 @@ server: successThreshold: 1 # -- Number of seconds after which the [probe] times out timeoutSeconds: 1 + livenessProbe: # -- Minimum consecutive failures for the [probe] to be considered failed after having succeeded failureThreshold: 3 @@ -1461,18 +1488,6 @@ server: # -- Priority class for the Argo CD server priorityClassName: "" - # -- Server container-level security context - # @default -- See [values.yaml] - containerSecurityContext: - runAsNonRoot: true - readOnlyRootFilesystem: true - allowPrivilegeEscalation: false - seccompProfile: - type: RuntimeDefault - capabilities: - drop: - - ALL - # TLS certificate configuration via cert-manager ## Ref: https://argo-cd.readthedocs.io/en/stable/operator-manual/tls/#tls-certificates-used-by-argocd-server certificate: @@ -1546,10 +1561,6 @@ server: servicePortHttpName: http # -- Server service https port name, can be used to route traffic via istio servicePortHttpsName: https - # -- Use named target port for argocd - ## Named target ports are not supported by GCE health checks, so when deploying argocd on GKE - ## and exposing it via GCE ingress, the health checks fail and the load balancer returns a 502. - namedTargetPort: true # -- LoadBalancer will get created with the IP specified in this field loadBalancerIP: "" # -- Source IP ranges to allow access to service from @@ -1897,8 +1908,24 @@ repoServer: # cpu: 10m # memory: 64Mi - # -- Configures the repo server port - containerPort: 8081 + # Repo server container ports + containerPorts: + # -- Repo server container port + server: 8081 + # -- Metrics container port + metrics: 8084 + + # -- Repo server container-level security context + # @default -- See [values.yaml] + containerSecurityContext: + runAsNonRoot: true + readOnlyRootFilesystem: true + allowPrivilegeEscalation: false + seccompProfile: + type: RuntimeDefault + capabilities: + drop: + - ALL ## Readiness and liveness probes for default backend ## Ref: https://kubernetes.io/docs/tasks/configure-pod-container/configure-liveness-readiness-probes/ @@ -1913,6 +1940,7 @@ repoServer: successThreshold: 1 # -- Number of seconds after which the [probe] times out timeoutSeconds: 1 + livenessProbe: # -- Minimum consecutive failures for the [probe] to be considered failed after having succeeded failureThreshold: 3 @@ -1943,18 +1971,6 @@ repoServer: # -- Priority class for the repo server priorityClassName: "" - # -- Repo server container-level security context - # @default -- See [values.yaml] - containerSecurityContext: - runAsNonRoot: true - readOnlyRootFilesystem: true - allowPrivilegeEscalation: false - seccompProfile: - type: RuntimeDefault - capabilities: - drop: - - ALL - # TLS certificate configuration via Secret ## Ref: https://argo-cd.readthedocs.io/en/stable/operator-manual/tls/#configuring-tls-to-argocd-repo-server ## Note: Issuing certificates via cert-manager in not supported right now because it's not possible to restart repo server automatically without extra controllers. @@ -2105,10 +2121,6 @@ applicationSet: logLevel: "" args: - # -- The default metric address - metricsAddr: :8080 - # -- The default health check port - probeBindAddr: :8081 # -- How application is synced between the generator and the cluster policy: sync # -- Enable dry run mode @@ -2221,6 +2233,15 @@ applicationSet: # cpu: 100m # memory: 128Mi + # ApplicationSet controller container ports + containerPorts: + # -- Metrics container port + metrics: 8080 + # -- Probe container port + probe: 8081 + # -- Webhook container port + webhook: 7000 + # -- ApplicationSet controller container-level security context # @default -- See [values.yaml] containerSecurityContext: @@ -2486,6 +2507,11 @@ notifications: # cpu: 100m # memory: 128Mi + # Notification controller container ports + containerPorts: + # -- Metrics container port + metrics: 9001 + # -- Notification controller container-level security Context # @default -- See [values.yaml] containerSecurityContext: From 0f2856ea416ae45e06382e63e2cb9ef083cb318d Mon Sep 17 00:00:00 2001 From: Petr Drastil Date: Sat, 21 Jan 2023 13:18:53 +0100 Subject: [PATCH 016/373] fix(argo-cd): Add missing options for mounting service account tokens (#1787) Signed-off-by: Petr Drastil Co-authored-by: Jason Meridth --- charts/argo-cd/Chart.yaml | 5 ++--- charts/argo-cd/README.md | 12 +++++++----- charts/argo-cd/values.yaml | 22 +++++++++++----------- 3 files changed, 20 insertions(+), 19 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index e75156e7c..8799e3eb3 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -3,7 +3,7 @@ appVersion: v2.5.7 kubeVersion: ">=1.22.0-0" description: A Helm chart for Argo CD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 5.19.1 +version: 5.19.2 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png sources: @@ -23,5 +23,4 @@ dependencies: condition: redis-ha.enabled annotations: artifacthub.io/changes: | - - "[Fixed]: Container port configuration now properly sets the listening port" - - "[Changed]: Container ports consolidated from various places to new containerPorts sections" + - "[Fixed]: Added missing options for automounting service tokens for applicationset and notifications controllers" diff --git a/charts/argo-cd/README.md b/charts/argo-cd/README.md index ca54a9bce..032436529 100644 --- a/charts/argo-cd/README.md +++ b/charts/argo-cd/README.md @@ -1026,10 +1026,11 @@ If you want to use an existing Redis (eg. a managed service from a cloud provide | applicationSet.service.labels | object | `{}` | ApplicationSet service labels | | applicationSet.service.port | int | `7000` | ApplicationSet service port | | applicationSet.service.portName | string | `"webhook"` | ApplicationSet service port name | -| applicationSet.serviceAccount.annotations | object | `{}` | Annotations to add to the service account | -| applicationSet.serviceAccount.create | bool | `true` | Specifies whether a service account should be created | +| applicationSet.serviceAccount.annotations | object | `{}` | Annotations applied to created service account | +| applicationSet.serviceAccount.automountServiceAccountToken | bool | `true` | Automount API credentials for the Service Account | +| applicationSet.serviceAccount.create | bool | `true` | Create ApplicationSet controller service account | | applicationSet.serviceAccount.labels | object | `{}` | Labels applied to created service account | -| applicationSet.serviceAccount.name | string | `""` | The name of the service account to use. If not set and create is true, a name is generated using the fullname template | +| applicationSet.serviceAccount.name | string | `"argocd-applicationset-controller"` | ApplicationSet controller service account name | | applicationSet.tolerations | list | `[]` | [Tolerations] for use with node taints | | applicationSet.webhook.ingress.annotations | object | `{}` | Additional ingress annotations | | applicationSet.webhook.ingress.enabled | bool | `false` | Enable an ingress resource for Webhooks | @@ -1116,9 +1117,10 @@ If you want to use an existing Redis (eg. a managed service from a cloud provide | notifications.secret.create | bool | `true` | Whether helm chart creates notifications controller secret | | notifications.secret.items | object | `{}` | Generic key:value pairs to be inserted into the secret | | notifications.serviceAccount.annotations | object | `{}` | Annotations applied to created service account | -| notifications.serviceAccount.create | bool | `true` | Specifies whether a service account should be created | +| notifications.serviceAccount.automountServiceAccountToken | bool | `true` | Automount API credentials for the Service Account | +| notifications.serviceAccount.create | bool | `true` | Create notifications controller service account | | notifications.serviceAccount.labels | object | `{}` | Labels applied to created service account | -| notifications.serviceAccount.name | string | `"argocd-notifications-controller"` | The name of the service account to use. | +| notifications.serviceAccount.name | string | `"argocd-notifications-controller"` | Notification controller service account name | | notifications.subscriptions | list | `[]` | Contains centrally managed global application subscriptions | | notifications.templates | object | `{}` | The notification template is used to generate the notification content | | notifications.tolerations | list | `[]` | [Tolerations] for use with node taints | diff --git a/charts/argo-cd/values.yaml b/charts/argo-cd/values.yaml index e7207863e..7f06a376c 100755 --- a/charts/argo-cd/values.yaml +++ b/charts/argo-cd/values.yaml @@ -2205,15 +2205,16 @@ applicationSet: portName: webhook serviceAccount: - # -- Specifies whether a service account should be created + # -- Create ApplicationSet controller service account create: true - # -- Annotations to add to the service account + # -- ApplicationSet controller service account name + name: argocd-applicationset-controller + # -- Annotations applied to created service account annotations: {} # -- Labels applied to created service account labels: {} - # -- The name of the service account to use. - # If not set and create is true, a name is generated using the fullname template - name: "" + # -- Automount API credentials for the Service Account + automountServiceAccountToken: true # -- Annotations to be added to ApplicationSet controller Deployment deploymentAnnotations: {} @@ -2537,18 +2538,17 @@ notifications: priorityClassName: "" serviceAccount: - # -- Specifies whether a service account should be created + # -- Create notifications controller service account create: true - - # -- The name of the service account to use. - ## If not set and create is true, a name is generated using the fullname template + # -- Notification controller service account name name: argocd-notifications-controller - # -- Annotations applied to created service account annotations: {} - # -- Labels applied to created service account labels: {} + # -- Automount API credentials for the Service Account + automountServiceAccountToken: true + cm: # -- Whether helm chart creates notifications controller config map create: true From adc526612fa553d1e9dfe8c213be6294dc023281 Mon Sep 17 00:00:00 2001 From: Petr Drastil Date: Sat, 21 Jan 2023 20:11:02 +0100 Subject: [PATCH 017/373] fix(argo-cd): Redis service have invalid targetPort (#1792) Signed-off-by: Petr Drastil --- charts/argo-cd/Chart.yaml | 4 ++-- charts/argo-cd/templates/redis/service.yaml | 2 +- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index 8799e3eb3..b7e63216d 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -3,7 +3,7 @@ appVersion: v2.5.7 kubeVersion: ">=1.22.0-0" description: A Helm chart for Argo CD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 5.19.2 +version: 5.19.3 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png sources: @@ -23,4 +23,4 @@ dependencies: condition: redis-ha.enabled annotations: artifacthub.io/changes: | - - "[Fixed]: Added missing options for automounting service tokens for applicationset and notifications controllers" + - "[Fixed]: Fixed invalid port on redis service" diff --git a/charts/argo-cd/templates/redis/service.yaml b/charts/argo-cd/templates/redis/service.yaml index af273d717..6e949fd4b 100644 --- a/charts/argo-cd/templates/redis/service.yaml +++ b/charts/argo-cd/templates/redis/service.yaml @@ -19,7 +19,7 @@ spec: ports: - name: redis port: {{ .Values.redis.servicePort }} - targetPort: {{ .Values.redis.containerPort }} + targetPort: redis selector: {{- include "argo-cd.selectorLabels" (dict "context" . "name" .Values.redis.name) | nindent 4 }} {{- end }} From b4de202859d65343dc32d88364aa3dd368ba7d27 Mon Sep 17 00:00:00 2001 From: Petr Drastil Date: Sun, 22 Jan 2023 18:20:30 +0100 Subject: [PATCH 018/373] chore(argo-cd): Decouple Redis exporter from metrics service (#1791) Signed-off-by: Petr Drastil --- charts/argo-cd/Chart.yaml | 4 +- charts/argo-cd/README.md | 13 ++-- .../argo-cd/templates/redis/deployment.yaml | 10 +-- charts/argo-cd/values.yaml | 67 +++++++++++-------- 4 files changed, 53 insertions(+), 41 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index b7e63216d..b39e40b73 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -3,7 +3,7 @@ appVersion: v2.5.7 kubeVersion: ">=1.22.0-0" description: A Helm chart for Argo CD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 5.19.3 +version: 5.19.4 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png sources: @@ -23,4 +23,4 @@ dependencies: condition: redis-ha.enabled annotations: artifacthub.io/changes: | - - "[Fixed]: Fixed invalid port on redis service" + - "[Changed]: Decoupled redis metrics exporter from metrics service" diff --git a/charts/argo-cd/README.md b/charts/argo-cd/README.md index 032436529..41ab164f6 100644 --- a/charts/argo-cd/README.md +++ b/charts/argo-cd/README.md @@ -864,6 +864,12 @@ server: | redis.enabled | bool | `true` | Enable redis | | redis.env | list | `[]` | Environment variables to pass to the Redis server | | redis.envFrom | list | `[]` (See [values.yaml]) | envFrom to pass to the Redis server | +| redis.exporter.containerSecurityContext | object | See [values.yaml] | Redis exporter security context | +| redis.exporter.enabled | bool | `true` | Enable Prometheus redis-exporter sidecar | +| redis.exporter.image.imagePullPolicy | string | `""` (defaults to global.image.imagePullPolicy) | Image pull policy for the Redis exporter | +| redis.exporter.image.repository | string | `"public.ecr.aws/bitnami/redis-exporter"` | redis-exporter image repository | +| redis.exporter.image.tag | string | `"1.26.0-debian-10-r2"` | redis-exporter image tag | +| redis.exporter.resources | object | `{}` | Resource limits and requests for redis-exporter sidecar | | redis.extraArgs | list | `[]` | Additional command line arguments to pass to redis-server | | redis.extraContainers | list | `[]` | Additional containers to be added to the redis pod | | redis.image.imagePullPolicy | string | `"IfNotPresent"` | Redis imagePullPolicy | @@ -871,12 +877,7 @@ server: | redis.image.tag | string | `"7.0.5-alpine"` | Redis tag | | redis.imagePullSecrets | list | `[]` (defaults to global.imagePullSecrets) | Secrets with credentials to pull images from a private registry | | redis.initContainers | list | `[]` | Init containers to add to the redis pod | -| redis.metrics.containerSecurityContext | object | See [values.yaml] | Redis exporter security context | -| redis.metrics.enabled | bool | `false` | Deploy metrics service and redis-exporter sidecar | -| redis.metrics.image.imagePullPolicy | string | `"IfNotPresent"` | redis-exporter image PullPolicy | -| redis.metrics.image.repository | string | `"public.ecr.aws/bitnami/redis-exporter"` | redis-exporter image repository | -| redis.metrics.image.tag | string | `"1.26.0-debian-10-r2"` | redis-exporter image tag | -| redis.metrics.resources | object | `{}` | Resource limits and requests for redis-exporter sidecar | +| redis.metrics.enabled | bool | `false` | Deploy metrics service | | redis.metrics.service.annotations | object | `{}` | Metrics service annotations | | redis.metrics.service.clusterIP | string | `"None"` | Metrics service clusterIP. `None` makes a "headless service" (no virtual IP) | | redis.metrics.service.labels | object | `{}` | Metrics service labels | diff --git a/charts/argo-cd/templates/redis/deployment.yaml b/charts/argo-cd/templates/redis/deployment.yaml index c2f17a455..6f23e44e1 100755 --- a/charts/argo-cd/templates/redis/deployment.yaml +++ b/charts/argo-cd/templates/redis/deployment.yaml @@ -73,10 +73,10 @@ spec: volumeMounts: {{- toYaml . | nindent 10 }} {{- end }} - {{- if .Values.redis.metrics.enabled }} + {{- if .Values.redis.exporter.enabled }} - name: metrics - image: {{ .Values.redis.metrics.image.repository }}:{{ .Values.redis.metrics.image.tag }} - imagePullPolicy: {{ default .Values.global.image.imagePullPolicy .Values.redis.metrics.image.imagePullPolicy }} + image: {{ .Values.redis.exporter.image.repository }}:{{ .Values.redis.exporter.image.tag }} + imagePullPolicy: {{ default .Values.global.image.imagePullPolicy .Values.redis.exporter.image.imagePullPolicy }} env: - name: REDIS_ADDR value: {{ printf "redis://localhost:%v" .Values.redis.containerPorts.redis }} @@ -87,9 +87,9 @@ spec: containerPort: {{ .Values.redis.containerPorts.metrics }} protocol: TCP resources: - {{- toYaml .Values.redis.metrics.resources | nindent 10 }} + {{- toYaml .Values.redis.exporter.resources | nindent 10 }} securityContext: - {{- toYaml .Values.redis.metrics.containerSecurityContext | nindent 10 }} + {{- toYaml .Values.redis.exporter.containerSecurityContext | nindent 10 }} {{- end }} {{- with .Values.redis.extraContainers }} {{- tpl (toYaml .) $ | nindent 6 }} diff --git a/charts/argo-cd/values.yaml b/charts/argo-cd/values.yaml index 7f06a376c..75296bd9d 100755 --- a/charts/argo-cd/values.yaml +++ b/charts/argo-cd/values.yaml @@ -991,6 +991,42 @@ redis: # -- Redis imagePullPolicy imagePullPolicy: IfNotPresent + # Prometheus redis-exporter sidecar + exporter: + # -- Enable Prometheus redis-exporter sidecar + enabled: true + + # Prometheus redis-exporter image + image: + # -- redis-exporter image repository + repository: public.ecr.aws/bitnami/redis-exporter + # -- redis-exporter image tag + tag: 1.26.0-debian-10-r2 + # -- Image pull policy for the Redis exporter + # @default -- `""` (defaults to global.image.imagePullPolicy) + imagePullPolicy: "" + + # -- Redis exporter security context + # @default -- See [values.yaml] + containerSecurityContext: + runAsNonRoot: true + readOnlyRootFilesystem: true + allowPrivilegeEscalation: false + seccompProfile: + type: RuntimeDefault + capabilities: + drop: + - ALL + + # -- Resource limits and requests for redis-exporter sidecar + resources: {} + # limits: + # cpu: 50m + # memory: 64Mi + # requests: + # cpu: 10m + # memory: 32Mi + # -- Secrets with credentials to pull images from a private registry # @default -- `[]` (defaults to global.imagePullSecrets) imagePullSecrets: [] @@ -1106,36 +1142,10 @@ redis: labels: {} metrics: - # -- Deploy metrics service and redis-exporter sidecar + # -- Deploy metrics service enabled: false - image: - # -- redis-exporter image repository - repository: public.ecr.aws/bitnami/redis-exporter - # -- redis-exporter image tag - tag: 1.26.0-debian-10-r2 - # -- redis-exporter image PullPolicy - imagePullPolicy: IfNotPresent - # -- Redis exporter security context - # @default -- See [values.yaml] - containerSecurityContext: - runAsNonRoot: true - readOnlyRootFilesystem: true - allowPrivilegeEscalation: false - seccompProfile: - type: RuntimeDefault - capabilities: - drop: - - ALL - - # -- Resource limits and requests for redis-exporter sidecar - resources: {} - # limits: - # cpu: 50m - # memory: 64Mi - # requests: - # cpu: 10m - # memory: 32Mi + # Redis metrics service configuration service: # -- Metrics service type type: ClusterIP @@ -1149,6 +1159,7 @@ redis: servicePort: 9121 # -- Metrics service port name portName: http-metrics + serviceMonitor: # -- Enable a prometheus ServiceMonitor enabled: false From 885959311f6214bc6da9b461ec89b2d0ef44ea87 Mon Sep 17 00:00:00 2001 From: Petr Drastil Date: Sun, 22 Jan 2023 20:22:41 +0100 Subject: [PATCH 019/373] fix(argo-cd): Fix annotations for ssh and tls configs (#1793) Signed-off-by: Petr Drastil Signed-off-by: Petr Drastil --- charts/argo-cd/Chart.yaml | 4 ++-- .../templates/argocd-configs/argocd-ssh-known-hosts-cm.yaml | 2 +- .../argo-cd/templates/argocd-configs/argocd-tls-certs-cm.yaml | 2 +- 3 files changed, 4 insertions(+), 4 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index b39e40b73..200889deb 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -3,7 +3,7 @@ appVersion: v2.5.7 kubeVersion: ">=1.22.0-0" description: A Helm chart for Argo CD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 5.19.4 +version: 5.19.5 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png sources: @@ -23,4 +23,4 @@ dependencies: condition: redis-ha.enabled annotations: artifacthub.io/changes: | - - "[Changed]: Decoupled redis metrics exporter from metrics service" + - "[Fixed]: Annotations for tls and ssh sections works as expected" diff --git a/charts/argo-cd/templates/argocd-configs/argocd-ssh-known-hosts-cm.yaml b/charts/argo-cd/templates/argocd-configs/argocd-ssh-known-hosts-cm.yaml index 03c306d41..7b8e5d0b8 100644 --- a/charts/argo-cd/templates/argocd-configs/argocd-ssh-known-hosts-cm.yaml +++ b/charts/argo-cd/templates/argocd-configs/argocd-ssh-known-hosts-cm.yaml @@ -4,7 +4,7 @@ metadata: name: argocd-ssh-known-hosts-cm labels: {{- include "argo-cd.labels" (dict "context" . "name" "ssh-known-hosts-cm") | nindent 4 }} - {{- with (mergeOverwrite (deepCopy .Values.configs.ssh.annotations) (.Values.configs.knownHostsAnnotations | default dict)) -}} + {{- with (mergeOverwrite (deepCopy .Values.configs.ssh.annotations) (.Values.configs.knownHostsAnnotations | default dict)) }} annotations: {{- range $key, $value := . }} {{ $key }}: {{ $value | quote }} diff --git a/charts/argo-cd/templates/argocd-configs/argocd-tls-certs-cm.yaml b/charts/argo-cd/templates/argocd-configs/argocd-tls-certs-cm.yaml index 8e5c7c884..1ba0176d8 100644 --- a/charts/argo-cd/templates/argocd-configs/argocd-tls-certs-cm.yaml +++ b/charts/argo-cd/templates/argocd-configs/argocd-tls-certs-cm.yaml @@ -4,7 +4,7 @@ metadata: name: argocd-tls-certs-cm labels: {{- include "argo-cd.labels" (dict "context" . "name" "tls-certs-cm") | nindent 4 }} - {{- with (mergeOverwrite (deepCopy .Values.configs.ssh.annotations) (.Values.configs.tlsCertsAnnotations | default dict)) -}} + {{- with (mergeOverwrite (deepCopy .Values.configs.tls.annotations) (.Values.configs.tlsCertsAnnotations | default dict)) }} annotations: {{- range $key, $value := . }} {{ $key }}: {{ $value | quote }} From 0578482bd69c2cf341e34893e916d638002d546d Mon Sep 17 00:00:00 2001 From: Petr Drastil Date: Tue, 24 Jan 2023 01:15:46 +0100 Subject: [PATCH 020/373] chore(argo-cd): Upgrade Redis exporter image (#1795) Signed-off-by: Petr Drastil Signed-off-by: Petr Drastil --- charts/argo-cd/Chart.yaml | 4 ++-- charts/argo-cd/README.md | 2 +- charts/argo-cd/values.yaml | 2 +- 3 files changed, 4 insertions(+), 4 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index 200889deb..d08ba1c3b 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -3,7 +3,7 @@ appVersion: v2.5.7 kubeVersion: ">=1.22.0-0" description: A Helm chart for Argo CD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 5.19.5 +version: 5.19.6 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png sources: @@ -23,4 +23,4 @@ dependencies: condition: redis-ha.enabled annotations: artifacthub.io/changes: | - - "[Fixed]: Annotations for tls and ssh sections works as expected" + - "[Changed]: Upgrade Redis exporter image to 1.45.0" diff --git a/charts/argo-cd/README.md b/charts/argo-cd/README.md index 41ab164f6..04441317d 100644 --- a/charts/argo-cd/README.md +++ b/charts/argo-cd/README.md @@ -868,7 +868,7 @@ server: | redis.exporter.enabled | bool | `true` | Enable Prometheus redis-exporter sidecar | | redis.exporter.image.imagePullPolicy | string | `""` (defaults to global.image.imagePullPolicy) | Image pull policy for the Redis exporter | | redis.exporter.image.repository | string | `"public.ecr.aws/bitnami/redis-exporter"` | redis-exporter image repository | -| redis.exporter.image.tag | string | `"1.26.0-debian-10-r2"` | redis-exporter image tag | +| redis.exporter.image.tag | string | `"1.45.0"` | redis-exporter image tag | | redis.exporter.resources | object | `{}` | Resource limits and requests for redis-exporter sidecar | | redis.extraArgs | list | `[]` | Additional command line arguments to pass to redis-server | | redis.extraContainers | list | `[]` | Additional containers to be added to the redis pod | diff --git a/charts/argo-cd/values.yaml b/charts/argo-cd/values.yaml index 75296bd9d..76ad809d3 100755 --- a/charts/argo-cd/values.yaml +++ b/charts/argo-cd/values.yaml @@ -1001,7 +1001,7 @@ redis: # -- redis-exporter image repository repository: public.ecr.aws/bitnami/redis-exporter # -- redis-exporter image tag - tag: 1.26.0-debian-10-r2 + tag: 1.45.0 # -- Image pull policy for the Redis exporter # @default -- `""` (defaults to global.image.imagePullPolicy) imagePullPolicy: "" From 73e6f1913eb5cab2504f906163abe940e622dbbe Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Ole=20Markus=20Kristiansen=20Tern=C3=B8?= <79976935+oterno@users.noreply.github.com> Date: Wed, 25 Jan 2023 22:46:14 +0100 Subject: [PATCH 021/373] feat(argo-events): Added support for extra k8s manifests (#1797) MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit * feat(argo-events): Added support for extra k8s manifests Signed-off-by: Ole Markus Kristiansen Ternø <79976935+oterno@users.noreply.github.com> * added value example for extraObjects Signed-off-by: Ole Markus Kristiansen Ternø <79976935+oterno@users.noreply.github.com> Signed-off-by: Ole Markus Kristiansen Ternø <79976935+oterno@users.noreply.github.com> --- charts/argo-events/Chart.yaml | 4 +-- charts/argo-events/README.md | 1 + .../templates/extra-manifests.yaml | 4 +++ charts/argo-events/values.yaml | 29 +++++++++++++++++++ 4 files changed, 36 insertions(+), 2 deletions(-) create mode 100644 charts/argo-events/templates/extra-manifests.yaml diff --git a/charts/argo-events/Chart.yaml b/charts/argo-events/Chart.yaml index ece10ef88..757a36088 100644 --- a/charts/argo-events/Chart.yaml +++ b/charts/argo-events/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v2 appVersion: v1.7.4 description: A Helm chart for Argo Events, the event-driven workflow automation framework name: argo-events -version: 2.0.11 +version: 2.1.0 home: https://github.com/argoproj/argo-helm icon: https://argoproj.github.io/argo-events/assets/logo.png keywords: @@ -15,4 +15,4 @@ maintainers: url: https://argoproj.github.io/ annotations: artifacthub.io/changes: | - - "[Fixed]: Added missing NATS version in values.yaml" + - "[Added]: Additional manifests to deploy within the chart" diff --git a/charts/argo-events/README.md b/charts/argo-events/README.md index 39b46bf55..48597a864 100644 --- a/charts/argo-events/README.md +++ b/charts/argo-events/README.md @@ -62,6 +62,7 @@ done | crds.install | bool | `true` | Install and upgrade CRDs | | crds.keep | bool | `true` | Keep CRDs on chart uninstall | | createAggregateRoles | bool | `false` | Create clusterroles that extend existing clusterroles to interact with argo-events crds Only applies for cluster-wide installation (`controller.rbac.namespaced: false`) | +| extraObjects | list | `[]` | Array of extra K8s manifests to deploy | | fullnameOverride | string | `""` | String to fully override "argo-events.fullname" template | | global.additionalLabels | object | `{}` | Additional labels to add to all resources | | global.hostAliases | list | `[]` | Mapping between IP and hostnames that will be injected as entries in the pod's hosts files | diff --git a/charts/argo-events/templates/extra-manifests.yaml b/charts/argo-events/templates/extra-manifests.yaml new file mode 100644 index 000000000..a9bb3b6ba --- /dev/null +++ b/charts/argo-events/templates/extra-manifests.yaml @@ -0,0 +1,4 @@ +{{ range .Values.extraObjects }} +--- +{{ tpl (toYaml .) $ }} +{{ end }} diff --git a/charts/argo-events/values.yaml b/charts/argo-events/values.yaml index c24368512..89a7323d7 100644 --- a/charts/argo-events/values.yaml +++ b/charts/argo-events/values.yaml @@ -99,6 +99,35 @@ configs: configReloaderImage: natsio/nats-server-config-reloader:latest startCommand: /nats-server +# -- Array of extra K8s manifests to deploy +## Note: Supports use of custom Helm templates +extraObjects: [] + # - apiVersion: secrets-store.csi.x-k8s.io/v1 + # kind: SecretProviderClass + # metadata: + # name: argo-events-secrets-store + # spec: + # provider: aws + # parameters: + # objects: | + # - objectName: "argo-events" + # objectType: "secretsmanager" + # jmesPath: + # - path: "client_id" + # objectAlias: "client_id" + # - path: "client_secret" + # objectAlias: "client_secret" + # secretObjects: + # - data: + # - key: client_id + # objectName: client_id + # - key: client_secret + # objectName: client_secret + # secretName: argo-events-secrets-store + # type: Opaque + # labels: + # app.kubernetes.io/part-of: argocd + ## Argo Events controller controller: # -- Argo Events controller name string From 9fb1f9d0913faaa51a6e07e1a058939a5ff4b8ea Mon Sep 17 00:00:00 2001 From: Aikawa Date: Thu, 26 Jan 2023 17:22:40 +0900 Subject: [PATCH 022/373] chore(argo-cd): Update Argo CD to v2.5.8 (#1798) Signed-off-by: yu-croco --- charts/argo-cd/Chart.yaml | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index d08ba1c3b..6c2ab6d23 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -1,9 +1,9 @@ apiVersion: v2 -appVersion: v2.5.7 +appVersion: v2.5.8 kubeVersion: ">=1.22.0-0" description: A Helm chart for Argo CD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 5.19.6 +version: 5.19.7 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png sources: @@ -23,4 +23,4 @@ dependencies: condition: redis-ha.enabled annotations: artifacthub.io/changes: | - - "[Changed]: Upgrade Redis exporter image to 1.45.0" + - "[Changed]: Update Argo CD to v2.5.8" From 5335a75fbcbb8bdd87d19fa088c9420a0ea8f990 Mon Sep 17 00:00:00 2001 From: Petr Drastil Date: Thu, 26 Jan 2023 13:06:19 +0100 Subject: [PATCH 023/373] fix(argo-cd): Disable Redis exporter by default (#1799) Signed-off-by: Petr Drastil Signed-off-by: Petr Drastil --- charts/argo-cd/Chart.yaml | 6 ++++-- charts/argo-cd/README.md | 14 ++++++++------ charts/argo-cd/values.yaml | 27 ++++++++++++++++----------- 3 files changed, 28 insertions(+), 19 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index 6c2ab6d23..06a52a3a3 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -3,7 +3,7 @@ appVersion: v2.5.8 kubeVersion: ">=1.22.0-0" description: A Helm chart for Argo CD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 5.19.7 +version: 5.19.8 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png sources: @@ -23,4 +23,6 @@ dependencies: condition: redis-ha.enabled annotations: artifacthub.io/changes: | - - "[Changed]: Update Argo CD to v2.5.8" + - "[Changed]: Disable Redis exporter by default" + - "[Changed]: Use bitnami Redis exporter image for redis-ha" + - "[Docs]: Fixed defaults for Redis exporter" diff --git a/charts/argo-cd/README.md b/charts/argo-cd/README.md index 04441317d..5d7cb0d79 100644 --- a/charts/argo-cd/README.md +++ b/charts/argo-cd/README.md @@ -865,14 +865,14 @@ server: | redis.env | list | `[]` | Environment variables to pass to the Redis server | | redis.envFrom | list | `[]` (See [values.yaml]) | envFrom to pass to the Redis server | | redis.exporter.containerSecurityContext | object | See [values.yaml] | Redis exporter security context | -| redis.exporter.enabled | bool | `true` | Enable Prometheus redis-exporter sidecar | -| redis.exporter.image.imagePullPolicy | string | `""` (defaults to global.image.imagePullPolicy) | Image pull policy for the Redis exporter | -| redis.exporter.image.repository | string | `"public.ecr.aws/bitnami/redis-exporter"` | redis-exporter image repository | -| redis.exporter.image.tag | string | `"1.45.0"` | redis-exporter image tag | +| redis.exporter.enabled | bool | `false` | Enable Prometheus redis-exporter sidecar | +| redis.exporter.image.imagePullPolicy | string | `""` (defaults to global.image.imagePullPolicy) | Image pull policy for the redis-exporter | +| redis.exporter.image.repository | string | `"public.ecr.aws/bitnami/redis-exporter"` | Repository to use for the redis-exporter | +| redis.exporter.image.tag | string | `"1.45.0"` | Tag to use for the redis-exporter | | redis.exporter.resources | object | `{}` | Resource limits and requests for redis-exporter sidecar | | redis.extraArgs | list | `[]` | Additional command line arguments to pass to redis-server | | redis.extraContainers | list | `[]` | Additional containers to be added to the redis pod | -| redis.image.imagePullPolicy | string | `"IfNotPresent"` | Redis imagePullPolicy | +| redis.image.imagePullPolicy | string | `""` (defaults to global.image.imagePullPolicy) | Redis image pull policy | | redis.image.repository | string | `"public.ecr.aws/docker/library/redis"` | Redis repository | | redis.image.tag | string | `"7.0.5-alpine"` | Redis tag | | redis.imagePullSecrets | list | `[]` (defaults to global.imagePullSecrets) | Secrets with credentials to pull images from a private registry | @@ -927,7 +927,9 @@ The main options are listed here: | Key | Type | Default | Description | |-----|------|---------|-------------| | redis-ha.enabled | bool | `false` | Enables the Redis HA subchart and disables the custom Redis single node deployment | -| redis-ha.exporter.enabled | bool | `true` | If `true`, the prometheus exporter sidecar is enabled | +| redis-ha.exporter.enabled | bool | `false` | Enable Prometheus redis-exporter sidecar | +| redis-ha.exporter.image | string | `"public.ecr.aws/bitnami/redis-exporter"` | Repository to use for the redis-exporter | +| redis-ha.exporter.tag | string | `"1.45.0"` | Tag to use for the redis-exporter | | redis-ha.haproxy.enabled | bool | `true` | Enabled HAProxy LoadBalancing/Proxy | | redis-ha.haproxy.metrics.enabled | bool | `true` | HAProxy enable prometheus metric scraping | | redis-ha.image.tag | string | `"7.0.5-alpine"` | Redis tag | diff --git a/charts/argo-cd/values.yaml b/charts/argo-cd/values.yaml index 76ad809d3..ec37a3f88 100755 --- a/charts/argo-cd/values.yaml +++ b/charts/argo-cd/values.yaml @@ -988,21 +988,21 @@ redis: repository: public.ecr.aws/docker/library/redis # -- Redis tag tag: 7.0.5-alpine - # -- Redis imagePullPolicy - imagePullPolicy: IfNotPresent + # -- Redis image pull policy + # @default -- `""` (defaults to global.image.imagePullPolicy) + imagePullPolicy: "" - # Prometheus redis-exporter sidecar + ## Prometheus redis-exporter sidecar exporter: # -- Enable Prometheus redis-exporter sidecar - enabled: true - - # Prometheus redis-exporter image + enabled: false + ## Prometheus redis-exporter image image: - # -- redis-exporter image repository + # -- Repository to use for the redis-exporter repository: public.ecr.aws/bitnami/redis-exporter - # -- redis-exporter image tag + # -- Tag to use for the redis-exporter tag: 1.45.0 - # -- Image pull policy for the Redis exporter + # -- Image pull policy for the redis-exporter # @default -- `""` (defaults to global.image.imagePullPolicy) imagePullPolicy: "" @@ -1190,9 +1190,14 @@ redis: redis-ha: # -- Enables the Redis HA subchart and disables the custom Redis single node deployment enabled: false + ## Prometheus redis-exporter sidecar exporter: - # -- If `true`, the prometheus exporter sidecar is enabled - enabled: true + # -- Enable Prometheus redis-exporter sidecar + enabled: false + # -- Repository to use for the redis-exporter + image: public.ecr.aws/bitnami/redis-exporter + # -- Tag to use for the redis-exporter + tag: 1.45.0 persistentVolume: # -- Configures persistency on Redis nodes enabled: false From 36cd83081cfaf4d2f83c737e007563710dfc5869 Mon Sep 17 00:00:00 2001 From: Wojciech Date: Fri, 27 Jan 2023 15:45:49 +0100 Subject: [PATCH 024/373] feat(argo-cd): Add log settings and extraArgs to Slack bot (#1802) * Add log settings and extraArgs to Slack bot Signed-off-by: duxet * Fix readme Signed-off-by: duxet --------- Signed-off-by: duxet --- charts/argo-cd/Chart.yaml | 6 ++---- charts/argo-cd/README.md | 3 +++ .../argocd-notifications/bots/slack/deployment.yaml | 5 +++++ charts/argo-cd/values.yaml | 10 ++++++++++ 4 files changed, 20 insertions(+), 4 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index 06a52a3a3..2b9d215f2 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -3,7 +3,7 @@ appVersion: v2.5.8 kubeVersion: ">=1.22.0-0" description: A Helm chart for Argo CD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 5.19.8 +version: 5.19.9 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png sources: @@ -23,6 +23,4 @@ dependencies: condition: redis-ha.enabled annotations: artifacthub.io/changes: | - - "[Changed]: Disable Redis exporter by default" - - "[Changed]: Use bitnami Redis exporter image for redis-ha" - - "[Docs]: Fixed defaults for Redis exporter" + - "[Added]: Added logFormat, logLevel and extraArgs to Slack bot" diff --git a/charts/argo-cd/README.md b/charts/argo-cd/README.md index 5d7cb0d79..54a11752f 100644 --- a/charts/argo-cd/README.md +++ b/charts/argo-cd/README.md @@ -1054,10 +1054,13 @@ If you want to use an existing Redis (eg. a managed service from a cloud provide | notifications.bots.slack.affinity | object | `{}` | Assign custom [affinity] rules | | notifications.bots.slack.containerSecurityContext | object | See [values.yaml] | Slack bot container-level security Context | | notifications.bots.slack.enabled | bool | `false` | Enable slack bot | +| notifications.bots.slack.extraArgs | list | `[]` | List of extra cli args to add for Slack bot | | notifications.bots.slack.image.imagePullPolicy | string | `""` (defaults to global.image.imagePullPolicy) | Image pull policy for the Slack bot | | notifications.bots.slack.image.repository | string | `""` (defaults to global.image.repository) | Repository to use for the Slack bot | | notifications.bots.slack.image.tag | string | `""` (defaults to global.image.tag) | Tag to use for the Slack bot | | notifications.bots.slack.imagePullSecrets | list | `[]` (defaults to global.imagePullSecrets) | Secrets with credentials to pull images from a private registry | +| notifications.bots.slack.logFormat | string | `""` (defaults to global.logging.format) | Slack bot log format. Either `text` or `json` | +| notifications.bots.slack.logLevel | string | `""` (defaults to global.logging.level) | Slack bot log level. One of: `debug`, `info`, `warn`, `error` | | notifications.bots.slack.nodeSelector | object | `{}` | [Node selector] | | notifications.bots.slack.pdb.annotations | object | `{}` | Annotations to be added to Slack bot pdb | | notifications.bots.slack.pdb.enabled | bool | `false` | Deploy a [PodDisruptionBudget] for the Slack bot | diff --git a/charts/argo-cd/templates/argocd-notifications/bots/slack/deployment.yaml b/charts/argo-cd/templates/argocd-notifications/bots/slack/deployment.yaml index da9346072..90fcf78ce 100644 --- a/charts/argo-cd/templates/argocd-notifications/bots/slack/deployment.yaml +++ b/charts/argo-cd/templates/argocd-notifications/bots/slack/deployment.yaml @@ -40,6 +40,11 @@ spec: command: - argocd-notifications - bot + - --loglevel={{ default .Values.global.logging.level .Values.notifications.bots.slack.logLevel }} + - --logformat={{ default .Values.global.logging.format .Values.notifications.bots.slack.logFormat }} + {{- range .Values.notifications.bots.slack.extraArgs }} + - {{ . | squote }} + {{- end }} workingDir: /app ports: - containerPort: 8080 diff --git a/charts/argo-cd/values.yaml b/charts/argo-cd/values.yaml index ec37a3f88..1a6bdda4e 100755 --- a/charts/argo-cd/values.yaml +++ b/charts/argo-cd/values.yaml @@ -2881,6 +2881,16 @@ notifications: # @default -- `[]` (defaults to global.imagePullSecrets) imagePullSecrets: [] + # -- Slack bot log format. Either `text` or `json` + # @default -- `""` (defaults to global.logging.format) + logFormat: "" + # -- Slack bot log level. One of: `debug`, `info`, `warn`, `error` + # @default -- `""` (defaults to global.logging.level) + logLevel: "" + + # -- List of extra cli args to add for Slack bot + extraArgs: [] + service: # -- Service annotations for Slack bot annotations: {} From 790438efebf423c2d56cb4b93471f4adb3fcd448 Mon Sep 17 00:00:00 2001 From: Petr Drastil Date: Sat, 28 Jan 2023 00:18:43 +0100 Subject: [PATCH 025/373] chore(argo-cd): Upgrade redis to 7.0.7 to avoid CVE-2022-3996 (#1803) Signed-off-by: Petr Drastil --- charts/argo-cd/Chart.yaml | 4 ++-- charts/argo-cd/README.md | 4 ++-- charts/argo-cd/values.yaml | 4 ++-- 3 files changed, 6 insertions(+), 6 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index 2b9d215f2..fb2674928 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -3,7 +3,7 @@ appVersion: v2.5.8 kubeVersion: ">=1.22.0-0" description: A Helm chart for Argo CD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 5.19.9 +version: 5.19.10 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png sources: @@ -23,4 +23,4 @@ dependencies: condition: redis-ha.enabled annotations: artifacthub.io/changes: | - - "[Added]: Added logFormat, logLevel and extraArgs to Slack bot" + - "[Security]: Upgrade redis to 7.0.7 to avoid CVE-2022-3996" diff --git a/charts/argo-cd/README.md b/charts/argo-cd/README.md index 54a11752f..a7c8c287c 100644 --- a/charts/argo-cd/README.md +++ b/charts/argo-cd/README.md @@ -874,7 +874,7 @@ server: | redis.extraContainers | list | `[]` | Additional containers to be added to the redis pod | | redis.image.imagePullPolicy | string | `""` (defaults to global.image.imagePullPolicy) | Redis image pull policy | | redis.image.repository | string | `"public.ecr.aws/docker/library/redis"` | Redis repository | -| redis.image.tag | string | `"7.0.5-alpine"` | Redis tag | +| redis.image.tag | string | `"7.0.7-alpine"` | Redis tag | | redis.imagePullSecrets | list | `[]` (defaults to global.imagePullSecrets) | Secrets with credentials to pull images from a private registry | | redis.initContainers | list | `[]` | Init containers to add to the redis pod | | redis.metrics.enabled | bool | `false` | Deploy metrics service | @@ -932,7 +932,7 @@ The main options are listed here: | redis-ha.exporter.tag | string | `"1.45.0"` | Tag to use for the redis-exporter | | redis-ha.haproxy.enabled | bool | `true` | Enabled HAProxy LoadBalancing/Proxy | | redis-ha.haproxy.metrics.enabled | bool | `true` | HAProxy enable prometheus metric scraping | -| redis-ha.image.tag | string | `"7.0.5-alpine"` | Redis tag | +| redis-ha.image.tag | string | `"7.0.7-alpine"` | Redis tag | | redis-ha.persistentVolume.enabled | bool | `false` | Configures persistency on Redis nodes | | redis-ha.redis.config | object | See [values.yaml] | Any valid redis config options in this section will be applied to each server (see `redis-ha` chart) | | redis-ha.redis.config.save | string | `'""'` | Will save the DB if both the given number of seconds and the given number of write operations against the DB occurred. `""` is disabled | diff --git a/charts/argo-cd/values.yaml b/charts/argo-cd/values.yaml index 1a6bdda4e..5cff81684 100755 --- a/charts/argo-cd/values.yaml +++ b/charts/argo-cd/values.yaml @@ -987,7 +987,7 @@ redis: # -- Redis repository repository: public.ecr.aws/docker/library/redis # -- Redis tag - tag: 7.0.5-alpine + tag: 7.0.7-alpine # -- Redis image pull policy # @default -- `""` (defaults to global.image.imagePullPolicy) imagePullPolicy: "" @@ -1218,7 +1218,7 @@ redis-ha: enabled: true image: # -- Redis tag - tag: 7.0.5-alpine + tag: 7.0.7-alpine ## https://kubernetes.io/docs/concepts/workloads/pods/pod-topology-spread-constraints/ topologySpreadConstraints: From 369136b69a7c41c395a8d701195333708b4d6459 Mon Sep 17 00:00:00 2001 From: Aikawa Date: Sat, 28 Jan 2023 22:40:50 +0900 Subject: [PATCH 026/373] chore(argo-cd): Update Argo CD to v2.5.9 (#1805) --- charts/argo-cd/Chart.yaml | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index fb2674928..4056760bd 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -1,9 +1,9 @@ apiVersion: v2 -appVersion: v2.5.8 +appVersion: v2.5.9 kubeVersion: ">=1.22.0-0" description: A Helm chart for Argo CD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 5.19.10 +version: 5.19.11 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png sources: @@ -23,4 +23,4 @@ dependencies: condition: redis-ha.enabled annotations: artifacthub.io/changes: | - - "[Security]: Upgrade redis to 7.0.7 to avoid CVE-2022-3996" + - "[Changed]: Update Argo CD to v2.5.9" From 231cfcb20a92a66ad6de5e3f8faaa420c810c854 Mon Sep 17 00:00:00 2001 From: Jason Meridth Date: Sun, 29 Jan 2023 06:16:13 -0600 Subject: [PATCH 027/373] chore(argo-events): Upgrade Argo Events to v1.7.5 (#1809) --- charts/argo-events/Chart.yaml | 6 +++--- .../templates/argo-events-controller/rbac.yaml | 12 +++++++++++- 2 files changed, 14 insertions(+), 4 deletions(-) diff --git a/charts/argo-events/Chart.yaml b/charts/argo-events/Chart.yaml index 757a36088..c98ab3ae2 100644 --- a/charts/argo-events/Chart.yaml +++ b/charts/argo-events/Chart.yaml @@ -1,8 +1,8 @@ apiVersion: v2 -appVersion: v1.7.4 +appVersion: v1.7.5 description: A Helm chart for Argo Events, the event-driven workflow automation framework name: argo-events -version: 2.1.0 +version: 2.1.1 home: https://github.com/argoproj/argo-helm icon: https://argoproj.github.io/argo-events/assets/logo.png keywords: @@ -15,4 +15,4 @@ maintainers: url: https://argoproj.github.io/ annotations: artifacthub.io/changes: | - - "[Added]: Additional manifests to deploy within the chart" + - "[Changed]: Update Argo Events to v1.7.5" diff --git a/charts/argo-events/templates/argo-events-controller/rbac.yaml b/charts/argo-events/templates/argo-events-controller/rbac.yaml index c69c44198..1d9a2e558 100644 --- a/charts/argo-events/templates/argo-events-controller/rbac.yaml +++ b/charts/argo-events/templates/argo-events-controller/rbac.yaml @@ -71,7 +71,6 @@ rules: - pods - pods/exec - configmaps - - secrets - services - persistentvolumeclaims verbs: @@ -82,6 +81,17 @@ rules: - update - patch - delete +- apiGroups: + - "" + resources: + - secrets + verbs: + - create + - get + - list + - update + - patch + - delete - apiGroups: - apps resources: From c7b972c3afb283c50b250ea9856760c9f5539b35 Mon Sep 17 00:00:00 2001 From: Aikawa Date: Mon, 30 Jan 2023 00:23:04 +0900 Subject: [PATCH 028/373] fix(argo-cd): Align changelog structure to show changelogs on Artifact Hub (#1810) fixed(argo-cd): Align changelog structure to show changelogs on Artifact Hub Signed-off-by: yu-croco --- charts/argo-cd/Chart.yaml | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index 4056760bd..8f9c7d792 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -3,7 +3,7 @@ appVersion: v2.5.9 kubeVersion: ">=1.22.0-0" description: A Helm chart for Argo CD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 5.19.11 +version: 5.19.12 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png sources: @@ -23,4 +23,5 @@ dependencies: condition: redis-ha.enabled annotations: artifacthub.io/changes: | - - "[Changed]: Update Argo CD to v2.5.9" + - kind: fixed + description: Align changelog structure to show changelogs on Artifact Hub From b6922aed2fc4d87a162e23f64dd8d36410031b41 Mon Sep 17 00:00:00 2001 From: Aikawa Date: Mon, 30 Jan 2023 01:01:21 +0900 Subject: [PATCH 029/373] fix(github): Align changelog structure to show changelogs on Artifact Hub (#1811) fix(doc): Align changelog structure to show changelogs on Artifact Hub Signed-off-by: yu-croco --- CONTRIBUTING.md | 32 +++++++++++++++++++++++--------- 1 file changed, 23 insertions(+), 9 deletions(-) diff --git a/CONTRIBUTING.md b/CONTRIBUTING.md index f8753d60b..535bbbb39 100644 --- a/CONTRIBUTING.md +++ b/CONTRIBUTING.md @@ -80,21 +80,35 @@ Changes on a chart must be documented in a chart specific changelog in the `Char A new `artifacthub.io/changes` needs to be written covering only the changes since the previous release. -Each change requires a new bullet point following the pattern `- "[{type}]: {description}"`. You can use the following template: +Each change requires a new bullet point following the pattern. See more information [Artifact Hub annotations in Helm Chart.yaml file](https://artifacthub.io/docs/topics/annotations/helm/). + +```yaml +- kind: {type} + description: {description} +``` + +You can use the following template: ```yaml name: argo-cd -version: 3.4.1 +version: 5.19.12 ... annotations: artifacthub.io/changes: | - - "[Added]: Something New was added" - - "[Changed]: Changed Something within this chart" - - "[Changed]: Changed Something else within this chart" - - "[Deprecated]: Something deprecated" - - "[Removed]: Something was removed" - - "[Fixed]: Something was fixed" - - "[Security]: Some Security Patch was included" + - kind: added + description: Something New was added + - kind: changed + description: Changed Something within this chart + - kind: changed + description: Changed Something else within this chart + - kind: deprecated + description: Something deprecated + - kind: removed + description: Something was removed + - kind: fixed + description: Something was fixed + - kind: security + description: Some Security Patch was included ``` ## Testing From bdbfaa25233e7db0a3c0a3c1b440b0146e2955b4 Mon Sep 17 00:00:00 2001 From: Aikawa Date: Mon, 30 Jan 2023 03:48:27 +0900 Subject: [PATCH 030/373] fix(argo-workflows): Align changelog structure to show changelogs on Artifact Hub (#1812) Signed-off-by: yu-croco --- charts/argo-workflows/Chart.yaml | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/charts/argo-workflows/Chart.yaml b/charts/argo-workflows/Chart.yaml index 25aa9fd67..37846bed1 100644 --- a/charts/argo-workflows/Chart.yaml +++ b/charts/argo-workflows/Chart.yaml @@ -3,7 +3,7 @@ appVersion: v3.4.4 name: argo-workflows description: A Helm chart for Argo Workflows type: application -version: 0.22.8 +version: 0.22.9 icon: https://raw.githubusercontent.com/argoproj/argo-workflows/master/docs/assets/argo.png home: https://github.com/argoproj/argo-helm sources: @@ -13,4 +13,5 @@ maintainers: url: https://argoproj.github.io/ annotations: artifacthub.io/changes: | - - "[Added]: Helm helper function to allow image registry to be absent" + - kind: fixed + description: Align changelog structure to show changelogs on Artifact Hub From 4c018a495450e9de40d9b24b32c1dcc557449bf3 Mon Sep 17 00:00:00 2001 From: Jason Meridth Date: Sun, 29 Jan 2023 12:59:32 -0600 Subject: [PATCH 031/373] fix(argocd-image-updater): Align changelog structure (#1816) --- charts/argocd-image-updater/Chart.yaml | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/charts/argocd-image-updater/Chart.yaml b/charts/argocd-image-updater/Chart.yaml index 5147ea828..c88296f12 100644 --- a/charts/argocd-image-updater/Chart.yaml +++ b/charts/argocd-image-updater/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v2 name: argocd-image-updater description: A Helm chart for Argo CD Image Updater, a tool to automatically update the container images of Kubernetes workloads which are managed by Argo CD type: application -version: 0.8.2 +version: 0.8.3 appVersion: v0.12.0 home: https://github.com/argoproj-labs/argocd-image-updater icon: https://argocd-image-updater.readthedocs.io/en/stable/assets/logo.png @@ -15,4 +15,5 @@ maintainers: url: https://argoproj.github.io/ annotations: artifacthub.io/changes: | - - "[Changed]: avoid app.kubernetes.io/version kubernetes label from exceeding maximum length (63)" + - kind: fixed + description: Align changelog structure to show changelogs on Artifact Hub From f299ae3025f547c150a0d031db36382988fc01d1 Mon Sep 17 00:00:00 2001 From: Jason Meridth Date: Sun, 29 Jan 2023 13:07:33 -0600 Subject: [PATCH 032/373] fix(argo-events): Align changelog structure (#1813) relates to #1808 Was fixed already for [argo-cd](https://github.com/argoproj/argo-helm/pull/1810) and [argo-workflows](https://github.com/argoproj/argo-helm/pull/1812) Signed-off-by: jmeridth --- charts/argo-events/Chart.yaml | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/charts/argo-events/Chart.yaml b/charts/argo-events/Chart.yaml index c98ab3ae2..160f6cf63 100644 --- a/charts/argo-events/Chart.yaml +++ b/charts/argo-events/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v2 appVersion: v1.7.5 description: A Helm chart for Argo Events, the event-driven workflow automation framework name: argo-events -version: 2.1.1 +version: 2.1.2 home: https://github.com/argoproj/argo-helm icon: https://argoproj.github.io/argo-events/assets/logo.png keywords: @@ -15,4 +15,5 @@ maintainers: url: https://argoproj.github.io/ annotations: artifacthub.io/changes: | - - "[Changed]: Update Argo Events to v1.7.5" + - kind: fixed + description: Align changelog structure to show changelogs on Artifact Hub From e3ae99b74db033c659f1962392ca14a107af730b Mon Sep 17 00:00:00 2001 From: Jason Meridth Date: Sun, 29 Jan 2023 13:14:11 -0600 Subject: [PATCH 033/373] fix(argo-rollouts): Align changelog structure (#1814) relates to #1808 Signed-off-by: jmeridth --- charts/argo-rollouts/Chart.yaml | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/charts/argo-rollouts/Chart.yaml b/charts/argo-rollouts/Chart.yaml index a9968a4f4..2beb83ffa 100644 --- a/charts/argo-rollouts/Chart.yaml +++ b/charts/argo-rollouts/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v2 appVersion: v1.4.0 description: A Helm chart for Argo Rollouts name: argo-rollouts -version: 2.22.1 +version: 2.22.2 home: https://github.com/argoproj/argo-helm icon: https://argoproj.github.io/argo-rollouts/assets/logo.png keywords: @@ -15,4 +15,5 @@ maintainers: url: https://argoproj.github.io/ annotations: artifacthub.io/changes: | - - "[Added]: Flags to toggle provider-specific RBAC rules in Role and ClusterRole" + - kind: fixed + description: Align changelog structure to show changelogs on Artifact Hub From 8a1c4f0ad6cad127e7148509a5087a1a5bf51075 Mon Sep 17 00:00:00 2001 From: Jason Meridth Date: Sun, 29 Jan 2023 13:17:35 -0600 Subject: [PATCH 034/373] fix(argocd-apps): Align changelog structure (#1815) relates to #1808 Signed-off-by: jmeridth Co-authored-by: Petr Drastil --- charts/argocd-apps/Chart.yaml | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/charts/argocd-apps/Chart.yaml b/charts/argocd-apps/Chart.yaml index 4f2d82bef..422dc6867 100644 --- a/charts/argocd-apps/Chart.yaml +++ b/charts/argocd-apps/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v2 name: argocd-apps description: A Helm chart for managing additional Argo CD Applications and Projects type: application -version: 0.0.6 +version: 0.0.7 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png keywords: @@ -14,4 +14,5 @@ maintainers: url: https://argoproj.github.io/ annotations: artifacthub.io/changes: | - - "[Added]: Changelog link on README" + - kind: fixed + description: Align changelog structure to show changelogs on Artifact Hub From 28abc348ac60863cca9f099d4e33ab209c1a96aa Mon Sep 17 00:00:00 2001 From: Ben Hayden Date: Wed, 1 Feb 2023 15:07:07 -0600 Subject: [PATCH 035/373] chore(argocd-image-updater): Update Argo CD Image Updater to v0.12.2 (#1819) Signed-off-by: Ben Hayden --- charts/argocd-image-updater/Chart.yaml | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/charts/argocd-image-updater/Chart.yaml b/charts/argocd-image-updater/Chart.yaml index c88296f12..5d599c41b 100644 --- a/charts/argocd-image-updater/Chart.yaml +++ b/charts/argocd-image-updater/Chart.yaml @@ -2,8 +2,8 @@ apiVersion: v2 name: argocd-image-updater description: A Helm chart for Argo CD Image Updater, a tool to automatically update the container images of Kubernetes workloads which are managed by Argo CD type: application -version: 0.8.3 -appVersion: v0.12.0 +version: 0.8.4 +appVersion: v0.12.2 home: https://github.com/argoproj-labs/argocd-image-updater icon: https://argocd-image-updater.readthedocs.io/en/stable/assets/logo.png keywords: @@ -15,5 +15,5 @@ maintainers: url: https://argoproj.github.io/ annotations: artifacthub.io/changes: | - - kind: fixed - description: Align changelog structure to show changelogs on Artifact Hub + - kind: changed + description: Update Argo CD Image Updater to v0.12.2 From 92f83fca3ef11fe1ba144bd106867ff23435ebeb Mon Sep 17 00:00:00 2001 From: ArsenyBelorukov <52857617+ArsenyBelorukov@users.noreply.github.com> Date: Thu, 2 Feb 2023 04:11:10 +0000 Subject: [PATCH 036/373] fix(argo-cd): fixed maxUnavailable value in redis-PDB (#1820) fixed maxUnavailable value in redis-PDB Signed-off-by: ArsenyBelorukov Co-authored-by: Jason Meridth --- charts/argo-cd/Chart.yaml | 4 ++-- charts/argo-cd/templates/redis/pdb.yaml | 2 +- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index 8f9c7d792..118ed99e5 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -3,7 +3,7 @@ appVersion: v2.5.9 kubeVersion: ">=1.22.0-0" description: A Helm chart for Argo CD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 5.19.12 +version: 5.19.13 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png sources: @@ -24,4 +24,4 @@ dependencies: annotations: artifacthub.io/changes: | - kind: fixed - description: Align changelog structure to show changelogs on Artifact Hub + description: Fixed maxUnavailable value in redis-PDB diff --git a/charts/argo-cd/templates/redis/pdb.yaml b/charts/argo-cd/templates/redis/pdb.yaml index 8be05f938..223c57589 100644 --- a/charts/argo-cd/templates/redis/pdb.yaml +++ b/charts/argo-cd/templates/redis/pdb.yaml @@ -16,7 +16,7 @@ metadata: {{- end }} {{- end }} spec: - {{- with .Values.dex.pdb.maxUnavailable }} + {{- with .Values.redis.pdb.maxUnavailable }} maxUnavailable: {{ . }} {{- else }} minAvailable: {{ .Values.redis.pdb.minAvailable | default 0 }} From 5687377d8ff4bcd8095207a1480dbbff13d7e117 Mon Sep 17 00:00:00 2001 From: Marcel Hoyer Date: Thu, 2 Feb 2023 22:56:18 +0100 Subject: [PATCH 037/373] chore(argo-cd): Update Argo CD to v2.5.10 (#1822) --- charts/argo-cd/Chart.yaml | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index 118ed99e5..37c612bc4 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -1,9 +1,9 @@ apiVersion: v2 -appVersion: v2.5.9 +appVersion: v2.5.10 kubeVersion: ">=1.22.0-0" description: A Helm chart for Argo CD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 5.19.13 +version: 5.19.14 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png sources: @@ -23,5 +23,5 @@ dependencies: condition: redis-ha.enabled annotations: artifacthub.io/changes: | - - kind: fixed - description: Fixed maxUnavailable value in redis-PDB + - kind: changed + description: Update Argo CD to v2.5.10 From 05c79e322a6d1f54a70840dd9649d9b9cb5ef8a2 Mon Sep 17 00:00:00 2001 From: Tone Date: Mon, 6 Feb 2023 05:40:13 +0100 Subject: [PATCH 038/373] feat(argo-cd): Configurable `dnsPolicy` / `hostNetwork` (#1821) --- charts/argo-cd/Chart.yaml | 6 +++--- charts/argo-cd/README.md | 6 ++++++ .../statefulset.yaml | 2 ++ .../argocd-repo-server/deployment.yaml | 2 ++ .../templates/argocd-server/deployment.yaml | 2 ++ charts/argo-cd/values.yaml | 18 ++++++++++++++++++ 6 files changed, 33 insertions(+), 3 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index 37c612bc4..ce2b91c1e 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -3,7 +3,7 @@ appVersion: v2.5.10 kubeVersion: ">=1.22.0-0" description: A Helm chart for Argo CD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 5.19.14 +version: 5.19.15 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png sources: @@ -23,5 +23,5 @@ dependencies: condition: redis-ha.enabled annotations: artifacthub.io/changes: | - - kind: changed - description: Update Argo CD to v2.5.10 + - kind: added + description: Configurable dnsPolicy / hostNetwork diff --git a/charts/argo-cd/README.md b/charts/argo-cd/README.md index a7c8c287c..02482d753 100644 --- a/charts/argo-cd/README.md +++ b/charts/argo-cd/README.md @@ -464,10 +464,12 @@ NAME: my-release | controller.clusterRoleRules.rules | list | `[]` | List of custom rules for the application controller's ClusterRole resource | | controller.containerPorts.metrics | int | `8082` | Metrics container port | | controller.containerSecurityContext | object | See [values.yaml] | Application controller container-level security context | +| controller.dnsPolicy | string | `"ClusterFirst"` | Alternative DNS policy for application controller pods | | controller.env | list | `[]` | Environment variables to pass to application controller | | controller.envFrom | list | `[]` (See [values.yaml]) | envFrom to pass to application controller | | controller.extraArgs | list | `[]` | Additional command line arguments to pass to application controller | | controller.extraContainers | list | `[]` | Additional containers to be added to the application controller pod | +| controller.hostNetwork | bool | `false` | Host Network for application controller pods | | controller.image.imagePullPolicy | string | `""` (defaults to global.image.imagePullPolicy) | Image pull policy for the application controller | | controller.image.repository | string | `""` (defaults to global.image.repository) | Repository to use for the application controller | | controller.image.tag | string | `""` (defaults to global.image.tag) | Tag to use for the application controller | @@ -543,10 +545,12 @@ NAME: my-release | repoServer.containerPorts.server | int | `8081` | Repo server container port | | repoServer.containerSecurityContext | object | See [values.yaml] | Repo server container-level security context | | repoServer.deploymentAnnotations | object | `{}` | Annotations to be added to repo server Deployment | +| repoServer.dnsPolicy | string | `"ClusterFirst"` | Alternative DNS policy for Repo server pods | | repoServer.env | list | `[]` | Environment variables to pass to repo server | | repoServer.envFrom | list | `[]` (See [values.yaml]) | envFrom to pass to repo server | | repoServer.extraArgs | list | `[]` | Additional command line arguments to pass to repo server | | repoServer.extraContainers | list | `[]` | Additional containers to be added to the repo server pod | +| repoServer.hostNetwork | bool | `false` | Host Network for Repo server pods | | repoServer.image.imagePullPolicy | string | `""` (defaults to global.image.imagePullPolicy) | Image pull policy for the repo server | | repoServer.image.repository | string | `""` (defaults to global.image.repository) | Repository to use for the repo server | | repoServer.image.tag | string | `""` (defaults to global.image.tag) | Tag to use for the repo server | @@ -643,6 +647,7 @@ NAME: my-release | server.containerPorts.server | int | `8080` | Server container port | | server.containerSecurityContext | object | See [values.yaml] | Server container-level security context | | server.deploymentAnnotations | object | `{}` | Annotations to be added to server Deployment | +| server.dnsPolicy | string | `"ClusterFirst"` | Alternative DNS policy for Server pods | | server.env | list | `[]` | Environment variables to pass to Argo CD server | | server.envFrom | list | `[]` (See [values.yaml]) | envFrom to pass to Argo CD server | | server.extensions.containerSecurityContext | object | See [values.yaml] | Server UI extensions container-level security context | @@ -653,6 +658,7 @@ NAME: my-release | server.extensions.resources | object | `{}` | Resource limits and requests for the argocd-extensions container | | server.extraArgs | list | `[]` | Additional command line arguments to pass to Argo CD server | | server.extraContainers | list | `[]` | Additional containers to be added to the server pod | +| server.hostNetwork | bool | `false` | Host Network for Server pods | | server.image.imagePullPolicy | string | `""` (defaults to global.image.imagePullPolicy) | Image pull policy for the Argo CD server | | server.image.repository | string | `""` (defaults to global.image.repository) | Repository to use for the Argo CD server | | server.image.tag | string | `""` (defaults to global.image.tag) | Tag to use for the Argo CD server | diff --git a/charts/argo-cd/templates/argocd-application-controller/statefulset.yaml b/charts/argo-cd/templates/argocd-application-controller/statefulset.yaml index d853a8560..634431dd3 100644 --- a/charts/argo-cd/templates/argocd-application-controller/statefulset.yaml +++ b/charts/argo-cd/templates/argocd-application-controller/statefulset.yaml @@ -312,3 +312,5 @@ spec: {{- with .Values.controller.priorityClassName }} priorityClassName: {{ . }} {{- end }} + hostNetwork: {{ .Values.controller.hostNetwork }} + dnsPolicy: {{ .Values.controller.dnsPolicy }} diff --git a/charts/argo-cd/templates/argocd-repo-server/deployment.yaml b/charts/argo-cd/templates/argocd-repo-server/deployment.yaml index c786d7143..a39c007c3 100755 --- a/charts/argo-cd/templates/argocd-repo-server/deployment.yaml +++ b/charts/argo-cd/templates/argocd-repo-server/deployment.yaml @@ -356,3 +356,5 @@ spec: {{- with .Values.repoServer.priorityClassName }} priorityClassName: {{ . }} {{- end }} + hostNetwork: {{ .Values.repoServer.hostNetwork }} + dnsPolicy: {{ .Values.repoServer.dnsPolicy }} diff --git a/charts/argo-cd/templates/argocd-server/deployment.yaml b/charts/argo-cd/templates/argocd-server/deployment.yaml index 2f510bc37..aa06bf254 100755 --- a/charts/argo-cd/templates/argocd-server/deployment.yaml +++ b/charts/argo-cd/templates/argocd-server/deployment.yaml @@ -415,3 +415,5 @@ spec: {{- with .Values.server.priorityClassName }} priorityClassName: {{ . }} {{- end }} + hostNetwork: {{ .Values.server.hostNetwork }} + dnsPolicy: {{ .Values.server.dnsPolicy }} diff --git a/charts/argo-cd/values.yaml b/charts/argo-cd/values.yaml index 5cff81684..c3f6fdab3 100755 --- a/charts/argo-cd/values.yaml +++ b/charts/argo-cd/values.yaml @@ -580,6 +580,12 @@ controller: # -- Metrics container port metrics: 8082 + # -- Host Network for application controller pods + hostNetwork: false + + # -- Alternative DNS policy for application controller pods + dnsPolicy: "ClusterFirst" + # -- Application controller container-level security context # @default -- See [values.yaml] containerSecurityContext: @@ -1448,6 +1454,12 @@ server: # -- Metrics container port metrics: 8082 + # -- Host Network for Server pods + hostNetwork: false + + # -- Alternative DNS policy for Server pods + dnsPolicy: "ClusterFirst" + # -- Server container-level security context # @default -- See [values.yaml] containerSecurityContext: @@ -1931,6 +1943,12 @@ repoServer: # -- Metrics container port metrics: 8084 + # -- Host Network for Repo server pods + hostNetwork: false + + # -- Alternative DNS policy for Repo server pods + dnsPolicy: "ClusterFirst" + # -- Repo server container-level security context # @default -- See [values.yaml] containerSecurityContext: From 0d3150ce670346e07533965e0beec8e62fabffce Mon Sep 17 00:00:00 2001 From: Petr Drastil Date: Tue, 7 Feb 2023 16:02:23 +0100 Subject: [PATCH 039/373] feat(argo-cd): Upgrade Argo CD to 2.6.0 (#1758) Signed-off-by: Petr Drastil --- charts/argo-cd/Chart.yaml | 10 +- charts/argo-cd/README.md | 7 +- charts/argo-cd/templates/NOTES.txt | 12 + charts/argo-cd/templates/_helpers.tpl | 5 +- .../argocd-applicationset/deployment.yaml | 78 +- .../templates/argocd-server/deployment.yaml | 6 + .../templates/crds/crd-application.yaml | 2614 ++++++++-- .../templates/crds/crd-applicationset.yaml | 4354 ++++++++++++++++- charts/argo-cd/values.yaml | 22 +- 9 files changed, 6530 insertions(+), 578 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index ce2b91c1e..c5f6c5fbf 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -1,9 +1,9 @@ apiVersion: v2 -appVersion: v2.5.10 +appVersion: v2.6.0 kubeVersion: ">=1.22.0-0" description: A Helm chart for Argo CD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 5.19.15 +version: 5.20.0 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png sources: @@ -23,5 +23,7 @@ dependencies: condition: redis-ha.enabled annotations: artifacthub.io/changes: | - - kind: added - description: Configurable dnsPolicy / hostNetwork + - kind: changed + description: Upgrade Argo CD to 2.6.0 + - kind: deprecated + description: ApplicationSet args, logFormat and logLevel superseded by configs.params diff --git a/charts/argo-cd/README.md b/charts/argo-cd/README.md index 02482d753..652620e55 100644 --- a/charts/argo-cd/README.md +++ b/charts/argo-cd/README.md @@ -415,6 +415,8 @@ NAME: my-release | configs.credentialTemplatesAnnotations | object | `{}` | Annotations to be added to `configs.credentialTemplates` Secret | | configs.gpg.annotations | object | `{}` | Annotations to be added to argocd-gpg-keys-cm configmap | | configs.gpg.keys | object | `{}` (See [values.yaml]) | [GnuPG] public keys to add to the keyring | +| configs.params."applicationsetcontroller.enable.progressive.syncs" | bool | `false` | Enables use of the Progressive Syncs capability | +| configs.params."applicationsetcontroller.policy" | string | `"sync"` | Modify how application is synced between the generator and the cluster. One of: `sync`, `create-only`, `create-update`, `create-delete` | | configs.params."controller.operation.processors" | int | `10` | Number of application operation processors | | configs.params."controller.repo.server.timeout.seconds" | int | `60` | Repo server RPC call timeout seconds. | | configs.params."controller.self.heal.timeout.seconds" | int | `5` | Specifies timeout between application self heal attempts | @@ -971,8 +973,7 @@ If you want to use an existing Redis (eg. a managed service from a cloud provide | Key | Type | Default | Description | |-----|------|---------|-------------| | applicationSet.affinity | object | `{}` | Assign custom [affinity] rules | -| applicationSet.args.dryRun | bool | `false` | Enable dry run mode | -| applicationSet.args.policy | string | `"sync"` | How application is synced between the generator and the cluster | +| applicationSet.args | object | `{}` | DEPRECATED - ApplicationSet controller command line flags | | applicationSet.containerPorts.metrics | int | `8080` | Metrics container port | | applicationSet.containerPorts.probe | int | `8081` | Probe container port | | applicationSet.containerPorts.webhook | int | `7000` | Webhook container port | @@ -996,8 +997,6 @@ If you want to use an existing Redis (eg. a managed service from a cloud provide | applicationSet.livenessProbe.periodSeconds | int | `10` | How often (in seconds) to perform the [probe] | | applicationSet.livenessProbe.successThreshold | int | `1` | Minimum consecutive successes for the [probe] to be considered successful after having failed | | applicationSet.livenessProbe.timeoutSeconds | int | `1` | Number of seconds after which the [probe] times out | -| applicationSet.logFormat | string | `""` (defaults to global.logging.format) | ApplicationSet controller log format. Either `text` or `json` | -| applicationSet.logLevel | string | `""` (defaults to global.logging.level) | ApplicationSet controller log level. One of: `debug`, `info`, `warn`, `error` | | applicationSet.metrics.enabled | bool | `false` | Deploy metrics service | | applicationSet.metrics.service.annotations | object | `{}` | Metrics service annotations | | applicationSet.metrics.service.labels | object | `{}` | Metrics service labels | diff --git a/charts/argo-cd/templates/NOTES.txt b/charts/argo-cd/templates/NOTES.txt index 210cf3bbe..002d38442 100644 --- a/charts/argo-cd/templates/NOTES.txt +++ b/charts/argo-cd/templates/NOTES.txt @@ -76,6 +76,18 @@ DEPRECATED option configs.tlsCertsAnnotations - Use configs.tls.annotations {{- if hasKey .Values.configs "tlsCerts" }} DEPRECATED option configs.tlsCerts.data - Use configs.tls.certificates {{- end }} +{{- if .Values.applicationSet.logFormat }} +DEPRECATED option applicationSet.logFormat - Use configs.params.applicationsetcontroller.log.format +{{- end }} +{{- if .Values.applicationSet.logLevel }} +DEPRECATED option applicationSet.logLevel - Use configs.params.applicationsetcontroller.log.level +{{- end }} +{{- if .Values.applicationSet.args.policy }} +DEPRECATED option applicationSet.args.policy - Use configs.params.applicationsetcontroller.policy +{{- end }} +{{- if .Values.applicationSet.args.dryRun }} +DEPRECATED option applicationSet.args.dryRun - Use configs.params.applicationsetcontroller.dryRun +{{- end }} {{- if .Values.controller.service }} REMOVED option controller.service - Use controller.metrics {{- end }} diff --git a/charts/argo-cd/templates/_helpers.tpl b/charts/argo-cd/templates/_helpers.tpl index bdfa010b7..bd99fc9dd 100644 --- a/charts/argo-cd/templates/_helpers.tpl +++ b/charts/argo-cd/templates/_helpers.tpl @@ -202,10 +202,13 @@ redis.server: {{ . | quote }} server.dex.server: {{ include "argo-cd.dex.server" . | quote }} server.dex.server.strict.tls: {{ .Values.dex.certificateSecret.enabled | toString }} {{- end }} -{{- range $component := tuple "controller" "server" "reposerver" }} +{{- range $component := tuple "applicationsetcontroller" "controller" "server" "reposerver" }} {{ $component }}.log.format: {{ $.Values.global.logging.format | quote }} {{ $component }}.log.level: {{ $.Values.global.logging.level | quote }} {{- end }} +{{- if .Values.applicationSet.enabled }} +applicationsetcontroller.enable.leader.election: {{ gt (.Values.applicationSet.replicaCount | int64) 1 }} +{{- end }} {{- end -}} {{/* diff --git a/charts/argo-cd/templates/argocd-applicationset/deployment.yaml b/charts/argo-cd/templates/argocd-applicationset/deployment.yaml index 6fd9170c4..82324f4d1 100644 --- a/charts/argo-cd/templates/argocd-applicationset/deployment.yaml +++ b/charts/argo-cd/templates/argocd-applicationset/deployment.yaml @@ -54,14 +54,20 @@ spec: - --metrics-addr=:{{ .Values.applicationSet.containerPorts.metrics }} - --probe-addr=:{{ .Values.applicationSet.containerPorts.probe }} - --webhook-addr=:{{ .Values.applicationSet.containerPorts.webhook }} - - --argocd-repo-server={{ template "argo-cd.repoServer.fullname" . }}:{{ .Values.repoServer.service.port }} - - --enable-leader-election={{ gt ( .Values.applicationSet.replicaCount | int64) 1 }} - - --policy={{ .Values.applicationSet.args.policy }} - - --dry-run={{ .Values.applicationSet.args.dryRun }} + {{- with .Values.applicationSet.args.policy }} + - --policy={{ . }} + {{- end }} + {{- with .Values.applicationSet.args.dryRun }} + - --dry-run={{ . }} + {{- end }} + {{- with .Values.applicationSet.logFormat }} - --logformat - - {{ default .Values.global.logging.format .Values.applicationSet.logFormat }} + - {{ . }} + {{- end }} + {{- with .Values.applicationSet.logLevel }} - --loglevel - - {{ default .Values.global.logging.level .Values.applicationSet.logLevel }} + - {{ . }} + {{- end }} {{- with .Values.applicationSet.extraArgs }} {{- toYaml . | nindent 12 }} {{- end }} @@ -73,6 +79,66 @@ spec: valueFrom: fieldRef: fieldPath: metadata.namespace + - name: ARGOCD_APPLICATIONSET_CONTROLLER_ENABLE_LEADER_ELECTION + valueFrom: + configMapKeyRef: + key: applicationsetcontroller.enable.leader.election + name: argocd-cmd-params-cm + optional: true + - name: ARGOCD_APPLICATIONSET_CONTROLLER_NAMESPACE + valueFrom: + configMapKeyRef: + key: applicationsetcontroller.namespace + name: argocd-cmd-params-cm + optional: true + - name: ARGOCD_APPLICATIONSET_CONTROLLER_REPO_SERVER + valueFrom: + configMapKeyRef: + key: repo.server + name: argocd-cmd-params-cm + optional: true + - name: ARGOCD_APPLICATIONSET_CONTROLLER_POLICY + valueFrom: + configMapKeyRef: + key: applicationsetcontroller.policy + name: argocd-cmd-params-cm + optional: true + - name: ARGOCD_APPLICATIONSET_CONTROLLER_DEBUG + valueFrom: + configMapKeyRef: + key: applicationsetcontroller.debug + name: argocd-cmd-params-cm + optional: true + - name: ARGOCD_APPLICATIONSET_CONTROLLER_LOGFORMAT + valueFrom: + configMapKeyRef: + key: applicationsetcontroller.log.format + name: argocd-cmd-params-cm + optional: true + - name: ARGOCD_APPLICATIONSET_CONTROLLER_LOGLEVEL + valueFrom: + configMapKeyRef: + key: applicationsetcontroller.log.level + name: argocd-cmd-params-cm + optional: true + - name: ARGOCD_APPLICATIONSET_CONTROLLER_DRY_RUN + valueFrom: + configMapKeyRef: + key: applicationsetcontroller.dryrun + name: argocd-cmd-params-cm + optional: true + - name: ARGOCD_GIT_MODULES_ENABLED + valueFrom: + configMapKeyRef: + key: applicationsetcontroller.enable.git.submodule + name: argocd-cmd-params-cm + optional: true + - name: ARGOCD_APPLICATIONSET_CONTROLLER_ENABLE_PROGRESSIVE_SYNCS + valueFrom: + configMapKeyRef: + key: applicationsetcontroller.enable.progressive.rollouts + name: argocd-cmd-params-cm + optional: true {{- with .Values.applicationSet.extraEnvFrom }} envFrom: {{- toYaml . | nindent 12 }} diff --git a/charts/argo-cd/templates/argocd-server/deployment.yaml b/charts/argo-cd/templates/argocd-server/deployment.yaml index aa06bf254..b0ed47d4a 100755 --- a/charts/argo-cd/templates/argocd-server/deployment.yaml +++ b/charts/argo-cd/templates/argocd-server/deployment.yaml @@ -262,6 +262,12 @@ spec: name: argocd-cmd-params-cm key: application.namespaces optional: true + - name: ARGOCD_SERVER_ENABLE_PROXY_EXTENSION + valueFrom: + configMapKeyRef: + name: argocd-cmd-params-cm + key: server.enable.proxy.extension + optional: true {{- with .Values.server.envFrom }} envFrom: {{- toYaml . | nindent 10 }} diff --git a/charts/argo-cd/templates/crds/crd-application.yaml b/charts/argo-cd/templates/crds/crd-application.yaml index 23f9b6b31..ae0f7295f 100644 --- a/charts/argo-cd/templates/crds/crd-application.yaml +++ b/charts/argo-cd/templates/crds/crd-application.yaml @@ -151,6 +151,14 @@ spec: which to sync the application to If omitted, will use the revision specified in app spec. type: string + revisions: + description: Revisions is the list of revision (Git) or chart + version (Helm) which to sync each source in sources field for + the application to If omitted, will use the revision specified + in app spec. + items: + type: string + type: array source: description: Source overrides the source definition set in the application. This is typically set in a Rollback operation and @@ -366,7 +374,35 @@ spec: type: array name: type: string + parameters: + items: + properties: + array: + description: Array is the value of an array type + parameter. + items: + type: string + type: array + map: + additionalProperties: + type: string + description: Map is the value of a map type parameter. + type: object + name: + description: Name is the name identifying a parameter. + type: string + string: + description: String_ is the value of a string type + parameter. + type: string + type: object + type: array type: object + ref: + description: Ref is reference to another source within sources + field. This field will not be used if used with a `source` + tag. + type: string repoURL: description: RepoURL is the URL to the repository (Git or Helm) that contains the application manifests @@ -380,232 +416,497 @@ spec: required: - repoURL type: object - syncOptions: - description: SyncOptions provide per-sync sync-options, e.g. Validate=false + sources: + description: Sources overrides the source definition set in the + application. This is typically set in a Rollback operation and + is nil during a Sync operation items: - type: string - type: array - syncStrategy: - description: SyncStrategy describes how to perform the sync - properties: - apply: - description: Apply will perform a `kubectl apply` to perform - the sync. - properties: - force: - description: Force indicates whether or not to supply - the --force flag to `kubectl apply`. The --force flag - deletes and re-create the resource, when PATCH encounters - conflict and has retried for 5 times. - type: boolean - type: object - hook: - description: Hook will submit any referenced resources to - perform the sync. This is the default strategy - properties: - force: - description: Force indicates whether or not to supply - the --force flag to `kubectl apply`. The --force flag - deletes and re-create the resource, when PATCH encounters - conflict and has retried for 5 times. - type: boolean - type: object - type: object - type: object - type: object - spec: - description: ApplicationSpec represents desired application state. Contains - link to repository with application definition and additional parameters - link definition revision. - properties: - destination: - description: Destination is a reference to the target Kubernetes server - and namespace - properties: - name: - description: Name is an alternate way of specifying the target - cluster by its symbolic name - type: string - namespace: - description: Namespace specifies the target namespace for the - application's resources. The namespace will only be set for - namespace-scoped resources that have not set a value for .metadata.namespace - type: string - server: - description: Server specifies the URL of the target cluster and - must be set to the Kubernetes control plane API - type: string - type: object - ignoreDifferences: - description: IgnoreDifferences is a list of resources and their fields - which should be ignored during comparison - items: - description: ResourceIgnoreDifferences contains resource filter - and list of json paths which should be ignored during comparison - with live state. - properties: - group: - type: string - jqPathExpressions: - items: - type: string - type: array - jsonPointers: - items: - type: string - type: array - kind: - type: string - managedFieldsManagers: - description: ManagedFieldsManagers is a list of trusted managers. - Fields mutated by those managers will take precedence over - the desired state defined in the SCM and won't be displayed - in diffs - items: - type: string - type: array - name: - type: string - namespace: - type: string - required: - - kind - type: object - type: array - info: - description: Info contains a list of information (URLs, email addresses, - and plain text) that relates to the application - items: - properties: - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - project: - description: Project is a reference to the project this application - belongs to. The empty string means that application belongs to the - 'default' project. - type: string - revisionHistoryLimit: - description: RevisionHistoryLimit limits the number of items kept - in the application's revision history, which is used for informational - purposes as well as for rollbacks to previous versions. This should - only be changed in exceptional circumstances. Setting to zero will - store no history. This will reduce storage used. Increasing will - increase the space used to store the history, so we do not recommend - increasing it. Default is 10. - format: int64 - type: integer - source: - description: Source is a reference to the location of the application's - manifests or chart - properties: - chart: - description: Chart is a Helm chart name, and must be specified - for applications sourced from a Helm repo. - type: string - directory: - description: Directory holds path/directory specific options - properties: - exclude: - description: Exclude contains a glob pattern to match paths - against that should be explicitly excluded from being used - during manifest generation - type: string - include: - description: Include contains a glob pattern to match paths - against that should be explicitly included during manifest - generation - type: string - jsonnet: - description: Jsonnet holds options specific to Jsonnet - properties: - extVars: - description: ExtVars is a list of Jsonnet External Variables - items: - description: JsonnetVar represents a variable to be - passed to jsonnet during manifest generation - properties: - code: - type: boolean - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - libs: - description: Additional library search dirs - items: - type: string - type: array - tlas: - description: TLAS is a list of Jsonnet Top-level Arguments - items: - description: JsonnetVar represents a variable to be - passed to jsonnet during manifest generation - properties: - code: - type: boolean - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - type: object - recurse: - description: Recurse specifies whether to scan a directory - recursively for manifests - type: boolean - type: object - helm: - description: Helm holds helm specific options - properties: - fileParameters: - description: FileParameters are file parameters to the helm - template - items: - description: HelmFileParameter is a file parameter that's - passed to helm template during manifest generation + description: ApplicationSource contains all required information + about the source of an application + properties: + chart: + description: Chart is a Helm chart name, and must be specified + for applications sourced from a Helm repo. + type: string + directory: + description: Directory holds path/directory specific options properties: - name: - description: Name is the name of the Helm parameter + exclude: + description: Exclude contains a glob pattern to match + paths against that should be explicitly excluded from + being used during manifest generation type: string - path: - description: Path is the path to the file containing - the values for the Helm parameter + include: + description: Include contains a glob pattern to match + paths against that should be explicitly included during + manifest generation type: string - type: object - type: array - ignoreMissingValueFiles: - description: IgnoreMissingValueFiles prevents helm template - from failing when valueFiles do not exist locally by not - appending them to helm template --values - type: boolean - parameters: - description: Parameters is a list of Helm parameters which - are passed to the helm template command upon manifest generation - items: - description: HelmParameter is a parameter that's passed - to helm template during manifest generation - properties: - forceString: - description: ForceString determines whether to tell - Helm to interpret booleans and numbers as strings - type: boolean - name: + jsonnet: + description: Jsonnet holds options specific to Jsonnet + properties: + extVars: + description: ExtVars is a list of Jsonnet External + Variables + items: + description: JsonnetVar represents a variable + to be passed to jsonnet during manifest generation + properties: + code: + type: boolean + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + libs: + description: Additional library search dirs + items: + type: string + type: array + tlas: + description: TLAS is a list of Jsonnet Top-level + Arguments + items: + description: JsonnetVar represents a variable + to be passed to jsonnet during manifest generation + properties: + code: + type: boolean + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + type: object + recurse: + description: Recurse specifies whether to scan a directory + recursively for manifests + type: boolean + type: object + helm: + description: Helm holds helm specific options + properties: + fileParameters: + description: FileParameters are file parameters to the + helm template + items: + description: HelmFileParameter is a file parameter + that's passed to helm template during manifest generation + properties: + name: + description: Name is the name of the Helm parameter + type: string + path: + description: Path is the path to the file containing + the values for the Helm parameter + type: string + type: object + type: array + ignoreMissingValueFiles: + description: IgnoreMissingValueFiles prevents helm template + from failing when valueFiles do not exist locally + by not appending them to helm template --values + type: boolean + parameters: + description: Parameters is a list of Helm parameters + which are passed to the helm template command upon + manifest generation + items: + description: HelmParameter is a parameter that's passed + to helm template during manifest generation + properties: + forceString: + description: ForceString determines whether to + tell Helm to interpret booleans and numbers + as strings + type: boolean + name: + description: Name is the name of the Helm parameter + type: string + value: + description: Value is the value for the Helm parameter + type: string + type: object + type: array + passCredentials: + description: PassCredentials pass credentials to all + domains (Helm's --pass-credentials) + type: boolean + releaseName: + description: ReleaseName is the Helm release name to + use. If omitted it will use the application name + type: string + skipCrds: + description: SkipCrds skips custom resource definition + installation step (Helm's --skip-crds) + type: boolean + valueFiles: + description: ValuesFiles is a list of Helm value files + to use when generating a template + items: + type: string + type: array + values: + description: Values specifies Helm values to be passed + to helm template, typically defined as a block + type: string + version: + description: Version is the Helm version to use for + templating ("3") + type: string + type: object + kustomize: + description: Kustomize holds kustomize specific options + properties: + commonAnnotations: + additionalProperties: + type: string + description: CommonAnnotations is a list of additional + annotations to add to rendered manifests + type: object + commonLabels: + additionalProperties: + type: string + description: CommonLabels is a list of additional labels + to add to rendered manifests + type: object + forceCommonAnnotations: + description: ForceCommonAnnotations specifies whether + to force applying common annotations to resources + for Kustomize apps + type: boolean + forceCommonLabels: + description: ForceCommonLabels specifies whether to + force applying common labels to resources for Kustomize + apps + type: boolean + images: + description: Images is a list of Kustomize image override + specifications + items: + description: KustomizeImage represents a Kustomize + image definition in the format [old_image_name=]: + type: string + type: array + namePrefix: + description: NamePrefix is a prefix appended to resources + for Kustomize apps + type: string + nameSuffix: + description: NameSuffix is a suffix appended to resources + for Kustomize apps + type: string + version: + description: Version controls which version of Kustomize + to use for rendering manifests + type: string + type: object + path: + description: Path is a directory path within the Git repository, + and is only valid for applications sourced from Git. + type: string + plugin: + description: Plugin holds config management plugin specific + options + properties: + env: + description: Env is a list of environment variable entries + items: + description: EnvEntry represents an entry in the application's + environment + properties: + name: + description: Name is the name of the variable, + usually expressed in uppercase + type: string + value: + description: Value is the value of the variable + type: string + required: + - name + - value + type: object + type: array + name: + type: string + parameters: + items: + properties: + array: + description: Array is the value of an array type + parameter. + items: + type: string + type: array + map: + additionalProperties: + type: string + description: Map is the value of a map type parameter. + type: object + name: + description: Name is the name identifying a parameter. + type: string + string: + description: String_ is the value of a string + type parameter. + type: string + type: object + type: array + type: object + ref: + description: Ref is reference to another source within sources + field. This field will not be used if used with a `source` + tag. + type: string + repoURL: + description: RepoURL is the URL to the repository (Git or + Helm) that contains the application manifests + type: string + targetRevision: + description: TargetRevision defines the revision of the + source to sync the application to. In case of Git, this + can be commit, tag, or branch. If omitted, will equal + to HEAD. In case of Helm, this is a semver tag for the + Chart's version. + type: string + required: + - repoURL + type: object + type: array + syncOptions: + description: SyncOptions provide per-sync sync-options, e.g. Validate=false + items: + type: string + type: array + syncStrategy: + description: SyncStrategy describes how to perform the sync + properties: + apply: + description: Apply will perform a `kubectl apply` to perform + the sync. + properties: + force: + description: Force indicates whether or not to supply + the --force flag to `kubectl apply`. The --force flag + deletes and re-create the resource, when PATCH encounters + conflict and has retried for 5 times. + type: boolean + type: object + hook: + description: Hook will submit any referenced resources to + perform the sync. This is the default strategy + properties: + force: + description: Force indicates whether or not to supply + the --force flag to `kubectl apply`. The --force flag + deletes and re-create the resource, when PATCH encounters + conflict and has retried for 5 times. + type: boolean + type: object + type: object + type: object + type: object + spec: + description: ApplicationSpec represents desired application state. Contains + link to repository with application definition and additional parameters + link definition revision. + properties: + destination: + description: Destination is a reference to the target Kubernetes server + and namespace + properties: + name: + description: Name is an alternate way of specifying the target + cluster by its symbolic name + type: string + namespace: + description: Namespace specifies the target namespace for the + application's resources. The namespace will only be set for + namespace-scoped resources that have not set a value for .metadata.namespace + type: string + server: + description: Server specifies the URL of the target cluster and + must be set to the Kubernetes control plane API + type: string + type: object + ignoreDifferences: + description: IgnoreDifferences is a list of resources and their fields + which should be ignored during comparison + items: + description: ResourceIgnoreDifferences contains resource filter + and list of json paths which should be ignored during comparison + with live state. + properties: + group: + type: string + jqPathExpressions: + items: + type: string + type: array + jsonPointers: + items: + type: string + type: array + kind: + type: string + managedFieldsManagers: + description: ManagedFieldsManagers is a list of trusted managers. + Fields mutated by those managers will take precedence over + the desired state defined in the SCM and won't be displayed + in diffs + items: + type: string + type: array + name: + type: string + namespace: + type: string + required: + - kind + type: object + type: array + info: + description: Info contains a list of information (URLs, email addresses, + and plain text) that relates to the application + items: + properties: + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + project: + description: Project is a reference to the project this application + belongs to. The empty string means that application belongs to the + 'default' project. + type: string + revisionHistoryLimit: + description: RevisionHistoryLimit limits the number of items kept + in the application's revision history, which is used for informational + purposes as well as for rollbacks to previous versions. This should + only be changed in exceptional circumstances. Setting to zero will + store no history. This will reduce storage used. Increasing will + increase the space used to store the history, so we do not recommend + increasing it. Default is 10. + format: int64 + type: integer + source: + description: Source is a reference to the location of the application's + manifests or chart + properties: + chart: + description: Chart is a Helm chart name, and must be specified + for applications sourced from a Helm repo. + type: string + directory: + description: Directory holds path/directory specific options + properties: + exclude: + description: Exclude contains a glob pattern to match paths + against that should be explicitly excluded from being used + during manifest generation + type: string + include: + description: Include contains a glob pattern to match paths + against that should be explicitly included during manifest + generation + type: string + jsonnet: + description: Jsonnet holds options specific to Jsonnet + properties: + extVars: + description: ExtVars is a list of Jsonnet External Variables + items: + description: JsonnetVar represents a variable to be + passed to jsonnet during manifest generation + properties: + code: + type: boolean + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + libs: + description: Additional library search dirs + items: + type: string + type: array + tlas: + description: TLAS is a list of Jsonnet Top-level Arguments + items: + description: JsonnetVar represents a variable to be + passed to jsonnet during manifest generation + properties: + code: + type: boolean + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + type: object + recurse: + description: Recurse specifies whether to scan a directory + recursively for manifests + type: boolean + type: object + helm: + description: Helm holds helm specific options + properties: + fileParameters: + description: FileParameters are file parameters to the helm + template + items: + description: HelmFileParameter is a file parameter that's + passed to helm template during manifest generation + properties: + name: + description: Name is the name of the Helm parameter + type: string + path: + description: Path is the path to the file containing + the values for the Helm parameter + type: string + type: object + type: array + ignoreMissingValueFiles: + description: IgnoreMissingValueFiles prevents helm template + from failing when valueFiles do not exist locally by not + appending them to helm template --values + type: boolean + parameters: + description: Parameters is a list of Helm parameters which + are passed to the helm template command upon manifest generation + items: + description: HelmParameter is a parameter that's passed + to helm template during manifest generation + properties: + forceString: + description: ForceString determines whether to tell + Helm to interpret booleans and numbers as strings + type: boolean + name: description: Name is the name of the Helm parameter type: string value: @@ -711,7 +1012,32 @@ spec: type: array name: type: string + parameters: + items: + properties: + array: + description: Array is the value of an array type parameter. + items: + type: string + type: array + map: + additionalProperties: + type: string + description: Map is the value of a map type parameter. + type: object + name: + description: Name is the name identifying a parameter. + type: string + string: + description: String_ is the value of a string type parameter. + type: string + type: object + type: array type: object + ref: + description: Ref is reference to another source within sources + field. This field will not be used if used with a `source` tag. + type: string repoURL: description: RepoURL is the URL to the repository (Git or Helm) that contains the application manifests @@ -725,6 +1051,264 @@ spec: required: - repoURL type: object + sources: + description: Sources is a reference to the location of the application's + manifests or chart + items: + description: ApplicationSource contains all required information + about the source of an application + properties: + chart: + description: Chart is a Helm chart name, and must be specified + for applications sourced from a Helm repo. + type: string + directory: + description: Directory holds path/directory specific options + properties: + exclude: + description: Exclude contains a glob pattern to match paths + against that should be explicitly excluded from being + used during manifest generation + type: string + include: + description: Include contains a glob pattern to match paths + against that should be explicitly included during manifest + generation + type: string + jsonnet: + description: Jsonnet holds options specific to Jsonnet + properties: + extVars: + description: ExtVars is a list of Jsonnet External Variables + items: + description: JsonnetVar represents a variable to be + passed to jsonnet during manifest generation + properties: + code: + type: boolean + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + libs: + description: Additional library search dirs + items: + type: string + type: array + tlas: + description: TLAS is a list of Jsonnet Top-level Arguments + items: + description: JsonnetVar represents a variable to be + passed to jsonnet during manifest generation + properties: + code: + type: boolean + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + type: object + recurse: + description: Recurse specifies whether to scan a directory + recursively for manifests + type: boolean + type: object + helm: + description: Helm holds helm specific options + properties: + fileParameters: + description: FileParameters are file parameters to the helm + template + items: + description: HelmFileParameter is a file parameter that's + passed to helm template during manifest generation + properties: + name: + description: Name is the name of the Helm parameter + type: string + path: + description: Path is the path to the file containing + the values for the Helm parameter + type: string + type: object + type: array + ignoreMissingValueFiles: + description: IgnoreMissingValueFiles prevents helm template + from failing when valueFiles do not exist locally by not + appending them to helm template --values + type: boolean + parameters: + description: Parameters is a list of Helm parameters which + are passed to the helm template command upon manifest + generation + items: + description: HelmParameter is a parameter that's passed + to helm template during manifest generation + properties: + forceString: + description: ForceString determines whether to tell + Helm to interpret booleans and numbers as strings + type: boolean + name: + description: Name is the name of the Helm parameter + type: string + value: + description: Value is the value for the Helm parameter + type: string + type: object + type: array + passCredentials: + description: PassCredentials pass credentials to all domains + (Helm's --pass-credentials) + type: boolean + releaseName: + description: ReleaseName is the Helm release name to use. + If omitted it will use the application name + type: string + skipCrds: + description: SkipCrds skips custom resource definition installation + step (Helm's --skip-crds) + type: boolean + valueFiles: + description: ValuesFiles is a list of Helm value files to + use when generating a template + items: + type: string + type: array + values: + description: Values specifies Helm values to be passed to + helm template, typically defined as a block + type: string + version: + description: Version is the Helm version to use for templating + ("3") + type: string + type: object + kustomize: + description: Kustomize holds kustomize specific options + properties: + commonAnnotations: + additionalProperties: + type: string + description: CommonAnnotations is a list of additional annotations + to add to rendered manifests + type: object + commonLabels: + additionalProperties: + type: string + description: CommonLabels is a list of additional labels + to add to rendered manifests + type: object + forceCommonAnnotations: + description: ForceCommonAnnotations specifies whether to + force applying common annotations to resources for Kustomize + apps + type: boolean + forceCommonLabels: + description: ForceCommonLabels specifies whether to force + applying common labels to resources for Kustomize apps + type: boolean + images: + description: Images is a list of Kustomize image override + specifications + items: + description: KustomizeImage represents a Kustomize image + definition in the format [old_image_name=]: + type: string + type: array + namePrefix: + description: NamePrefix is a prefix appended to resources + for Kustomize apps + type: string + nameSuffix: + description: NameSuffix is a suffix appended to resources + for Kustomize apps + type: string + version: + description: Version controls which version of Kustomize + to use for rendering manifests + type: string + type: object + path: + description: Path is a directory path within the Git repository, + and is only valid for applications sourced from Git. + type: string + plugin: + description: Plugin holds config management plugin specific + options + properties: + env: + description: Env is a list of environment variable entries + items: + description: EnvEntry represents an entry in the application's + environment + properties: + name: + description: Name is the name of the variable, usually + expressed in uppercase + type: string + value: + description: Value is the value of the variable + type: string + required: + - name + - value + type: object + type: array + name: + type: string + parameters: + items: + properties: + array: + description: Array is the value of an array type parameter. + items: + type: string + type: array + map: + additionalProperties: + type: string + description: Map is the value of a map type parameter. + type: object + name: + description: Name is the name identifying a parameter. + type: string + string: + description: String_ is the value of a string type + parameter. + type: string + type: object + type: array + type: object + ref: + description: Ref is reference to another source within sources + field. This field will not be used if used with a `source` + tag. + type: string + repoURL: + description: RepoURL is the URL to the repository (Git or Helm) + that contains the application manifests + type: string + targetRevision: + description: TargetRevision defines the revision of the source + to sync the application to. In case of Git, this can be commit, + tag, or branch. If omitted, will equal to HEAD. In case of + Helm, this is a semver tag for the Chart's version. + type: string + required: + - repoURL + type: object + type: array syncPolicy: description: SyncPolicy controls when and how a sync will be performed properties: @@ -747,6 +1331,19 @@ spec: (default: false)' type: boolean type: object + managedNamespaceMetadata: + description: ManagedNamespaceMetadata controls metadata in the + given namespace (if CreateNamespace=true) + properties: + annotations: + additionalProperties: + type: string + type: object + labels: + additionalProperties: + type: string + type: object + type: object retry: description: Retry controls failed sync retry behavior properties: @@ -784,7 +1381,6 @@ spec: required: - destination - project - - source type: object status: description: ApplicationStatus contains status information for the application @@ -850,6 +1446,12 @@ spec: description: Revision holds the revision the sync was performed against type: string + revisions: + description: Revisions holds the revision of each source in + sources field the sync was performed against + items: + type: string + type: array source: description: Source is a reference to the application source used for the sync operation @@ -916,176 +1518,472 @@ spec: type: object type: array type: object - recurse: - description: Recurse specifies whether to scan a directory - recursively for manifests + recurse: + description: Recurse specifies whether to scan a directory + recursively for manifests + type: boolean + type: object + helm: + description: Helm holds helm specific options + properties: + fileParameters: + description: FileParameters are file parameters to the + helm template + items: + description: HelmFileParameter is a file parameter + that's passed to helm template during manifest generation + properties: + name: + description: Name is the name of the Helm parameter + type: string + path: + description: Path is the path to the file containing + the values for the Helm parameter + type: string + type: object + type: array + ignoreMissingValueFiles: + description: IgnoreMissingValueFiles prevents helm template + from failing when valueFiles do not exist locally + by not appending them to helm template --values + type: boolean + parameters: + description: Parameters is a list of Helm parameters + which are passed to the helm template command upon + manifest generation + items: + description: HelmParameter is a parameter that's passed + to helm template during manifest generation + properties: + forceString: + description: ForceString determines whether to + tell Helm to interpret booleans and numbers + as strings + type: boolean + name: + description: Name is the name of the Helm parameter + type: string + value: + description: Value is the value for the Helm parameter + type: string + type: object + type: array + passCredentials: + description: PassCredentials pass credentials to all + domains (Helm's --pass-credentials) + type: boolean + releaseName: + description: ReleaseName is the Helm release name to + use. If omitted it will use the application name + type: string + skipCrds: + description: SkipCrds skips custom resource definition + installation step (Helm's --skip-crds) + type: boolean + valueFiles: + description: ValuesFiles is a list of Helm value files + to use when generating a template + items: + type: string + type: array + values: + description: Values specifies Helm values to be passed + to helm template, typically defined as a block + type: string + version: + description: Version is the Helm version to use for + templating ("3") + type: string + type: object + kustomize: + description: Kustomize holds kustomize specific options + properties: + commonAnnotations: + additionalProperties: + type: string + description: CommonAnnotations is a list of additional + annotations to add to rendered manifests + type: object + commonLabels: + additionalProperties: + type: string + description: CommonLabels is a list of additional labels + to add to rendered manifests + type: object + forceCommonAnnotations: + description: ForceCommonAnnotations specifies whether + to force applying common annotations to resources + for Kustomize apps + type: boolean + forceCommonLabels: + description: ForceCommonLabels specifies whether to + force applying common labels to resources for Kustomize + apps type: boolean + images: + description: Images is a list of Kustomize image override + specifications + items: + description: KustomizeImage represents a Kustomize + image definition in the format [old_image_name=]: + type: string + type: array + namePrefix: + description: NamePrefix is a prefix appended to resources + for Kustomize apps + type: string + nameSuffix: + description: NameSuffix is a suffix appended to resources + for Kustomize apps + type: string + version: + description: Version controls which version of Kustomize + to use for rendering manifests + type: string type: object - helm: - description: Helm holds helm specific options + path: + description: Path is a directory path within the Git repository, + and is only valid for applications sourced from Git. + type: string + plugin: + description: Plugin holds config management plugin specific + options properties: - fileParameters: - description: FileParameters are file parameters to the - helm template + env: + description: Env is a list of environment variable entries items: - description: HelmFileParameter is a file parameter - that's passed to helm template during manifest generation + description: EnvEntry represents an entry in the application's + environment properties: name: - description: Name is the name of the Helm parameter + description: Name is the name of the variable, + usually expressed in uppercase type: string - path: - description: Path is the path to the file containing - the values for the Helm parameter + value: + description: Value is the value of the variable + type: string + required: + - name + - value + type: object + type: array + name: + type: string + parameters: + items: + properties: + array: + description: Array is the value of an array type + parameter. + items: + type: string + type: array + map: + additionalProperties: + type: string + description: Map is the value of a map type parameter. + type: object + name: + description: Name is the name identifying a parameter. type: string + string: + description: String_ is the value of a string + type parameter. + type: string + type: object + type: array + type: object + ref: + description: Ref is reference to another source within sources + field. This field will not be used if used with a `source` + tag. + type: string + repoURL: + description: RepoURL is the URL to the repository (Git or + Helm) that contains the application manifests + type: string + targetRevision: + description: TargetRevision defines the revision of the + source to sync the application to. In case of Git, this + can be commit, tag, or branch. If omitted, will equal + to HEAD. In case of Helm, this is a semver tag for the + Chart's version. + type: string + required: + - repoURL + type: object + sources: + description: Sources is a reference to the application sources + used for the sync operation + items: + description: ApplicationSource contains all required information + about the source of an application + properties: + chart: + description: Chart is a Helm chart name, and must be specified + for applications sourced from a Helm repo. + type: string + directory: + description: Directory holds path/directory specific options + properties: + exclude: + description: Exclude contains a glob pattern to match + paths against that should be explicitly excluded + from being used during manifest generation + type: string + include: + description: Include contains a glob pattern to match + paths against that should be explicitly included + during manifest generation + type: string + jsonnet: + description: Jsonnet holds options specific to Jsonnet + properties: + extVars: + description: ExtVars is a list of Jsonnet External + Variables + items: + description: JsonnetVar represents a variable + to be passed to jsonnet during manifest generation + properties: + code: + type: boolean + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + libs: + description: Additional library search dirs + items: + type: string + type: array + tlas: + description: TLAS is a list of Jsonnet Top-level + Arguments + items: + description: JsonnetVar represents a variable + to be passed to jsonnet during manifest generation + properties: + code: + type: boolean + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + type: object + recurse: + description: Recurse specifies whether to scan a directory + recursively for manifests + type: boolean + type: object + helm: + description: Helm holds helm specific options + properties: + fileParameters: + description: FileParameters are file parameters to + the helm template + items: + description: HelmFileParameter is a file parameter + that's passed to helm template during manifest + generation + properties: + name: + description: Name is the name of the Helm parameter + type: string + path: + description: Path is the path to the file containing + the values for the Helm parameter + type: string + type: object + type: array + ignoreMissingValueFiles: + description: IgnoreMissingValueFiles prevents helm + template from failing when valueFiles do not exist + locally by not appending them to helm template --values + type: boolean + parameters: + description: Parameters is a list of Helm parameters + which are passed to the helm template command upon + manifest generation + items: + description: HelmParameter is a parameter that's + passed to helm template during manifest generation + properties: + forceString: + description: ForceString determines whether + to tell Helm to interpret booleans and numbers + as strings + type: boolean + name: + description: Name is the name of the Helm parameter + type: string + value: + description: Value is the value for the Helm + parameter + type: string + type: object + type: array + passCredentials: + description: PassCredentials pass credentials to all + domains (Helm's --pass-credentials) + type: boolean + releaseName: + description: ReleaseName is the Helm release name + to use. If omitted it will use the application name + type: string + skipCrds: + description: SkipCrds skips custom resource definition + installation step (Helm's --skip-crds) + type: boolean + valueFiles: + description: ValuesFiles is a list of Helm value files + to use when generating a template + items: + type: string + type: array + values: + description: Values specifies Helm values to be passed + to helm template, typically defined as a block + type: string + version: + description: Version is the Helm version to use for + templating ("3") + type: string + type: object + kustomize: + description: Kustomize holds kustomize specific options + properties: + commonAnnotations: + additionalProperties: + type: string + description: CommonAnnotations is a list of additional + annotations to add to rendered manifests type: object - type: array - ignoreMissingValueFiles: - description: IgnoreMissingValueFiles prevents helm template - from failing when valueFiles do not exist locally - by not appending them to helm template --values - type: boolean - parameters: - description: Parameters is a list of Helm parameters - which are passed to the helm template command upon - manifest generation - items: - description: HelmParameter is a parameter that's passed - to helm template during manifest generation - properties: - forceString: - description: ForceString determines whether to - tell Helm to interpret booleans and numbers - as strings - type: boolean - name: - description: Name is the name of the Helm parameter - type: string - value: - description: Value is the value for the Helm parameter - type: string + commonLabels: + additionalProperties: + type: string + description: CommonLabels is a list of additional + labels to add to rendered manifests type: object - type: array - passCredentials: - description: PassCredentials pass credentials to all - domains (Helm's --pass-credentials) - type: boolean - releaseName: - description: ReleaseName is the Helm release name to - use. If omitted it will use the application name - type: string - skipCrds: - description: SkipCrds skips custom resource definition - installation step (Helm's --skip-crds) - type: boolean - valueFiles: - description: ValuesFiles is a list of Helm value files - to use when generating a template - items: + forceCommonAnnotations: + description: ForceCommonAnnotations specifies whether + to force applying common annotations to resources + for Kustomize apps + type: boolean + forceCommonLabels: + description: ForceCommonLabels specifies whether to + force applying common labels to resources for Kustomize + apps + type: boolean + images: + description: Images is a list of Kustomize image override + specifications + items: + description: KustomizeImage represents a Kustomize + image definition in the format [old_image_name=]: + type: string + type: array + namePrefix: + description: NamePrefix is a prefix appended to resources + for Kustomize apps type: string - type: array - values: - description: Values specifies Helm values to be passed - to helm template, typically defined as a block - type: string - version: - description: Version is the Helm version to use for - templating ("3") - type: string - type: object - kustomize: - description: Kustomize holds kustomize specific options - properties: - commonAnnotations: - additionalProperties: + nameSuffix: + description: NameSuffix is a suffix appended to resources + for Kustomize apps type: string - description: CommonAnnotations is a list of additional - annotations to add to rendered manifests - type: object - commonLabels: - additionalProperties: + version: + description: Version controls which version of Kustomize + to use for rendering manifests type: string - description: CommonLabels is a list of additional labels - to add to rendered manifests - type: object - forceCommonAnnotations: - description: ForceCommonAnnotations specifies whether - to force applying common annotations to resources - for Kustomize apps - type: boolean - forceCommonLabels: - description: ForceCommonLabels specifies whether to - force applying common labels to resources for Kustomize - apps - type: boolean - images: - description: Images is a list of Kustomize image override - specifications - items: - description: KustomizeImage represents a Kustomize - image definition in the format [old_image_name=]: + type: object + path: + description: Path is a directory path within the Git repository, + and is only valid for applications sourced from Git. + type: string + plugin: + description: Plugin holds config management plugin specific + options + properties: + env: + description: Env is a list of environment variable + entries + items: + description: EnvEntry represents an entry in the + application's environment + properties: + name: + description: Name is the name of the variable, + usually expressed in uppercase + type: string + value: + description: Value is the value of the variable + type: string + required: + - name + - value + type: object + type: array + name: type: string - type: array - namePrefix: - description: NamePrefix is a prefix appended to resources - for Kustomize apps - type: string - nameSuffix: - description: NameSuffix is a suffix appended to resources - for Kustomize apps - type: string - version: - description: Version controls which version of Kustomize - to use for rendering manifests - type: string - type: object - path: - description: Path is a directory path within the Git repository, - and is only valid for applications sourced from Git. - type: string - plugin: - description: Plugin holds config management plugin specific - options - properties: - env: - description: Env is a list of environment variable entries - items: - description: EnvEntry represents an entry in the application's - environment - properties: - name: - description: Name is the name of the variable, - usually expressed in uppercase - type: string - value: - description: Value is the value of the variable - type: string - required: - - name - - value - type: object - type: array - name: - type: string - type: object - repoURL: - description: RepoURL is the URL to the repository (Git or - Helm) that contains the application manifests - type: string - targetRevision: - description: TargetRevision defines the revision of the - source to sync the application to. In case of Git, this - can be commit, tag, or branch. If omitted, will equal - to HEAD. In case of Helm, this is a semver tag for the - Chart's version. - type: string - required: - - repoURL - type: object + parameters: + items: + properties: + array: + description: Array is the value of an array + type parameter. + items: + type: string + type: array + map: + additionalProperties: + type: string + description: Map is the value of a map type + parameter. + type: object + name: + description: Name is the name identifying a + parameter. + type: string + string: + description: String_ is the value of a string + type parameter. + type: string + type: object + type: array + type: object + ref: + description: Ref is reference to another source within + sources field. This field will not be used if used with + a `source` tag. + type: string + repoURL: + description: RepoURL is the URL to the repository (Git + or Helm) that contains the application manifests + type: string + targetRevision: + description: TargetRevision defines the revision of the + source to sync the application to. In case of Git, this + can be commit, tag, or branch. If omitted, will equal + to HEAD. In case of Helm, this is a semver tag for the + Chart's version. + type: string + required: + - repoURL + type: object + type: array required: - deployedAt - id - - revision type: object type: array observedAt: @@ -1208,6 +2106,14 @@ spec: (Helm) which to sync the application to If omitted, will use the revision specified in app spec. type: string + revisions: + description: Revisions is the list of revision (Git) or + chart version (Helm) which to sync each source in sources + field for the application to If omitted, will use the + revision specified in app spec. + items: + type: string + type: array source: description: Source overrides the source definition set in the application. This is typically set in a Rollback @@ -1438,9 +2344,39 @@ spec: - value type: object type: array - name: - type: string + name: + type: string + parameters: + items: + properties: + array: + description: Array is the value of an array + type parameter. + items: + type: string + type: array + map: + additionalProperties: + type: string + description: Map is the value of a map type + parameter. + type: object + name: + description: Name is the name identifying + a parameter. + type: string + string: + description: String_ is the value of a string + type parameter. + type: string + type: object + type: array type: object + ref: + description: Ref is reference to another source within + sources field. This field will not be used if used + with a `source` tag. + type: string repoURL: description: RepoURL is the URL to the repository (Git or Helm) that contains the application manifests @@ -1455,6 +2391,291 @@ spec: required: - repoURL type: object + sources: + description: Sources overrides the source definition set + in the application. This is typically set in a Rollback + operation and is nil during a Sync operation + items: + description: ApplicationSource contains all required + information about the source of an application + properties: + chart: + description: Chart is a Helm chart name, and must + be specified for applications sourced from a Helm + repo. + type: string + directory: + description: Directory holds path/directory specific + options + properties: + exclude: + description: Exclude contains a glob pattern + to match paths against that should be explicitly + excluded from being used during manifest generation + type: string + include: + description: Include contains a glob pattern + to match paths against that should be explicitly + included during manifest generation + type: string + jsonnet: + description: Jsonnet holds options specific + to Jsonnet + properties: + extVars: + description: ExtVars is a list of Jsonnet + External Variables + items: + description: JsonnetVar represents a variable + to be passed to jsonnet during manifest + generation + properties: + code: + type: boolean + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + libs: + description: Additional library search dirs + items: + type: string + type: array + tlas: + description: TLAS is a list of Jsonnet Top-level + Arguments + items: + description: JsonnetVar represents a variable + to be passed to jsonnet during manifest + generation + properties: + code: + type: boolean + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + type: object + recurse: + description: Recurse specifies whether to scan + a directory recursively for manifests + type: boolean + type: object + helm: + description: Helm holds helm specific options + properties: + fileParameters: + description: FileParameters are file parameters + to the helm template + items: + description: HelmFileParameter is a file parameter + that's passed to helm template during manifest + generation + properties: + name: + description: Name is the name of the Helm + parameter + type: string + path: + description: Path is the path to the file + containing the values for the Helm parameter + type: string + type: object + type: array + ignoreMissingValueFiles: + description: IgnoreMissingValueFiles prevents + helm template from failing when valueFiles + do not exist locally by not appending them + to helm template --values + type: boolean + parameters: + description: Parameters is a list of Helm parameters + which are passed to the helm template command + upon manifest generation + items: + description: HelmParameter is a parameter + that's passed to helm template during manifest + generation + properties: + forceString: + description: ForceString determines whether + to tell Helm to interpret booleans and + numbers as strings + type: boolean + name: + description: Name is the name of the Helm + parameter + type: string + value: + description: Value is the value for the + Helm parameter + type: string + type: object + type: array + passCredentials: + description: PassCredentials pass credentials + to all domains (Helm's --pass-credentials) + type: boolean + releaseName: + description: ReleaseName is the Helm release + name to use. If omitted it will use the application + name + type: string + skipCrds: + description: SkipCrds skips custom resource + definition installation step (Helm's --skip-crds) + type: boolean + valueFiles: + description: ValuesFiles is a list of Helm value + files to use when generating a template + items: + type: string + type: array + values: + description: Values specifies Helm values to + be passed to helm template, typically defined + as a block + type: string + version: + description: Version is the Helm version to + use for templating ("3") + type: string + type: object + kustomize: + description: Kustomize holds kustomize specific + options + properties: + commonAnnotations: + additionalProperties: + type: string + description: CommonAnnotations is a list of + additional annotations to add to rendered + manifests + type: object + commonLabels: + additionalProperties: + type: string + description: CommonLabels is a list of additional + labels to add to rendered manifests + type: object + forceCommonAnnotations: + description: ForceCommonAnnotations specifies + whether to force applying common annotations + to resources for Kustomize apps + type: boolean + forceCommonLabels: + description: ForceCommonLabels specifies whether + to force applying common labels to resources + for Kustomize apps + type: boolean + images: + description: Images is a list of Kustomize image + override specifications + items: + description: KustomizeImage represents a Kustomize + image definition in the format [old_image_name=]: + type: string + type: array + namePrefix: + description: NamePrefix is a prefix appended + to resources for Kustomize apps + type: string + nameSuffix: + description: NameSuffix is a suffix appended + to resources for Kustomize apps + type: string + version: + description: Version controls which version + of Kustomize to use for rendering manifests + type: string + type: object + path: + description: Path is a directory path within the + Git repository, and is only valid for applications + sourced from Git. + type: string + plugin: + description: Plugin holds config management plugin + specific options + properties: + env: + description: Env is a list of environment variable + entries + items: + description: EnvEntry represents an entry + in the application's environment + properties: + name: + description: Name is the name of the variable, + usually expressed in uppercase + type: string + value: + description: Value is the value of the + variable + type: string + required: + - name + - value + type: object + type: array + name: + type: string + parameters: + items: + properties: + array: + description: Array is the value of an + array type parameter. + items: + type: string + type: array + map: + additionalProperties: + type: string + description: Map is the value of a map + type parameter. + type: object + name: + description: Name is the name identifying + a parameter. + type: string + string: + description: String_ is the value of a + string type parameter. + type: string + type: object + type: array + type: object + ref: + description: Ref is reference to another source + within sources field. This field will not be used + if used with a `source` tag. + type: string + repoURL: + description: RepoURL is the URL to the repository + (Git or Helm) that contains the application manifests + type: string + targetRevision: + description: TargetRevision defines the revision + of the source to sync the application to. In case + of Git, this can be commit, tag, or branch. If + omitted, will equal to HEAD. In case of Helm, + this is a semver tag for the Chart's version. + type: string + required: + - repoURL + type: object + type: array syncOptions: description: SyncOptions provide per-sync sync-options, e.g. Validate=false @@ -1564,6 +2785,12 @@ spec: description: Revision holds the revision this sync operation was performed to type: string + revisions: + description: Revisions holds the revision this sync operation + was performed for respective indexed source in sources field + items: + type: string + type: array source: description: Source records the application source information of the sync, used for comparing auto-sync @@ -1784,7 +3011,37 @@ spec: type: array name: type: string + parameters: + items: + properties: + array: + description: Array is the value of an array + type parameter. + items: + type: string + type: array + map: + additionalProperties: + type: string + description: Map is the value of a map type + parameter. + type: object + name: + description: Name is the name identifying a + parameter. + type: string + string: + description: String_ is the value of a string + type parameter. + type: string + type: object + type: array type: object + ref: + description: Ref is reference to another source within + sources field. This field will not be used if used with + a `source` tag. + type: string repoURL: description: RepoURL is the URL to the repository (Git or Helm) that contains the application manifests @@ -1799,6 +3056,284 @@ spec: required: - repoURL type: object + sources: + description: Source records the application source information + of the sync, used for comparing auto-sync + items: + description: ApplicationSource contains all required information + about the source of an application + properties: + chart: + description: Chart is a Helm chart name, and must be + specified for applications sourced from a Helm repo. + type: string + directory: + description: Directory holds path/directory specific + options + properties: + exclude: + description: Exclude contains a glob pattern to + match paths against that should be explicitly + excluded from being used during manifest generation + type: string + include: + description: Include contains a glob pattern to + match paths against that should be explicitly + included during manifest generation + type: string + jsonnet: + description: Jsonnet holds options specific to Jsonnet + properties: + extVars: + description: ExtVars is a list of Jsonnet External + Variables + items: + description: JsonnetVar represents a variable + to be passed to jsonnet during manifest + generation + properties: + code: + type: boolean + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + libs: + description: Additional library search dirs + items: + type: string + type: array + tlas: + description: TLAS is a list of Jsonnet Top-level + Arguments + items: + description: JsonnetVar represents a variable + to be passed to jsonnet during manifest + generation + properties: + code: + type: boolean + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + type: object + recurse: + description: Recurse specifies whether to scan a + directory recursively for manifests + type: boolean + type: object + helm: + description: Helm holds helm specific options + properties: + fileParameters: + description: FileParameters are file parameters + to the helm template + items: + description: HelmFileParameter is a file parameter + that's passed to helm template during manifest + generation + properties: + name: + description: Name is the name of the Helm + parameter + type: string + path: + description: Path is the path to the file + containing the values for the Helm parameter + type: string + type: object + type: array + ignoreMissingValueFiles: + description: IgnoreMissingValueFiles prevents helm + template from failing when valueFiles do not exist + locally by not appending them to helm template + --values + type: boolean + parameters: + description: Parameters is a list of Helm parameters + which are passed to the helm template command + upon manifest generation + items: + description: HelmParameter is a parameter that's + passed to helm template during manifest generation + properties: + forceString: + description: ForceString determines whether + to tell Helm to interpret booleans and numbers + as strings + type: boolean + name: + description: Name is the name of the Helm + parameter + type: string + value: + description: Value is the value for the Helm + parameter + type: string + type: object + type: array + passCredentials: + description: PassCredentials pass credentials to + all domains (Helm's --pass-credentials) + type: boolean + releaseName: + description: ReleaseName is the Helm release name + to use. If omitted it will use the application + name + type: string + skipCrds: + description: SkipCrds skips custom resource definition + installation step (Helm's --skip-crds) + type: boolean + valueFiles: + description: ValuesFiles is a list of Helm value + files to use when generating a template + items: + type: string + type: array + values: + description: Values specifies Helm values to be + passed to helm template, typically defined as + a block + type: string + version: + description: Version is the Helm version to use + for templating ("3") + type: string + type: object + kustomize: + description: Kustomize holds kustomize specific options + properties: + commonAnnotations: + additionalProperties: + type: string + description: CommonAnnotations is a list of additional + annotations to add to rendered manifests + type: object + commonLabels: + additionalProperties: + type: string + description: CommonLabels is a list of additional + labels to add to rendered manifests + type: object + forceCommonAnnotations: + description: ForceCommonAnnotations specifies whether + to force applying common annotations to resources + for Kustomize apps + type: boolean + forceCommonLabels: + description: ForceCommonLabels specifies whether + to force applying common labels to resources for + Kustomize apps + type: boolean + images: + description: Images is a list of Kustomize image + override specifications + items: + description: KustomizeImage represents a Kustomize + image definition in the format [old_image_name=]: + type: string + type: array + namePrefix: + description: NamePrefix is a prefix appended to + resources for Kustomize apps + type: string + nameSuffix: + description: NameSuffix is a suffix appended to + resources for Kustomize apps + type: string + version: + description: Version controls which version of Kustomize + to use for rendering manifests + type: string + type: object + path: + description: Path is a directory path within the Git + repository, and is only valid for applications sourced + from Git. + type: string + plugin: + description: Plugin holds config management plugin specific + options + properties: + env: + description: Env is a list of environment variable + entries + items: + description: EnvEntry represents an entry in the + application's environment + properties: + name: + description: Name is the name of the variable, + usually expressed in uppercase + type: string + value: + description: Value is the value of the variable + type: string + required: + - name + - value + type: object + type: array + name: + type: string + parameters: + items: + properties: + array: + description: Array is the value of an array + type parameter. + items: + type: string + type: array + map: + additionalProperties: + type: string + description: Map is the value of a map type + parameter. + type: object + name: + description: Name is the name identifying + a parameter. + type: string + string: + description: String_ is the value of a string + type parameter. + type: string + type: object + type: array + type: object + ref: + description: Ref is reference to another source within + sources field. This field will not be used if used + with a `source` tag. + type: string + repoURL: + description: RepoURL is the URL to the repository (Git + or Helm) that contains the application manifests + type: string + targetRevision: + description: TargetRevision defines the revision of + the source to sync the application to. In case of + Git, this can be commit, tag, or branch. If omitted, + will equal to HEAD. In case of Helm, this is a semver + tag for the Chart's version. + type: string + required: + - repoURL + type: object + type: array required: - revision type: object @@ -1862,6 +3397,14 @@ spec: sourceType: description: SourceType specifies the type of this application type: string + sourceTypes: + description: SourceTypes specifies the type of the sources included + in the application + items: + description: ApplicationSourceType specifies the type of the application's + source + type: string + type: array summary: description: Summary contains a list of URLs and container images used by this application @@ -2125,7 +3668,37 @@ spec: type: array name: type: string + parameters: + items: + properties: + array: + description: Array is the value of an array + type parameter. + items: + type: string + type: array + map: + additionalProperties: + type: string + description: Map is the value of a map type + parameter. + type: object + name: + description: Name is the name identifying a + parameter. + type: string + string: + description: String_ is the value of a string + type parameter. + type: string + type: object + type: array type: object + ref: + description: Ref is reference to another source within + sources field. This field will not be used if used with + a `source` tag. + type: string repoURL: description: RepoURL is the URL to the repository (Git or Helm) that contains the application manifests @@ -2140,14 +3713,297 @@ spec: required: - repoURL type: object + sources: + description: Sources is a reference to the application's multiple + sources used for comparison + items: + description: ApplicationSource contains all required information + about the source of an application + properties: + chart: + description: Chart is a Helm chart name, and must be + specified for applications sourced from a Helm repo. + type: string + directory: + description: Directory holds path/directory specific + options + properties: + exclude: + description: Exclude contains a glob pattern to + match paths against that should be explicitly + excluded from being used during manifest generation + type: string + include: + description: Include contains a glob pattern to + match paths against that should be explicitly + included during manifest generation + type: string + jsonnet: + description: Jsonnet holds options specific to Jsonnet + properties: + extVars: + description: ExtVars is a list of Jsonnet External + Variables + items: + description: JsonnetVar represents a variable + to be passed to jsonnet during manifest + generation + properties: + code: + type: boolean + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + libs: + description: Additional library search dirs + items: + type: string + type: array + tlas: + description: TLAS is a list of Jsonnet Top-level + Arguments + items: + description: JsonnetVar represents a variable + to be passed to jsonnet during manifest + generation + properties: + code: + type: boolean + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + type: object + recurse: + description: Recurse specifies whether to scan a + directory recursively for manifests + type: boolean + type: object + helm: + description: Helm holds helm specific options + properties: + fileParameters: + description: FileParameters are file parameters + to the helm template + items: + description: HelmFileParameter is a file parameter + that's passed to helm template during manifest + generation + properties: + name: + description: Name is the name of the Helm + parameter + type: string + path: + description: Path is the path to the file + containing the values for the Helm parameter + type: string + type: object + type: array + ignoreMissingValueFiles: + description: IgnoreMissingValueFiles prevents helm + template from failing when valueFiles do not exist + locally by not appending them to helm template + --values + type: boolean + parameters: + description: Parameters is a list of Helm parameters + which are passed to the helm template command + upon manifest generation + items: + description: HelmParameter is a parameter that's + passed to helm template during manifest generation + properties: + forceString: + description: ForceString determines whether + to tell Helm to interpret booleans and numbers + as strings + type: boolean + name: + description: Name is the name of the Helm + parameter + type: string + value: + description: Value is the value for the Helm + parameter + type: string + type: object + type: array + passCredentials: + description: PassCredentials pass credentials to + all domains (Helm's --pass-credentials) + type: boolean + releaseName: + description: ReleaseName is the Helm release name + to use. If omitted it will use the application + name + type: string + skipCrds: + description: SkipCrds skips custom resource definition + installation step (Helm's --skip-crds) + type: boolean + valueFiles: + description: ValuesFiles is a list of Helm value + files to use when generating a template + items: + type: string + type: array + values: + description: Values specifies Helm values to be + passed to helm template, typically defined as + a block + type: string + version: + description: Version is the Helm version to use + for templating ("3") + type: string + type: object + kustomize: + description: Kustomize holds kustomize specific options + properties: + commonAnnotations: + additionalProperties: + type: string + description: CommonAnnotations is a list of additional + annotations to add to rendered manifests + type: object + commonLabels: + additionalProperties: + type: string + description: CommonLabels is a list of additional + labels to add to rendered manifests + type: object + forceCommonAnnotations: + description: ForceCommonAnnotations specifies whether + to force applying common annotations to resources + for Kustomize apps + type: boolean + forceCommonLabels: + description: ForceCommonLabels specifies whether + to force applying common labels to resources for + Kustomize apps + type: boolean + images: + description: Images is a list of Kustomize image + override specifications + items: + description: KustomizeImage represents a Kustomize + image definition in the format [old_image_name=]: + type: string + type: array + namePrefix: + description: NamePrefix is a prefix appended to + resources for Kustomize apps + type: string + nameSuffix: + description: NameSuffix is a suffix appended to + resources for Kustomize apps + type: string + version: + description: Version controls which version of Kustomize + to use for rendering manifests + type: string + type: object + path: + description: Path is a directory path within the Git + repository, and is only valid for applications sourced + from Git. + type: string + plugin: + description: Plugin holds config management plugin specific + options + properties: + env: + description: Env is a list of environment variable + entries + items: + description: EnvEntry represents an entry in the + application's environment + properties: + name: + description: Name is the name of the variable, + usually expressed in uppercase + type: string + value: + description: Value is the value of the variable + type: string + required: + - name + - value + type: object + type: array + name: + type: string + parameters: + items: + properties: + array: + description: Array is the value of an array + type parameter. + items: + type: string + type: array + map: + additionalProperties: + type: string + description: Map is the value of a map type + parameter. + type: object + name: + description: Name is the name identifying + a parameter. + type: string + string: + description: String_ is the value of a string + type parameter. + type: string + type: object + type: array + type: object + ref: + description: Ref is reference to another source within + sources field. This field will not be used if used + with a `source` tag. + type: string + repoURL: + description: RepoURL is the URL to the repository (Git + or Helm) that contains the application manifests + type: string + targetRevision: + description: TargetRevision defines the revision of + the source to sync the application to. In case of + Git, this can be commit, tag, or branch. If omitted, + will equal to HEAD. In case of Helm, this is a semver + tag for the Chart's version. + type: string + required: + - repoURL + type: object + type: array required: - destination - - source type: object revision: description: Revision contains information about the revision the comparison has been performed to type: string + revisions: + description: Revisions contains information about the revisions + of multiple sources the comparison has been performed to + items: + type: string + type: array status: description: Status is the sync state of the comparison type: string diff --git a/charts/argo-cd/templates/crds/crd-applicationset.yaml b/charts/argo-cd/templates/crds/crd-applicationset.yaml index 48dd57c57..7a15b67de 100644 --- a/charts/argo-cd/templates/crds/crd-applicationset.yaml +++ b/charts/argo-cd/templates/crds/crd-applicationset.yaml @@ -278,7 +278,26 @@ spec: type: array name: type: string + parameters: + items: + properties: + array: + items: + type: string + type: array + map: + additionalProperties: + type: string + type: object + name: + type: string + string: + type: string + type: object + type: array type: object + ref: + type: string repoURL: type: string targetRevision: @@ -286,6 +305,165 @@ spec: required: - repoURL type: object + sources: + items: + properties: + chart: + type: string + directory: + properties: + exclude: + type: string + include: + type: string + jsonnet: + properties: + extVars: + items: + properties: + code: + type: boolean + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + libs: + items: + type: string + type: array + tlas: + items: + properties: + code: + type: boolean + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + type: object + recurse: + type: boolean + type: object + helm: + properties: + fileParameters: + items: + properties: + name: + type: string + path: + type: string + type: object + type: array + ignoreMissingValueFiles: + type: boolean + parameters: + items: + properties: + forceString: + type: boolean + name: + type: string + value: + type: string + type: object + type: array + passCredentials: + type: boolean + releaseName: + type: string + skipCrds: + type: boolean + valueFiles: + items: + type: string + type: array + values: + type: string + version: + type: string + type: object + kustomize: + properties: + commonAnnotations: + additionalProperties: + type: string + type: object + commonLabels: + additionalProperties: + type: string + type: object + forceCommonAnnotations: + type: boolean + forceCommonLabels: + type: boolean + images: + items: + type: string + type: array + namePrefix: + type: string + nameSuffix: + type: string + version: + type: string + type: object + path: + type: string + plugin: + properties: + env: + items: + properties: + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + name: + type: string + parameters: + items: + properties: + array: + items: + type: string + type: array + map: + additionalProperties: + type: string + type: object + name: + type: string + string: + type: string + type: object + type: array + type: object + ref: + type: string + repoURL: + type: string + targetRevision: + type: string + required: + - repoURL + type: object + type: array syncPolicy: properties: automated: @@ -297,6 +475,17 @@ spec: selfHeal: type: boolean type: object + managedNamespaceMetadata: + properties: + annotations: + additionalProperties: + type: string + type: object + labels: + additionalProperties: + type: string + type: object + type: object retry: properties: backoff: @@ -321,7 +510,6 @@ spec: required: - destination - project - - source type: object required: - metadata @@ -565,7 +753,26 @@ spec: type: array name: type: string + parameters: + items: + properties: + array: + items: + type: string + type: array + map: + additionalProperties: + type: string + type: object + name: + type: string + string: + type: string + type: object + type: array type: object + ref: + type: string repoURL: type: string targetRevision: @@ -573,6 +780,165 @@ spec: required: - repoURL type: object + sources: + items: + properties: + chart: + type: string + directory: + properties: + exclude: + type: string + include: + type: string + jsonnet: + properties: + extVars: + items: + properties: + code: + type: boolean + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + libs: + items: + type: string + type: array + tlas: + items: + properties: + code: + type: boolean + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + type: object + recurse: + type: boolean + type: object + helm: + properties: + fileParameters: + items: + properties: + name: + type: string + path: + type: string + type: object + type: array + ignoreMissingValueFiles: + type: boolean + parameters: + items: + properties: + forceString: + type: boolean + name: + type: string + value: + type: string + type: object + type: array + passCredentials: + type: boolean + releaseName: + type: string + skipCrds: + type: boolean + valueFiles: + items: + type: string + type: array + values: + type: string + version: + type: string + type: object + kustomize: + properties: + commonAnnotations: + additionalProperties: + type: string + type: object + commonLabels: + additionalProperties: + type: string + type: object + forceCommonAnnotations: + type: boolean + forceCommonLabels: + type: boolean + images: + items: + type: string + type: array + namePrefix: + type: string + nameSuffix: + type: string + version: + type: string + type: object + path: + type: string + plugin: + properties: + env: + items: + properties: + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + name: + type: string + parameters: + items: + properties: + array: + items: + type: string + type: array + map: + additionalProperties: + type: string + type: object + name: + type: string + string: + type: string + type: object + type: array + type: object + ref: + type: string + repoURL: + type: string + targetRevision: + type: string + required: + - repoURL + type: object + type: array syncPolicy: properties: automated: @@ -584,6 +950,17 @@ spec: selfHeal: type: boolean type: object + managedNamespaceMetadata: + properties: + annotations: + additionalProperties: + type: string + type: object + labels: + additionalProperties: + type: string + type: object + type: object retry: properties: backoff: @@ -608,7 +985,6 @@ spec: required: - destination - project - - source type: object required: - metadata @@ -641,6 +1017,8 @@ spec: - path type: object type: array + pathParamPrefix: + type: string repoURL: type: string requeueAfterSeconds: @@ -854,7 +1232,26 @@ spec: type: array name: type: string + parameters: + items: + properties: + array: + items: + type: string + type: array + map: + additionalProperties: + type: string + type: object + name: + type: string + string: + type: string + type: object + type: array type: object + ref: + type: string repoURL: type: string targetRevision: @@ -862,23 +1259,193 @@ spec: required: - repoURL type: object - syncPolicy: - properties: - automated: - properties: - allowEmpty: - type: boolean - prune: - type: boolean - selfHeal: - type: boolean - type: object - retry: - properties: - backoff: - properties: - duration: - type: string + sources: + items: + properties: + chart: + type: string + directory: + properties: + exclude: + type: string + include: + type: string + jsonnet: + properties: + extVars: + items: + properties: + code: + type: boolean + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + libs: + items: + type: string + type: array + tlas: + items: + properties: + code: + type: boolean + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + type: object + recurse: + type: boolean + type: object + helm: + properties: + fileParameters: + items: + properties: + name: + type: string + path: + type: string + type: object + type: array + ignoreMissingValueFiles: + type: boolean + parameters: + items: + properties: + forceString: + type: boolean + name: + type: string + value: + type: string + type: object + type: array + passCredentials: + type: boolean + releaseName: + type: string + skipCrds: + type: boolean + valueFiles: + items: + type: string + type: array + values: + type: string + version: + type: string + type: object + kustomize: + properties: + commonAnnotations: + additionalProperties: + type: string + type: object + commonLabels: + additionalProperties: + type: string + type: object + forceCommonAnnotations: + type: boolean + forceCommonLabels: + type: boolean + images: + items: + type: string + type: array + namePrefix: + type: string + nameSuffix: + type: string + version: + type: string + type: object + path: + type: string + plugin: + properties: + env: + items: + properties: + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + name: + type: string + parameters: + items: + properties: + array: + items: + type: string + type: array + map: + additionalProperties: + type: string + type: object + name: + type: string + string: + type: string + type: object + type: array + type: object + ref: + type: string + repoURL: + type: string + targetRevision: + type: string + required: + - repoURL + type: object + type: array + syncPolicy: + properties: + automated: + properties: + allowEmpty: + type: boolean + prune: + type: boolean + selfHeal: + type: boolean + type: object + managedNamespaceMetadata: + properties: + annotations: + additionalProperties: + type: string + type: object + labels: + additionalProperties: + type: string + type: object + type: object + retry: + properties: + backoff: + properties: + duration: + type: string factor: format: int64 type: integer @@ -897,13 +1464,13 @@ spec: required: - destination - project - - source type: object required: - metadata - spec type: object required: + - pathParamPrefix - repoURL - revision type: object @@ -1119,7 +1686,26 @@ spec: type: array name: type: string + parameters: + items: + properties: + array: + items: + type: string + type: array + map: + additionalProperties: + type: string + type: object + name: + type: string + string: + type: string + type: object + type: array type: object + ref: + type: string repoURL: type: string targetRevision: @@ -1127,6 +1713,165 @@ spec: required: - repoURL type: object + sources: + items: + properties: + chart: + type: string + directory: + properties: + exclude: + type: string + include: + type: string + jsonnet: + properties: + extVars: + items: + properties: + code: + type: boolean + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + libs: + items: + type: string + type: array + tlas: + items: + properties: + code: + type: boolean + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + type: object + recurse: + type: boolean + type: object + helm: + properties: + fileParameters: + items: + properties: + name: + type: string + path: + type: string + type: object + type: array + ignoreMissingValueFiles: + type: boolean + parameters: + items: + properties: + forceString: + type: boolean + name: + type: string + value: + type: string + type: object + type: array + passCredentials: + type: boolean + releaseName: + type: string + skipCrds: + type: boolean + valueFiles: + items: + type: string + type: array + values: + type: string + version: + type: string + type: object + kustomize: + properties: + commonAnnotations: + additionalProperties: + type: string + type: object + commonLabels: + additionalProperties: + type: string + type: object + forceCommonAnnotations: + type: boolean + forceCommonLabels: + type: boolean + images: + items: + type: string + type: array + namePrefix: + type: string + nameSuffix: + type: string + version: + type: string + type: object + path: + type: string + plugin: + properties: + env: + items: + properties: + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + name: + type: string + parameters: + items: + properties: + array: + items: + type: string + type: array + map: + additionalProperties: + type: string + type: object + name: + type: string + string: + type: string + type: object + type: array + type: object + ref: + type: string + repoURL: + type: string + targetRevision: + type: string + required: + - repoURL + type: object + type: array syncPolicy: properties: automated: @@ -1138,6 +1883,17 @@ spec: selfHeal: type: boolean type: object + managedNamespaceMetadata: + properties: + annotations: + additionalProperties: + type: string + type: object + labels: + additionalProperties: + type: string + type: object + type: object retry: properties: backoff: @@ -1162,7 +1918,6 @@ spec: required: - destination - project - - source type: object required: - metadata @@ -1414,7 +2169,26 @@ spec: type: array name: type: string + parameters: + items: + properties: + array: + items: + type: string + type: array + map: + additionalProperties: + type: string + type: object + name: + type: string + string: + type: string + type: object + type: array type: object + ref: + type: string repoURL: type: string targetRevision: @@ -1422,25 +2196,195 @@ spec: required: - repoURL type: object - syncPolicy: - properties: - automated: - properties: - allowEmpty: - type: boolean - prune: - type: boolean - selfHeal: - type: boolean - type: object - retry: - properties: - backoff: - properties: - duration: - type: string - factor: - format: int64 + sources: + items: + properties: + chart: + type: string + directory: + properties: + exclude: + type: string + include: + type: string + jsonnet: + properties: + extVars: + items: + properties: + code: + type: boolean + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + libs: + items: + type: string + type: array + tlas: + items: + properties: + code: + type: boolean + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + type: object + recurse: + type: boolean + type: object + helm: + properties: + fileParameters: + items: + properties: + name: + type: string + path: + type: string + type: object + type: array + ignoreMissingValueFiles: + type: boolean + parameters: + items: + properties: + forceString: + type: boolean + name: + type: string + value: + type: string + type: object + type: array + passCredentials: + type: boolean + releaseName: + type: string + skipCrds: + type: boolean + valueFiles: + items: + type: string + type: array + values: + type: string + version: + type: string + type: object + kustomize: + properties: + commonAnnotations: + additionalProperties: + type: string + type: object + commonLabels: + additionalProperties: + type: string + type: object + forceCommonAnnotations: + type: boolean + forceCommonLabels: + type: boolean + images: + items: + type: string + type: array + namePrefix: + type: string + nameSuffix: + type: string + version: + type: string + type: object + path: + type: string + plugin: + properties: + env: + items: + properties: + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + name: + type: string + parameters: + items: + properties: + array: + items: + type: string + type: array + map: + additionalProperties: + type: string + type: object + name: + type: string + string: + type: string + type: object + type: array + type: object + ref: + type: string + repoURL: + type: string + targetRevision: + type: string + required: + - repoURL + type: object + type: array + syncPolicy: + properties: + automated: + properties: + allowEmpty: + type: boolean + prune: + type: boolean + selfHeal: + type: boolean + type: object + managedNamespaceMetadata: + properties: + annotations: + additionalProperties: + type: string + type: object + labels: + additionalProperties: + type: string + type: object + type: object + retry: + properties: + backoff: + properties: + duration: + type: string + factor: + format: int64 type: integer maxDuration: type: string @@ -1457,7 +2401,6 @@ spec: required: - destination - project - - source type: object required: - metadata @@ -1701,7 +2644,26 @@ spec: type: array name: type: string + parameters: + items: + properties: + array: + items: + type: string + type: array + map: + additionalProperties: + type: string + type: object + name: + type: string + string: + type: string + type: object + type: array type: object + ref: + type: string repoURL: type: string targetRevision: @@ -1709,6 +2671,165 @@ spec: required: - repoURL type: object + sources: + items: + properties: + chart: + type: string + directory: + properties: + exclude: + type: string + include: + type: string + jsonnet: + properties: + extVars: + items: + properties: + code: + type: boolean + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + libs: + items: + type: string + type: array + tlas: + items: + properties: + code: + type: boolean + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + type: object + recurse: + type: boolean + type: object + helm: + properties: + fileParameters: + items: + properties: + name: + type: string + path: + type: string + type: object + type: array + ignoreMissingValueFiles: + type: boolean + parameters: + items: + properties: + forceString: + type: boolean + name: + type: string + value: + type: string + type: object + type: array + passCredentials: + type: boolean + releaseName: + type: string + skipCrds: + type: boolean + valueFiles: + items: + type: string + type: array + values: + type: string + version: + type: string + type: object + kustomize: + properties: + commonAnnotations: + additionalProperties: + type: string + type: object + commonLabels: + additionalProperties: + type: string + type: object + forceCommonAnnotations: + type: boolean + forceCommonLabels: + type: boolean + images: + items: + type: string + type: array + namePrefix: + type: string + nameSuffix: + type: string + version: + type: string + type: object + path: + type: string + plugin: + properties: + env: + items: + properties: + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + name: + type: string + parameters: + items: + properties: + array: + items: + type: string + type: array + map: + additionalProperties: + type: string + type: object + name: + type: string + string: + type: string + type: object + type: array + type: object + ref: + type: string + repoURL: + type: string + targetRevision: + type: string + required: + - repoURL + type: object + type: array syncPolicy: properties: automated: @@ -1720,6 +2841,17 @@ spec: selfHeal: type: boolean type: object + managedNamespaceMetadata: + properties: + annotations: + additionalProperties: + type: string + type: object + labels: + additionalProperties: + type: string + type: object + type: object retry: properties: backoff: @@ -1744,7 +2876,6 @@ spec: required: - destination - project - - source type: object required: - metadata @@ -1777,6 +2908,8 @@ spec: - path type: object type: array + pathParamPrefix: + type: string repoURL: type: string requeueAfterSeconds: @@ -1990,7 +3123,26 @@ spec: type: array name: type: string + parameters: + items: + properties: + array: + items: + type: string + type: array + map: + additionalProperties: + type: string + type: object + name: + type: string + string: + type: string + type: object + type: array type: object + ref: + type: string repoURL: type: string targetRevision: @@ -1998,6 +3150,165 @@ spec: required: - repoURL type: object + sources: + items: + properties: + chart: + type: string + directory: + properties: + exclude: + type: string + include: + type: string + jsonnet: + properties: + extVars: + items: + properties: + code: + type: boolean + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + libs: + items: + type: string + type: array + tlas: + items: + properties: + code: + type: boolean + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + type: object + recurse: + type: boolean + type: object + helm: + properties: + fileParameters: + items: + properties: + name: + type: string + path: + type: string + type: object + type: array + ignoreMissingValueFiles: + type: boolean + parameters: + items: + properties: + forceString: + type: boolean + name: + type: string + value: + type: string + type: object + type: array + passCredentials: + type: boolean + releaseName: + type: string + skipCrds: + type: boolean + valueFiles: + items: + type: string + type: array + values: + type: string + version: + type: string + type: object + kustomize: + properties: + commonAnnotations: + additionalProperties: + type: string + type: object + commonLabels: + additionalProperties: + type: string + type: object + forceCommonAnnotations: + type: boolean + forceCommonLabels: + type: boolean + images: + items: + type: string + type: array + namePrefix: + type: string + nameSuffix: + type: string + version: + type: string + type: object + path: + type: string + plugin: + properties: + env: + items: + properties: + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + name: + type: string + parameters: + items: + properties: + array: + items: + type: string + type: array + map: + additionalProperties: + type: string + type: object + name: + type: string + string: + type: string + type: object + type: array + type: object + ref: + type: string + repoURL: + type: string + targetRevision: + type: string + required: + - repoURL + type: object + type: array syncPolicy: properties: automated: @@ -2009,6 +3320,17 @@ spec: selfHeal: type: boolean type: object + managedNamespaceMetadata: + properties: + annotations: + additionalProperties: + type: string + type: object + labels: + additionalProperties: + type: string + type: object + type: object retry: properties: backoff: @@ -2033,13 +3355,13 @@ spec: required: - destination - project - - source type: object required: - metadata - spec type: object required: + - pathParamPrefix - repoURL - revision type: object @@ -2255,7 +3577,26 @@ spec: type: array name: type: string + parameters: + items: + properties: + array: + items: + type: string + type: array + map: + additionalProperties: + type: string + type: object + name: + type: string + string: + type: string + type: object + type: array type: object + ref: + type: string repoURL: type: string targetRevision: @@ -2263,6 +3604,165 @@ spec: required: - repoURL type: object + sources: + items: + properties: + chart: + type: string + directory: + properties: + exclude: + type: string + include: + type: string + jsonnet: + properties: + extVars: + items: + properties: + code: + type: boolean + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + libs: + items: + type: string + type: array + tlas: + items: + properties: + code: + type: boolean + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + type: object + recurse: + type: boolean + type: object + helm: + properties: + fileParameters: + items: + properties: + name: + type: string + path: + type: string + type: object + type: array + ignoreMissingValueFiles: + type: boolean + parameters: + items: + properties: + forceString: + type: boolean + name: + type: string + value: + type: string + type: object + type: array + passCredentials: + type: boolean + releaseName: + type: string + skipCrds: + type: boolean + valueFiles: + items: + type: string + type: array + values: + type: string + version: + type: string + type: object + kustomize: + properties: + commonAnnotations: + additionalProperties: + type: string + type: object + commonLabels: + additionalProperties: + type: string + type: object + forceCommonAnnotations: + type: boolean + forceCommonLabels: + type: boolean + images: + items: + type: string + type: array + namePrefix: + type: string + nameSuffix: + type: string + version: + type: string + type: object + path: + type: string + plugin: + properties: + env: + items: + properties: + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + name: + type: string + parameters: + items: + properties: + array: + items: + type: string + type: array + map: + additionalProperties: + type: string + type: object + name: + type: string + string: + type: string + type: object + type: array + type: object + ref: + type: string + repoURL: + type: string + targetRevision: + type: string + required: + - repoURL + type: object + type: array syncPolicy: properties: automated: @@ -2274,6 +3774,17 @@ spec: selfHeal: type: boolean type: object + managedNamespaceMetadata: + properties: + annotations: + additionalProperties: + type: string + type: object + labels: + additionalProperties: + type: string + type: object + type: object retry: properties: backoff: @@ -2298,7 +3809,6 @@ spec: required: - destination - project - - source type: object required: - metadata @@ -2638,7 +4148,26 @@ spec: type: array name: type: string + parameters: + items: + properties: + array: + items: + type: string + type: array + map: + additionalProperties: + type: string + type: object + name: + type: string + string: + type: string + type: object + type: array type: object + ref: + type: string repoURL: type: string targetRevision: @@ -2646,6 +4175,165 @@ spec: required: - repoURL type: object + sources: + items: + properties: + chart: + type: string + directory: + properties: + exclude: + type: string + include: + type: string + jsonnet: + properties: + extVars: + items: + properties: + code: + type: boolean + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + libs: + items: + type: string + type: array + tlas: + items: + properties: + code: + type: boolean + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + type: object + recurse: + type: boolean + type: object + helm: + properties: + fileParameters: + items: + properties: + name: + type: string + path: + type: string + type: object + type: array + ignoreMissingValueFiles: + type: boolean + parameters: + items: + properties: + forceString: + type: boolean + name: + type: string + value: + type: string + type: object + type: array + passCredentials: + type: boolean + releaseName: + type: string + skipCrds: + type: boolean + valueFiles: + items: + type: string + type: array + values: + type: string + version: + type: string + type: object + kustomize: + properties: + commonAnnotations: + additionalProperties: + type: string + type: object + commonLabels: + additionalProperties: + type: string + type: object + forceCommonAnnotations: + type: boolean + forceCommonLabels: + type: boolean + images: + items: + type: string + type: array + namePrefix: + type: string + nameSuffix: + type: string + version: + type: string + type: object + path: + type: string + plugin: + properties: + env: + items: + properties: + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + name: + type: string + parameters: + items: + properties: + array: + items: + type: string + type: array + map: + additionalProperties: + type: string + type: object + name: + type: string + string: + type: string + type: object + type: array + type: object + ref: + type: string + repoURL: + type: string + targetRevision: + type: string + required: + - repoURL + type: object + type: array syncPolicy: properties: automated: @@ -2657,6 +4345,17 @@ spec: selfHeal: type: boolean type: object + managedNamespaceMetadata: + properties: + annotations: + additionalProperties: + type: string + type: object + labels: + additionalProperties: + type: string + type: object + type: object retry: properties: backoff: @@ -2681,7 +4380,6 @@ spec: required: - destination - project - - source type: object required: - metadata @@ -3068,7 +4766,26 @@ spec: type: array name: type: string + parameters: + items: + properties: + array: + items: + type: string + type: array + map: + additionalProperties: + type: string + type: object + name: + type: string + string: + type: string + type: object + type: array type: object + ref: + type: string repoURL: type: string targetRevision: @@ -3076,7 +4793,166 @@ spec: required: - repoURL type: object - syncPolicy: + sources: + items: + properties: + chart: + type: string + directory: + properties: + exclude: + type: string + include: + type: string + jsonnet: + properties: + extVars: + items: + properties: + code: + type: boolean + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + libs: + items: + type: string + type: array + tlas: + items: + properties: + code: + type: boolean + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + type: object + recurse: + type: boolean + type: object + helm: + properties: + fileParameters: + items: + properties: + name: + type: string + path: + type: string + type: object + type: array + ignoreMissingValueFiles: + type: boolean + parameters: + items: + properties: + forceString: + type: boolean + name: + type: string + value: + type: string + type: object + type: array + passCredentials: + type: boolean + releaseName: + type: string + skipCrds: + type: boolean + valueFiles: + items: + type: string + type: array + values: + type: string + version: + type: string + type: object + kustomize: + properties: + commonAnnotations: + additionalProperties: + type: string + type: object + commonLabels: + additionalProperties: + type: string + type: object + forceCommonAnnotations: + type: boolean + forceCommonLabels: + type: boolean + images: + items: + type: string + type: array + namePrefix: + type: string + nameSuffix: + type: string + version: + type: string + type: object + path: + type: string + plugin: + properties: + env: + items: + properties: + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + name: + type: string + parameters: + items: + properties: + array: + items: + type: string + type: array + map: + additionalProperties: + type: string + type: object + name: + type: string + string: + type: string + type: object + type: array + type: object + ref: + type: string + repoURL: + type: string + targetRevision: + type: string + required: + - repoURL + type: object + type: array + syncPolicy: properties: automated: properties: @@ -3087,6 +4963,17 @@ spec: selfHeal: type: boolean type: object + managedNamespaceMetadata: + properties: + annotations: + additionalProperties: + type: string + type: object + labels: + additionalProperties: + type: string + type: object + type: object retry: properties: backoff: @@ -3111,7 +4998,6 @@ spec: required: - destination - project - - source type: object required: - metadata @@ -3349,7 +5235,26 @@ spec: type: array name: type: string + parameters: + items: + properties: + array: + items: + type: string + type: array + map: + additionalProperties: + type: string + type: object + name: + type: string + string: + type: string + type: object + type: array type: object + ref: + type: string repoURL: type: string targetRevision: @@ -3357,6 +5262,165 @@ spec: required: - repoURL type: object + sources: + items: + properties: + chart: + type: string + directory: + properties: + exclude: + type: string + include: + type: string + jsonnet: + properties: + extVars: + items: + properties: + code: + type: boolean + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + libs: + items: + type: string + type: array + tlas: + items: + properties: + code: + type: boolean + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + type: object + recurse: + type: boolean + type: object + helm: + properties: + fileParameters: + items: + properties: + name: + type: string + path: + type: string + type: object + type: array + ignoreMissingValueFiles: + type: boolean + parameters: + items: + properties: + forceString: + type: boolean + name: + type: string + value: + type: string + type: object + type: array + passCredentials: + type: boolean + releaseName: + type: string + skipCrds: + type: boolean + valueFiles: + items: + type: string + type: array + values: + type: string + version: + type: string + type: object + kustomize: + properties: + commonAnnotations: + additionalProperties: + type: string + type: object + commonLabels: + additionalProperties: + type: string + type: object + forceCommonAnnotations: + type: boolean + forceCommonLabels: + type: boolean + images: + items: + type: string + type: array + namePrefix: + type: string + nameSuffix: + type: string + version: + type: string + type: object + path: + type: string + plugin: + properties: + env: + items: + properties: + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + name: + type: string + parameters: + items: + properties: + array: + items: + type: string + type: array + map: + additionalProperties: + type: string + type: object + name: + type: string + string: + type: string + type: object + type: array + type: object + ref: + type: string + repoURL: + type: string + targetRevision: + type: string + required: + - repoURL + type: object + type: array syncPolicy: properties: automated: @@ -3368,6 +5432,17 @@ spec: selfHeal: type: boolean type: object + managedNamespaceMetadata: + properties: + annotations: + additionalProperties: + type: string + type: object + labels: + additionalProperties: + type: string + type: object + type: object retry: properties: backoff: @@ -3392,7 +5467,6 @@ spec: required: - destination - project - - source type: object required: - metadata @@ -3644,7 +5718,26 @@ spec: type: array name: type: string + parameters: + items: + properties: + array: + items: + type: string + type: array + map: + additionalProperties: + type: string + type: object + name: + type: string + string: + type: string + type: object + type: array type: object + ref: + type: string repoURL: type: string targetRevision: @@ -3652,6 +5745,165 @@ spec: required: - repoURL type: object + sources: + items: + properties: + chart: + type: string + directory: + properties: + exclude: + type: string + include: + type: string + jsonnet: + properties: + extVars: + items: + properties: + code: + type: boolean + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + libs: + items: + type: string + type: array + tlas: + items: + properties: + code: + type: boolean + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + type: object + recurse: + type: boolean + type: object + helm: + properties: + fileParameters: + items: + properties: + name: + type: string + path: + type: string + type: object + type: array + ignoreMissingValueFiles: + type: boolean + parameters: + items: + properties: + forceString: + type: boolean + name: + type: string + value: + type: string + type: object + type: array + passCredentials: + type: boolean + releaseName: + type: string + skipCrds: + type: boolean + valueFiles: + items: + type: string + type: array + values: + type: string + version: + type: string + type: object + kustomize: + properties: + commonAnnotations: + additionalProperties: + type: string + type: object + commonLabels: + additionalProperties: + type: string + type: object + forceCommonAnnotations: + type: boolean + forceCommonLabels: + type: boolean + images: + items: + type: string + type: array + namePrefix: + type: string + nameSuffix: + type: string + version: + type: string + type: object + path: + type: string + plugin: + properties: + env: + items: + properties: + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + name: + type: string + parameters: + items: + properties: + array: + items: + type: string + type: array + map: + additionalProperties: + type: string + type: object + name: + type: string + string: + type: string + type: object + type: array + type: object + ref: + type: string + repoURL: + type: string + targetRevision: + type: string + required: + - repoURL + type: object + type: array syncPolicy: properties: automated: @@ -3663,6 +5915,17 @@ spec: selfHeal: type: boolean type: object + managedNamespaceMetadata: + properties: + annotations: + additionalProperties: + type: string + type: object + labels: + additionalProperties: + type: string + type: object + type: object retry: properties: backoff: @@ -3687,7 +5950,6 @@ spec: required: - destination - project - - source type: object required: - metadata @@ -3931,7 +6193,26 @@ spec: type: array name: type: string + parameters: + items: + properties: + array: + items: + type: string + type: array + map: + additionalProperties: + type: string + type: object + name: + type: string + string: + type: string + type: object + type: array type: object + ref: + type: string repoURL: type: string targetRevision: @@ -3939,6 +6220,165 @@ spec: required: - repoURL type: object + sources: + items: + properties: + chart: + type: string + directory: + properties: + exclude: + type: string + include: + type: string + jsonnet: + properties: + extVars: + items: + properties: + code: + type: boolean + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + libs: + items: + type: string + type: array + tlas: + items: + properties: + code: + type: boolean + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + type: object + recurse: + type: boolean + type: object + helm: + properties: + fileParameters: + items: + properties: + name: + type: string + path: + type: string + type: object + type: array + ignoreMissingValueFiles: + type: boolean + parameters: + items: + properties: + forceString: + type: boolean + name: + type: string + value: + type: string + type: object + type: array + passCredentials: + type: boolean + releaseName: + type: string + skipCrds: + type: boolean + valueFiles: + items: + type: string + type: array + values: + type: string + version: + type: string + type: object + kustomize: + properties: + commonAnnotations: + additionalProperties: + type: string + type: object + commonLabels: + additionalProperties: + type: string + type: object + forceCommonAnnotations: + type: boolean + forceCommonLabels: + type: boolean + images: + items: + type: string + type: array + namePrefix: + type: string + nameSuffix: + type: string + version: + type: string + type: object + path: + type: string + plugin: + properties: + env: + items: + properties: + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + name: + type: string + parameters: + items: + properties: + array: + items: + type: string + type: array + map: + additionalProperties: + type: string + type: object + name: + type: string + string: + type: string + type: object + type: array + type: object + ref: + type: string + repoURL: + type: string + targetRevision: + type: string + required: + - repoURL + type: object + type: array syncPolicy: properties: automated: @@ -3950,6 +6390,17 @@ spec: selfHeal: type: boolean type: object + managedNamespaceMetadata: + properties: + annotations: + additionalProperties: + type: string + type: object + labels: + additionalProperties: + type: string + type: object + type: object retry: properties: backoff: @@ -3974,7 +6425,6 @@ spec: required: - destination - project - - source type: object required: - metadata @@ -4007,6 +6457,8 @@ spec: - path type: object type: array + pathParamPrefix: + type: string repoURL: type: string requeueAfterSeconds: @@ -4220,7 +6672,26 @@ spec: type: array name: type: string + parameters: + items: + properties: + array: + items: + type: string + type: array + map: + additionalProperties: + type: string + type: object + name: + type: string + string: + type: string + type: object + type: array type: object + ref: + type: string repoURL: type: string targetRevision: @@ -4228,7 +6699,166 @@ spec: required: - repoURL type: object - syncPolicy: + sources: + items: + properties: + chart: + type: string + directory: + properties: + exclude: + type: string + include: + type: string + jsonnet: + properties: + extVars: + items: + properties: + code: + type: boolean + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + libs: + items: + type: string + type: array + tlas: + items: + properties: + code: + type: boolean + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + type: object + recurse: + type: boolean + type: object + helm: + properties: + fileParameters: + items: + properties: + name: + type: string + path: + type: string + type: object + type: array + ignoreMissingValueFiles: + type: boolean + parameters: + items: + properties: + forceString: + type: boolean + name: + type: string + value: + type: string + type: object + type: array + passCredentials: + type: boolean + releaseName: + type: string + skipCrds: + type: boolean + valueFiles: + items: + type: string + type: array + values: + type: string + version: + type: string + type: object + kustomize: + properties: + commonAnnotations: + additionalProperties: + type: string + type: object + commonLabels: + additionalProperties: + type: string + type: object + forceCommonAnnotations: + type: boolean + forceCommonLabels: + type: boolean + images: + items: + type: string + type: array + namePrefix: + type: string + nameSuffix: + type: string + version: + type: string + type: object + path: + type: string + plugin: + properties: + env: + items: + properties: + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + name: + type: string + parameters: + items: + properties: + array: + items: + type: string + type: array + map: + additionalProperties: + type: string + type: object + name: + type: string + string: + type: string + type: object + type: array + type: object + ref: + type: string + repoURL: + type: string + targetRevision: + type: string + required: + - repoURL + type: object + type: array + syncPolicy: properties: automated: properties: @@ -4239,6 +6869,17 @@ spec: selfHeal: type: boolean type: object + managedNamespaceMetadata: + properties: + annotations: + additionalProperties: + type: string + type: object + labels: + additionalProperties: + type: string + type: object + type: object retry: properties: backoff: @@ -4263,13 +6904,13 @@ spec: required: - destination - project - - source type: object required: - metadata - spec type: object required: + - pathParamPrefix - repoURL - revision type: object @@ -4485,7 +7126,26 @@ spec: type: array name: type: string + parameters: + items: + properties: + array: + items: + type: string + type: array + map: + additionalProperties: + type: string + type: object + name: + type: string + string: + type: string + type: object + type: array type: object + ref: + type: string repoURL: type: string targetRevision: @@ -4493,6 +7153,165 @@ spec: required: - repoURL type: object + sources: + items: + properties: + chart: + type: string + directory: + properties: + exclude: + type: string + include: + type: string + jsonnet: + properties: + extVars: + items: + properties: + code: + type: boolean + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + libs: + items: + type: string + type: array + tlas: + items: + properties: + code: + type: boolean + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + type: object + recurse: + type: boolean + type: object + helm: + properties: + fileParameters: + items: + properties: + name: + type: string + path: + type: string + type: object + type: array + ignoreMissingValueFiles: + type: boolean + parameters: + items: + properties: + forceString: + type: boolean + name: + type: string + value: + type: string + type: object + type: array + passCredentials: + type: boolean + releaseName: + type: string + skipCrds: + type: boolean + valueFiles: + items: + type: string + type: array + values: + type: string + version: + type: string + type: object + kustomize: + properties: + commonAnnotations: + additionalProperties: + type: string + type: object + commonLabels: + additionalProperties: + type: string + type: object + forceCommonAnnotations: + type: boolean + forceCommonLabels: + type: boolean + images: + items: + type: string + type: array + namePrefix: + type: string + nameSuffix: + type: string + version: + type: string + type: object + path: + type: string + plugin: + properties: + env: + items: + properties: + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + name: + type: string + parameters: + items: + properties: + array: + items: + type: string + type: array + map: + additionalProperties: + type: string + type: object + name: + type: string + string: + type: string + type: object + type: array + type: object + ref: + type: string + repoURL: + type: string + targetRevision: + type: string + required: + - repoURL + type: object + type: array syncPolicy: properties: automated: @@ -4504,6 +7323,17 @@ spec: selfHeal: type: boolean type: object + managedNamespaceMetadata: + properties: + annotations: + additionalProperties: + type: string + type: object + labels: + additionalProperties: + type: string + type: object + type: object retry: properties: backoff: @@ -4528,7 +7358,6 @@ spec: required: - destination - project - - source type: object required: - metadata @@ -4868,7 +7697,26 @@ spec: type: array name: type: string + parameters: + items: + properties: + array: + items: + type: string + type: array + map: + additionalProperties: + type: string + type: object + name: + type: string + string: + type: string + type: object + type: array type: object + ref: + type: string repoURL: type: string targetRevision: @@ -4876,6 +7724,165 @@ spec: required: - repoURL type: object + sources: + items: + properties: + chart: + type: string + directory: + properties: + exclude: + type: string + include: + type: string + jsonnet: + properties: + extVars: + items: + properties: + code: + type: boolean + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + libs: + items: + type: string + type: array + tlas: + items: + properties: + code: + type: boolean + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + type: object + recurse: + type: boolean + type: object + helm: + properties: + fileParameters: + items: + properties: + name: + type: string + path: + type: string + type: object + type: array + ignoreMissingValueFiles: + type: boolean + parameters: + items: + properties: + forceString: + type: boolean + name: + type: string + value: + type: string + type: object + type: array + passCredentials: + type: boolean + releaseName: + type: string + skipCrds: + type: boolean + valueFiles: + items: + type: string + type: array + values: + type: string + version: + type: string + type: object + kustomize: + properties: + commonAnnotations: + additionalProperties: + type: string + type: object + commonLabels: + additionalProperties: + type: string + type: object + forceCommonAnnotations: + type: boolean + forceCommonLabels: + type: boolean + images: + items: + type: string + type: array + namePrefix: + type: string + nameSuffix: + type: string + version: + type: string + type: object + path: + type: string + plugin: + properties: + env: + items: + properties: + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + name: + type: string + parameters: + items: + properties: + array: + items: + type: string + type: array + map: + additionalProperties: + type: string + type: object + name: + type: string + string: + type: string + type: object + type: array + type: object + ref: + type: string + repoURL: + type: string + targetRevision: + type: string + required: + - repoURL + type: object + type: array syncPolicy: properties: automated: @@ -4887,6 +7894,17 @@ spec: selfHeal: type: boolean type: object + managedNamespaceMetadata: + properties: + annotations: + additionalProperties: + type: string + type: object + labels: + additionalProperties: + type: string + type: object + type: object retry: properties: backoff: @@ -4911,7 +7929,6 @@ spec: required: - destination - project - - source type: object required: - metadata @@ -5298,7 +8315,26 @@ spec: type: array name: type: string + parameters: + items: + properties: + array: + items: + type: string + type: array + map: + additionalProperties: + type: string + type: object + name: + type: string + string: + type: string + type: object + type: array type: object + ref: + type: string repoURL: type: string targetRevision: @@ -5306,6 +8342,165 @@ spec: required: - repoURL type: object + sources: + items: + properties: + chart: + type: string + directory: + properties: + exclude: + type: string + include: + type: string + jsonnet: + properties: + extVars: + items: + properties: + code: + type: boolean + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + libs: + items: + type: string + type: array + tlas: + items: + properties: + code: + type: boolean + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + type: object + recurse: + type: boolean + type: object + helm: + properties: + fileParameters: + items: + properties: + name: + type: string + path: + type: string + type: object + type: array + ignoreMissingValueFiles: + type: boolean + parameters: + items: + properties: + forceString: + type: boolean + name: + type: string + value: + type: string + type: object + type: array + passCredentials: + type: boolean + releaseName: + type: string + skipCrds: + type: boolean + valueFiles: + items: + type: string + type: array + values: + type: string + version: + type: string + type: object + kustomize: + properties: + commonAnnotations: + additionalProperties: + type: string + type: object + commonLabels: + additionalProperties: + type: string + type: object + forceCommonAnnotations: + type: boolean + forceCommonLabels: + type: boolean + images: + items: + type: string + type: array + namePrefix: + type: string + nameSuffix: + type: string + version: + type: string + type: object + path: + type: string + plugin: + properties: + env: + items: + properties: + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + name: + type: string + parameters: + items: + properties: + array: + items: + type: string + type: array + map: + additionalProperties: + type: string + type: object + name: + type: string + string: + type: string + type: object + type: array + type: object + ref: + type: string + repoURL: + type: string + targetRevision: + type: string + required: + - repoURL + type: object + type: array syncPolicy: properties: automated: @@ -5317,6 +8512,17 @@ spec: selfHeal: type: boolean type: object + managedNamespaceMetadata: + properties: + annotations: + additionalProperties: + type: string + type: object + labels: + additionalProperties: + type: string + type: object + type: object retry: properties: backoff: @@ -5341,7 +8547,6 @@ spec: required: - destination - project - - source type: object required: - metadata @@ -5583,7 +8788,26 @@ spec: type: array name: type: string + parameters: + items: + properties: + array: + items: + type: string + type: array + map: + additionalProperties: + type: string + type: object + name: + type: string + string: + type: string + type: object + type: array type: object + ref: + type: string repoURL: type: string targetRevision: @@ -5591,69 +8815,238 @@ spec: required: - repoURL type: object - syncPolicy: - properties: - automated: - properties: - allowEmpty: - type: boolean - prune: - type: boolean - selfHeal: - type: boolean - type: object - retry: - properties: - backoff: - properties: - duration: - type: string - factor: - format: int64 - type: integer - maxDuration: - type: string - type: object - limit: - format: int64 - type: integer - type: object - syncOptions: - items: + sources: + items: + properties: + chart: type: string - type: array - type: object - required: - - destination - - project - - source - type: object - required: - - metadata - - spec - type: object - required: - - generators - - mergeKeys - type: object - pullRequest: - properties: - bitbucketServer: - properties: - api: - type: string - basicAuth: - properties: - passwordRef: - properties: - key: - type: string - secretName: - type: string - required: - - key - - secretName - type: object + directory: + properties: + exclude: + type: string + include: + type: string + jsonnet: + properties: + extVars: + items: + properties: + code: + type: boolean + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + libs: + items: + type: string + type: array + tlas: + items: + properties: + code: + type: boolean + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + type: object + recurse: + type: boolean + type: object + helm: + properties: + fileParameters: + items: + properties: + name: + type: string + path: + type: string + type: object + type: array + ignoreMissingValueFiles: + type: boolean + parameters: + items: + properties: + forceString: + type: boolean + name: + type: string + value: + type: string + type: object + type: array + passCredentials: + type: boolean + releaseName: + type: string + skipCrds: + type: boolean + valueFiles: + items: + type: string + type: array + values: + type: string + version: + type: string + type: object + kustomize: + properties: + commonAnnotations: + additionalProperties: + type: string + type: object + commonLabels: + additionalProperties: + type: string + type: object + forceCommonAnnotations: + type: boolean + forceCommonLabels: + type: boolean + images: + items: + type: string + type: array + namePrefix: + type: string + nameSuffix: + type: string + version: + type: string + type: object + path: + type: string + plugin: + properties: + env: + items: + properties: + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + name: + type: string + parameters: + items: + properties: + array: + items: + type: string + type: array + map: + additionalProperties: + type: string + type: object + name: + type: string + string: + type: string + type: object + type: array + type: object + ref: + type: string + repoURL: + type: string + targetRevision: + type: string + required: + - repoURL + type: object + type: array + syncPolicy: + properties: + automated: + properties: + allowEmpty: + type: boolean + prune: + type: boolean + selfHeal: + type: boolean + type: object + managedNamespaceMetadata: + properties: + annotations: + additionalProperties: + type: string + type: object + labels: + additionalProperties: + type: string + type: object + type: object + retry: + properties: + backoff: + properties: + duration: + type: string + factor: + format: int64 + type: integer + maxDuration: + type: string + type: object + limit: + format: int64 + type: integer + type: object + syncOptions: + items: + type: string + type: array + type: object + required: + - destination + - project + type: object + required: + - metadata + - spec + type: object + required: + - generators + - mergeKeys + type: object + pullRequest: + properties: + bitbucketServer: + properties: + api: + type: string + basicAuth: + properties: + passwordRef: + properties: + key: + type: string + secretName: + type: string + required: + - key + - secretName + type: object username: type: string required: @@ -5963,7 +9356,26 @@ spec: type: array name: type: string + parameters: + items: + properties: + array: + items: + type: string + type: array + map: + additionalProperties: + type: string + type: object + name: + type: string + string: + type: string + type: object + type: array type: object + ref: + type: string repoURL: type: string targetRevision: @@ -5971,6 +9383,165 @@ spec: required: - repoURL type: object + sources: + items: + properties: + chart: + type: string + directory: + properties: + exclude: + type: string + include: + type: string + jsonnet: + properties: + extVars: + items: + properties: + code: + type: boolean + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + libs: + items: + type: string + type: array + tlas: + items: + properties: + code: + type: boolean + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + type: object + recurse: + type: boolean + type: object + helm: + properties: + fileParameters: + items: + properties: + name: + type: string + path: + type: string + type: object + type: array + ignoreMissingValueFiles: + type: boolean + parameters: + items: + properties: + forceString: + type: boolean + name: + type: string + value: + type: string + type: object + type: array + passCredentials: + type: boolean + releaseName: + type: string + skipCrds: + type: boolean + valueFiles: + items: + type: string + type: array + values: + type: string + version: + type: string + type: object + kustomize: + properties: + commonAnnotations: + additionalProperties: + type: string + type: object + commonLabels: + additionalProperties: + type: string + type: object + forceCommonAnnotations: + type: boolean + forceCommonLabels: + type: boolean + images: + items: + type: string + type: array + namePrefix: + type: string + nameSuffix: + type: string + version: + type: string + type: object + path: + type: string + plugin: + properties: + env: + items: + properties: + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + name: + type: string + parameters: + items: + properties: + array: + items: + type: string + type: array + map: + additionalProperties: + type: string + type: object + name: + type: string + string: + type: string + type: object + type: array + type: object + ref: + type: string + repoURL: + type: string + targetRevision: + type: string + required: + - repoURL + type: object + type: array syncPolicy: properties: automated: @@ -5982,6 +9553,17 @@ spec: selfHeal: type: boolean type: object + managedNamespaceMetadata: + properties: + annotations: + additionalProperties: + type: string + type: object + labels: + additionalProperties: + type: string + type: object + type: object retry: properties: backoff: @@ -6006,7 +9588,6 @@ spec: required: - destination - project - - source type: object required: - metadata @@ -6344,63 +9925,241 @@ spec: valueFiles: items: type: string - type: array - values: - type: string - version: - type: string - type: object - kustomize: - properties: - commonAnnotations: - additionalProperties: + type: array + values: + type: string + version: + type: string + type: object + kustomize: + properties: + commonAnnotations: + additionalProperties: + type: string + type: object + commonLabels: + additionalProperties: + type: string + type: object + forceCommonAnnotations: + type: boolean + forceCommonLabels: + type: boolean + images: + items: + type: string + type: array + namePrefix: + type: string + nameSuffix: + type: string + version: + type: string + type: object + path: + type: string + plugin: + properties: + env: + items: + properties: + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + name: + type: string + parameters: + items: + properties: + array: + items: + type: string + type: array + map: + additionalProperties: + type: string + type: object + name: + type: string + string: + type: string + type: object + type: array + type: object + ref: + type: string + repoURL: + type: string + targetRevision: + type: string + required: + - repoURL + type: object + sources: + items: + properties: + chart: + type: string + directory: + properties: + exclude: + type: string + include: + type: string + jsonnet: + properties: + extVars: + items: + properties: + code: + type: boolean + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + libs: + items: + type: string + type: array + tlas: + items: + properties: + code: + type: boolean + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + type: object + recurse: + type: boolean + type: object + helm: + properties: + fileParameters: + items: + properties: + name: + type: string + path: + type: string + type: object + type: array + ignoreMissingValueFiles: + type: boolean + parameters: + items: + properties: + forceString: + type: boolean + name: + type: string + value: + type: string + type: object + type: array + passCredentials: + type: boolean + releaseName: + type: string + skipCrds: + type: boolean + valueFiles: + items: + type: string + type: array + values: + type: string + version: + type: string + type: object + kustomize: + properties: + commonAnnotations: + additionalProperties: + type: string + type: object + commonLabels: + additionalProperties: + type: string + type: object + forceCommonAnnotations: + type: boolean + forceCommonLabels: + type: boolean + images: + items: + type: string + type: array + namePrefix: + type: string + nameSuffix: type: string - type: object - commonLabels: - additionalProperties: + version: type: string - type: object - forceCommonAnnotations: - type: boolean - forceCommonLabels: - type: boolean - images: - items: + type: object + path: + type: string + plugin: + properties: + env: + items: + properties: + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + name: type: string - type: array - namePrefix: - type: string - nameSuffix: - type: string - version: - type: string - type: object - path: - type: string - plugin: - properties: - env: - items: - properties: - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - name: - type: string - type: object - repoURL: - type: string - targetRevision: - type: string - required: - - repoURL - type: object + parameters: + items: + properties: + array: + items: + type: string + type: array + map: + additionalProperties: + type: string + type: object + name: + type: string + string: + type: string + type: object + type: array + type: object + ref: + type: string + repoURL: + type: string + targetRevision: + type: string + required: + - repoURL + type: object + type: array syncPolicy: properties: automated: @@ -6412,6 +10171,17 @@ spec: selfHeal: type: boolean type: object + managedNamespaceMetadata: + properties: + annotations: + additionalProperties: + type: string + type: object + labels: + additionalProperties: + type: string + type: object + type: object retry: properties: backoff: @@ -6436,7 +10206,6 @@ spec: required: - destination - project - - source type: object required: - metadata @@ -6470,6 +10239,37 @@ spec: type: array goTemplate: type: boolean + strategy: + properties: + rollingSync: + properties: + steps: + items: + properties: + matchExpressions: + items: + properties: + key: + type: string + operator: + type: string + values: + items: + type: string + type: array + type: object + type: array + maxUpdate: + anyOf: + - type: integer + - type: string + x-kubernetes-int-or-string: true + type: object + type: array + type: object + type: + type: string + type: object syncPolicy: properties: preserveResourcesOnDeletion: @@ -6681,7 +10481,26 @@ spec: type: array name: type: string + parameters: + items: + properties: + array: + items: + type: string + type: array + map: + additionalProperties: + type: string + type: object + name: + type: string + string: + type: string + type: object + type: array type: object + ref: + type: string repoURL: type: string targetRevision: @@ -6689,6 +10508,165 @@ spec: required: - repoURL type: object + sources: + items: + properties: + chart: + type: string + directory: + properties: + exclude: + type: string + include: + type: string + jsonnet: + properties: + extVars: + items: + properties: + code: + type: boolean + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + libs: + items: + type: string + type: array + tlas: + items: + properties: + code: + type: boolean + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + type: object + recurse: + type: boolean + type: object + helm: + properties: + fileParameters: + items: + properties: + name: + type: string + path: + type: string + type: object + type: array + ignoreMissingValueFiles: + type: boolean + parameters: + items: + properties: + forceString: + type: boolean + name: + type: string + value: + type: string + type: object + type: array + passCredentials: + type: boolean + releaseName: + type: string + skipCrds: + type: boolean + valueFiles: + items: + type: string + type: array + values: + type: string + version: + type: string + type: object + kustomize: + properties: + commonAnnotations: + additionalProperties: + type: string + type: object + commonLabels: + additionalProperties: + type: string + type: object + forceCommonAnnotations: + type: boolean + forceCommonLabels: + type: boolean + images: + items: + type: string + type: array + namePrefix: + type: string + nameSuffix: + type: string + version: + type: string + type: object + path: + type: string + plugin: + properties: + env: + items: + properties: + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + name: + type: string + parameters: + items: + properties: + array: + items: + type: string + type: array + map: + additionalProperties: + type: string + type: object + name: + type: string + string: + type: string + type: object + type: array + type: object + ref: + type: string + repoURL: + type: string + targetRevision: + type: string + required: + - repoURL + type: object + type: array syncPolicy: properties: automated: @@ -6700,6 +10678,17 @@ spec: selfHeal: type: boolean type: object + managedNamespaceMetadata: + properties: + annotations: + additionalProperties: + type: string + type: object + labels: + additionalProperties: + type: string + type: object + type: object retry: properties: backoff: @@ -6724,7 +10713,6 @@ spec: required: - destination - project - - source type: object required: - metadata @@ -6736,6 +10724,24 @@ spec: type: object status: properties: + applicationStatus: + items: + properties: + application: + type: string + lastTransitionTime: + format: date-time + type: string + message: + type: string + status: + type: string + required: + - application + - message + - status + type: object + type: array conditions: items: properties: diff --git a/charts/argo-cd/values.yaml b/charts/argo-cd/values.yaml index c3f6fdab3..6e885f107 100755 --- a/charts/argo-cd/values.yaml +++ b/charts/argo-cd/values.yaml @@ -205,6 +205,12 @@ configs: # -- Limit on number of concurrent manifests generate requests. Any value less the 1 means no limit. reposerver.parallelism.limit: 0 + ## ApplicationSet Properties + # -- Modify how application is synced between the generator and the cluster. One of: `sync`, `create-only`, `create-update`, `create-delete` + applicationsetcontroller.policy: sync + # -- Enables use of the Progressive Syncs capability + applicationsetcontroller.enable.progressive.syncs: false + # Argo CD RBAC policy configuration ## Ref: https://github.com/argoproj/argo-cd/blob/master/docs/operator-manual/rbac.md rbac: @@ -2147,18 +2153,14 @@ applicationSet: # @default -- `[]` (defaults to global.imagePullSecrets) imagePullSecrets: [] - # -- ApplicationSet controller log format. Either `text` or `json` - # @default -- `""` (defaults to global.logging.format) - logFormat: "" - # -- ApplicationSet controller log level. One of: `debug`, `info`, `warn`, `error` - # @default -- `""` (defaults to global.logging.level) - logLevel: "" - - args: + # -- DEPRECATED - ApplicationSet controller command line flags + args: {} + # DEPRECATED - Use configs.params.applicationsetcontroller.policy to override # -- How application is synced between the generator and the cluster - policy: sync + # policy: sync + # DEPRECATED - Use configs.params.applicationsetcontroller.dryrun to override # -- Enable dry run mode - dryRun: false + # dryRun: false # -- List of extra cli args to add extraArgs: [] From b1be8fabd462229b0f5acfad528208eed6146c2d Mon Sep 17 00:00:00 2001 From: Jason Meridth Date: Tue, 7 Feb 2023 09:11:10 -0600 Subject: [PATCH 040/373] chore(argo-workflows): Update Argo Workflows to v3.4.5 (#1828) Signed-off-by: jmeridth Co-authored-by: Petr Drastil --- charts/argo-workflows/Chart.yaml | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/charts/argo-workflows/Chart.yaml b/charts/argo-workflows/Chart.yaml index 37846bed1..8ba37092b 100644 --- a/charts/argo-workflows/Chart.yaml +++ b/charts/argo-workflows/Chart.yaml @@ -1,9 +1,9 @@ apiVersion: v2 -appVersion: v3.4.4 +appVersion: v3.4.5 name: argo-workflows description: A Helm chart for Argo Workflows type: application -version: 0.22.9 +version: 0.22.10 icon: https://raw.githubusercontent.com/argoproj/argo-workflows/master/docs/assets/argo.png home: https://github.com/argoproj/argo-helm sources: @@ -13,5 +13,5 @@ maintainers: url: https://argoproj.github.io/ annotations: artifacthub.io/changes: | - - kind: fixed - description: Align changelog structure to show changelogs on Artifact Hub + - kind: changed + description: Upgrade Argo Workflows to v3.4.5 From 3bede30d3909a2c3d0c48aef3ccc6ddb4a557730 Mon Sep 17 00:00:00 2001 From: Petr Drastil Date: Wed, 8 Feb 2023 02:09:40 +0100 Subject: [PATCH 041/373] fix(argo-cd): Fix ApplicationSet CRD for pathParamPrefix (#1829) fix(argo-cd): Fix ApplicationSet CRD for pathParamPrefix Signed-off-by: Petr Drastil --- charts/argo-cd/Chart.yaml | 8 +++----- charts/argo-cd/templates/crds/crd-applicationset.yaml | 6 +++--- 2 files changed, 6 insertions(+), 8 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index c5f6c5fbf..af4de1565 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -3,7 +3,7 @@ appVersion: v2.6.0 kubeVersion: ">=1.22.0-0" description: A Helm chart for Argo CD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 5.20.0 +version: 5.20.1 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png sources: @@ -23,7 +23,5 @@ dependencies: condition: redis-ha.enabled annotations: artifacthub.io/changes: | - - kind: changed - description: Upgrade Argo CD to 2.6.0 - - kind: deprecated - description: ApplicationSet args, logFormat and logLevel superseded by configs.params + - kind: fixed + description: Sync latest ApplicationSet CRD diff --git a/charts/argo-cd/templates/crds/crd-applicationset.yaml b/charts/argo-cd/templates/crds/crd-applicationset.yaml index 7a15b67de..434522422 100644 --- a/charts/argo-cd/templates/crds/crd-applicationset.yaml +++ b/charts/argo-cd/templates/crds/crd-applicationset.yaml @@ -1470,7 +1470,6 @@ spec: - spec type: object required: - - pathParamPrefix - repoURL - revision type: object @@ -3361,7 +3360,6 @@ spec: - spec type: object required: - - pathParamPrefix - repoURL - revision type: object @@ -6910,7 +6908,6 @@ spec: - spec type: object required: - - pathParamPrefix - repoURL - revision type: object @@ -10736,10 +10733,13 @@ spec: type: string status: type: string + step: + type: string required: - application - message - status + - step type: object type: array conditions: From e17d218600091b20a57310df07fbba2d35ae715f Mon Sep 17 00:00:00 2001 From: Petr Drastil Date: Wed, 8 Feb 2023 17:41:16 +0100 Subject: [PATCH 042/373] docs(argo-cd): Remove incorrect deprecation note (#1830) Signed-off-by: Petr Drastil --- charts/argo-cd/Chart.yaml | 6 +++--- charts/argo-cd/templates/NOTES.txt | 3 --- 2 files changed, 3 insertions(+), 6 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index af4de1565..47438c33f 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -3,7 +3,7 @@ appVersion: v2.6.0 kubeVersion: ">=1.22.0-0" description: A Helm chart for Argo CD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 5.20.1 +version: 5.20.2 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png sources: @@ -23,5 +23,5 @@ dependencies: condition: redis-ha.enabled annotations: artifacthub.io/changes: | - - kind: fixed - description: Sync latest ApplicationSet CRD + - kind: removed + description: Removed incorrect deprecation note diff --git a/charts/argo-cd/templates/NOTES.txt b/charts/argo-cd/templates/NOTES.txt index 002d38442..d79d95f0c 100644 --- a/charts/argo-cd/templates/NOTES.txt +++ b/charts/argo-cd/templates/NOTES.txt @@ -52,9 +52,6 @@ DEPRECATED option configs.gpgKeys - Use config.gpg.keys {{- if .Values.configs.gpgKeysAnnotations }} DEPRECATED option configs.gpgKeysAnnotations - Use config.gpg.annotations {{- end }} -{{- if hasKey .Values "createAggregateRoles" }} -DEPRECATED option createAggregateRoles - Use global.rbac.aggregatedRoles -{{- end }} {{- if hasKey (.Values.controller.clusterAdminAccess | default dict) "enabled" }} DEPRECATED option .controller.clusterAdminAccess.enabled - Use createClusterRoles {{- end }} From eb102d27aa1f84811e4873a781d867ba81cb3cfd Mon Sep 17 00:00:00 2001 From: Michael Crenshaw <350466+crenshaw-dev@users.noreply.github.com> Date: Wed, 8 Feb 2023 15:14:07 -0500 Subject: [PATCH 043/373] feat(argo-cd): Upgrade Argo CD to 2.6.1 (#1832) Signed-off-by: Michael Crenshaw <350466+crenshaw-dev@users.noreply.github.com> --- charts/argo-cd/Chart.yaml | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index 47438c33f..321bd3527 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -1,9 +1,9 @@ apiVersion: v2 -appVersion: v2.6.0 +appVersion: v2.6.1 kubeVersion: ">=1.22.0-0" description: A Helm chart for Argo CD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 5.20.2 +version: 5.20.3 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png sources: @@ -23,5 +23,5 @@ dependencies: condition: redis-ha.enabled annotations: artifacthub.io/changes: | - - kind: removed - description: Removed incorrect deprecation note + - kind: changed + description: Upgrade Argo CD to 2.6.1 From 31768175b92e708ebb447dace0a54e1b0df1a7ef Mon Sep 17 00:00:00 2001 From: toyamagu <83329336+toyamagu-2021@users.noreply.github.com> Date: Fri, 10 Feb 2023 07:43:38 +0900 Subject: [PATCH 044/373] feat(argocd-apps): multiple sources for Application and ApplicationSet (#1831) * feat(argocd-apps): multiple sources for application and applicationset Signed-off-by: toyamagu * fix typo Signed-off-by: toyamagu2021@gmail.com --------- Signed-off-by: toyamagu Signed-off-by: toyamagu2021@gmail.com Co-authored-by: Aikawa --- charts/argocd-apps/Chart.yaml | 6 ++-- .../applications-multiple-sources-values.yaml | 28 +++++++++++++++++ .../argocd-apps/ci/applications-values.yaml | 30 +++++++++++++++++++ ...plicationsets-multiple-sources-values.yaml | 24 +++++++++++++++ .../ci/applicationsets-values.yaml | 3 +- .../argocd-apps/templates/applications.yaml | 8 ++++- .../templates/applicationsets.yaml | 8 ++++- charts/argocd-apps/values.yaml | 8 +++++ 8 files changed, 108 insertions(+), 7 deletions(-) create mode 100644 charts/argocd-apps/ci/applications-multiple-sources-values.yaml create mode 100644 charts/argocd-apps/ci/applications-values.yaml create mode 100644 charts/argocd-apps/ci/applicationsets-multiple-sources-values.yaml diff --git a/charts/argocd-apps/Chart.yaml b/charts/argocd-apps/Chart.yaml index 422dc6867..1a2c09148 100644 --- a/charts/argocd-apps/Chart.yaml +++ b/charts/argocd-apps/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v2 name: argocd-apps description: A Helm chart for managing additional Argo CD Applications and Projects type: application -version: 0.0.7 +version: 0.0.8 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png keywords: @@ -14,5 +14,5 @@ maintainers: url: https://argoproj.github.io/ annotations: artifacthub.io/changes: | - - kind: fixed - description: Align changelog structure to show changelogs on Artifact Hub + - kind: added + description: Multiple sources for Application and ApplicationSet diff --git a/charts/argocd-apps/ci/applications-multiple-sources-values.yaml b/charts/argocd-apps/ci/applications-multiple-sources-values.yaml new file mode 100644 index 000000000..4d21403b4 --- /dev/null +++ b/charts/argocd-apps/ci/applications-multiple-sources-values.yaml @@ -0,0 +1,28 @@ +# Test with multi-source applications + +applications: +- name: argocd-application-multiple-sources + additionalLabels: {} + additionalAnnotations: {} + finalizers: + - resources-finalizer.argocd.argoproj.io + project: default + sources: + - chart: elasticsearch + repoURL: https://helm.elastic.co + targetRevision: 8.5.1 + - repoURL: https://github.com/argoproj/argocd-example-apps.git + path: guestbook + targetRevision: HEAD + destination: + server: https://kubernetes.default.svc + namespace: default + syncPolicy: + automated: + prune: false + selfHeal: false + ignoreDifferences: + - group: apps + kind: Deployment + jsonPointers: + - /spec/replicas diff --git a/charts/argocd-apps/ci/applications-values.yaml b/charts/argocd-apps/ci/applications-values.yaml new file mode 100644 index 000000000..4d708a16f --- /dev/null +++ b/charts/argocd-apps/ci/applications-values.yaml @@ -0,0 +1,30 @@ +# Test with applications + +applications: +- name: argocd-application + additionalLabels: {} + additionalAnnotations: {} + finalizers: + - resources-finalizer.argocd.argoproj.io + project: default + source: + repoURL: https://github.com/argoproj/argocd-example-apps.git + targetRevision: HEAD + path: guestbook + directory: + recurse: true + destination: + server: https://kubernetes.default.svc + namespace: default + syncPolicy: + automated: + prune: false + selfHeal: false + ignoreDifferences: + - group: apps + kind: Deployment + jsonPointers: + - /spec/replicas + info: + - name: url + value: https://argoproj.github.io/ diff --git a/charts/argocd-apps/ci/applicationsets-multiple-sources-values.yaml b/charts/argocd-apps/ci/applicationsets-multiple-sources-values.yaml new file mode 100644 index 000000000..f1dd7cda8 --- /dev/null +++ b/charts/argocd-apps/ci/applicationsets-multiple-sources-values.yaml @@ -0,0 +1,24 @@ +# Test with multi-source applicationsets + +applicationsets: +- name: applicationset-multiple-sources + generators: + - list: + elements: + - cluster: default-cluster + url: https://kubernetes.default.svc + template: + metadata: + name: '{{cluster}}-guestbook' + spec: + project: default + sources: + - chart: elasticsearch + repoURL: https://helm.elastic.co + targetRevision: 8.5.1 + - repoURL: https://github.com/argoproj/argocd-example-apps.git + path: guestbook + targetRevision: HEAD + destination: + server: '{{url}}' + namespace: default diff --git a/charts/argocd-apps/ci/applicationsets-values.yaml b/charts/argocd-apps/ci/applicationsets-values.yaml index a76ed41a5..2258f422b 100644 --- a/charts/argocd-apps/ci/applicationsets-values.yaml +++ b/charts/argocd-apps/ci/applicationsets-values.yaml @@ -1,8 +1,7 @@ # Test with applicationsets applicationsets: -- name: guestbook - namespace: default # Only for test purpose. +- name: applicationset additionalLabels: {} additionalAnnotations: {} # See PR #10026 (ArgoCD v2.5 or later) diff --git a/charts/argocd-apps/templates/applications.yaml b/charts/argocd-apps/templates/applications.yaml index ea63fc25f..fee643d81 100644 --- a/charts/argocd-apps/templates/applications.yaml +++ b/charts/argocd-apps/templates/applications.yaml @@ -23,8 +23,14 @@ metadata: {{- end }} spec: project: {{ tpl .project $ }} + {{- with .source }} source: - {{- toYaml .source | nindent 4 }} + {{- toYaml . | nindent 4 }} + {{- end }} + {{- with .sources }} + sources: + {{- toYaml . | nindent 4 }} + {{- end }} destination: {{- toYaml .destination | nindent 4 }} {{- with .syncPolicy }} diff --git a/charts/argocd-apps/templates/applicationsets.yaml b/charts/argocd-apps/templates/applicationsets.yaml index 20898d0a8..aa7a3b791 100644 --- a/charts/argocd-apps/templates/applicationsets.yaml +++ b/charts/argocd-apps/templates/applicationsets.yaml @@ -52,8 +52,14 @@ spec: {{- with .spec }} spec: project: {{ tpl .project $ }} + {{- with .source }} source: - {{- toYaml .source | nindent 8 }} + {{- toYaml . | nindent 8 }} + {{- end }} + {{- with .sources }} + sources: + {{- toYaml . | nindent 8 }} + {{- end }} destination: {{- toYaml .destination | nindent 8 }} {{- with .syncPolicy }} diff --git a/charts/argocd-apps/values.yaml b/charts/argocd-apps/values.yaml index b3eaa5d21..62a2509c4 100644 --- a/charts/argocd-apps/values.yaml +++ b/charts/argocd-apps/values.yaml @@ -15,6 +15,14 @@ applications: [] # path: guestbook # directory: # recurse: true +# # ArgoCD v2.6 or later +# sources: +# - chart: elasticsearch +# repoURL: https://helm.elastic.co +# targetRevision: 8.5.1 +# - repoURL: https://github.com/argoproj/argocd-example-apps.git +# path: guestbook +# targetRevision: HEAD # destination: # server: https://kubernetes.default.svc # namespace: guestbook From c08fc230d75c85b2c9a07138c5c7b7bc957b98df Mon Sep 17 00:00:00 2001 From: Vlad Losev Date: Thu, 9 Feb 2023 21:31:49 -0800 Subject: [PATCH 045/373] fix(argo-workflows): clean subresource permissions (#1835) --- charts/argo-workflows/Chart.yaml | 4 ++-- .../controller/workflow-controller-cluster-roles.yaml | 7 ++++++- .../templates/server/server-cluster-roles.yaml | 9 +++++++-- 3 files changed, 15 insertions(+), 5 deletions(-) diff --git a/charts/argo-workflows/Chart.yaml b/charts/argo-workflows/Chart.yaml index 8ba37092b..0fe6953a5 100644 --- a/charts/argo-workflows/Chart.yaml +++ b/charts/argo-workflows/Chart.yaml @@ -3,7 +3,7 @@ appVersion: v3.4.5 name: argo-workflows description: A Helm chart for Argo Workflows type: application -version: 0.22.10 +version: 0.22.11 icon: https://raw.githubusercontent.com/argoproj/argo-workflows/master/docs/assets/argo.png home: https://github.com/argoproj/argo-helm sources: @@ -14,4 +14,4 @@ maintainers: annotations: artifacthub.io/changes: | - kind: changed - description: Upgrade Argo Workflows to v3.4.5 + description: Cleaned RBAC permissions for subresources (pods/log, pods/exec). diff --git a/charts/argo-workflows/templates/controller/workflow-controller-cluster-roles.yaml b/charts/argo-workflows/templates/controller/workflow-controller-cluster-roles.yaml index 34f91c0da..bb08306b8 100644 --- a/charts/argo-workflows/templates/controller/workflow-controller-cluster-roles.yaml +++ b/charts/argo-workflows/templates/controller/workflow-controller-cluster-roles.yaml @@ -14,7 +14,6 @@ rules: - "" resources: - pods - - pods/exec verbs: - create - get @@ -23,6 +22,12 @@ rules: - update - patch - delete +- apiGroups: + - "" + resources: + - pods/exec + verbs: + - create - apiGroups: - "" resources: diff --git a/charts/argo-workflows/templates/server/server-cluster-roles.yaml b/charts/argo-workflows/templates/server/server-cluster-roles.yaml index c3c4e6887..c7d18f50c 100644 --- a/charts/argo-workflows/templates/server/server-cluster-roles.yaml +++ b/charts/argo-workflows/templates/server/server-cluster-roles.yaml @@ -23,13 +23,18 @@ rules: - "" resources: - pods - - pods/exec - - pods/log verbs: - get - list - watch - delete +- apiGroups: + - "" + resources: + - pods/log + verbs: + - get + - list {{- if .Values.server.sso }} - apiGroups: - "" From a915e774a53edfb76b654e214aa5de794bf419b2 Mon Sep 17 00:00:00 2001 From: Petr Drastil Date: Mon, 13 Feb 2023 12:22:15 +0100 Subject: [PATCH 046/373] fix(argo-cd): Fix invalid progressive sync parameter (#1839) Signed-off-by: Petr Drastil --- charts/argo-cd/Chart.yaml | 6 +++--- .../argo-cd/templates/argocd-applicationset/deployment.yaml | 2 +- 2 files changed, 4 insertions(+), 4 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index 321bd3527..40aed46fc 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -3,7 +3,7 @@ appVersion: v2.6.1 kubeVersion: ">=1.22.0-0" description: A Helm chart for Argo CD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 5.20.3 +version: 5.20.4 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png sources: @@ -23,5 +23,5 @@ dependencies: condition: redis-ha.enabled annotations: artifacthub.io/changes: | - - kind: changed - description: Upgrade Argo CD to 2.6.1 + - kind: fixed + description: Fixed invalid ApplicationSet progressive sync parameter diff --git a/charts/argo-cd/templates/argocd-applicationset/deployment.yaml b/charts/argo-cd/templates/argocd-applicationset/deployment.yaml index 82324f4d1..ff99bd07e 100644 --- a/charts/argo-cd/templates/argocd-applicationset/deployment.yaml +++ b/charts/argo-cd/templates/argocd-applicationset/deployment.yaml @@ -136,7 +136,7 @@ spec: - name: ARGOCD_APPLICATIONSET_CONTROLLER_ENABLE_PROGRESSIVE_SYNCS valueFrom: configMapKeyRef: - key: applicationsetcontroller.enable.progressive.rollouts + key: applicationsetcontroller.enable.progressive.syncs name: argocd-cmd-params-cm optional: true {{- with .Values.applicationSet.extraEnvFrom }} From 4a56a4d7f019f61a4aa2ee348562998f1aa34870 Mon Sep 17 00:00:00 2001 From: nicogl Date: Tue, 14 Feb 2023 09:21:29 -0300 Subject: [PATCH 047/373] fix(argo-cd): Add quotes on Ingress Host to allow wildcards (#1841) * Add quotes on Ingress Host to allow wildcards Signed-off-by: nicogl * Update Chart.yaml Signed-off-by: nicogl --------- Signed-off-by: nicogl --- charts/argo-cd/Chart.yaml | 4 ++-- charts/argo-cd/templates/argocd-server/ingress.yaml | 2 +- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index 40aed46fc..8bb57d7df 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -3,7 +3,7 @@ appVersion: v2.6.1 kubeVersion: ">=1.22.0-0" description: A Helm chart for Argo CD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 5.20.4 +version: 5.20.5 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png sources: @@ -24,4 +24,4 @@ dependencies: annotations: artifacthub.io/changes: | - kind: fixed - description: Fixed invalid ApplicationSet progressive sync parameter + description: Fixed missing quotes on Ingress host diff --git a/charts/argo-cd/templates/argocd-server/ingress.yaml b/charts/argo-cd/templates/argocd-server/ingress.yaml index 52269d0a1..0e064b0b3 100644 --- a/charts/argo-cd/templates/argocd-server/ingress.yaml +++ b/charts/argo-cd/templates/argocd-server/ingress.yaml @@ -29,7 +29,7 @@ spec: rules: {{- if .Values.server.ingress.hosts }} {{- range $host := .Values.server.ingress.hosts }} - - host: {{ $host }} + - host: {{ $host | quote }} http: paths: {{- with $extraPaths }} From d59ae7bd757f43ad73b118628c732f7da717e7de Mon Sep 17 00:00:00 2001 From: Loris Date: Wed, 15 Feb 2023 01:11:16 +0100 Subject: [PATCH 048/373] feat(argo-cd): Add dnsConfig and dnsPolicy for pods (#1773) feat(argo-cd): Add dnsConfig and dnsPolicy for pods (#1771) Signed-off-by: Loris Torikian Co-authored-by: Loris Torikian Co-authored-by: Marco Kilchhofer --- charts/argo-cd/Chart.yaml | 6 ++-- charts/argo-cd/README.md | 14 +++++++++ charts/argo-cd/README.md.gotmpl | 1 + .../statefulset.yaml | 4 +++ .../argocd-applicationset/deployment.yaml | 5 +++ .../bots/slack/deployment.yaml | 5 +++ .../argocd-notifications/deployment.yaml | 5 +++ .../argocd-repo-server/deployment.yaml | 4 +++ .../templates/argocd-server/deployment.yaml | 4 +++ charts/argo-cd/templates/dex/deployment.yaml | 5 +++ .../argo-cd/templates/redis/deployment.yaml | 5 +++ charts/argo-cd/values.yaml | 31 +++++++++++++++++++ 12 files changed, 86 insertions(+), 3 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index 8bb57d7df..8b857298a 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -3,7 +3,7 @@ appVersion: v2.6.1 kubeVersion: ">=1.22.0-0" description: A Helm chart for Argo CD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 5.20.5 +version: 5.21.0 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png sources: @@ -23,5 +23,5 @@ dependencies: condition: redis-ha.enabled annotations: artifacthub.io/changes: | - - kind: fixed - description: Fixed missing quotes on Ingress host + - kind: added + description: Allow dnsConfig pod configuration diff --git a/charts/argo-cd/README.md b/charts/argo-cd/README.md index 652620e55..fe1252106 100644 --- a/charts/argo-cd/README.md +++ b/charts/argo-cd/README.md @@ -466,6 +466,7 @@ NAME: my-release | controller.clusterRoleRules.rules | list | `[]` | List of custom rules for the application controller's ClusterRole resource | | controller.containerPorts.metrics | int | `8082` | Metrics container port | | controller.containerSecurityContext | object | See [values.yaml] | Application controller container-level security context | +| controller.dnsConfig | object | `{}` | [DNS configuration] | | controller.dnsPolicy | string | `"ClusterFirst"` | Alternative DNS policy for application controller pods | | controller.env | list | `[]` | Environment variables to pass to application controller | | controller.envFrom | list | `[]` (See [values.yaml]) | envFrom to pass to application controller | @@ -547,6 +548,7 @@ NAME: my-release | repoServer.containerPorts.server | int | `8081` | Repo server container port | | repoServer.containerSecurityContext | object | See [values.yaml] | Repo server container-level security context | | repoServer.deploymentAnnotations | object | `{}` | Annotations to be added to repo server Deployment | +| repoServer.dnsConfig | object | `{}` | [DNS configuration] | | repoServer.dnsPolicy | string | `"ClusterFirst"` | Alternative DNS policy for Repo server pods | | repoServer.env | list | `[]` | Environment variables to pass to repo server | | repoServer.envFrom | list | `[]` (See [values.yaml]) | envFrom to pass to repo server | @@ -649,6 +651,7 @@ NAME: my-release | server.containerPorts.server | int | `8080` | Server container port | | server.containerSecurityContext | object | See [values.yaml] | Server container-level security context | | server.deploymentAnnotations | object | `{}` | Annotations to be added to server Deployment | +| server.dnsConfig | object | `{}` | [DNS configuration] | | server.dnsPolicy | string | `"ClusterFirst"` | Alternative DNS policy for Server pods | | server.env | list | `[]` | Environment variables to pass to Argo CD server | | server.envFrom | list | `[]` (See [values.yaml]) | envFrom to pass to Argo CD server | @@ -794,6 +797,8 @@ server: | dex.containerPorts.metrics | int | `5558` | Metrics container port | | dex.containerSecurityContext | object | See [values.yaml] | Dex container-level security context | | dex.deploymentAnnotations | object | `{}` | Annotations to be added to the Dex server Deployment | +| dex.dnsConfig | object | `{}` | [DNS configuration] | +| dex.dnsPolicy | string | `"ClusterFirst"` | Alternative DNS policy for Dex server pods | | dex.enabled | bool | `true` | Enable dex | | dex.env | list | `[]` | Environment variables to pass to the Dex server | | dex.envFrom | list | `[]` (See [values.yaml]) | envFrom to pass to the Dex server | @@ -869,6 +874,8 @@ server: | redis.containerPorts.redis | int | `6379` | Redis container port | | redis.containerSecurityContext | object | See [values.yaml] | Redis container-level security context | | redis.deploymentAnnotations | object | `{}` | Annotations to be added to the Redis server Deployment | +| redis.dnsConfig | object | `{}` | [DNS configuration] | +| redis.dnsPolicy | string | `"ClusterFirst"` | Alternative DNS policy for Redis server pods | | redis.enabled | bool | `true` | Enable redis | | redis.env | list | `[]` | Environment variables to pass to the Redis server | | redis.envFrom | list | `[]` (See [values.yaml]) | envFrom to pass to the Redis server | @@ -979,6 +986,8 @@ If you want to use an existing Redis (eg. a managed service from a cloud provide | applicationSet.containerPorts.webhook | int | `7000` | Webhook container port | | applicationSet.containerSecurityContext | object | See [values.yaml] | ApplicationSet controller container-level security context | | applicationSet.deploymentAnnotations | object | `{}` | Annotations to be added to ApplicationSet controller Deployment | +| applicationSet.dnsConfig | object | `{}` | [DNS configuration] | +| applicationSet.dnsPolicy | string | `"ClusterFirst"` | Alternative DNS policy for ApplicationSet controller pods | | applicationSet.enabled | bool | `true` | Enable ApplicationSet controller | | applicationSet.extraArgs | list | `[]` | List of extra cli args to add | | applicationSet.extraContainers | list | `[]` | Additional containers to be added to the ApplicationSet controller pod | @@ -1058,6 +1067,8 @@ If you want to use an existing Redis (eg. a managed service from a cloud provide | notifications.argocdUrl | string | `nil` | Argo CD dashboard url; used in place of {{.context.argocdUrl}} in templates | | notifications.bots.slack.affinity | object | `{}` | Assign custom [affinity] rules | | notifications.bots.slack.containerSecurityContext | object | See [values.yaml] | Slack bot container-level security Context | +| notifications.bots.slack.dnsConfig | object | `{}` | [DNS configuration] | +| notifications.bots.slack.dnsPolicy | string | `"ClusterFirst"` | Alternative DNS policy for Slack bot pods | | notifications.bots.slack.enabled | bool | `false` | Enable slack bot | | notifications.bots.slack.extraArgs | list | `[]` | List of extra cli args to add for Slack bot | | notifications.bots.slack.image.imagePullPolicy | string | `""` (defaults to global.image.imagePullPolicy) | Image pull policy for the Slack bot | @@ -1085,6 +1096,8 @@ If you want to use an existing Redis (eg. a managed service from a cloud provide | notifications.containerSecurityContext | object | See [values.yaml] | Notification controller container-level security Context | | notifications.context | object | `{}` | Define user-defined context | | notifications.deploymentAnnotations | object | `{}` | Annotations to be applied to the notifications controller Deployment | +| notifications.dnsConfig | object | `{}` | [DNS configuration] | +| notifications.dnsPolicy | string | `"ClusterFirst"` | Alternative DNS policy for notifications controller Pods | | notifications.enabled | bool | `true` | Enable notifications controller | | notifications.extraArgs | list | `[]` | Extra arguments to provide to the notifications controller | | notifications.extraContainers | list | `[]` | Additional containers to be added to the notifications controller pod | @@ -1145,6 +1158,7 @@ Autogenerated from chart metadata using [helm-docs](https://github.com/norwoodj/ [BackendConfigSpec]: https://cloud.google.com/kubernetes-engine/docs/concepts/backendconfig#backendconfigspec_v1beta1_cloudgooglecom [CSS styles]: https://argo-cd.readthedocs.io/en/stable/operator-manual/custom-styles/ [changelog]: https://artifacthub.io/packages/helm/argo/argo-cd?modal=changelog +[DNS configuration]: https://kubernetes.io/docs/concepts/services-networking/dns-pod-service/ [external cluster credentials]: https://argo-cd.readthedocs.io/en/stable/operator-manual/declarative-setup/#clusters [FrontendConfigSpec]: https://cloud.google.com/kubernetes-engine/docs/how-to/ingress-features#configuring_ingress_features_through_frontendconfig_parameters [declarative setup]: https://argo-cd.readthedocs.io/en/stable/operator-manual/declarative-setup diff --git a/charts/argo-cd/README.md.gotmpl b/charts/argo-cd/README.md.gotmpl index fde0c0c88..6cec37321 100644 --- a/charts/argo-cd/README.md.gotmpl +++ b/charts/argo-cd/README.md.gotmpl @@ -521,6 +521,7 @@ Autogenerated from chart metadata using [helm-docs](https://github.com/norwoodj/ [BackendConfigSpec]: https://cloud.google.com/kubernetes-engine/docs/concepts/backendconfig#backendconfigspec_v1beta1_cloudgooglecom [CSS styles]: https://argo-cd.readthedocs.io/en/stable/operator-manual/custom-styles/ [changelog]: https://artifacthub.io/packages/helm/argo/argo-cd?modal=changelog +[DNS configuration]: https://kubernetes.io/docs/concepts/services-networking/dns-pod-service/ [external cluster credentials]: https://argo-cd.readthedocs.io/en/stable/operator-manual/declarative-setup/#clusters [FrontendConfigSpec]: https://cloud.google.com/kubernetes-engine/docs/how-to/ingress-features#configuring_ingress_features_through_frontendconfig_parameters [declarative setup]: https://argo-cd.readthedocs.io/en/stable/operator-manual/declarative-setup diff --git a/charts/argo-cd/templates/argocd-application-controller/statefulset.yaml b/charts/argo-cd/templates/argocd-application-controller/statefulset.yaml index 634431dd3..2ada23b4f 100644 --- a/charts/argo-cd/templates/argocd-application-controller/statefulset.yaml +++ b/charts/argo-cd/templates/argocd-application-controller/statefulset.yaml @@ -313,4 +313,8 @@ spec: priorityClassName: {{ . }} {{- end }} hostNetwork: {{ .Values.controller.hostNetwork }} + {{- with .Values.controller.dnsConfig }} + dnsConfig: + {{- toYaml . | nindent 8 }} + {{- end }} dnsPolicy: {{ .Values.controller.dnsPolicy }} diff --git a/charts/argo-cd/templates/argocd-applicationset/deployment.yaml b/charts/argo-cd/templates/argocd-applicationset/deployment.yaml index ff99bd07e..ca129ffd3 100644 --- a/charts/argo-cd/templates/argocd-applicationset/deployment.yaml +++ b/charts/argo-cd/templates/argocd-applicationset/deployment.yaml @@ -230,4 +230,9 @@ spec: emptyDir: {} - name: tmp emptyDir: {} + {{- with .Values.applicationSet.dnsConfig }} + dnsConfig: + {{- toYaml . | nindent 8 }} + {{- end }} + dnsPolicy: {{ .Values.applicationSet.dnsPolicy }} {{- end }} diff --git a/charts/argo-cd/templates/argocd-notifications/bots/slack/deployment.yaml b/charts/argo-cd/templates/argocd-notifications/bots/slack/deployment.yaml index 90fcf78ce..b9949aab6 100644 --- a/charts/argo-cd/templates/argocd-notifications/bots/slack/deployment.yaml +++ b/charts/argo-cd/templates/argocd-notifications/bots/slack/deployment.yaml @@ -65,4 +65,9 @@ spec: tolerations: {{- toYaml . | nindent 8 }} {{- end }} + {{- with .Values.notifications.bots.slack.dnsConfig }} + dnsConfig: + {{- toYaml . | nindent 8 }} + {{- end }} + dnsPolicy: {{ .Values.notifications.bots.slack.dnsPolicy }} {{ end }} diff --git a/charts/argo-cd/templates/argocd-notifications/deployment.yaml b/charts/argo-cd/templates/argocd-notifications/deployment.yaml index 85d586ccc..474dc01da 100644 --- a/charts/argo-cd/templates/argocd-notifications/deployment.yaml +++ b/charts/argo-cd/templates/argocd-notifications/deployment.yaml @@ -121,4 +121,9 @@ spec: path: tls.key - key: ca.crt path: ca.crt + {{- with .Values.notifications.dnsConfig }} + dnsConfig: + {{- toYaml . | nindent 8 }} + {{- end }} + dnsPolicy: {{ .Values.notifications.dnsPolicy }} {{- end }} diff --git a/charts/argo-cd/templates/argocd-repo-server/deployment.yaml b/charts/argo-cd/templates/argocd-repo-server/deployment.yaml index a39c007c3..67ad60f9e 100755 --- a/charts/argo-cd/templates/argocd-repo-server/deployment.yaml +++ b/charts/argo-cd/templates/argocd-repo-server/deployment.yaml @@ -357,4 +357,8 @@ spec: priorityClassName: {{ . }} {{- end }} hostNetwork: {{ .Values.repoServer.hostNetwork }} + {{- with .Values.repoServer.dnsConfig }} + dnsConfig: + {{- toYaml . | nindent 8 }} + {{- end }} dnsPolicy: {{ .Values.repoServer.dnsPolicy }} diff --git a/charts/argo-cd/templates/argocd-server/deployment.yaml b/charts/argo-cd/templates/argocd-server/deployment.yaml index b0ed47d4a..57d1305b1 100755 --- a/charts/argo-cd/templates/argocd-server/deployment.yaml +++ b/charts/argo-cd/templates/argocd-server/deployment.yaml @@ -422,4 +422,8 @@ spec: priorityClassName: {{ . }} {{- end }} hostNetwork: {{ .Values.server.hostNetwork }} + {{- with .Values.server.dnsConfig }} + dnsConfig: + {{- toYaml . | nindent 8 }} + {{- end }} dnsPolicy: {{ .Values.server.dnsPolicy }} diff --git a/charts/argo-cd/templates/dex/deployment.yaml b/charts/argo-cd/templates/dex/deployment.yaml index 1b3b43380..9acc08711 100755 --- a/charts/argo-cd/templates/dex/deployment.yaml +++ b/charts/argo-cd/templates/dex/deployment.yaml @@ -188,4 +188,9 @@ spec: {{- with .Values.dex.priorityClassName }} priorityClassName: {{ . }} {{- end }} + {{- with .Values.dex.dnsConfig }} + dnsConfig: + {{- toYaml . | nindent 8 }} + {{- end }} + dnsPolicy: {{ .Values.dex.dnsPolicy }} {{- end }} diff --git a/charts/argo-cd/templates/redis/deployment.yaml b/charts/argo-cd/templates/redis/deployment.yaml index 6f23e44e1..ff4b29b1d 100755 --- a/charts/argo-cd/templates/redis/deployment.yaml +++ b/charts/argo-cd/templates/redis/deployment.yaml @@ -128,4 +128,9 @@ spec: volumes: {{- toYaml . | nindent 8}} {{- end }} + {{- with .Values.redis.dnsConfig }} + dnsConfig: + {{- toYaml . | nindent 8 }} + {{- end }} + dnsPolicy: {{ .Values.redis.dnsPolicy }} {{- end }} diff --git a/charts/argo-cd/values.yaml b/charts/argo-cd/values.yaml index 6e885f107..f444e21cf 100755 --- a/charts/argo-cd/values.yaml +++ b/charts/argo-cd/values.yaml @@ -589,6 +589,8 @@ controller: # -- Host Network for application controller pods hostNetwork: false + # -- [DNS configuration] + dnsConfig: {} # -- Alternative DNS policy for application controller pods dnsPolicy: "ClusterFirst" @@ -890,6 +892,11 @@ dex: # -- Metrics container port metrics: 5558 + # -- [DNS configuration] + dnsConfig: {} + # -- Alternative DNS policy for Dex server pods + dnsPolicy: "ClusterFirst" + # -- Dex container-level security context # @default -- See [values.yaml] containerSecurityContext: @@ -1106,6 +1113,11 @@ redis: # -- Metrics container port metrics: 9121 + # -- [DNS configuration] + dnsConfig: {} + # -- Alternative DNS policy for Redis server pods + dnsPolicy: "ClusterFirst" + # -- Redis container-level security context # @default -- See [values.yaml] containerSecurityContext: @@ -1463,6 +1475,8 @@ server: # -- Host Network for Server pods hostNetwork: false + # -- [DNS configuration] + dnsConfig: {} # -- Alternative DNS policy for Server pods dnsPolicy: "ClusterFirst" @@ -1952,6 +1966,8 @@ repoServer: # -- Host Network for Repo server pods hostNetwork: false + # -- [DNS configuration] + dnsConfig: {} # -- Alternative DNS policy for Repo server pods dnsPolicy: "ClusterFirst" @@ -2279,6 +2295,11 @@ applicationSet: # -- Webhook container port webhook: 7000 + # -- [DNS configuration] + dnsConfig: {} + # -- Alternative DNS policy for ApplicationSet controller pods + dnsPolicy: "ClusterFirst" + # -- ApplicationSet controller container-level security context # @default -- See [values.yaml] containerSecurityContext: @@ -2549,6 +2570,11 @@ notifications: # -- Metrics container port metrics: 9001 + # -- [DNS configuration] + dnsConfig: {} + # -- Alternative DNS policy for notifications controller Pods + dnsPolicy: "ClusterFirst" + # -- Notification controller container-level security Context # @default -- See [values.yaml] containerSecurityContext: @@ -2930,6 +2956,11 @@ notifications: # -- Annotations applied to created service account annotations: {} + # -- [DNS configuration] + dnsConfig: {} + # -- Alternative DNS policy for Slack bot pods + dnsPolicy: "ClusterFirst" + # -- Slack bot container-level security Context # @default -- See [values.yaml] containerSecurityContext: From 70fd1b3fe64e127a28780c33dc25b7f9670be753 Mon Sep 17 00:00:00 2001 From: Aikawa Date: Fri, 17 Feb 2023 17:23:33 +0900 Subject: [PATCH 049/373] chore(argo-cd): Upgrade Argo CD to v2.6.2 (#1844) Signed-off-by: yu-croco --- charts/argo-cd/Chart.yaml | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index 8b857298a..7519bc45f 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -1,9 +1,9 @@ apiVersion: v2 -appVersion: v2.6.1 +appVersion: v2.6.2 kubeVersion: ">=1.22.0-0" description: A Helm chart for Argo CD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 5.21.0 +version: 5.21.1 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png sources: @@ -23,5 +23,5 @@ dependencies: condition: redis-ha.enabled annotations: artifacthub.io/changes: | - - kind: added - description: Allow dnsConfig pod configuration + - kind: changed + description: Upgrade Argo CD to v2.6.2 From 51386c69be246d233d106ca97d33fda6b63b0caa Mon Sep 17 00:00:00 2001 From: Petr Drastil Date: Fri, 17 Feb 2023 17:38:17 +0100 Subject: [PATCH 050/373] feat(argo-cd): Add global affinity configuration (#1794) --- charts/argo-cd/Chart.yaml | 6 +-- charts/argo-cd/README.md | 23 +++++--- charts/argo-cd/README.md.gotmpl | 4 ++ charts/argo-cd/templates/_common.tpl | 54 +++++++++++++++++++ .../statefulset.yaml | 6 +-- .../argocd-applicationset/deployment.yaml | 6 +-- .../bots/slack/deployment.yaml | 6 +-- .../argocd-notifications/deployment.yaml | 6 +-- .../argocd-repo-server/deployment.yaml | 6 +-- .../templates/argocd-server/deployment.yaml | 6 +-- charts/argo-cd/templates/dex/deployment.yaml | 4 +- .../argo-cd/templates/redis/deployment.yaml | 4 +- charts/argo-cd/values.yaml | 25 +++++++++ 13 files changed, 115 insertions(+), 41 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index 7519bc45f..76bdbde6a 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -3,7 +3,7 @@ appVersion: v2.6.2 kubeVersion: ">=1.22.0-0" description: A Helm chart for Argo CD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 5.21.1 +version: 5.22.0 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png sources: @@ -23,5 +23,5 @@ dependencies: condition: redis-ha.enabled annotations: artifacthub.io/changes: | - - kind: changed - description: Upgrade Argo CD to v2.6.2 + - kind: added + description: Global affinity configuration diff --git a/charts/argo-cd/README.md b/charts/argo-cd/README.md index fe1252106..2533c1802 100644 --- a/charts/argo-cd/README.md +++ b/charts/argo-cd/README.md @@ -105,6 +105,10 @@ For full list of changes please check ArtifactHub [changelog]. Highlighted versions provide information about additional steps that should be performed by user when upgrading to newer version. +### 5.21.0 + +This versions adds `global.affinity` options that are used as a presets. Override on component level works as before and replaces the default preset completely. + ### 5.19.0 This version consolidates config for custom repository TLS certificates and SSH known hosts. If you provide this values please move them into new `configs.ssh` and `configs.tls` sections. @@ -381,6 +385,9 @@ NAME: my-release | Key | Type | Default | Description | |-----|------|---------|-------------| | global.additionalLabels | object | `{}` | Common labels for the all resources | +| global.affinity.nodeAffinity.matchExpressions | list | `[]` | Default match expressions for node affinity | +| global.affinity.nodeAffinity.type | string | `"hard"` | Default node affinity rules. Either: `soft` or `hard` | +| global.affinity.podAntiAffinity | string | `"soft"` | Default pod anti-affinity rules. Either: `soft` or `hard` | | global.deploymentAnnotations | object | `{}` | Annotations for the all deployed Deployments | | global.hostAliases | list | `[]` | Mapping between IP and hostnames that will be injected as entries in the pod's hosts files | | global.image.imagePullPolicy | string | `"IfNotPresent"` | If defined, a imagePullPolicy applied to all Argo CD deployments | @@ -460,7 +467,7 @@ NAME: my-release | Key | Type | Default | Description | |-----|------|---------|-------------| -| controller.affinity | object | `{}` | Assign custom [affinity] rules to the deployment | +| controller.affinity | object | `{}` (defaults to global.affinity preset) | Assign custom [affinity] rules to the deployment | | controller.args | object | `{}` | DEPRECATED - Application controller commandline flags | | controller.clusterRoleRules.enabled | bool | `false` | Enable custom rules for the application controller's ClusterRole resource | | controller.clusterRoleRules.rules | list | `[]` | List of custom rules for the application controller's ClusterRole resource | @@ -529,7 +536,7 @@ NAME: my-release | Key | Type | Default | Description | |-----|------|---------|-------------| -| repoServer.affinity | object | `{}` | Assign custom [affinity] rules to the deployment | +| repoServer.affinity | object | `{}` (defaults to global.affinity preset) | Assign custom [affinity] rules to the deployment | | repoServer.autoscaling.behavior | object | `{}` | Configures the scaling behavior of the target in both Up and Down directions. This is only available on HPA apiVersion `autoscaling/v2beta2` and newer | | repoServer.autoscaling.enabled | bool | `false` | Enable Horizontal Pod Autoscaler ([HPA]) for the repo server | | repoServer.autoscaling.maxReplicas | int | `5` | Maximum number of replicas for the repo server [HPA] | @@ -622,7 +629,7 @@ NAME: my-release | server.GKEfrontendConfig.spec | object | `{}` | [FrontendConfigSpec] | | server.GKEmanagedCertificate.domains | list | `["argocd.example.com"]` | Domains for the Google Managed Certificate | | server.GKEmanagedCertificate.enabled | bool | `false` | Enable ManagedCertificate custom resource for Google Kubernetes Engine. | -| server.affinity | object | `{}` | Assign custom [affinity] rules to the deployment | +| server.affinity | object | `{}` (defaults to global.affinity preset) | Assign custom [affinity] rules to the deployment | | server.autoscaling.behavior | object | `{}` | Configures the scaling behavior of the target in both Up and Down directions. This is only available on HPA apiVersion `autoscaling/v2beta2` and newer | | server.autoscaling.enabled | bool | `false` | Enable Horizontal Pod Autoscaler ([HPA]) for the Argo CD server | | server.autoscaling.maxReplicas | int | `5` | Maximum number of replicas for the Argo CD server [HPA] | @@ -785,7 +792,7 @@ server: | Key | Type | Default | Description | |-----|------|---------|-------------| -| dex.affinity | object | `{}` | Assign custom [affinity] rules to the deployment | +| dex.affinity | object | `{}` (defaults to global.affinity preset) | Assign custom [affinity] rules to the deployment | | dex.certificateSecret.annotations | object | `{}` | Annotations to be added to argocd-dex-server-tls secret | | dex.certificateSecret.ca | string | `""` | Certificate authority. Required for self-signed certificates. | | dex.certificateSecret.crt | string | `""` | Certificate data. Must contain SANs of Dex service (ie: argocd-dex-server, argocd-dex-server.argo-cd.svc) | @@ -869,7 +876,7 @@ server: | Key | Type | Default | Description | |-----|------|---------|-------------| -| redis.affinity | object | `{}` | Assign custom [affinity] rules to the deployment | +| redis.affinity | object | `{}` (defaults to global.affinity preset) | Assign custom [affinity] rules to the deployment | | redis.containerPorts.metrics | int | `9121` | Metrics container port | | redis.containerPorts.redis | int | `6379` | Redis container port | | redis.containerSecurityContext | object | See [values.yaml] | Redis container-level security context | @@ -979,7 +986,7 @@ If you want to use an existing Redis (eg. a managed service from a cloud provide | Key | Type | Default | Description | |-----|------|---------|-------------| -| applicationSet.affinity | object | `{}` | Assign custom [affinity] rules | +| applicationSet.affinity | object | `{}` (defaults to global.affinity preset) | Assign custom [affinity] rules | | applicationSet.args | object | `{}` | DEPRECATED - ApplicationSet controller command line flags | | applicationSet.containerPorts.metrics | int | `8080` | Metrics container port | | applicationSet.containerPorts.probe | int | `8081` | Probe container port | @@ -1063,9 +1070,9 @@ If you want to use an existing Redis (eg. a managed service from a cloud provide | Key | Type | Default | Description | |-----|------|---------|-------------| -| notifications.affinity | object | `{}` | Assign custom [affinity] rules | +| notifications.affinity | object | `{}` (defaults to global.affinity preset) | Assign custom [affinity] rules | | notifications.argocdUrl | string | `nil` | Argo CD dashboard url; used in place of {{.context.argocdUrl}} in templates | -| notifications.bots.slack.affinity | object | `{}` | Assign custom [affinity] rules | +| notifications.bots.slack.affinity | object | `{}` (defaults to global.affinity preset) | Assign custom [affinity] rules | | notifications.bots.slack.containerSecurityContext | object | See [values.yaml] | Slack bot container-level security Context | | notifications.bots.slack.dnsConfig | object | `{}` | [DNS configuration] | | notifications.bots.slack.dnsPolicy | string | `"ClusterFirst"` | Alternative DNS policy for Slack bot pods | diff --git a/charts/argo-cd/README.md.gotmpl b/charts/argo-cd/README.md.gotmpl index 6cec37321..f450e0e7c 100644 --- a/charts/argo-cd/README.md.gotmpl +++ b/charts/argo-cd/README.md.gotmpl @@ -104,6 +104,10 @@ For full list of changes please check ArtifactHub [changelog]. Highlighted versions provide information about additional steps that should be performed by user when upgrading to newer version. +### 5.21.0 + +This versions adds `global.affinity` options that are used as a presets. Override on component level works as before and replaces the default preset completely. + ### 5.19.0 This version consolidates config for custom repository TLS certificates and SSH known hosts. If you provide this values please move them into new `configs.ssh` and `configs.tls` sections. diff --git a/charts/argo-cd/templates/_common.tpl b/charts/argo-cd/templates/_common.tpl index f5154e47d..2ba53d8cc 100644 --- a/charts/argo-cd/templates/_common.tpl +++ b/charts/argo-cd/templates/_common.tpl @@ -63,3 +63,57 @@ app.kubernetes.io/instance: {{ .context.Release.Name }} app.kubernetes.io/component: {{ .component }} {{- end }} {{- end }} + +{{/* +Common affinity definition +Pod affinity + - Soft prefers different nodes + - Hard requires different nodes and prefers different availibility zones +Node affinity + - Soft prefers given user expressions + - Hard requires given user expressions +*/}} +{{- define "argo-cd.affinity" -}} +{{- with .component.affinity -}} + {{- toYaml . -}} +{{- else -}} +{{- $preset := .context.Values.global.affinity -}} +podAntiAffinity: + preferredDuringSchedulingIgnoredDuringExecution: + {{- if (eq $preset.podAntiAffinity "soft") }} + - weight: 100 + podAffinityTerm: + labelSelector: + matchLabels: + app.kubernetes.io/name: {{ include "argo-cd.name" .context }}-{{ .component.name }} + topologyKey: kubernetes.io/hostname + {{- else }} + - weight: 100 + podAffinityTerm: + labelSelector: + matchLabels: + app.kubernetes.io/name: {{ include "argo-cd.name" .context }}-{{ .component.name }} + topologyKey: topology.kubernetes.io/zone + requiredDuringSchedulingIgnoredDuringExecution: + - labelSelector: + matchLabels: + app.kubernetes.io/name: {{ include "argo-cd.name" .context }}-{{ .component.name }} + topologyKey: kubernetes.io/hostname + {{- end }} +{{- with $preset.nodeAffinity.matchExpressions }} +nodeAffinity: + {{- if (eq $preset.nodeAffinity.type "soft") }} + preferredDuringSchedulingIgnoredDuringExecution: + - weight: 1 + preference: + matchExpressions: + {{- toYaml . | nindent 6 }} + {{- else }} + requiredDuringSchedulingIgnoredDuringExecution: + nodeSelectorTerms: + - matchExpressions: + {{- toYaml . | nindent 6 }} + {{- end }} +{{- end -}} +{{- end -}} +{{- end -}} diff --git a/charts/argo-cd/templates/argocd-application-controller/statefulset.yaml b/charts/argo-cd/templates/argocd-application-controller/statefulset.yaml index 2ada23b4f..0a161362a 100644 --- a/charts/argo-cd/templates/argocd-application-controller/statefulset.yaml +++ b/charts/argo-cd/templates/argocd-application-controller/statefulset.yaml @@ -264,6 +264,8 @@ spec: initContainers: {{- tpl (toYaml .) $ | nindent 6 }} {{- end }} + affinity: + {{- include "argo-cd.affinity" (dict "context" . "component" .Values.controller) | nindent 8 }} {{- with .Values.controller.nodeSelector }} nodeSelector: {{- toYaml . | nindent 8 }} @@ -272,10 +274,6 @@ spec: tolerations: {{- toYaml . | nindent 8 }} {{- end }} - {{- with .Values.controller.affinity }} - affinity: - {{- toYaml . | nindent 8 }} - {{- end }} {{- with .Values.controller.topologySpreadConstraints }} topologySpreadConstraints: {{- range $constraint := . }} diff --git a/charts/argo-cd/templates/argocd-applicationset/deployment.yaml b/charts/argo-cd/templates/argocd-applicationset/deployment.yaml index ca129ffd3..462ebcbaa 100644 --- a/charts/argo-cd/templates/argocd-applicationset/deployment.yaml +++ b/charts/argo-cd/templates/argocd-applicationset/deployment.yaml @@ -198,14 +198,12 @@ spec: initContainers: {{- tpl (toYaml .) $ | nindent 6 }} {{- end }} + affinity: + {{- include "argo-cd.affinity" (dict "context" . "component" .Values.applicationSet) | nindent 8 }} {{- with .Values.applicationSet.nodeSelector }} nodeSelector: {{- toYaml . | nindent 8 }} {{- end }} - {{- with .Values.applicationSet.affinity }} - affinity: - {{- toYaml . | nindent 8 }} - {{- end }} {{- with .Values.applicationSet.tolerations }} tolerations: {{- toYaml . | nindent 8 }} diff --git a/charts/argo-cd/templates/argocd-notifications/bots/slack/deployment.yaml b/charts/argo-cd/templates/argocd-notifications/bots/slack/deployment.yaml index b9949aab6..2749cb2b4 100644 --- a/charts/argo-cd/templates/argocd-notifications/bots/slack/deployment.yaml +++ b/charts/argo-cd/templates/argocd-notifications/bots/slack/deployment.yaml @@ -53,14 +53,12 @@ spec: {{- toYaml .Values.notifications.bots.slack.resources | nindent 12 }} securityContext: {{- toYaml .Values.notifications.bots.slack.containerSecurityContext | nindent 12 }} + affinity: + {{- include "argo-cd.affinity" (dict "context" . "component" .Values.notifications.bots.slack) | nindent 8 }} {{- with .Values.notifications.bots.slack.nodeSelector }} nodeSelector: {{- toYaml . | nindent 8 }} {{- end }} - {{- with .Values.notifications.bots.slack.affinity }} - affinity: - {{- toYaml . | nindent 8 }} - {{- end }} {{- with .Values.notifications.bots.slack.tolerations }} tolerations: {{- toYaml . | nindent 8 }} diff --git a/charts/argo-cd/templates/argocd-notifications/deployment.yaml b/charts/argo-cd/templates/argocd-notifications/deployment.yaml index 474dc01da..5efc09653 100644 --- a/charts/argo-cd/templates/argocd-notifications/deployment.yaml +++ b/charts/argo-cd/templates/argocd-notifications/deployment.yaml @@ -88,14 +88,12 @@ spec: initContainers: {{- tpl (toYaml . ) $ | nindent 8 }} {{- end }} + affinity: + {{- include "argo-cd.affinity" (dict "context" . "component" .Values.notifications) | nindent 8 }} {{- with .Values.notifications.nodeSelector }} nodeSelector: {{- toYaml . | nindent 8 }} {{- end }} - {{- with .Values.notifications.affinity }} - affinity: - {{- toYaml . | nindent 8 }} - {{- end }} {{- with .Values.notifications.tolerations }} tolerations: {{- toYaml . | nindent 8 }} diff --git a/charts/argo-cd/templates/argocd-repo-server/deployment.yaml b/charts/argo-cd/templates/argocd-repo-server/deployment.yaml index 67ad60f9e..00e73d8a2 100755 --- a/charts/argo-cd/templates/argocd-repo-server/deployment.yaml +++ b/charts/argo-cd/templates/argocd-repo-server/deployment.yaml @@ -291,6 +291,8 @@ spec: {{- with .Values.repoServer.initContainers }} {{- tpl (toYaml .) $ | nindent 6 }} {{- end }} + affinity: + {{- include "argo-cd.affinity" (dict "context" . "component" .Values.repoServer) | nindent 8 }} {{- with .Values.repoServer.nodeSelector }} nodeSelector: {{- toYaml . | nindent 8 }} @@ -299,10 +301,6 @@ spec: tolerations: {{- toYaml . | nindent 8 }} {{- end }} - {{- with .Values.repoServer.affinity }} - affinity: - {{- toYaml . | nindent 8 }} - {{- end }} {{- with .Values.repoServer.topologySpreadConstraints }} topologySpreadConstraints: {{- range $constraint := . }} diff --git a/charts/argo-cd/templates/argocd-server/deployment.yaml b/charts/argo-cd/templates/argocd-server/deployment.yaml index 57d1305b1..bb3940065 100755 --- a/charts/argo-cd/templates/argocd-server/deployment.yaml +++ b/charts/argo-cd/templates/argocd-server/deployment.yaml @@ -348,6 +348,8 @@ spec: initContainers: {{- tpl (toYaml .) $ | nindent 6 }} {{- end }} + affinity: + {{- include "argo-cd.affinity" (dict "context" . "component" .Values.server) | nindent 8 }} {{- with .Values.server.nodeSelector }} nodeSelector: {{- toYaml . | nindent 8 }} @@ -356,10 +358,6 @@ spec: tolerations: {{- toYaml . | nindent 8 }} {{- end }} - {{- with .Values.server.affinity }} - affinity: - {{- toYaml . | nindent 8 }} - {{- end }} {{- with .Values.server.topologySpreadConstraints }} topologySpreadConstraints: {{- range $constraint := . }} diff --git a/charts/argo-cd/templates/dex/deployment.yaml b/charts/argo-cd/templates/dex/deployment.yaml index 9acc08711..7fea0b485 100755 --- a/charts/argo-cd/templates/dex/deployment.yaml +++ b/charts/argo-cd/templates/dex/deployment.yaml @@ -146,10 +146,8 @@ spec: tolerations: {{- toYaml . | nindent 8 }} {{- end }} - {{- with .Values.dex.affinity }} affinity: - {{- toYaml . | nindent 8 }} - {{- end }} + {{- include "argo-cd.affinity" (dict "context" . "component" .Values.dex) | nindent 8 }} {{- with .Values.dex.topologySpreadConstraints }} topologySpreadConstraints: {{- range $constraint := . }} diff --git a/charts/argo-cd/templates/redis/deployment.yaml b/charts/argo-cd/templates/redis/deployment.yaml index ff4b29b1d..ffff4badc 100755 --- a/charts/argo-cd/templates/redis/deployment.yaml +++ b/charts/argo-cd/templates/redis/deployment.yaml @@ -106,10 +106,8 @@ spec: tolerations: {{- toYaml . | nindent 8 }} {{- end }} - {{- with .Values.redis.affinity }} affinity: - {{- toYaml . | nindent 8 }} - {{- end }} + {{- include "argo-cd.affinity" (dict "context" . "component" .Values.redis) | nindent 8 }} {{- with .Values.redis.topologySpreadConstraints }} topologySpreadConstraints: {{- range $constraint := . }} diff --git a/charts/argo-cd/values.yaml b/charts/argo-cd/values.yaml index f444e21cf..b3706c5ab 100755 --- a/charts/argo-cd/values.yaml +++ b/charts/argo-cd/values.yaml @@ -92,12 +92,29 @@ global: # hostnames: # - git.myhostname + # Default network policy rules used by all components networkPolicy: # -- Create NetworkPolicy objects for all components create: false # -- Default deny all ingress traffic defaultDenyIngress: false + # Default affinity preset for all components + affinity: + # -- Default pod anti-affinity rules. Either: `soft` or `hard` + podAntiAffinity: soft + # Node affinity rules + nodeAffinity: + # -- Default node affinity rules. Either: `soft` or `hard` + type: hard + # -- Default match expressions for node affinity + matchExpressions: [] + # - key: topology.kubernetes.io/zone + # operator: In + # values: + # - antarctica-east1 + # - antarctica-west1 + ## Argo Configs configs: # General Argo CD configuration @@ -627,6 +644,7 @@ controller: tolerations: [] # -- Assign custom [affinity] rules to the deployment + # @default -- `{}` (defaults to global.affinity preset) affinity: {} # -- Assign custom [TopologySpreadConstraints] rules to the application controller @@ -965,6 +983,7 @@ dex: # -- [Tolerations] for use with node taints tolerations: [] # -- Assign custom [affinity] rules to the deployment + # @default -- `{}` (defaults to global.affinity preset) affinity: {} # -- Assign custom [TopologySpreadConstraints] rules to dex @@ -1136,6 +1155,7 @@ redis: tolerations: [] # -- Assign custom [affinity] rules to the deployment + # @default -- `{}` (defaults to global.affinity preset) affinity: {} # -- Assign custom [TopologySpreadConstraints] rules to redis @@ -1523,6 +1543,7 @@ server: # -- [Tolerations] for use with node taints tolerations: [] # -- Assign custom [affinity] rules to the deployment + # @default -- `{}` (defaults to global.affinity preset) affinity: {} # -- Assign custom [TopologySpreadConstraints] rules to the Argo CD server @@ -2014,6 +2035,7 @@ repoServer: # -- [Tolerations] for use with node taints tolerations: [] # -- Assign custom [affinity] rules to the deployment + # @default -- `{}` (defaults to global.affinity preset) affinity: {} # -- Assign custom [TopologySpreadConstraints] rules to the repo server @@ -2349,6 +2371,7 @@ applicationSet: tolerations: [] # -- Assign custom [affinity] rules + # @default -- `{}` (defaults to global.affinity preset) affinity: {} # -- If specified, indicates the pod's priority. If not specified, the pod priority will be default or zero if there is no default. @@ -2594,6 +2617,7 @@ notifications: tolerations: [] # -- Assign custom [affinity] rules + # @default -- `{}` (defaults to global.affinity preset) affinity: {} # -- Priority class for the notifications controller pods @@ -2983,6 +3007,7 @@ notifications: # memory: 128Mi # -- Assign custom [affinity] rules + # @default -- `{}` (defaults to global.affinity preset) affinity: {} # -- [Tolerations] for use with node taints From 63b741ed580be65282a957855787f94ffc00b3b1 Mon Sep 17 00:00:00 2001 From: Petr Drastil Date: Sun, 19 Feb 2023 13:38:02 +0100 Subject: [PATCH 051/373] chore(argo-cd): Group component templates together (#1847) Signed-off-by: Petr Drastil --- charts/argo-cd/Chart.yaml | 6 +- charts/argo-cd/templates/_helpers.tpl | 100 +++++++++++++------------- 2 files changed, 53 insertions(+), 53 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index 76bdbde6a..efd96096b 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -3,7 +3,7 @@ appVersion: v2.6.2 kubeVersion: ">=1.22.0-0" description: A Helm chart for Argo CD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 5.22.0 +version: 5.22.1 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png sources: @@ -23,5 +23,5 @@ dependencies: condition: redis-ha.enabled annotations: artifacthub.io/changes: | - - kind: added - description: Global affinity configuration + - kind: changed + description: Grouped component templates together diff --git a/charts/argo-cd/templates/_helpers.tpl b/charts/argo-cd/templates/_helpers.tpl index bd99fc9dd..76abc8d28 100644 --- a/charts/argo-cd/templates/_helpers.tpl +++ b/charts/argo-cd/templates/_helpers.tpl @@ -8,6 +8,17 @@ to 63 chars and it includes 10 chars of hash and a separating '-'. {{- printf "%s-%s" (include "argo-cd.fullname" .) .Values.controller.name | trunc 52 | trimSuffix "-" -}} {{- end -}} +{{/* +Create the name of the controller service account to use +*/}} +{{- define "argo-cd.controllerServiceAccountName" -}} +{{- if .Values.controller.serviceAccount.create -}} + {{ default (include "argo-cd.controller.fullname" .) .Values.controller.serviceAccount.name }} +{{- else -}} + {{ default "default" .Values.controller.serviceAccount.name }} +{{- end -}} +{{- end -}} + {{/* Create dex name and version as used by the chart label. */}} @@ -26,6 +37,17 @@ Create Dex server endpoint {{- printf "%s://%s:%d" $scheme $host $port }} {{- end }} +{{/* +Create the name of the dex service account to use +*/}} +{{- define "argo-cd.dexServiceAccountName" -}} +{{- if .Values.dex.serviceAccount.create -}} + {{ default (include "argo-cd.dex.fullname" .) .Values.dex.serviceAccount.name }} +{{- else -}} + {{ default "default" .Values.dex.serviceAccount.name }} +{{- end -}} +{{- end -}} + {{/* Create redis name and version as used by the chart label. */}} @@ -53,56 +75,6 @@ Return Redis server endpoint {{- end }} {{- end -}} -{{/* -Create argocd server name and version as used by the chart label. -*/}} -{{- define "argo-cd.server.fullname" -}} -{{- printf "%s-%s" (include "argo-cd.fullname" .) .Values.server.name | trunc 63 | trimSuffix "-" -}} -{{- end -}} - -{{/* -Create argocd repo-server name and version as used by the chart label. -*/}} -{{- define "argo-cd.repoServer.fullname" -}} -{{- printf "%s-%s" (include "argo-cd.fullname" .) .Values.repoServer.name | trunc 63 | trimSuffix "-" -}} -{{- end -}} - -{{/* -Create argocd application set name and version as used by the chart label. -*/}} -{{- define "argo-cd.applicationSet.fullname" -}} -{{- printf "%s-%s" (include "argo-cd.fullname" .) .Values.applicationSet.name | trunc 63 | trimSuffix "-" -}} -{{- end -}} - -{{/* -Create argocd notifications name and version as used by the chart label. -*/}} -{{- define "argo-cd.notifications.fullname" -}} -{{- printf "%s-%s" (include "argo-cd.fullname" .) .Values.notifications.name | trunc 63 | trimSuffix "-" -}} -{{- end -}} - -{{/* -Create the name of the controller service account to use -*/}} -{{- define "argo-cd.controllerServiceAccountName" -}} -{{- if .Values.controller.serviceAccount.create -}} - {{ default (include "argo-cd.controller.fullname" .) .Values.controller.serviceAccount.name }} -{{- else -}} - {{ default "default" .Values.controller.serviceAccount.name }} -{{- end -}} -{{- end -}} - -{{/* -Create the name of the dex service account to use -*/}} -{{- define "argo-cd.dexServiceAccountName" -}} -{{- if .Values.dex.serviceAccount.create -}} - {{ default (include "argo-cd.dex.fullname" .) .Values.dex.serviceAccount.name }} -{{- else -}} - {{ default "default" .Values.dex.serviceAccount.name }} -{{- end -}} -{{- end -}} - {{/* Create the name of the redis service account to use */}} @@ -114,6 +86,13 @@ Create the name of the redis service account to use {{- end -}} {{- end -}} +{{/* +Create argocd server name and version as used by the chart label. +*/}} +{{- define "argo-cd.server.fullname" -}} +{{- printf "%s-%s" (include "argo-cd.fullname" .) .Values.server.name | trunc 63 | trimSuffix "-" -}} +{{- end -}} + {{/* Create the name of the Argo CD server service account to use */}} @@ -125,6 +104,13 @@ Create the name of the Argo CD server service account to use {{- end -}} {{- end -}} +{{/* +Create argocd repo-server name and version as used by the chart label. +*/}} +{{- define "argo-cd.repoServer.fullname" -}} +{{- printf "%s-%s" (include "argo-cd.fullname" .) .Values.repoServer.name | trunc 63 | trimSuffix "-" -}} +{{- end -}} + {{/* Create the name of the repo-server service account to use */}} @@ -136,6 +122,13 @@ Create the name of the repo-server service account to use {{- end -}} {{- end -}} +{{/* +Create argocd application set name and version as used by the chart label. +*/}} +{{- define "argo-cd.applicationSet.fullname" -}} +{{- printf "%s-%s" (include "argo-cd.fullname" .) .Values.applicationSet.name | trunc 63 | trimSuffix "-" -}} +{{- end -}} + {{/* Create the name of the application set service account to use */}} @@ -147,6 +140,13 @@ Create the name of the application set service account to use {{- end -}} {{- end -}} +{{/* +Create argocd notifications name and version as used by the chart label. +*/}} +{{- define "argo-cd.notifications.fullname" -}} +{{- printf "%s-%s" (include "argo-cd.fullname" .) .Values.notifications.name | trunc 63 | trimSuffix "-" -}} +{{- end -}} + {{/* Create the name of the notifications service account to use */}} From 99932a96c28af3d06432ace85dc00b52abcbae5d Mon Sep 17 00:00:00 2001 From: Vadim Grek Date: Tue, 21 Feb 2023 03:14:33 +0200 Subject: [PATCH 052/373] chore(argo-events): Upgrade Argo Events to v1.7.6 (#1849) --- charts/argo-events/Chart.yaml | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/charts/argo-events/Chart.yaml b/charts/argo-events/Chart.yaml index 160f6cf63..9318cb850 100644 --- a/charts/argo-events/Chart.yaml +++ b/charts/argo-events/Chart.yaml @@ -1,8 +1,8 @@ apiVersion: v2 -appVersion: v1.7.5 +appVersion: v1.7.6 description: A Helm chart for Argo Events, the event-driven workflow automation framework name: argo-events -version: 2.1.2 +version: 2.1.3 home: https://github.com/argoproj/argo-helm icon: https://argoproj.github.io/argo-events/assets/logo.png keywords: @@ -15,5 +15,5 @@ maintainers: url: https://argoproj.github.io/ annotations: artifacthub.io/changes: | - - kind: fixed - description: Align changelog structure to show changelogs on Artifact Hub + - kind: changed + description: Upgrade Argo Events to v1.7.6 From 2ae7e1ad0dc7a7cb64a1bf03c38a151f207291d3 Mon Sep 17 00:00:00 2001 From: Petr Drastil Date: Thu, 23 Feb 2023 17:57:15 +0100 Subject: [PATCH 053/373] chore(argo-cd): Remove notification bot (#1854) Signed-off-by: Petr Drastil --- charts/argo-cd/Chart.yaml | 6 +- charts/argo-cd/README.md | 26 ----- charts/argo-cd/templates/_helpers.tpl | 11 -- .../bots/slack/deployment.yaml | 71 ------------ .../argocd-notifications/bots/slack/pdb.yaml | 26 ----- .../argocd-notifications/bots/slack/role.yaml | 27 ----- .../bots/slack/rolebinding.yaml | 13 --- .../bots/slack/service.yaml | 19 ---- .../bots/slack/serviceaccount.yaml | 15 --- charts/argo-cd/values.yaml | 105 ------------------ 10 files changed, 3 insertions(+), 316 deletions(-) delete mode 100644 charts/argo-cd/templates/argocd-notifications/bots/slack/deployment.yaml delete mode 100644 charts/argo-cd/templates/argocd-notifications/bots/slack/pdb.yaml delete mode 100644 charts/argo-cd/templates/argocd-notifications/bots/slack/role.yaml delete mode 100644 charts/argo-cd/templates/argocd-notifications/bots/slack/rolebinding.yaml delete mode 100644 charts/argo-cd/templates/argocd-notifications/bots/slack/service.yaml delete mode 100644 charts/argo-cd/templates/argocd-notifications/bots/slack/serviceaccount.yaml diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index efd96096b..2d1a2cc3c 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -3,7 +3,7 @@ appVersion: v2.6.2 kubeVersion: ">=1.22.0-0" description: A Helm chart for Argo CD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 5.22.1 +version: 5.23.0 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png sources: @@ -23,5 +23,5 @@ dependencies: condition: redis-ha.enabled annotations: artifacthub.io/changes: | - - kind: changed - description: Grouped component templates together + - kind: removed + description: Removed notification bot that is no longer supported diff --git a/charts/argo-cd/README.md b/charts/argo-cd/README.md index 2533c1802..6b2a88af7 100644 --- a/charts/argo-cd/README.md +++ b/charts/argo-cd/README.md @@ -1072,32 +1072,6 @@ If you want to use an existing Redis (eg. a managed service from a cloud provide |-----|------|---------|-------------| | notifications.affinity | object | `{}` (defaults to global.affinity preset) | Assign custom [affinity] rules | | notifications.argocdUrl | string | `nil` | Argo CD dashboard url; used in place of {{.context.argocdUrl}} in templates | -| notifications.bots.slack.affinity | object | `{}` (defaults to global.affinity preset) | Assign custom [affinity] rules | -| notifications.bots.slack.containerSecurityContext | object | See [values.yaml] | Slack bot container-level security Context | -| notifications.bots.slack.dnsConfig | object | `{}` | [DNS configuration] | -| notifications.bots.slack.dnsPolicy | string | `"ClusterFirst"` | Alternative DNS policy for Slack bot pods | -| notifications.bots.slack.enabled | bool | `false` | Enable slack bot | -| notifications.bots.slack.extraArgs | list | `[]` | List of extra cli args to add for Slack bot | -| notifications.bots.slack.image.imagePullPolicy | string | `""` (defaults to global.image.imagePullPolicy) | Image pull policy for the Slack bot | -| notifications.bots.slack.image.repository | string | `""` (defaults to global.image.repository) | Repository to use for the Slack bot | -| notifications.bots.slack.image.tag | string | `""` (defaults to global.image.tag) | Tag to use for the Slack bot | -| notifications.bots.slack.imagePullSecrets | list | `[]` (defaults to global.imagePullSecrets) | Secrets with credentials to pull images from a private registry | -| notifications.bots.slack.logFormat | string | `""` (defaults to global.logging.format) | Slack bot log format. Either `text` or `json` | -| notifications.bots.slack.logLevel | string | `""` (defaults to global.logging.level) | Slack bot log level. One of: `debug`, `info`, `warn`, `error` | -| notifications.bots.slack.nodeSelector | object | `{}` | [Node selector] | -| notifications.bots.slack.pdb.annotations | object | `{}` | Annotations to be added to Slack bot pdb | -| notifications.bots.slack.pdb.enabled | bool | `false` | Deploy a [PodDisruptionBudget] for the Slack bot | -| notifications.bots.slack.pdb.labels | object | `{}` | Labels to be added to Slack bot pdb | -| notifications.bots.slack.pdb.maxUnavailable | string | `""` | Number of pods that are unavailble after eviction as number or percentage (eg.: 50%). | -| notifications.bots.slack.pdb.minAvailable | string | `""` (defaults to 0 if not specified) | Number of pods that are available after eviction as number or percentage (eg.: 50%) | -| notifications.bots.slack.resources | object | `{}` | Resource limits and requests for the Slack bot | -| notifications.bots.slack.service.annotations | object | `{}` | Service annotations for Slack bot | -| notifications.bots.slack.service.port | int | `80` | Service port for Slack bot | -| notifications.bots.slack.service.type | string | `"LoadBalancer"` | Service type for Slack bot | -| notifications.bots.slack.serviceAccount.annotations | object | `{}` | Annotations applied to created service account | -| notifications.bots.slack.serviceAccount.create | bool | `true` | Specifies whether a service account should be created | -| notifications.bots.slack.serviceAccount.name | string | `"argocd-notifications-bot"` | The name of the service account to use. | -| notifications.bots.slack.tolerations | list | `[]` | [Tolerations] for use with node taints | | notifications.cm.create | bool | `true` | Whether helm chart creates notifications controller config map | | notifications.containerPorts.metrics | int | `9001` | Metrics container port | | notifications.containerSecurityContext | object | See [values.yaml] | Notification controller container-level security Context | diff --git a/charts/argo-cd/templates/_helpers.tpl b/charts/argo-cd/templates/_helpers.tpl index 76abc8d28..377a07e12 100644 --- a/charts/argo-cd/templates/_helpers.tpl +++ b/charts/argo-cd/templates/_helpers.tpl @@ -158,17 +158,6 @@ Create the name of the notifications service account to use {{- end -}} {{- end -}} -{{/* -Create the name of the notifications bots slack service account to use -*/}} -{{- define "argo-cd.notificationsBotsSlackServiceAccountName" -}} -{{- if .Values.notifications.bots.slack.serviceAccount.create -}} - {{ default (include "argo-cd.notifications.fullname" .) .Values.notifications.bots.slack.serviceAccount.name }} -{{- else -}} - {{ default "default" .Values.notifications.bots.slack.serviceAccount.name }} -{{- end -}} -{{- end -}} - {{/* Argo Configuration Preset Values (Incluenced by Values configuration) */}} diff --git a/charts/argo-cd/templates/argocd-notifications/bots/slack/deployment.yaml b/charts/argo-cd/templates/argocd-notifications/bots/slack/deployment.yaml deleted file mode 100644 index 2749cb2b4..000000000 --- a/charts/argo-cd/templates/argocd-notifications/bots/slack/deployment.yaml +++ /dev/null @@ -1,71 +0,0 @@ -{{ if and .Values.notifications.enabled .Values.notifications.bots.slack.enabled }} -apiVersion: apps/v1 -kind: Deployment -metadata: - {{- with (mergeOverwrite (deepCopy .Values.global.deploymentAnnotations) .Values.notifications.deploymentAnnotations) }} - annotations: - {{- range $key, $value := . }} - {{ $key }}: {{ $value | quote }} - {{- end }} - {{- end }} - name: {{ template "argo-cd.notifications.fullname" . }}-bot - labels: - {{- include "argo-cd.labels" (dict "context" . "component" .Values.notifications.bots.slack.name "name" .Values.notifications.bots.slack.name) | nindent 4 }} -spec: - replicas: 1 - revisionHistoryLimit: {{ .Values.global.revisionHistoryLimit }} - strategy: - type: Recreate - selector: - matchLabels: - {{- include "argo-cd.selectorLabels" (dict "context" . "component" .Values.notifications.bots.slack.name "name" "metrics") | nindent 6 }} - template: - metadata: - labels: - {{- include "argo-cd.selectorLabels" (dict "context" . "component" .Values.notifications.bots.slack.name "name" "metrics") | nindent 8 }} - spec: - {{- with .Values.notifications.bots.slack.imagePullSecrets | default .Values.global.imagePullSecrets }} - imagePullSecrets: - {{- toYaml . | nindent 8 }} - {{- end }} - {{- with .Values.global.securityContext }} - securityContext: - {{- toYaml . | nindent 8 }} - {{- end }} - serviceAccountName: {{ include "argo-cd.notificationsBotsSlackServiceAccountName" . }} - containers: - - name: {{ include "argo-cd.notifications.fullname" . }}-bot - image: {{ default .Values.global.image.repository .Values.notifications.bots.slack.image.repository }}:{{ default (include "argo-cd.defaultTag" .) .Values.notifications.bots.slack.image.tag }} - imagePullPolicy: {{ default .Values.global.image.imagePullPolicy .Values.notifications.bots.slack.image.pullPolicy }} - command: - - argocd-notifications - - bot - - --loglevel={{ default .Values.global.logging.level .Values.notifications.bots.slack.logLevel }} - - --logformat={{ default .Values.global.logging.format .Values.notifications.bots.slack.logFormat }} - {{- range .Values.notifications.bots.slack.extraArgs }} - - {{ . | squote }} - {{- end }} - workingDir: /app - ports: - - containerPort: 8080 - name: http - resources: - {{- toYaml .Values.notifications.bots.slack.resources | nindent 12 }} - securityContext: - {{- toYaml .Values.notifications.bots.slack.containerSecurityContext | nindent 12 }} - affinity: - {{- include "argo-cd.affinity" (dict "context" . "component" .Values.notifications.bots.slack) | nindent 8 }} - {{- with .Values.notifications.bots.slack.nodeSelector }} - nodeSelector: - {{- toYaml . | nindent 8 }} - {{- end }} - {{- with .Values.notifications.bots.slack.tolerations }} - tolerations: - {{- toYaml . | nindent 8 }} - {{- end }} - {{- with .Values.notifications.bots.slack.dnsConfig }} - dnsConfig: - {{- toYaml . | nindent 8 }} - {{- end }} - dnsPolicy: {{ .Values.notifications.bots.slack.dnsPolicy }} -{{ end }} diff --git a/charts/argo-cd/templates/argocd-notifications/bots/slack/pdb.yaml b/charts/argo-cd/templates/argocd-notifications/bots/slack/pdb.yaml deleted file mode 100644 index 60df983e8..000000000 --- a/charts/argo-cd/templates/argocd-notifications/bots/slack/pdb.yaml +++ /dev/null @@ -1,26 +0,0 @@ -{{- if and .Values.notifications.enabled .Values.notifications.bots.slack.enabled .Values.notifications.bots.slack.pdb.enabled }} -apiVersion: policy/v1 -kind: PodDisruptionBudget -metadata: - name: {{ include "argo-cd.notifications.fullname" . }}-bot - labels: - {{- include "argo-cd.labels" (dict "context" . "component" .Values.notifications.bots.slack.name "name" .Values.notifications.bots.slack.name) | nindent 4 }} - {{- with .Values.notifications.bots.slack.pdb.labels }} - {{- toYaml . | nindent 4 }} - {{- end }} - {{- with .Values.notifications.bots.slack.pdb.annotations }} - annotations: - {{- range $key, $value := . }} - {{ $key }}: {{ $value | quote }} - {{- end }} - {{- end }} -spec: - {{- with .Values.notifications.bots.slack.pdb.maxUnavailable }} - maxUnavailable: {{ . }} - {{- else }} - minAvailable: {{ .Values.notifications.bots.slack.pdb.minAvailable | default 0 }} - {{- end }} - selector: - matchLabels: - {{- include "argo-cd.selectorLabels" (dict "context" . "component" .Values.notifications.bots.slack.name "name" "metrics") | nindent 6 }} -{{- end }} diff --git a/charts/argo-cd/templates/argocd-notifications/bots/slack/role.yaml b/charts/argo-cd/templates/argocd-notifications/bots/slack/role.yaml deleted file mode 100644 index 26df5b9c7..000000000 --- a/charts/argo-cd/templates/argocd-notifications/bots/slack/role.yaml +++ /dev/null @@ -1,27 +0,0 @@ -{{ if and .Values.notifications.enabled .Values.notifications.bots.slack.enabled }} -apiVersion: rbac.authorization.k8s.io/v1 -kind: Role -metadata: - name: {{ template "argo-cd.notifications.fullname" . }}-bot -rules: -- apiGroups: - - "" - resources: - - secrets - - configmaps - verbs: - - get - - list - - watch -- apiGroups: - - argoproj.io - resources: - - applications - - appprojects - verbs: - - get - - list - - watch - - update - - patch -{{ end }} diff --git a/charts/argo-cd/templates/argocd-notifications/bots/slack/rolebinding.yaml b/charts/argo-cd/templates/argocd-notifications/bots/slack/rolebinding.yaml deleted file mode 100644 index 80813f5e4..000000000 --- a/charts/argo-cd/templates/argocd-notifications/bots/slack/rolebinding.yaml +++ /dev/null @@ -1,13 +0,0 @@ -{{ if and .Values.notifications.enabled .Values.notifications.bots.slack.enabled }} -apiVersion: rbac.authorization.k8s.io/v1 -kind: RoleBinding -metadata: - name: {{ template "argo-cd.notifications.fullname" . }}-bot -roleRef: - apiGroup: rbac.authorization.k8s.io - kind: Role - name: {{ template "argo-cd.notifications.fullname" . }}-bot -subjects: -- kind: ServiceAccount - name: {{ template "argo-cd.notificationsBotsSlackServiceAccountName" . }} -{{ end }} diff --git a/charts/argo-cd/templates/argocd-notifications/bots/slack/service.yaml b/charts/argo-cd/templates/argocd-notifications/bots/slack/service.yaml deleted file mode 100644 index 5cbbd2b14..000000000 --- a/charts/argo-cd/templates/argocd-notifications/bots/slack/service.yaml +++ /dev/null @@ -1,19 +0,0 @@ -{{ if and .Values.notifications.enabled .Values.notifications.bots.slack.enabled }} -apiVersion: v1 -kind: Service -metadata: - name: {{ template "argo-cd.notifications.fullname" . }}-bot - {{- if .Values.notifications.bots.slack.service.annotations }} - annotations: - {{- toYaml .Values.notifications.bots.slack.service.annotations | nindent 4 }} - {{- end }} -spec: - ports: - - name: http - port: {{ .Values.notifications.bots.slack.service.port }} - protocol: TCP - targetPort: http - selector: - {{- include "argo-cd.selectorLabels" (dict "context" . "component" .Values.notifications.bots.slack.name "name" "metrics") | nindent 6 }} - type: {{ .Values.notifications.bots.slack.service.type }} -{{ end }} diff --git a/charts/argo-cd/templates/argocd-notifications/bots/slack/serviceaccount.yaml b/charts/argo-cd/templates/argocd-notifications/bots/slack/serviceaccount.yaml deleted file mode 100644 index bdffa2cf8..000000000 --- a/charts/argo-cd/templates/argocd-notifications/bots/slack/serviceaccount.yaml +++ /dev/null @@ -1,15 +0,0 @@ -{{- if and .Values.notifications.enabled .Values.notifications.bots.slack.enabled .Values.notifications.bots.slack.serviceAccount.create }} -apiVersion: v1 -kind: ServiceAccount -automountServiceAccountToken: {{ .Values.notifications.bots.slack.serviceAccount.automountServiceAccountToken }} -metadata: - name: {{ template "argo-cd.notificationsBotsSlackServiceAccountName" . }} -{{- if .Values.notifications.bots.slack.serviceAccount.annotations }} - annotations: - {{- range $key, $value := .Values.notifications.bots.slack.serviceAccount.annotations }} - {{ $key }}: {{ $value | quote }} - {{- end }} -{{- end }} - labels: - {{- include "argo-cd.labels" (dict "context" . "component" .Values.notifications.bots.slack.name "name" .Values.notifications.bots.slack.name) | nindent 4 }} -{{- end }} diff --git a/charts/argo-cd/values.yaml b/charts/argo-cd/values.yaml index b3706c5ab..1c6837d7a 100755 --- a/charts/argo-cd/values.yaml +++ b/charts/argo-cd/values.yaml @@ -2910,108 +2910,3 @@ notifications: # For more information: https://argocd-notifications.readthedocs.io/en/stable/triggers/#default-triggers # defaultTriggers: | # - on-sync-status-unknown - - ## The optional bot component simplifies managing subscriptions - ## For more information: https://argocd-notifications.readthedocs.io/en/stable/bots/overview/ - bots: - slack: - # -- Enable slack bot - ## You have to set secret.notifiers.slack.signingSecret - enabled: false - - ## Slack bot Pod Disruption Budget - ## Ref: https://kubernetes.io/docs/tasks/run-application/configure-pdb/ - pdb: - # -- Deploy a [PodDisruptionBudget] for the Slack bot - enabled: false - # -- Labels to be added to Slack bot pdb - labels: {} - # -- Annotations to be added to Slack bot pdb - annotations: {} - # -- Number of pods that are available after eviction as number or percentage (eg.: 50%) - # @default -- `""` (defaults to 0 if not specified) - minAvailable: "" - # -- Number of pods that are unavailble after eviction as number or percentage (eg.: 50%). - ## Has higher precedence over `notifications.bots.slack.pdb.minAvailable` - maxUnavailable: "" - - ## Slack bot image - image: - # -- Repository to use for the Slack bot - # @default -- `""` (defaults to global.image.repository) - repository: "" - # -- Tag to use for the Slack bot - # @default -- `""` (defaults to global.image.tag) - tag: "" - # -- Image pull policy for the Slack bot - # @default -- `""` (defaults to global.image.imagePullPolicy) - imagePullPolicy: "" - - # -- Secrets with credentials to pull images from a private registry - # @default -- `[]` (defaults to global.imagePullSecrets) - imagePullSecrets: [] - - # -- Slack bot log format. Either `text` or `json` - # @default -- `""` (defaults to global.logging.format) - logFormat: "" - # -- Slack bot log level. One of: `debug`, `info`, `warn`, `error` - # @default -- `""` (defaults to global.logging.level) - logLevel: "" - - # -- List of extra cli args to add for Slack bot - extraArgs: [] - - service: - # -- Service annotations for Slack bot - annotations: {} - # -- Service port for Slack bot - port: 80 - # -- Service type for Slack bot - type: LoadBalancer - - serviceAccount: - # -- Specifies whether a service account should be created - create: true - - # -- The name of the service account to use. - ## If not set and create is true, a name is generated using the fullname template - name: argocd-notifications-bot - - # -- Annotations applied to created service account - annotations: {} - - # -- [DNS configuration] - dnsConfig: {} - # -- Alternative DNS policy for Slack bot pods - dnsPolicy: "ClusterFirst" - - # -- Slack bot container-level security Context - # @default -- See [values.yaml] - containerSecurityContext: - runAsNonRoot: true - readOnlyRootFilesystem: true - allowPrivilegeEscalation: false - seccompProfile: - type: RuntimeDefault - capabilities: - drop: - - ALL - - # -- Resource limits and requests for the Slack bot - resources: {} - # limits: - # cpu: 100m - # memory: 128Mi - # requests: - # cpu: 100m - # memory: 128Mi - - # -- Assign custom [affinity] rules - # @default -- `{}` (defaults to global.affinity preset) - affinity: {} - - # -- [Tolerations] for use with node taints - tolerations: [] - - # -- [Node selector] - nodeSelector: {} From 4735ea5cfb536a67392a4efc1ca8d4387639384f Mon Sep 17 00:00:00 2001 From: Jason Meridth Date: Thu, 23 Feb 2023 11:44:01 -0600 Subject: [PATCH 054/373] chore(argo-workflows): Update docs to mention why CRDs are in templates folder (#1857) Closes #1785 Borrowed `Custom resource definition` from argo-cd helm chart README and added it to argo-workflows helm chart README Signed-off-by: jmeridth --- CONTRIBUTING.md | 2 +- README.md | 21 +++++++++++++++++++-- charts/argo-workflows/Chart.yaml | 4 ++-- charts/argo-workflows/README.md | 15 +++++++++++++++ charts/argo-workflows/README.md.gotmpl | 15 +++++++++++++++ 5 files changed, 52 insertions(+), 5 deletions(-) diff --git a/CONTRIBUTING.md b/CONTRIBUTING.md index 535bbbb39..1f7745b5f 100644 --- a/CONTRIBUTING.md +++ b/CONTRIBUTING.md @@ -122,7 +122,7 @@ helm install charts/argo-workflows -n argo argo version ``` -Follow this instructions for running a hello world workflow. +Follow [these](https://argoproj.github.io/argo-workflows/quick-start/#submitting-an-example-workflow) instructions for running a hello world workflow. ### Testing Argo CD Changes diff --git a/README.md b/README.md index 1d96a35fa..210b9a83a 100644 --- a/README.md +++ b/README.md @@ -7,7 +7,7 @@ Argo Helm is a collection of **community maintained** charts for [https://argoproj.github.io](https://argoproj.github.io) projects. The charts can be added using following command: -``` +```bash helm repo add argo https://argoproj.github.io/argo-helm ``` @@ -15,10 +15,27 @@ helm repo add argo https://argoproj.github.io/argo-helm We'd love to have you contribute! Please refer to our [contribution guidelines](CONTRIBUTING.md) for details. +### Custom resource definitions + +Some users would prefer to install the CRDs _outside_ of the chart. You can disable the CRD installation of the main four charts (argo-cd, argo-workflows, argo-events, argo-rollouts) by using `--set crds.install=false` when installing the chart. + +Helm cannot upgrade custom resource definitions in the `/crds` folder [by design](https://helm.sh/docs/chart_best_practices/custom_resource_definitions/#some-caveats-and-explanations). Our CRDs have been moved to `/templates` to address this design decision. + +If you are using versions of a chart that have the CRDs in the root of the chart or have elected to manage the Argo Workflows CRDs outside of the chart, please use `kubectl` to upgrade CRDs manually from [templates/crds](templates/crds/) folder or via the manifests from the upstream project repo: + +Example: + +```bash +kubectl apply -k "https://github.com/argoproj/argo-cd/manifests/crds?ref=" + +# Eg. version v2.4.9 +kubectl apply -k "https://github.com/argoproj/argo-cd/manifests/crds?ref=v2.4.9" +``` + ### Security Policy If you have a security concern relating to either this project repo or an individual helm chart, please [open an issue](https://github.com/argoproj/argo-helm/issues/new/choose) or [start a discussion](https://github.com/argoproj/argo-helm/discussions/new). ### Changelog -Releases are managed independently for each helm chart, and changelogs are tracked on each release. Read more about this process [here](https://github.com/argoproj/argo-helm/blob/main/CONTRIBUTING.md#changelog). \ No newline at end of file +Releases are managed independently for each helm chart, and changelogs are tracked on each release. Read more about this process [here](https://github.com/argoproj/argo-helm/blob/main/CONTRIBUTING.md#changelog). diff --git a/charts/argo-workflows/Chart.yaml b/charts/argo-workflows/Chart.yaml index 0fe6953a5..5891ca58b 100644 --- a/charts/argo-workflows/Chart.yaml +++ b/charts/argo-workflows/Chart.yaml @@ -3,7 +3,7 @@ appVersion: v3.4.5 name: argo-workflows description: A Helm chart for Argo Workflows type: application -version: 0.22.11 +version: 0.22.12 icon: https://raw.githubusercontent.com/argoproj/argo-workflows/master/docs/assets/argo.png home: https://github.com/argoproj/argo-helm sources: @@ -14,4 +14,4 @@ maintainers: annotations: artifacthub.io/changes: | - kind: changed - description: Cleaned RBAC permissions for subresources (pods/log, pods/exec). + description: Update documentation to explain why CRDs are in templates folder diff --git a/charts/argo-workflows/README.md b/charts/argo-workflows/README.md index 19bc0ee21..78d5780b4 100644 --- a/charts/argo-workflows/README.md +++ b/charts/argo-workflows/README.md @@ -13,6 +13,21 @@ A few options are: - Manually create a ServiceAccount in the Namespace in which your release will be deployed w/ appropriate bindings to perform this action and set the `serviceAccountName` field in the Workflow spec - Augment the `default` ServiceAccount permissions in the Namespace in which your Release is deployed to have the appropriate permissions +### Custom resource definitions + +Some users would prefer to install the CRDs _outside_ of the chart. You can disable the CRD installation of this chart by using `--set crds.install=false` when installing the chart. + +Helm cannot upgrade custom resource definitions in the `/crds` folder [by design](https://helm.sh/docs/chart_best_practices/custom_resource_definitions/#some-caveats-and-explanations). Starting with 3.4.0 (chart version 0.19.0), the CRDs have been moved to `/templates` to address this design decision. + +If you are using Argo Workflows chart version prior to 3.4.0 (chart version 0.19.0) or have elected to manage the Argo Workflows CRDs outside of the chart, please use `kubectl` to upgrade CRDs manually from [templates/crds](templates/crds/) folder or via the manifests from the upstream project repo: + +```bash +kubectl apply -k "https://github.com/argoproj/argo-workflows/manifests/base/crds/full?ref=" + +# Eg. version v3.3.9 +kubectl apply -k "https://github.com/argoproj/argo-workflows/manifests/base/crds/full?ref=v3.3.9" +``` + ## Changelog For full list of changes, please check ArtifactHub [changelog]. diff --git a/charts/argo-workflows/README.md.gotmpl b/charts/argo-workflows/README.md.gotmpl index a263139bd..0a441821f 100644 --- a/charts/argo-workflows/README.md.gotmpl +++ b/charts/argo-workflows/README.md.gotmpl @@ -13,6 +13,21 @@ A few options are: - Manually create a ServiceAccount in the Namespace in which your release will be deployed w/ appropriate bindings to perform this action and set the `serviceAccountName` field in the Workflow spec - Augment the `default` ServiceAccount permissions in the Namespace in which your Release is deployed to have the appropriate permissions +### Custom resource definitions + +Some users would prefer to install the CRDs _outside_ of the chart. You can disable the CRD installation of this chart by using `--set crds.install=false` when installing the chart. + +Helm cannot upgrade custom resource definitions in the `/crds` folder [by design](https://helm.sh/docs/chart_best_practices/custom_resource_definitions/#some-caveats-and-explanations). Starting with 3.4.0 (chart version 0.19.0), the CRDs have been moved to `/templates` to address this design decision. + +If you are using Argo Workflows chart version prior to 3.4.0 (chart version 0.19.0) or have elected to manage the Argo Workflows CRDs outside of the chart, please use `kubectl` to upgrade CRDs manually from [templates/crds](templates/crds/) folder or via the manifests from the upstream project repo: + +```bash +kubectl apply -k "https://github.com/argoproj/argo-workflows/manifests/base/crds/full?ref=" + +# Eg. version v3.3.9 +kubectl apply -k "https://github.com/argoproj/argo-workflows/manifests/base/crds/full?ref=v3.3.9" +``` + ## Changelog For full list of changes, please check ArtifactHub [changelog]. From 88b92909e6b97bddce6c61f655a9ae677c743600 Mon Sep 17 00:00:00 2001 From: Petr Drastil Date: Thu, 23 Feb 2023 19:11:54 +0100 Subject: [PATCH 055/373] chore(argo-cd): Add missing hostAliases to all components (#1848) Signed-off-by: Petr Drastil --- charts/argo-cd/Chart.yaml | 6 +++--- .../argocd-application-controller/statefulset.yaml | 10 +++++----- .../templates/argocd-applicationset/deployment.yaml | 8 ++++---- .../templates/argocd-notifications/deployment.yaml | 4 ++++ .../templates/argocd-repo-server/deployment.yaml | 11 +++++------ .../argo-cd/templates/argocd-server/deployment.yaml | 10 +++++----- charts/argo-cd/templates/dex/deployment.yaml | 10 +++++----- charts/argo-cd/templates/redis/deployment.yaml | 4 ++++ 8 files changed, 35 insertions(+), 28 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index 2d1a2cc3c..2998c691e 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -3,7 +3,7 @@ appVersion: v2.6.2 kubeVersion: ">=1.22.0-0" description: A Helm chart for Argo CD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 5.23.0 +version: 5.23.1 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png sources: @@ -23,5 +23,5 @@ dependencies: condition: redis-ha.enabled annotations: artifacthub.io/changes: | - - kind: removed - description: Removed notification bot that is no longer supported + - kind: added + description: Missing hostAliases for notification controller and redis diff --git a/charts/argo-cd/templates/argocd-application-controller/statefulset.yaml b/charts/argo-cd/templates/argocd-application-controller/statefulset.yaml index 0a161362a..f8460906b 100644 --- a/charts/argo-cd/templates/argocd-application-controller/statefulset.yaml +++ b/charts/argo-cd/templates/argocd-application-controller/statefulset.yaml @@ -37,10 +37,15 @@ spec: imagePullSecrets: {{- toYaml . | nindent 8 }} {{- end }} + {{- with .Values.global.hostAliases }} + hostAliases: + {{- toYaml . | nindent 8 }} + {{- end }} {{- with .Values.global.securityContext }} securityContext: {{- toYaml . | nindent 8 }} {{- end }} + serviceAccountName: {{ include "argo-cd.controllerServiceAccountName" . }} containers: - command: - argocd-application-controller @@ -285,11 +290,6 @@ spec: {{- end }} {{- end }} {{- end }} - serviceAccountName: {{ template "argo-cd.controllerServiceAccountName" . }} - {{- with .Values.global.hostAliases }} - hostAliases: - {{- toYaml . | nindent 6 }} - {{- end }} volumes: {{- with .Values.controller.volumes }} {{- toYaml . | nindent 6 }} diff --git a/charts/argo-cd/templates/argocd-applicationset/deployment.yaml b/charts/argo-cd/templates/argocd-applicationset/deployment.yaml index 462ebcbaa..6011cd0ba 100644 --- a/charts/argo-cd/templates/argocd-applicationset/deployment.yaml +++ b/charts/argo-cd/templates/argocd-applicationset/deployment.yaml @@ -35,15 +35,15 @@ spec: imagePullSecrets: {{- toYaml . | nindent 8 }} {{- end }} + {{- with .Values.global.hostAliases }} + hostAliases: + {{- toYaml . | nindent 8 }} + {{- end }} {{- with .Values.global.securityContext }} securityContext: {{- toYaml . | nindent 8 }} {{- end }} serviceAccountName: {{ include "argo-cd.applicationSetServiceAccountName" . }} - {{- with .Values.global.hostAliases }} - hostAliases: - {{- toYaml . | nindent 6 }} - {{- end }} containers: - name: {{ .Values.applicationSet.name }} image: {{ default .Values.global.image.repository .Values.applicationSet.image.repository }}:{{ default (include "argo-cd.defaultTag" .) .Values.applicationSet.image.tag }} diff --git a/charts/argo-cd/templates/argocd-notifications/deployment.yaml b/charts/argo-cd/templates/argocd-notifications/deployment.yaml index 5efc09653..e3e7968b7 100644 --- a/charts/argo-cd/templates/argocd-notifications/deployment.yaml +++ b/charts/argo-cd/templates/argocd-notifications/deployment.yaml @@ -37,6 +37,10 @@ spec: imagePullSecrets: {{- toYaml . | nindent 8 }} {{- end }} + {{- with .Values.global.hostAliases }} + hostAliases: + {{- toYaml . | nindent 8 }} + {{- end }} {{- with .Values.global.securityContext }} securityContext: {{- toYaml . | nindent 8 }} diff --git a/charts/argo-cd/templates/argocd-repo-server/deployment.yaml b/charts/argo-cd/templates/argocd-repo-server/deployment.yaml index 00e73d8a2..28bd3b6dc 100755 --- a/charts/argo-cd/templates/argocd-repo-server/deployment.yaml +++ b/charts/argo-cd/templates/argocd-repo-server/deployment.yaml @@ -40,11 +40,15 @@ spec: imagePullSecrets: {{- toYaml . | nindent 8 }} {{- end }} - automountServiceAccountToken: {{ .Values.repoServer.serviceAccount.automountServiceAccountToken }} + {{- with .Values.global.hostAliases }} + hostAliases: + {{- toYaml . | nindent 8 }} + {{- end }} {{- with .Values.global.securityContext }} securityContext: {{- toYaml . | nindent 8 }} {{- end }} + serviceAccountName: {{ include "argo-cd.repoServerServiceAccountName" . }} containers: - name: {{ .Values.repoServer.name }} image: {{ default .Values.global.image.repository .Values.repoServer.image.repository }}:{{ default (include "argo-cd.defaultTag" .) .Values.repoServer.image.tag }} @@ -312,11 +316,6 @@ spec: {{- end }} {{- end }} {{- end }} - serviceAccountName: {{ template "argo-cd.repoServerServiceAccountName" . }} - {{- with .Values.global.hostAliases }} - hostAliases: - {{- toYaml . | nindent 6 }} - {{- end }} volumes: {{- with .Values.repoServer.volumes }} {{- toYaml . | nindent 6 }} diff --git a/charts/argo-cd/templates/argocd-server/deployment.yaml b/charts/argo-cd/templates/argocd-server/deployment.yaml index bb3940065..ea3d3a6ed 100755 --- a/charts/argo-cd/templates/argocd-server/deployment.yaml +++ b/charts/argo-cd/templates/argocd-server/deployment.yaml @@ -37,10 +37,15 @@ spec: imagePullSecrets: {{- toYaml . | nindent 8 }} {{- end }} + {{- with .Values.global.hostAliases }} + hostAliases: + {{- toYaml . | nindent 8 }} + {{- end }} {{- with .Values.global.securityContext }} securityContext: {{- toYaml . | nindent 8 }} {{- end }} + serviceAccountName: {{ include "argo-cd.serverServiceAccountName" . }} containers: - name: {{ .Values.server.name }} image: {{ default .Values.global.image.repository .Values.server.image.repository }}:{{ default (include "argo-cd.defaultTag" .) .Values.server.image.tag }} @@ -369,11 +374,6 @@ spec: {{- end }} {{- end }} {{- end }} - serviceAccountName: {{ template "argo-cd.serverServiceAccountName" . }} - {{- with .Values.global.hostAliases }} - hostAliases: - {{- toYaml . | nindent 6 }} - {{- end }} volumes: {{- with .Values.server.volumes }} {{- toYaml . | nindent 6}} diff --git a/charts/argo-cd/templates/dex/deployment.yaml b/charts/argo-cd/templates/dex/deployment.yaml index 7fea0b485..d2189cc37 100755 --- a/charts/argo-cd/templates/dex/deployment.yaml +++ b/charts/argo-cd/templates/dex/deployment.yaml @@ -39,10 +39,15 @@ spec: imagePullSecrets: {{- toYaml . | nindent 8 }} {{- end }} + {{- with .Values.global.hostAliases }} + hostAliases: + {{- toYaml . | nindent 8 }} + {{- end }} {{- with.Values.global.securityContext }} securityContext: {{- toYaml . | nindent 8 }} {{- end }} + serviceAccountName: {{ include "argo-cd.dexServiceAccountName" . }} containers: - name: {{ .Values.dex.name }} image: {{ .Values.dex.image.repository }}:{{ .Values.dex.image.tag }} @@ -159,11 +164,6 @@ spec: {{- end }} {{- end }} {{- end }} - serviceAccountName: {{ template "argo-cd.dexServiceAccountName" . }} - {{- with .Values.global.hostAliases }} - hostAliases: - {{- toYaml . | nindent 6 }} - {{- end }} volumes: - name: static-files emptyDir: {} diff --git a/charts/argo-cd/templates/redis/deployment.yaml b/charts/argo-cd/templates/redis/deployment.yaml index ffff4badc..e23fe46ca 100755 --- a/charts/argo-cd/templates/redis/deployment.yaml +++ b/charts/argo-cd/templates/redis/deployment.yaml @@ -36,6 +36,10 @@ spec: imagePullSecrets: {{- toYaml . | nindent 8 }} {{- end }} + {{- with .Values.global.hostAliases }} + hostAliases: + {{- toYaml . | nindent 8 }} + {{- end }} {{- with .Values.redis.securityContext }} securityContext: {{- toYaml . | nindent 8 }} From f66c40319a280abcf1e831f57ed1190ec264a05b Mon Sep 17 00:00:00 2001 From: Jonathan Muller Date: Fri, 24 Feb 2023 22:56:41 +0100 Subject: [PATCH 056/373] chore(argo-workflows): expose option to control the log format/level (#1855) * Allow to change the log format to json Signed-off-by: Jonathan Muller * Documentation, version Signed-off-by: Jonathan Muller --------- Signed-off-by: Jonathan Muller --- charts/argo-workflows/Chart.yaml | 12 +++++++++--- charts/argo-workflows/README.md | 4 ++++ .../controller/workflow-controller-deployment.yaml | 2 ++ .../templates/server/server-deployment.yaml | 6 ++++++ charts/argo-workflows/values.yaml | 10 ++++++++++ 5 files changed, 31 insertions(+), 3 deletions(-) diff --git a/charts/argo-workflows/Chart.yaml b/charts/argo-workflows/Chart.yaml index 5891ca58b..b5f882111 100644 --- a/charts/argo-workflows/Chart.yaml +++ b/charts/argo-workflows/Chart.yaml @@ -3,7 +3,7 @@ appVersion: v3.4.5 name: argo-workflows description: A Helm chart for Argo Workflows type: application -version: 0.22.12 +version: 0.22.13 icon: https://raw.githubusercontent.com/argoproj/argo-workflows/master/docs/assets/argo.png home: https://github.com/argoproj/argo-helm sources: @@ -13,5 +13,11 @@ maintainers: url: https://argoproj.github.io/ annotations: artifacthub.io/changes: | - - kind: changed - description: Update documentation to explain why CRDs are in templates folder + - kind: added + description: Added workflow startup option --log-format (defaults to 'text'). + - kind: added + description: Added server startup option --log-format (defaults to 'text'). + - kind: added + description: Added server startup option --loglevel (defaults to 'info'). + - kind: added + description: Added server startup option --gloglevel (defaults to '0'). diff --git a/charts/argo-workflows/README.md b/charts/argo-workflows/README.md index 78d5780b4..d6fa862c0 100644 --- a/charts/argo-workflows/README.md +++ b/charts/argo-workflows/README.md @@ -106,6 +106,7 @@ Fields to note: | controller.links | list | `[]` | Configure Argo Server to show custom [links] | | controller.livenessProbe | object | See [values.yaml] | Configure liveness [probe] for the controller | | controller.loadBalancerSourceRanges | list | `[]` | Source ranges to allow access to service from. Only applies to service type `LoadBalancer` | +| controller.logging.format | string | `"text"` | Set the logging format (one of: `text`, `json`) | | controller.logging.globallevel | string | `"0"` | Set the glog logging level | | controller.logging.level | string | `"info"` | Set the logging level (one of: `debug`, `info`, `warn`, `error`) | | controller.metricsConfig.enabled | bool | `false` | Enables prometheus metrics server | @@ -214,6 +215,9 @@ Fields to note: | server.ingress.tls | list | `[]` | Ingress TLS configuration | | server.loadBalancerIP | string | `""` | Static IP address to assign to loadBalancer service type `LoadBalancer` | | server.loadBalancerSourceRanges | list | `[]` | Source ranges to allow access to service from. Only applies to service type `LoadBalancer` | +| server.logging.format | string | `"text"` | Set the logging format (one of: `text`, `json`) | +| server.logging.globallevel | string | `"0"` | Set the glog logging level | +| server.logging.level | string | `"info"` | Set the logging level (one of: `debug`, `info`, `warn`, `error`) | | server.name | string | `"server"` | Server name string | | server.nodeSelector | object | `{"kubernetes.io/os":"linux"}` | [Node selector] | | server.pdb.enabled | bool | `false` | Configure [Pod Disruption Budget] for the server pods | diff --git a/charts/argo-workflows/templates/controller/workflow-controller-deployment.yaml b/charts/argo-workflows/templates/controller/workflow-controller-deployment.yaml index b90122ca2..8f4f783f2 100644 --- a/charts/argo-workflows/templates/controller/workflow-controller-deployment.yaml +++ b/charts/argo-workflows/templates/controller/workflow-controller-deployment.yaml @@ -46,6 +46,8 @@ spec: - "{{ .Values.controller.logging.level }}" - "--gloglevel" - "{{ .Values.controller.logging.globallevel }}" + - "--log-format" + - "{{ .Values.controller.logging.format }}" {{- if .Values.singleNamespace }} - "--namespaced" {{- end }} diff --git a/charts/argo-workflows/templates/server/server-deployment.yaml b/charts/argo-workflows/templates/server/server-deployment.yaml index 70b1495c8..e5230cd0d 100644 --- a/charts/argo-workflows/templates/server/server-deployment.yaml +++ b/charts/argo-workflows/templates/server/server-deployment.yaml @@ -49,6 +49,12 @@ spec: {{- if .Values.singleNamespace }} - "--namespaced" {{- end }} + - "--loglevel" + - "{{ .Values.server.logging.level }}" + - "--gloglevel" + - "{{ .Values.server.logging.globallevel }}" + - "--log-format" + - "{{ .Values.server.logging.format }}" ports: - name: web containerPort: 2746 diff --git a/charts/argo-workflows/values.yaml b/charts/argo-workflows/values.yaml index bb102c8be..904d766b5 100644 --- a/charts/argo-workflows/values.yaml +++ b/charts/argo-workflows/values.yaml @@ -216,6 +216,8 @@ controller: level: info # -- Set the glog logging level globallevel: "0" + # -- Set the logging format (one of: `text`, `json`) + format: "text" # -- Service type of the controller Service serviceType: ClusterIP @@ -469,6 +471,14 @@ server: # extraArgs: # - --auth-mode=server + logging: + # -- Set the logging level (one of: `debug`, `info`, `warn`, `error`) + level: info + # -- Set the glog logging level + globallevel: "0" + # -- Set the logging format (one of: `text`, `json`) + format: "text" + # -- Additional volume mounts to the server main container. volumeMounts: [] # -- Additional volumes to the server pod. From 4f48352af1067cd18908cccf8a1e2e9ebb386cd8 Mon Sep 17 00:00:00 2001 From: Jason Meridth Date: Fri, 24 Feb 2023 18:26:24 -0600 Subject: [PATCH 057/373] fix(github): Replace deprecated set-output from github-actions (#1860) fix(github): Remove deprecated set-output from github-actions Warning in GitHub Actions: ``` Warning: The `set-output` command is deprecated and will be disabled soon. Please upgrade to using Environment Files. For more information see: https://github.blog/changelog/2022-10-11-github-actions-deprecating-save-state-and-set-output-commands/ Warning: The `set-output` command is deprecated and will be disabled soon. Please upgrade to using Environment Files. For more information see: https://github.blog/changelog/2022-10-11-github-actions-deprecating-save-state-and-set-output-commands/ ``` Signed-off-by: jmeridth --- .github/workflows/lint-and-test.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/.github/workflows/lint-and-test.yml b/.github/workflows/lint-and-test.yml index 33942db01..0158f3fa3 100644 --- a/.github/workflows/lint-and-test.yml +++ b/.github/workflows/lint-and-test.yml @@ -38,8 +38,8 @@ jobs: changed=$(ct --config ./.github/configs/ct-lint.yaml list-changed) charts=$(echo "$changed" | tr '\n' ' ' | xargs) if [[ -n "$changed" ]]; then - echo "::set-output name=changed::true" - echo "::set-output name=changed_charts::$charts" + echo "changed=true" >> $GITHUB_STATE + echo "changed_charts=$charts" >> $GITHUB_STATE fi - name: Run chart-testing (lint) From 3a6617ce8f76284776486007cf3279501068cc83 Mon Sep 17 00:00:00 2001 From: Juan Carrillo Date: Sun, 26 Feb 2023 10:34:01 -0600 Subject: [PATCH 058/373] fix(argo-cd): Fix typo in values.yaml (#1862) Signed-off-by: Juan Carrillo --- charts/argo-cd/Chart.yaml | 6 +++--- charts/argo-cd/README.md | 14 +++++++------- charts/argo-cd/values.yaml | 18 +++++++++--------- 3 files changed, 19 insertions(+), 19 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index 2998c691e..138e7c666 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -3,7 +3,7 @@ appVersion: v2.6.2 kubeVersion: ">=1.22.0-0" description: A Helm chart for Argo CD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 5.23.1 +version: 5.23.2 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png sources: @@ -23,5 +23,5 @@ dependencies: condition: redis-ha.enabled annotations: artifacthub.io/changes: | - - kind: added - description: Missing hostAliases for notification controller and redis + - kind: fixed + description: Fixed typos in values.yaml and README.md diff --git a/charts/argo-cd/README.md b/charts/argo-cd/README.md index 6b2a88af7..3cc94e791 100644 --- a/charts/argo-cd/README.md +++ b/charts/argo-cd/README.md @@ -509,7 +509,7 @@ NAME: my-release | controller.pdb.annotations | object | `{}` | Annotations to be added to application controller pdb | | controller.pdb.enabled | bool | `false` | Deploy a [PodDisruptionBudget] for the application controller | | controller.pdb.labels | object | `{}` | Labels to be added to application controller pdb | -| controller.pdb.maxUnavailable | string | `""` | Number of pods that are unavailble after eviction as number or percentage (eg.: 50%). | +| controller.pdb.maxUnavailable | string | `""` | Number of pods that are unavailable after eviction as number or percentage (eg.: 50%). | | controller.pdb.minAvailable | string | `""` (defaults to 0 if not specified) | Number of pods that are available after eviction as number or percentage (eg.: 50%) | | controller.podAnnotations | object | `{}` | Annotations to be added to application controller pods | | controller.podLabels | object | `{}` | Labels to be added to application controller pods | @@ -592,7 +592,7 @@ NAME: my-release | repoServer.pdb.annotations | object | `{}` | Annotations to be added to repo server pdb | | repoServer.pdb.enabled | bool | `false` | Deploy a [PodDisruptionBudget] for the repo server | | repoServer.pdb.labels | object | `{}` | Labels to be added to repo server pdb | -| repoServer.pdb.maxUnavailable | string | `""` | Number of pods that are unavailble after eviction as number or percentage (eg.: 50%). | +| repoServer.pdb.maxUnavailable | string | `""` | Number of pods that are unavailable after eviction as number or percentage (eg.: 50%). | | repoServer.pdb.minAvailable | string | `""` (defaults to 0 if not specified) | Number of pods that are available after eviction as number or percentage (eg.: 50%) | | repoServer.podAnnotations | object | `{}` | Annotations to be added to repo server pods | | repoServer.podLabels | object | `{}` | Labels to be added to repo server pods | @@ -642,7 +642,7 @@ NAME: my-release | server.certificate.enabled | bool | `false` | Deploy a Certificate resource (requires cert-manager) | | server.certificate.issuer.group | string | `""` | Certificate issuer group. Set if using an external issuer. Eg. `cert-manager.io` | | server.certificate.issuer.kind | string | `""` | Certificate issuer kind. Either `Issuer` or `ClusterIssuer` | -| server.certificate.issuer.name | string | `""` | Certificate isser name. Eg. `letsencrypt` | +| server.certificate.issuer.name | string | `""` | Certificate issuer name. Eg. `letsencrypt` | | server.certificate.privateKey.algorithm | string | `"RSA"` | Algorithm used to generate certificate private key. One of: `RSA`, `Ed25519` or `ECDSA` | | server.certificate.privateKey.encoding | string | `"PKCS1"` | The private key cryptography standards (PKCS) encoding for private key. Either: `PCKS1` or `PKCS8` | | server.certificate.privateKey.rotationPolicy | string | `"Never"` | Rotation policy of private key when certificate is re-issued. Either: `Never` or `Always` | @@ -725,7 +725,7 @@ NAME: my-release | server.pdb.annotations | object | `{}` | Annotations to be added to Argo CD server pdb | | server.pdb.enabled | bool | `false` | Deploy a [PodDisruptionBudget] for the Argo CD server | | server.pdb.labels | object | `{}` | Labels to be added to Argo CD server pdb | -| server.pdb.maxUnavailable | string | `""` | Number of pods that are unavailble after eviction as number or percentage (eg.: 50%). | +| server.pdb.maxUnavailable | string | `""` | Number of pods that are unavailable after eviction as number or percentage (eg.: 50%). | | server.pdb.minAvailable | string | `""` (defaults to 0 if not specified) | Number of pods that are available after eviction as number or percentage (eg.: 50%) | | server.podAnnotations | object | `{}` | Annotations to be added to server pods | | server.podLabels | object | `{}` | Labels to be added to server pods | @@ -955,7 +955,7 @@ The main options are listed here: | redis-ha.haproxy.enabled | bool | `true` | Enabled HAProxy LoadBalancing/Proxy | | redis-ha.haproxy.metrics.enabled | bool | `true` | HAProxy enable prometheus metric scraping | | redis-ha.image.tag | string | `"7.0.7-alpine"` | Redis tag | -| redis-ha.persistentVolume.enabled | bool | `false` | Configures persistency on Redis nodes | +| redis-ha.persistentVolume.enabled | bool | `false` | Configures persistence on Redis nodes | | redis-ha.redis.config | object | See [values.yaml] | Any valid redis config options in this section will be applied to each server (see `redis-ha` chart) | | redis-ha.redis.config.save | string | `'""'` | Will save the DB if both the given number of seconds and the given number of write operations against the DB occurred. `""` is disabled | | redis-ha.redis.masterGroupName | string | `"argocd"` | Redis convention for naming the cluster group: must match `^[\\w-\\.]+$` and can be templated | @@ -1033,7 +1033,7 @@ If you want to use an existing Redis (eg. a managed service from a cloud provide | applicationSet.pdb.annotations | object | `{}` | Annotations to be added to ApplicationSet controller pdb | | applicationSet.pdb.enabled | bool | `false` | Deploy a [PodDisruptionBudget] for the ApplicationSet controller | | applicationSet.pdb.labels | object | `{}` | Labels to be added to ApplicationSet controller pdb | -| applicationSet.pdb.maxUnavailable | string | `""` | Number of pods that are unavailble after eviction as number or percentage (eg.: 50%). | +| applicationSet.pdb.maxUnavailable | string | `""` | Number of pods that are unavailable after eviction as number or percentage (eg.: 50%). | | applicationSet.pdb.minAvailable | string | `""` (defaults to 0 if not specified) | Number of pods that are available after eviction as number or percentage (eg.: 50%) | | applicationSet.podAnnotations | object | `{}` | Annotations for the ApplicationSet controller pods | | applicationSet.podLabels | object | `{}` | Labels for the ApplicationSet controller pods | @@ -1112,7 +1112,7 @@ If you want to use an existing Redis (eg. a managed service from a cloud provide | notifications.pdb.annotations | object | `{}` | Annotations to be added to notifications controller pdb | | notifications.pdb.enabled | bool | `false` | Deploy a [PodDisruptionBudget] for the notifications controller | | notifications.pdb.labels | object | `{}` | Labels to be added to notifications controller pdb | -| notifications.pdb.maxUnavailable | string | `""` | Number of pods that are unavailble after eviction as number or percentage (eg.: 50%). | +| notifications.pdb.maxUnavailable | string | `""` | Number of pods that are unavailable after eviction as number or percentage (eg.: 50%). | | notifications.pdb.minAvailable | string | `""` (defaults to 0 if not specified) | Number of pods that are available after eviction as number or percentage (eg.: 50%) | | notifications.podAnnotations | object | `{}` | Annotations to be applied to the notifications controller Pods | | notifications.podLabels | object | `{}` | Labels to be applied to the notifications controller Pods | diff --git a/charts/argo-cd/values.yaml b/charts/argo-cd/values.yaml index 1c6837d7a..d7c5c8536 100755 --- a/charts/argo-cd/values.yaml +++ b/charts/argo-cd/values.yaml @@ -499,7 +499,7 @@ controller: # -- Number of pods that are available after eviction as number or percentage (eg.: 50%) # @default -- `""` (defaults to 0 if not specified) minAvailable: "" - # -- Number of pods that are unavailble after eviction as number or percentage (eg.: 50%). + # -- Number of pods that are unavailable after eviction as number or percentage (eg.: 50%). ## Has higher precedence over `controller.pdb.minAvailable` maxUnavailable: "" @@ -623,7 +623,7 @@ controller: drop: - ALL - # Rediness probe for application controller + # Readiness probe for application controller ## Ref: https://kubernetes.io/docs/tasks/configure-pod-container/configure-liveness-readiness-probes/ readinessProbe: # -- Minimum consecutive failures for the [probe] to be considered failed after having succeeded @@ -1243,7 +1243,7 @@ redis-ha: # -- Tag to use for the redis-exporter tag: 1.45.0 persistentVolume: - # -- Configures persistency on Redis nodes + # -- Configures persistence on Redis nodes enabled: false redis: # -- Redis convention for naming the cluster group: must match `^[\\w-\\.]+$` and can be templated @@ -1342,7 +1342,7 @@ server: # -- Number of pods that are available after eviction as number or percentage (eg.: 50%) # @default -- `""` (defaults to 0 if not specified) minAvailable: "" - # -- Number of pods that are unavailble after eviction as number or percentage (eg.: 50%). + # -- Number of pods that are unavailable after eviction as number or percentage (eg.: 50%). ## Has higher precedence over `server.pdb.minAvailable` maxUnavailable: "" @@ -1380,7 +1380,7 @@ server: lifecycle: {} ## Argo UI extensions - ## This function in tech preview stage, do expect unstability or breaking changes in newer versions. + ## This function in tech preview stage, do expect instability or breaking changes in newer versions. ## Ref: https://github.com/argoproj-labs/argocd-extensions extensions: # -- Enable support for Argo UI extensions @@ -1583,7 +1583,7 @@ server: group: "" # -- Certificate issuer kind. Either `Issuer` or `ClusterIssuer` kind: "" - # -- Certificate isser name. Eg. `letsencrypt` + # -- Certificate issuer name. Eg. `letsencrypt` name: "" # Private key of the certificate privateKey: @@ -1885,7 +1885,7 @@ repoServer: # -- Number of pods that are available after eviction as number or percentage (eg.: 50%) # @default -- `""` (defaults to 0 if not specified) minAvailable: "" - # -- Number of pods that are unavailble after eviction as number or percentage (eg.: 50%). + # -- Number of pods that are unavailable after eviction as number or percentage (eg.: 50%). ## Has higher precedence over `repoServer.pdb.minAvailable` maxUnavailable: "" @@ -2171,7 +2171,7 @@ applicationSet: # -- Number of pods that are available after eviction as number or percentage (eg.: 50%) # @default -- `""` (defaults to 0 if not specified) minAvailable: "" - # -- Number of pods that are unavailble after eviction as number or percentage (eg.: 50%). + # -- Number of pods that are unavailable after eviction as number or percentage (eg.: 50%). ## Has higher precedence over `applicationSet.pdb.minAvailable` maxUnavailable: "" @@ -2445,7 +2445,7 @@ notifications: # -- Number of pods that are available after eviction as number or percentage (eg.: 50%) # @default -- `""` (defaults to 0 if not specified) minAvailable: "" - # -- Number of pods that are unavailble after eviction as number or percentage (eg.: 50%). + # -- Number of pods that are unavailable after eviction as number or percentage (eg.: 50%). ## Has higher precedence over `notifications.pdb.minAvailable` maxUnavailable: "" From fdebbabf173f5b1f78f78d8113be0399c09f653c Mon Sep 17 00:00:00 2001 From: Aikawa Date: Tue, 28 Feb 2023 17:31:51 +0900 Subject: [PATCH 059/373] chore(argo-cd): Upgrade Argo CD to v2.6.3 (#1868) Signed-off-by: yu-croco --- charts/argo-cd/Chart.yaml | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index 138e7c666..5d082b2bd 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -1,9 +1,9 @@ apiVersion: v2 -appVersion: v2.6.2 +appVersion: v2.6.3 kubeVersion: ">=1.22.0-0" description: A Helm chart for Argo CD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 5.23.2 +version: 5.23.3 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png sources: @@ -23,5 +23,5 @@ dependencies: condition: redis-ha.enabled annotations: artifacthub.io/changes: | - - kind: fixed - description: Fixed typos in values.yaml and README.md + - kind: changed + description: Upgrade Argo CD to v.2.6.3 From c21aa4c86ab4b03f52653b6b35087ce1fec29cd0 Mon Sep 17 00:00:00 2001 From: ugoogalizer Date: Wed, 1 Mar 2023 08:53:17 +1100 Subject: [PATCH 060/373] fix(argo-cd): Added pod exec permission to argo-server Role when exec.enabled is True. (#1867) * Added pods exec to role permissions The argocd-server Role requires the pods/exec create permission in order to be able to start the web based terminal as per: https://argo-cd.readthedocs.io/en/stable/operator-manual/web_based_terminal/ This brings the Role in line with the ClusterRole change already made Signed-off-by: ugoogalizer * bumped version Signed-off-by: ugoogalizer * Added description of change Signed-off-by: ugoogalizer * Removed trailing whitespace Signed-off-by: ugoogalizer --------- Signed-off-by: ugoogalizer Signed-off-by: Petr Drastil Co-authored-by: Petr Drastil --- charts/argo-cd/Chart.yaml | 6 +++--- charts/argo-cd/templates/argocd-server/role.yaml | 8 ++++++++ 2 files changed, 11 insertions(+), 3 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index 5d082b2bd..cd17b7ce3 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -3,7 +3,7 @@ appVersion: v2.6.3 kubeVersion: ">=1.22.0-0" description: A Helm chart for Argo CD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 5.23.3 +version: 5.23.4 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png sources: @@ -23,5 +23,5 @@ dependencies: condition: redis-ha.enabled annotations: artifacthub.io/changes: | - - kind: changed - description: Upgrade Argo CD to v.2.6.3 + - kind: added + description: Added pod exec permission to argo-server Role when exec.enabled is True. diff --git a/charts/argo-cd/templates/argocd-server/role.yaml b/charts/argo-cd/templates/argocd-server/role.yaml index f4c5d533e..477aa7a30 100644 --- a/charts/argo-cd/templates/argocd-server/role.yaml +++ b/charts/argo-cd/templates/argocd-server/role.yaml @@ -42,3 +42,11 @@ rules: verbs: - create - list +{{- if eq (toString (index (coalesce .Values.server.config .Values.configs.cm) "exec.enabled")) "true" }} +- apiGroups: + - "" +resources: + - pods/exec +verbs: + - create +{{- end }} From 7b499adc8b59a0561962c6cf4310507e4bb26b2a Mon Sep 17 00:00:00 2001 From: Petr Drastil Date: Wed, 1 Mar 2023 00:30:03 +0100 Subject: [PATCH 061/373] fix(argo-cd): Fix indentation for argocd-server role (#1871) --- charts/argo-cd/Chart.yaml | 6 +++--- charts/argo-cd/templates/argocd-server/role.yaml | 4 ++-- 2 files changed, 5 insertions(+), 5 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index cd17b7ce3..412180ce5 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -3,7 +3,7 @@ appVersion: v2.6.3 kubeVersion: ">=1.22.0-0" description: A Helm chart for Argo CD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 5.23.4 +version: 5.23.5 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png sources: @@ -23,5 +23,5 @@ dependencies: condition: redis-ha.enabled annotations: artifacthub.io/changes: | - - kind: added - description: Added pod exec permission to argo-server Role when exec.enabled is True. + - kind: fixed + description: Indentation for argo-server role when exec.enabled is True. diff --git a/charts/argo-cd/templates/argocd-server/role.yaml b/charts/argo-cd/templates/argocd-server/role.yaml index 477aa7a30..16164a9a4 100644 --- a/charts/argo-cd/templates/argocd-server/role.yaml +++ b/charts/argo-cd/templates/argocd-server/role.yaml @@ -45,8 +45,8 @@ rules: {{- if eq (toString (index (coalesce .Values.server.config .Values.configs.cm) "exec.enabled")) "true" }} - apiGroups: - "" -resources: + resources: - pods/exec -verbs: + verbs: - create {{- end }} From 053a338ea9f2c85ed5df37409d4ab1352c43c419 Mon Sep 17 00:00:00 2001 From: Petr Drastil Date: Thu, 2 Mar 2023 15:28:23 +0100 Subject: [PATCH 062/373] feat(argo-cd): Add additional global parameters for scheduling (#1846) Signed-off-by: Petr Drastil --- charts/argo-cd/Chart.yaml | 16 ++- charts/argo-cd/README.md | 69 ++++++---- charts/argo-cd/README.md.gotmpl | 7 +- charts/argo-cd/templates/_common.tpl | 15 +- .../statefulset.yaml | 16 ++- .../argocd-applicationset/deployment.yaml | 19 ++- .../argocd-notifications/deployment.yaml | 23 +++- .../argocd-repo-server/deployment.yaml | 16 ++- .../templates/argocd-server/deployment.yaml | 16 ++- charts/argo-cd/templates/dex/deployment.yaml | 20 +-- .../argo-cd/templates/redis/deployment.yaml | 16 ++- charts/argo-cd/values.yaml | 130 +++++++++++++----- 12 files changed, 248 insertions(+), 115 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index 412180ce5..2760c828b 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -3,7 +3,7 @@ appVersion: v2.6.3 kubeVersion: ">=1.22.0-0" description: A Helm chart for Argo CD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 5.23.5 +version: 5.24.0 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png sources: @@ -23,5 +23,15 @@ dependencies: condition: redis-ha.enabled annotations: artifacthub.io/changes: | - - kind: fixed - description: Indentation for argo-server role when exec.enabled is True. + - kind: added + description: Global nodeSelector configuration + - kind: added + description: Global tolerations configuration + - kind: added + description: Global topologySpreadConstraints configuration + - kind: added + description: Missing component level topologySpreadConstraints configuration + - kind: added + description: Missing component level priorityClassName configuration + - kind: changed + description: Global affinity preset can be disabled diff --git a/charts/argo-cd/README.md b/charts/argo-cd/README.md index 3cc94e791..21a945fa8 100644 --- a/charts/argo-cd/README.md +++ b/charts/argo-cd/README.md @@ -105,7 +105,12 @@ For full list of changes please check ArtifactHub [changelog]. Highlighted versions provide information about additional steps that should be performed by user when upgrading to newer version. -### 5.21.0 +### 5.24.0 + +This versions adds additional global parameters for scheduling (`nodeSelector`, `tolerations`, `topologySpreadConstraints`). +Default `global.affinity` rules can be disabled when `none` value is used for the preset. + +### 5.22.0 This versions adds `global.affinity` options that are used as a presets. Override on component level works as before and replaces the default preset completely. @@ -386,8 +391,8 @@ NAME: my-release |-----|------|---------|-------------| | global.additionalLabels | object | `{}` | Common labels for the all resources | | global.affinity.nodeAffinity.matchExpressions | list | `[]` | Default match expressions for node affinity | -| global.affinity.nodeAffinity.type | string | `"hard"` | Default node affinity rules. Either: `soft` or `hard` | -| global.affinity.podAntiAffinity | string | `"soft"` | Default pod anti-affinity rules. Either: `soft` or `hard` | +| global.affinity.nodeAffinity.type | string | `"hard"` | Default node affinity rules. Either: `none`, `soft` or `hard` | +| global.affinity.podAntiAffinity | string | `"soft"` | Default pod anti-affinity rules. Either: `none`, `soft` or `hard` | | global.deploymentAnnotations | object | `{}` | Annotations for the all deployed Deployments | | global.hostAliases | list | `[]` | Mapping between IP and hostnames that will be injected as entries in the pod's hosts files | | global.image.imagePullPolicy | string | `"IfNotPresent"` | If defined, a imagePullPolicy applied to all Argo CD deployments | @@ -398,11 +403,15 @@ NAME: my-release | global.logging.level | string | `"info"` | Set the global logging level. One of: `debug`, `info`, `warn` or `error` | | global.networkPolicy.create | bool | `false` | Create NetworkPolicy objects for all components | | global.networkPolicy.defaultDenyIngress | bool | `false` | Default deny all ingress traffic | +| global.nodeSelector | object | `{}` | Default node selector for all components | | global.podAnnotations | object | `{}` | Annotations for the all deployed pods | | global.podLabels | object | `{}` | Labels for the all deployed pods | +| global.priorityClassName | string | `""` | Default priority class for all components | | global.revisionHistoryLimit | int | `3` | Number of old deployment ReplicaSets to retain. The rest will be garbage collected. | | global.securityContext | object | `{}` (See [values.yaml]) | Toggle and define pod-level security context. | | global.statefulsetAnnotations | object | `{}` | Annotations for the all deployed Statefulsets | +| global.tolerations | object | `{}` | Default tolerations for all components | +| global.topologySpreadConstraints | list | `[]` | Default [TopologySpreadConstraints] rules for all components | ## Argo CD Configs @@ -505,7 +514,7 @@ NAME: my-release | controller.metrics.serviceMonitor.selector | object | `{}` | Prometheus ServiceMonitor selector | | controller.metrics.serviceMonitor.tlsConfig | object | `{}` | Prometheus ServiceMonitor tlsConfig | | controller.name | string | `"application-controller"` | Application controller name string | -| controller.nodeSelector | object | `{}` | [Node selector] | +| controller.nodeSelector | object | `{}` (defaults to global.nodeSelector) | [Node selector] | | controller.pdb.annotations | object | `{}` | Annotations to be added to application controller pdb | | controller.pdb.enabled | bool | `false` | Deploy a [PodDisruptionBudget] for the application controller | | controller.pdb.labels | object | `{}` | Labels to be added to application controller pdb | @@ -513,7 +522,7 @@ NAME: my-release | controller.pdb.minAvailable | string | `""` (defaults to 0 if not specified) | Number of pods that are available after eviction as number or percentage (eg.: 50%) | | controller.podAnnotations | object | `{}` | Annotations to be added to application controller pods | | controller.podLabels | object | `{}` | Labels to be added to application controller pods | -| controller.priorityClassName | string | `""` | Priority class for the application controller pods | +| controller.priorityClassName | string | `""` (defaults to global.priorityClassName) | Priority class for the application controller pods | | controller.readinessProbe.failureThreshold | int | `3` | Minimum consecutive failures for the [probe] to be considered failed after having succeeded | | controller.readinessProbe.initialDelaySeconds | int | `10` | Number of seconds after the container has started before [probe] is initiated | | controller.readinessProbe.periodSeconds | int | `10` | How often (in seconds) to perform the [probe] | @@ -527,8 +536,8 @@ NAME: my-release | controller.serviceAccount.labels | object | `{}` | Labels applied to created service account | | controller.serviceAccount.name | string | `"argocd-application-controller"` | Service account name | | controller.statefulsetAnnotations | object | `{}` | Annotations for the application controller StatefulSet | -| controller.tolerations | list | `[]` | [Tolerations] for use with node taints | -| controller.topologySpreadConstraints | list | `[]` | Assign custom [TopologySpreadConstraints] rules to the application controller | +| controller.tolerations | list | `[]` (defaults to global.tolerations) | [Tolerations] for use with node taints | +| controller.topologySpreadConstraints | list | `[]` (defaults to global.topologySpreadConstraints) | Assign custom [TopologySpreadConstraints] rules to the application controller | | controller.volumeMounts | list | `[]` | Additional volumeMounts to the application controller main container | | controller.volumes | list | `[]` | Additional volumes to the application controller pod | @@ -588,7 +597,7 @@ NAME: my-release | repoServer.metrics.serviceMonitor.selector | object | `{}` | Prometheus ServiceMonitor selector | | repoServer.metrics.serviceMonitor.tlsConfig | object | `{}` | Prometheus ServiceMonitor tlsConfig | | repoServer.name | string | `"repo-server"` | Repo server name | -| repoServer.nodeSelector | object | `{}` | [Node selector] | +| repoServer.nodeSelector | object | `{}` (defaults to global.nodeSelector) | [Node selector] | | repoServer.pdb.annotations | object | `{}` | Annotations to be added to repo server pdb | | repoServer.pdb.enabled | bool | `false` | Deploy a [PodDisruptionBudget] for the repo server | | repoServer.pdb.labels | object | `{}` | Labels to be added to repo server pdb | @@ -596,7 +605,7 @@ NAME: my-release | repoServer.pdb.minAvailable | string | `""` (defaults to 0 if not specified) | Number of pods that are available after eviction as number or percentage (eg.: 50%) | | repoServer.podAnnotations | object | `{}` | Annotations to be added to repo server pods | | repoServer.podLabels | object | `{}` | Labels to be added to repo server pods | -| repoServer.priorityClassName | string | `""` | Priority class for the repo server | +| repoServer.priorityClassName | string | `""` (defaults to global.priorityClassName) | Priority class for the repo server pods | | repoServer.rbac | list | `[]` | Repo server rbac rules | | repoServer.readinessProbe.failureThreshold | int | `3` | Minimum consecutive failures for the [probe] to be considered failed after having succeeded | | repoServer.readinessProbe.initialDelaySeconds | int | `10` | Number of seconds after the container has started before [probe] is initiated | @@ -614,8 +623,8 @@ NAME: my-release | repoServer.serviceAccount.create | bool | `true` | Create repo server service account | | repoServer.serviceAccount.labels | object | `{}` | Labels applied to created service account | | repoServer.serviceAccount.name | string | `""` | Repo server service account name | -| repoServer.tolerations | list | `[]` | [Tolerations] for use with node taints | -| repoServer.topologySpreadConstraints | list | `[]` | Assign custom [TopologySpreadConstraints] rules to the repo server | +| repoServer.tolerations | list | `[]` (defaults to global.tolerations) | [Tolerations] for use with node taints | +| repoServer.topologySpreadConstraints | list | `[]` (defaults to global.topologySpreadConstraints) | Assign custom [TopologySpreadConstraints] rules to the repo server | | repoServer.volumeMounts | list | `[]` | Additional volumeMounts to the repo server main container | | repoServer.volumes | list | `[]` | Additional volumes to the repo server pod | @@ -721,7 +730,7 @@ NAME: my-release | server.metrics.serviceMonitor.selector | object | `{}` | Prometheus ServiceMonitor selector | | server.metrics.serviceMonitor.tlsConfig | object | `{}` | Prometheus ServiceMonitor tlsConfig | | server.name | string | `"server"` | Argo CD server name | -| server.nodeSelector | object | `{}` | [Node selector] | +| server.nodeSelector | object | `{}` (defaults to global.nodeSelector) | [Node selector] | | server.pdb.annotations | object | `{}` | Annotations to be added to Argo CD server pdb | | server.pdb.enabled | bool | `false` | Deploy a [PodDisruptionBudget] for the Argo CD server | | server.pdb.labels | object | `{}` | Labels to be added to Argo CD server pdb | @@ -729,7 +738,7 @@ NAME: my-release | server.pdb.minAvailable | string | `""` (defaults to 0 if not specified) | Number of pods that are available after eviction as number or percentage (eg.: 50%) | | server.podAnnotations | object | `{}` | Annotations to be added to server pods | | server.podLabels | object | `{}` | Labels to be added to server pods | -| server.priorityClassName | string | `""` | Priority class for the Argo CD server | +| server.priorityClassName | string | `""` (defaults to global.priorityClassName) | Priority class for the Argo CD server pods | | server.readinessProbe.failureThreshold | int | `3` | Minimum consecutive failures for the [probe] to be considered failed after having succeeded | | server.readinessProbe.initialDelaySeconds | int | `10` | Number of seconds after the container has started before [probe] is initiated | | server.readinessProbe.periodSeconds | int | `10` | How often (in seconds) to perform the [probe] | @@ -761,8 +770,8 @@ NAME: my-release | server.serviceAccount.create | bool | `true` | Create server service account | | server.serviceAccount.labels | object | `{}` | Labels applied to created service account | | server.serviceAccount.name | string | `"argocd-server"` | Server service account name | -| server.tolerations | list | `[]` | [Tolerations] for use with node taints | -| server.topologySpreadConstraints | list | `[]` | Assign custom [TopologySpreadConstraints] rules to the Argo CD server | +| server.tolerations | list | `[]` (defaults to global.tolerations) | [Tolerations] for use with node taints | +| server.topologySpreadConstraints | list | `[]` (defaults to global.topologySpreadConstraints) | Assign custom [TopologySpreadConstraints] rules to the Argo CD server | | server.volumeMounts | list | `[]` | Additional volumeMounts to the server main container | | server.volumes | list | `[]` | Additional volumes to the server pod | @@ -840,7 +849,7 @@ server: | dex.metrics.serviceMonitor.selector | object | `{}` | Prometheus ServiceMonitor selector | | dex.metrics.serviceMonitor.tlsConfig | object | `{}` | Prometheus ServiceMonitor tlsConfig | | dex.name | string | `"dex-server"` | Dex name | -| dex.nodeSelector | object | `{}` | [Node selector] | +| dex.nodeSelector | object | `{}` (defaults to global.nodeSelector) | [Node selector] | | dex.pdb.annotations | object | `{}` | Annotations to be added to Dex server pdb | | dex.pdb.enabled | bool | `false` | Deploy a [PodDisruptionBudget] for the Dex server | | dex.pdb.labels | object | `{}` | Labels to be added to Dex server pdb | @@ -848,7 +857,7 @@ server: | dex.pdb.minAvailable | string | `""` (defaults to 0 if not specified) | Number of pods that are available after eviction as number or percentage (eg.: 50%) | | dex.podAnnotations | object | `{}` | Annotations to be added to the Dex server pods | | dex.podLabels | object | `{}` | Labels to be added to the Dex server pods | -| dex.priorityClassName | string | `""` | Priority class for dex | +| dex.priorityClassName | string | `""` (defaults to global.priorityClassName) | Priority class for the dex pods | | dex.readinessProbe.enabled | bool | `false` | Enable Kubernetes readiness probe for Dex >= 2.28.0 | | dex.readinessProbe.failureThreshold | int | `3` | Minimum consecutive failures for the [probe] to be considered failed after having succeeded | | dex.readinessProbe.initialDelaySeconds | int | `10` | Number of seconds after the container has started before [probe] is initiated | @@ -865,8 +874,8 @@ server: | dex.servicePortHttp | int | `5556` | Service port for HTTP access | | dex.servicePortHttpName | string | `"http"` | Service port name for HTTP access | | dex.servicePortMetrics | int | `5558` | Service port for metrics access | -| dex.tolerations | list | `[]` | [Tolerations] for use with node taints | -| dex.topologySpreadConstraints | list | `[]` | Assign custom [TopologySpreadConstraints] rules to dex | +| dex.tolerations | list | `[]` (defaults to global.tolerations) | [Tolerations] for use with node taints | +| dex.topologySpreadConstraints | list | `[]` (defaults to global.topologySpreadConstraints) | Assign custom [TopologySpreadConstraints] rules to dex | | dex.volumeMounts | list | `[]` | Additional volumeMounts to the dex main container | | dex.volumes | list | `[]` | Additional volumes to the dex pod | @@ -917,7 +926,7 @@ server: | redis.metrics.serviceMonitor.selector | object | `{}` | Prometheus ServiceMonitor selector | | redis.metrics.serviceMonitor.tlsConfig | object | `{}` | Prometheus ServiceMonitor tlsConfig | | redis.name | string | `"redis"` | Redis name | -| redis.nodeSelector | object | `{}` | [Node selector] | +| redis.nodeSelector | object | `{}` (defaults to global.nodeSelector) | [Node selector] | | redis.pdb.annotations | object | `{}` | Annotations to be added to Redis pdb | | redis.pdb.enabled | bool | `false` | Deploy a [PodDisruptionBudget] for the Redis | | redis.pdb.labels | object | `{}` | Labels to be added to Redis pdb | @@ -925,7 +934,7 @@ server: | redis.pdb.minAvailable | string | `""` (defaults to 0 if not specified) | Number of pods that are available after eviction as number or percentage (eg.: 50%) | | redis.podAnnotations | object | `{}` | Annotations to be added to the Redis server pods | | redis.podLabels | object | `{}` | Labels to be added to the Redis server pods | -| redis.priorityClassName | string | `""` | Priority class for redis | +| redis.priorityClassName | string | `""` (defaults to global.priorityClassName) | Priority class for redis pods | | redis.resources | object | `{}` | Resource limits and requests for redis | | redis.securityContext | object | See [values.yaml] | Redis pod-level security context | | redis.service.annotations | object | `{}` | Redis service annotations | @@ -935,8 +944,8 @@ server: | redis.serviceAccount.create | bool | `false` | Create a service account for the redis pod | | redis.serviceAccount.name | string | `""` | Service account name for redis pod | | redis.servicePort | int | `6379` | Redis service port | -| redis.tolerations | list | `[]` | [Tolerations] for use with node taints | -| redis.topologySpreadConstraints | list | `[]` | Assign custom [TopologySpreadConstraints] rules to redis | +| redis.tolerations | list | `[]` (defaults to global.tolerations) | [Tolerations] for use with node taints | +| redis.topologySpreadConstraints | list | `[]` (defaults to global.topologySpreadConstraints) | Assign custom [TopologySpreadConstraints] rules to redis | | redis.volumeMounts | list | `[]` | Additional volumeMounts to the redis container | | redis.volumes | list | `[]` | Additional volumes to the redis pod | @@ -1029,7 +1038,7 @@ If you want to use an existing Redis (eg. a managed service from a cloud provide | applicationSet.metrics.serviceMonitor.selector | object | `{}` | Prometheus ServiceMonitor selector | | applicationSet.metrics.serviceMonitor.tlsConfig | object | `{}` | Prometheus ServiceMonitor tlsConfig | | applicationSet.name | string | `"applicationset-controller"` | ApplicationSet controller name string | -| applicationSet.nodeSelector | object | `{}` | [Node selector] | +| applicationSet.nodeSelector | object | `{}` (defaults to global.nodeSelector) | [Node selector] | | applicationSet.pdb.annotations | object | `{}` | Annotations to be added to ApplicationSet controller pdb | | applicationSet.pdb.enabled | bool | `false` | Deploy a [PodDisruptionBudget] for the ApplicationSet controller | | applicationSet.pdb.labels | object | `{}` | Labels to be added to ApplicationSet controller pdb | @@ -1037,7 +1046,7 @@ If you want to use an existing Redis (eg. a managed service from a cloud provide | applicationSet.pdb.minAvailable | string | `""` (defaults to 0 if not specified) | Number of pods that are available after eviction as number or percentage (eg.: 50%) | | applicationSet.podAnnotations | object | `{}` | Annotations for the ApplicationSet controller pods | | applicationSet.podLabels | object | `{}` | Labels for the ApplicationSet controller pods | -| applicationSet.priorityClassName | string | `""` | If specified, indicates the pod's priority. If not specified, the pod priority will be default or zero if there is no default. | +| applicationSet.priorityClassName | string | `""` (defaults to global.priorityClassName) | Priority class for the ApplicationSet controller pods | | applicationSet.readinessProbe.enabled | bool | `false` | Enable Kubernetes liveness probe for ApplicationSet controller | | applicationSet.readinessProbe.failureThreshold | int | `3` | Minimum consecutive failures for the [probe] to be considered failed after having succeeded | | applicationSet.readinessProbe.initialDelaySeconds | int | `10` | Number of seconds after the container has started before [probe] is initiated | @@ -1055,7 +1064,8 @@ If you want to use an existing Redis (eg. a managed service from a cloud provide | applicationSet.serviceAccount.create | bool | `true` | Create ApplicationSet controller service account | | applicationSet.serviceAccount.labels | object | `{}` | Labels applied to created service account | | applicationSet.serviceAccount.name | string | `"argocd-applicationset-controller"` | ApplicationSet controller service account name | -| applicationSet.tolerations | list | `[]` | [Tolerations] for use with node taints | +| applicationSet.tolerations | list | `[]` (defaults to global.tolerations) | [Tolerations] for use with node taints | +| applicationSet.topologySpreadConstraints | list | `[]` (defaults to global.topologySpreadConstraints) | Assign custom [TopologySpreadConstraints] rules to the ApplicationSet controller | | applicationSet.webhook.ingress.annotations | object | `{}` | Additional ingress annotations | | applicationSet.webhook.ingress.enabled | bool | `false` | Enable an ingress resource for Webhooks | | applicationSet.webhook.ingress.extraPaths | list | `[]` | Additional ingress paths | @@ -1107,7 +1117,7 @@ If you want to use an existing Redis (eg. a managed service from a cloud provide | notifications.metrics.serviceMonitor.selector | object | `{}` | Prometheus ServiceMonitor selector | | notifications.metrics.serviceMonitor.tlsConfig | object | `{}` | Prometheus ServiceMonitor tlsConfig | | notifications.name | string | `"notifications-controller"` | Notifications controller name string | -| notifications.nodeSelector | object | `{}` | [Node selector] | +| notifications.nodeSelector | object | `{}` (defaults to global.nodeSelector) | [Node selector] | | notifications.notifiers | object | See [values.yaml] | Configures notification services such as slack, email or custom webhook | | notifications.pdb.annotations | object | `{}` | Annotations to be added to notifications controller pdb | | notifications.pdb.enabled | bool | `false` | Deploy a [PodDisruptionBudget] for the notifications controller | @@ -1116,7 +1126,7 @@ If you want to use an existing Redis (eg. a managed service from a cloud provide | notifications.pdb.minAvailable | string | `""` (defaults to 0 if not specified) | Number of pods that are available after eviction as number or percentage (eg.: 50%) | | notifications.podAnnotations | object | `{}` | Annotations to be applied to the notifications controller Pods | | notifications.podLabels | object | `{}` | Labels to be applied to the notifications controller Pods | -| notifications.priorityClassName | string | `""` | Priority class for the notifications controller pods | +| notifications.priorityClassName | string | `""` (defaults to global.priorityClassName) | Priority class for the notifications controller pods | | notifications.resources | object | `{}` | Resource limits and requests for the notifications controller | | notifications.secret.annotations | object | `{}` | key:value pairs of annotations to be added to the secret | | notifications.secret.create | bool | `true` | Whether helm chart creates notifications controller secret | @@ -1128,7 +1138,8 @@ If you want to use an existing Redis (eg. a managed service from a cloud provide | notifications.serviceAccount.name | string | `"argocd-notifications-controller"` | Notification controller service account name | | notifications.subscriptions | list | `[]` | Contains centrally managed global application subscriptions | | notifications.templates | object | `{}` | The notification template is used to generate the notification content | -| notifications.tolerations | list | `[]` | [Tolerations] for use with node taints | +| notifications.tolerations | list | `[]` (defaults to global.tolerations) | [Tolerations] for use with node taints | +| notifications.topologySpreadConstraints | list | `[]` (defaults to global.topologySpreadConstraints) | Assign custom [TopologySpreadConstraints] rules to the application controller | | notifications.triggers | object | `{}` | The trigger defines the condition when the notification should be sent | ---------------------------------------------- diff --git a/charts/argo-cd/README.md.gotmpl b/charts/argo-cd/README.md.gotmpl index f450e0e7c..945bab728 100644 --- a/charts/argo-cd/README.md.gotmpl +++ b/charts/argo-cd/README.md.gotmpl @@ -104,7 +104,12 @@ For full list of changes please check ArtifactHub [changelog]. Highlighted versions provide information about additional steps that should be performed by user when upgrading to newer version. -### 5.21.0 +### 5.24.0 + +This versions adds additional global parameters for scheduling (`nodeSelector`, `tolerations`, `topologySpreadConstraints`). +Default `global.affinity` rules can be disabled when `none` value is used for the preset. + +### 5.22.0 This versions adds `global.affinity` options that are used as a presets. Override on component level works as before and replaces the default preset completely. diff --git a/charts/argo-cd/templates/_common.tpl b/charts/argo-cd/templates/_common.tpl index 2ba53d8cc..dd43d0d5f 100644 --- a/charts/argo-cd/templates/_common.tpl +++ b/charts/argo-cd/templates/_common.tpl @@ -78,16 +78,18 @@ Node affinity {{- toYaml . -}} {{- else -}} {{- $preset := .context.Values.global.affinity -}} +{{- if (eq $preset.podAntiAffinity "soft") }} podAntiAffinity: preferredDuringSchedulingIgnoredDuringExecution: - {{- if (eq $preset.podAntiAffinity "soft") }} - weight: 100 podAffinityTerm: labelSelector: matchLabels: app.kubernetes.io/name: {{ include "argo-cd.name" .context }}-{{ .component.name }} topologyKey: kubernetes.io/hostname - {{- else }} +{{- else if (eq $preset.podAntiAffinity "hard") }} +podAntiAffinity: + preferredDuringSchedulingIgnoredDuringExecution: - weight: 100 podAffinityTerm: labelSelector: @@ -99,21 +101,22 @@ podAntiAffinity: matchLabels: app.kubernetes.io/name: {{ include "argo-cd.name" .context }}-{{ .component.name }} topologyKey: kubernetes.io/hostname - {{- end }} +{{- end }} {{- with $preset.nodeAffinity.matchExpressions }} +{{- if (eq $preset.nodeAffinity.type "soft") }} nodeAffinity: - {{- if (eq $preset.nodeAffinity.type "soft") }} preferredDuringSchedulingIgnoredDuringExecution: - weight: 1 preference: matchExpressions: {{- toYaml . | nindent 6 }} - {{- else }} +{{- else if (eq $preset.nodeAffinity.type "hard") }} +nodeAffinity: requiredDuringSchedulingIgnoredDuringExecution: nodeSelectorTerms: - matchExpressions: {{- toYaml . | nindent 6 }} - {{- end }} +{{- end }} {{- end -}} {{- end -}} {{- end -}} diff --git a/charts/argo-cd/templates/argocd-application-controller/statefulset.yaml b/charts/argo-cd/templates/argocd-application-controller/statefulset.yaml index f8460906b..ad8cbc1b7 100644 --- a/charts/argo-cd/templates/argocd-application-controller/statefulset.yaml +++ b/charts/argo-cd/templates/argocd-application-controller/statefulset.yaml @@ -45,6 +45,9 @@ spec: securityContext: {{- toYaml . | nindent 8 }} {{- end }} + {{- with .Values.controller.priorityClassName | default .Values.global.priorityClassName }} + priorityClassName: {{ . }} + {{- end }} serviceAccountName: {{ include "argo-cd.controllerServiceAccountName" . }} containers: - command: @@ -269,17 +272,19 @@ spec: initContainers: {{- tpl (toYaml .) $ | nindent 6 }} {{- end }} + {{- with include "argo-cd.affinity" (dict "context" . "component" .Values.controller) }} affinity: - {{- include "argo-cd.affinity" (dict "context" . "component" .Values.controller) | nindent 8 }} - {{- with .Values.controller.nodeSelector }} + {{- trim . | nindent 8 }} + {{- end }} + {{- with .Values.controller.nodeSelector | default .Values.global.nodeSelector }} nodeSelector: {{- toYaml . | nindent 8 }} {{- end }} - {{- with .Values.controller.tolerations }} + {{- with .Values.controller.tolerations | default .Values.global.tolerations }} tolerations: {{- toYaml . | nindent 8 }} {{- end }} - {{- with .Values.controller.topologySpreadConstraints }} + {{- with .Values.controller.topologySpreadConstraints | default .Values.global.topologySpreadConstraints }} topologySpreadConstraints: {{- range $constraint := . }} - {{ toYaml $constraint | nindent 8 | trim }} @@ -307,9 +312,6 @@ spec: path: tls.key - key: ca.crt path: ca.crt - {{- with .Values.controller.priorityClassName }} - priorityClassName: {{ . }} - {{- end }} hostNetwork: {{ .Values.controller.hostNetwork }} {{- with .Values.controller.dnsConfig }} dnsConfig: diff --git a/charts/argo-cd/templates/argocd-applicationset/deployment.yaml b/charts/argo-cd/templates/argocd-applicationset/deployment.yaml index 6011cd0ba..bbf8d160d 100644 --- a/charts/argo-cd/templates/argocd-applicationset/deployment.yaml +++ b/charts/argo-cd/templates/argocd-applicationset/deployment.yaml @@ -43,6 +43,9 @@ spec: securityContext: {{- toYaml . | nindent 8 }} {{- end }} + {{- with .Values.applicationSet.priorityClassName | default .Values.global.priorityClassName }} + priorityClassName: {{ . }} + {{- end }} serviceAccountName: {{ include "argo-cd.applicationSetServiceAccountName" . }} containers: - name: {{ .Values.applicationSet.name }} @@ -198,8 +201,10 @@ spec: initContainers: {{- tpl (toYaml .) $ | nindent 6 }} {{- end }} + {{- with include "argo-cd.affinity" (dict "context" . "component" .Values.applicationSet) }} affinity: - {{- include "argo-cd.affinity" (dict "context" . "component" .Values.applicationSet) | nindent 8 }} + {{- trim . | nindent 8 }} + {{- end }} {{- with .Values.applicationSet.nodeSelector }} nodeSelector: {{- toYaml . | nindent 8 }} @@ -208,8 +213,16 @@ spec: tolerations: {{- toYaml . | nindent 8 }} {{- end }} - {{- with .Values.applicationSet.priorityClassName }} - priorityClassName: {{ . }} + {{- with .Values.applicationSet.topologySpreadConstraints | default .Values.global.topologySpreadConstraints }} + topologySpreadConstraints: + {{- range $constraint := . }} + - {{ toYaml $constraint | nindent 8 | trim }} + {{- if not $constraint.labelSelector }} + labelSelector: + matchLabels: + {{- include "argo-cd.selectorLabels" (dict "context" $ "name" $.Values.applicationSet.name) | nindent 12 }} + {{- end }} + {{- end }} {{- end }} volumes: {{- with .Values.applicationSet.extraVolumes }} diff --git a/charts/argo-cd/templates/argocd-notifications/deployment.yaml b/charts/argo-cd/templates/argocd-notifications/deployment.yaml index e3e7968b7..45ba1de0b 100644 --- a/charts/argo-cd/templates/argocd-notifications/deployment.yaml +++ b/charts/argo-cd/templates/argocd-notifications/deployment.yaml @@ -45,6 +45,9 @@ spec: securityContext: {{- toYaml . | nindent 8 }} {{- end }} + {{- with .Values.notifications.priorityClassName | default .Values.global.priorityClassName }} + priorityClassName: {{ . }} + {{- end }} serviceAccountName: {{ include "argo-cd.notificationsServiceAccountName" . }} containers: - name: {{ .Values.notifications.name }} @@ -92,18 +95,28 @@ spec: initContainers: {{- tpl (toYaml . ) $ | nindent 8 }} {{- end }} + {{- with include "argo-cd.affinity" (dict "context" . "component" .Values.notifications) }} affinity: - {{- include "argo-cd.affinity" (dict "context" . "component" .Values.notifications) | nindent 8 }} - {{- with .Values.notifications.nodeSelector }} + {{- trim . | nindent 8 }} + {{- end }} + {{- with .Values.notifications.nodeSelector | default .Values.global.nodeSelector }} nodeSelector: {{- toYaml . | nindent 8 }} {{- end }} - {{- with .Values.notifications.tolerations }} + {{- with .Values.notifications.tolerations | default .Values.global.tolerations }} tolerations: {{- toYaml . | nindent 8 }} {{- end }} - {{- with .Values.notifications.priorityClassName }} - priorityClassName: {{ . }} + {{- with .Values.notifications.topologySpreadConstraints | default .Values.global.topologySpreadConstraints }} + topologySpreadConstraints: + {{- range $constraint := . }} + - {{ toYaml $constraint | nindent 8 | trim }} + {{- if not $constraint.labelSelector }} + labelSelector: + matchLabels: + {{- include "argo-cd.selectorLabels" (dict "context" $ "name" $.Values.notifications.name) | nindent 12 }} + {{- end }} + {{- end }} {{- end }} volumes: {{- with .Values.notifications.extraVolumes }} diff --git a/charts/argo-cd/templates/argocd-repo-server/deployment.yaml b/charts/argo-cd/templates/argocd-repo-server/deployment.yaml index 28bd3b6dc..3e22a00d4 100755 --- a/charts/argo-cd/templates/argocd-repo-server/deployment.yaml +++ b/charts/argo-cd/templates/argocd-repo-server/deployment.yaml @@ -48,6 +48,9 @@ spec: securityContext: {{- toYaml . | nindent 8 }} {{- end }} + {{- with .Values.repoServer.priorityClassName | default .Values.global.priorityClassName }} + priorityClassName: {{ . }} + {{- end }} serviceAccountName: {{ include "argo-cd.repoServerServiceAccountName" . }} containers: - name: {{ .Values.repoServer.name }} @@ -295,17 +298,19 @@ spec: {{- with .Values.repoServer.initContainers }} {{- tpl (toYaml .) $ | nindent 6 }} {{- end }} + {{- with include "argo-cd.affinity" (dict "context" . "component" .Values.repoServer) }} affinity: - {{- include "argo-cd.affinity" (dict "context" . "component" .Values.repoServer) | nindent 8 }} - {{- with .Values.repoServer.nodeSelector }} + {{- trim . | nindent 8 }} + {{- end }} + {{- with .Values.repoServer.nodeSelector | default .Values.global.nodeSelector }} nodeSelector: {{- toYaml . | nindent 8 }} {{- end }} - {{- with .Values.repoServer.tolerations }} + {{- with .Values.repoServer.tolerations | default .Values.global.tolerations }} tolerations: {{- toYaml . | nindent 8 }} {{- end }} - {{- with .Values.repoServer.topologySpreadConstraints }} + {{- with .Values.repoServer.topologySpreadConstraints | default .Values.global.topologySpreadConstraints }} topologySpreadConstraints: {{- range $constraint := . }} - {{ toYaml $constraint | nindent 8 | trim }} @@ -350,9 +355,6 @@ spec: path: tls.key - key: ca.crt path: ca.crt - {{- with .Values.repoServer.priorityClassName }} - priorityClassName: {{ . }} - {{- end }} hostNetwork: {{ .Values.repoServer.hostNetwork }} {{- with .Values.repoServer.dnsConfig }} dnsConfig: diff --git a/charts/argo-cd/templates/argocd-server/deployment.yaml b/charts/argo-cd/templates/argocd-server/deployment.yaml index ea3d3a6ed..bb2f750b4 100755 --- a/charts/argo-cd/templates/argocd-server/deployment.yaml +++ b/charts/argo-cd/templates/argocd-server/deployment.yaml @@ -45,6 +45,9 @@ spec: securityContext: {{- toYaml . | nindent 8 }} {{- end }} + {{- with .Values.server.priorityClassName | default .Values.global.priorityClassName }} + priorityClassName: {{ . }} + {{- end }} serviceAccountName: {{ include "argo-cd.serverServiceAccountName" . }} containers: - name: {{ .Values.server.name }} @@ -353,17 +356,19 @@ spec: initContainers: {{- tpl (toYaml .) $ | nindent 6 }} {{- end }} + {{- with include "argo-cd.affinity" (dict "context" . "component" .Values.server) }} affinity: - {{- include "argo-cd.affinity" (dict "context" . "component" .Values.server) | nindent 8 }} - {{- with .Values.server.nodeSelector }} + {{- trim . | nindent 8 }} + {{- end }} + {{- with .Values.server.nodeSelector | default .Values.global.nodeSelector }} nodeSelector: {{- toYaml . | nindent 8 }} {{- end }} - {{- with .Values.server.tolerations }} + {{- with .Values.server.tolerations | default .Values.global.tolerations }} tolerations: {{- toYaml . | nindent 8 }} {{- end }} - {{- with .Values.server.topologySpreadConstraints }} + {{- with .Values.server.topologySpreadConstraints | default .Values.global.topologySpreadConstraints }} topologySpreadConstraints: {{- range $constraint := . }} - {{ toYaml $constraint | nindent 8 | trim }} @@ -416,9 +421,6 @@ spec: path: tls.crt - key: ca.crt path: ca.crt - {{- with .Values.server.priorityClassName }} - priorityClassName: {{ . }} - {{- end }} hostNetwork: {{ .Values.server.hostNetwork }} {{- with .Values.server.dnsConfig }} dnsConfig: diff --git a/charts/argo-cd/templates/dex/deployment.yaml b/charts/argo-cd/templates/dex/deployment.yaml index d2189cc37..fd5e00d9d 100755 --- a/charts/argo-cd/templates/dex/deployment.yaml +++ b/charts/argo-cd/templates/dex/deployment.yaml @@ -47,7 +47,10 @@ spec: securityContext: {{- toYaml . | nindent 8 }} {{- end }} - serviceAccountName: {{ include "argo-cd.dexServiceAccountName" . }} + {{- with .Values.dex.priorityClassName | default .Values.global.priorityClassName }} + priorityClassName: {{ . }} + {{- end }} + serviceAccountName: {{ template "argo-cd.dexServiceAccountName" . }} containers: - name: {{ .Values.dex.name }} image: {{ .Values.dex.image.repository }}:{{ .Values.dex.image.tag }} @@ -143,17 +146,19 @@ spec: {{- with .Values.dex.initContainers }} {{- tpl (toYaml .) $ | nindent 6 }} {{- end }} - {{- with .Values.dex.nodeSelector }} + {{- with include "argo-cd.affinity" (dict "context" . "component" .Values.dex) }} + affinity: + {{- trim . | nindent 8 }} + {{- end }} + {{- with .Values.dex.nodeSelector | default .Values.global.nodeSelector }} nodeSelector: {{- toYaml . | nindent 8 }} {{- end }} - {{- with .Values.dex.tolerations }} + {{- with .Values.dex.tolerations | default .Values.global.tolerations }} tolerations: {{- toYaml . | nindent 8 }} {{- end }} - affinity: - {{- include "argo-cd.affinity" (dict "context" . "component" .Values.dex) | nindent 8 }} - {{- with .Values.dex.topologySpreadConstraints }} + {{- with .Values.dex.topologySpreadConstraints | default .Values.global.topologySpreadConstraints }} topologySpreadConstraints: {{- range $constraint := . }} - {{ toYaml $constraint | nindent 8 | trim }} @@ -183,9 +188,6 @@ spec: {{- with .Values.dex.volumes }} {{- toYaml . | nindent 6 }} {{- end }} - {{- with .Values.dex.priorityClassName }} - priorityClassName: {{ . }} - {{- end }} {{- with .Values.dex.dnsConfig }} dnsConfig: {{- toYaml . | nindent 8 }} diff --git a/charts/argo-cd/templates/redis/deployment.yaml b/charts/argo-cd/templates/redis/deployment.yaml index e23fe46ca..389cf678a 100755 --- a/charts/argo-cd/templates/redis/deployment.yaml +++ b/charts/argo-cd/templates/redis/deployment.yaml @@ -44,6 +44,9 @@ spec: securityContext: {{- toYaml . | nindent 8 }} {{- end }} + {{- with .Values.redis.priorityClassName | default .Values.global.priorityClassName }} + priorityClassName: {{ . }} + {{- end }} serviceAccountName: {{ include "argo-cd.redisServiceAccountName" . }} containers: - name: {{ .Values.redis.name }} @@ -102,17 +105,19 @@ spec: initContainers: {{- tpl (toYaml .) $ | nindent 6 }} {{- end }} - {{- with .Values.redis.nodeSelector }} + {{- with .Values.redis.nodeSelector | default .Values.global.nodeSelector }} nodeSelector: {{- toYaml . | nindent 8 }} {{- end }} - {{- with .Values.redis.tolerations }} + {{- with .Values.redis.tolerations | default .Values.global.tolerations }} tolerations: {{- toYaml . | nindent 8 }} {{- end }} + {{- with include "argo-cd.affinity" (dict "context" . "component" .Values.redis) }} affinity: - {{- include "argo-cd.affinity" (dict "context" . "component" .Values.redis) | nindent 8 }} - {{- with .Values.redis.topologySpreadConstraints }} + {{- trim . | nindent 8 }} + {{- end }} + {{- with .Values.redis.topologySpreadConstraints | default .Values.global.topologySpreadConstraints }} topologySpreadConstraints: {{- range $constraint := . }} - {{ toYaml $constraint | nindent 8 | trim }} @@ -123,9 +128,6 @@ spec: {{- end }} {{- end }} {{- end }} - {{- with .Values.redis.priorityClassName }} - priorityClassName: {{ . }} - {{- end }} {{- with .Values.redis.volumes }} volumes: {{- toYaml . | nindent 8}} diff --git a/charts/argo-cd/values.yaml b/charts/argo-cd/values.yaml index d7c5c8536..3cc933a62 100755 --- a/charts/argo-cd/values.yaml +++ b/charts/argo-cd/values.yaml @@ -99,13 +99,22 @@ global: # -- Default deny all ingress traffic defaultDenyIngress: false + # -- Default priority class for all components + priorityClassName: "" + + # -- Default node selector for all components + nodeSelector: {} + + # -- Default tolerations for all components + tolerations: {} + # Default affinity preset for all components affinity: - # -- Default pod anti-affinity rules. Either: `soft` or `hard` + # -- Default pod anti-affinity rules. Either: `none`, `soft` or `hard` podAntiAffinity: soft # Node affinity rules nodeAffinity: - # -- Default node affinity rules. Either: `soft` or `hard` + # -- Default node affinity rules. Either: `none`, `soft` or `hard` type: hard # -- Default match expressions for node affinity matchExpressions: [] @@ -115,6 +124,15 @@ global: # - antarctica-east1 # - antarctica-west1 + # -- Default [TopologySpreadConstraints] rules for all components + ## Ref: https://kubernetes.io/docs/concepts/workloads/pods/pod-topology-spread-constraints/ + ## If labelSelector is left out, it will default to the labelSelector of the component + topologySpreadConstraints: [] + # - maxSkew: 1 + # topologyKey: topology.kubernetes.io/zone + # whenUnsatisfiable: DoNotSchedule + + ## Argo Configs configs: # General Argo CD configuration @@ -637,10 +655,16 @@ controller: # -- Number of seconds after which the [probe] times out timeoutSeconds: 1 + # -- Priority class for the application controller pods + # @default -- `""` (defaults to global.priorityClassName) + priorityClassName: "" + # -- [Node selector] + # @default -- `{}` (defaults to global.nodeSelector) nodeSelector: {} # -- [Tolerations] for use with node taints + # @default -- `[]` (defaults to global.tolerations) tolerations: [] # -- Assign custom [affinity] rules to the deployment @@ -648,15 +672,13 @@ controller: affinity: {} # -- Assign custom [TopologySpreadConstraints] rules to the application controller + # @default -- `[]` (defaults to global.topologySpreadConstraints) ## Ref: https://kubernetes.io/docs/concepts/workloads/pods/pod-topology-spread-constraints/ ## If labelSelector is left out, it will default to the labelSelector configuration of the deployment topologySpreadConstraints: [] - # - maxSkew: 1 - # topologyKey: topology.kubernetes.io/zone - # whenUnsatisfiable: DoNotSchedule - - # -- Priority class for the application controller pods - priorityClassName: "" + # - maxSkew: 1 + # topologyKey: topology.kubernetes.io/zone + # whenUnsatisfiable: DoNotSchedule serviceAccount: # -- Create a service account for the application controller @@ -978,24 +1000,30 @@ dex: # -- Service port for metrics access servicePortMetrics: 5558 + # -- Priority class for the dex pods + # @default -- `""` (defaults to global.priorityClassName) + priorityClassName: "" + # -- [Node selector] + # @default -- `{}` (defaults to global.nodeSelector) nodeSelector: {} + # -- [Tolerations] for use with node taints + # @default -- `[]` (defaults to global.tolerations) tolerations: [] + # -- Assign custom [affinity] rules to the deployment # @default -- `{}` (defaults to global.affinity preset) affinity: {} # -- Assign custom [TopologySpreadConstraints] rules to dex + # @default -- `[]` (defaults to global.topologySpreadConstraints) ## Ref: https://kubernetes.io/docs/concepts/workloads/pods/pod-topology-spread-constraints/ ## If labelSelector is left out, it will default to the labelSelector configuration of the deployment topologySpreadConstraints: [] - # - maxSkew: 1 - # topologyKey: topology.kubernetes.io/zone - # whenUnsatisfiable: DoNotSchedule - - # -- Priority class for dex - priorityClassName: "" + # - maxSkew: 1 + # topologyKey: topology.kubernetes.io/zone + # whenUnsatisfiable: DoNotSchedule ## Redis redis: @@ -1148,10 +1176,16 @@ redis: # -- Redis service port servicePort: 6379 + # -- Priority class for redis pods + # @default -- `""` (defaults to global.priorityClassName) + priorityClassName: "" + # -- [Node selector] + # @default -- `{}` (defaults to global.nodeSelector) nodeSelector: {} # -- [Tolerations] for use with node taints + # @default -- `[]` (defaults to global.tolerations) tolerations: [] # -- Assign custom [affinity] rules to the deployment @@ -1159,15 +1193,13 @@ redis: affinity: {} # -- Assign custom [TopologySpreadConstraints] rules to redis + # @default -- `[]` (defaults to global.topologySpreadConstraints) ## Ref: https://kubernetes.io/docs/concepts/workloads/pods/pod-topology-spread-constraints/ ## If labelSelector is left out, it will default to the labelSelector configuration of the deployment topologySpreadConstraints: [] - # - maxSkew: 1 - # topologyKey: topology.kubernetes.io/zone - # whenUnsatisfiable: DoNotSchedule - - # -- Priority class for redis - priorityClassName: "" + # - maxSkew: 1 + # topologyKey: topology.kubernetes.io/zone + # whenUnsatisfiable: DoNotSchedule serviceAccount: # -- Create a service account for the redis pod @@ -1538,24 +1570,30 @@ server: # -- Number of seconds after which the [probe] times out timeoutSeconds: 1 + # -- Priority class for the Argo CD server pods + # @default -- `""` (defaults to global.priorityClassName) + priorityClassName: "" + # -- [Node selector] + # @default -- `{}` (defaults to global.nodeSelector) nodeSelector: {} + # -- [Tolerations] for use with node taints + # @default -- `[]` (defaults to global.tolerations) tolerations: [] + # -- Assign custom [affinity] rules to the deployment # @default -- `{}` (defaults to global.affinity preset) affinity: {} # -- Assign custom [TopologySpreadConstraints] rules to the Argo CD server + # @default -- `[]` (defaults to global.topologySpreadConstraints) ## Ref: https://kubernetes.io/docs/concepts/workloads/pods/pod-topology-spread-constraints/ ## If labelSelector is left out, it will default to the labelSelector configuration of the deployment topologySpreadConstraints: [] - # - maxSkew: 1 - # topologyKey: topology.kubernetes.io/zone - # whenUnsatisfiable: DoNotSchedule - - # -- Priority class for the Argo CD server - priorityClassName: "" + # - maxSkew: 1 + # topologyKey: topology.kubernetes.io/zone + # whenUnsatisfiable: DoNotSchedule # TLS certificate configuration via cert-manager ## Ref: https://argo-cd.readthedocs.io/en/stable/operator-manual/tls/#tls-certificates-used-by-argocd-server @@ -2031,22 +2069,28 @@ repoServer: timeoutSeconds: 1 # -- [Node selector] + # @default -- `{}` (defaults to global.nodeSelector) nodeSelector: {} + # -- [Tolerations] for use with node taints + # @default -- `[]` (defaults to global.tolerations) tolerations: [] + # -- Assign custom [affinity] rules to the deployment # @default -- `{}` (defaults to global.affinity preset) affinity: {} # -- Assign custom [TopologySpreadConstraints] rules to the repo server + # @default -- `[]` (defaults to global.topologySpreadConstraints) ## Ref: https://kubernetes.io/docs/concepts/workloads/pods/pod-topology-spread-constraints/ ## If labelSelector is left out, it will default to the labelSelector configuration of the deployment topologySpreadConstraints: [] - # - maxSkew: 1 - # topologyKey: topology.kubernetes.io/zone - # whenUnsatisfiable: DoNotSchedule + # - maxSkew: 1 + # topologyKey: topology.kubernetes.io/zone + # whenUnsatisfiable: DoNotSchedule - # -- Priority class for the repo server + # -- Priority class for the repo server pods + # @default -- `""` (defaults to global.priorityClassName) priorityClassName: "" # TLS certificate configuration via Secret @@ -2365,16 +2409,28 @@ applicationSet: failureThreshold: 3 # -- [Node selector] + # @default -- `{}` (defaults to global.nodeSelector) nodeSelector: {} # -- [Tolerations] for use with node taints + # @default -- `[]` (defaults to global.tolerations) tolerations: [] # -- Assign custom [affinity] rules # @default -- `{}` (defaults to global.affinity preset) affinity: {} - # -- If specified, indicates the pod's priority. If not specified, the pod priority will be default or zero if there is no default. + # -- Assign custom [TopologySpreadConstraints] rules to the ApplicationSet controller + # @default -- `[]` (defaults to global.topologySpreadConstraints) + ## Ref: https://kubernetes.io/docs/concepts/workloads/pods/pod-topology-spread-constraints/ + ## If labelSelector is left out, it will default to the labelSelector configuration of the deployment + topologySpreadConstraints: [] + # - maxSkew: 1 + # topologyKey: topology.kubernetes.io/zone + # whenUnsatisfiable: DoNotSchedule + + # -- Priority class for the ApplicationSet controller pods + # @default -- `""` (defaults to global.priorityClassName) priorityClassName: "" ## Webhook for the Git Generator @@ -2611,16 +2667,28 @@ notifications: - ALL # -- [Node selector] + # @default -- `{}` (defaults to global.nodeSelector) nodeSelector: {} # -- [Tolerations] for use with node taints + # @default -- `[]` (defaults to global.tolerations) tolerations: [] # -- Assign custom [affinity] rules # @default -- `{}` (defaults to global.affinity preset) affinity: {} + # -- Assign custom [TopologySpreadConstraints] rules to the application controller + # @default -- `[]` (defaults to global.topologySpreadConstraints) + ## Ref: https://kubernetes.io/docs/concepts/workloads/pods/pod-topology-spread-constraints/ + ## If labelSelector is left out, it will default to the labelSelector configuration of the deployment + topologySpreadConstraints: [] + # - maxSkew: 1 + # topologyKey: topology.kubernetes.io/zone + # whenUnsatisfiable: DoNotSchedule + # -- Priority class for the notifications controller pods + # @default -- `""` (defaults to global.priorityClassName) priorityClassName: "" serviceAccount: From 037d3a9e769749ac49d3d6e7dac5417fd673ac7f Mon Sep 17 00:00:00 2001 From: Sergi Alonso <45431066+sergialonsaco@users.noreply.github.com> Date: Thu, 2 Mar 2023 15:56:41 +0100 Subject: [PATCH 063/373] fix(argocd-apps): Add revisionHistoryLimit option to apps (#1874) --- charts/argocd-apps/Chart.yaml | 2 +- charts/argocd-apps/ci/applications-values.yaml | 1 + charts/argocd-apps/templates/applications.yaml | 3 +++ charts/argocd-apps/values.yaml | 1 + 4 files changed, 6 insertions(+), 1 deletion(-) diff --git a/charts/argocd-apps/Chart.yaml b/charts/argocd-apps/Chart.yaml index 1a2c09148..2f7a6d5cc 100644 --- a/charts/argocd-apps/Chart.yaml +++ b/charts/argocd-apps/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v2 name: argocd-apps description: A Helm chart for managing additional Argo CD Applications and Projects type: application -version: 0.0.8 +version: 0.0.9 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png keywords: diff --git a/charts/argocd-apps/ci/applications-values.yaml b/charts/argocd-apps/ci/applications-values.yaml index 4d708a16f..9d8b21bfb 100644 --- a/charts/argocd-apps/ci/applications-values.yaml +++ b/charts/argocd-apps/ci/applications-values.yaml @@ -20,6 +20,7 @@ applications: automated: prune: false selfHeal: false + revisionHistoryLimit: null ignoreDifferences: - group: apps kind: Deployment diff --git a/charts/argocd-apps/templates/applications.yaml b/charts/argocd-apps/templates/applications.yaml index fee643d81..df0ea5eb8 100644 --- a/charts/argocd-apps/templates/applications.yaml +++ b/charts/argocd-apps/templates/applications.yaml @@ -37,6 +37,9 @@ spec: syncPolicy: {{- toYaml . | nindent 4 }} {{- end }} + {{- with .revisionHistoryLimit }} + revisionHistoryLimit: {{ . }} + {{- end }} {{- with .ignoreDifferences }} ignoreDifferences: {{- toYaml . | nindent 4 }} diff --git a/charts/argocd-apps/values.yaml b/charts/argocd-apps/values.yaml index 62a2509c4..eb0767b95 100644 --- a/charts/argocd-apps/values.yaml +++ b/charts/argocd-apps/values.yaml @@ -30,6 +30,7 @@ applications: [] # automated: # prune: false # selfHeal: false +# revisionHistoryLimit: null # ignoreDifferences: # - group: apps # kind: Deployment From 9663ca2fbdc060166fba7ce19898431c3e5e2b85 Mon Sep 17 00:00:00 2001 From: Aikawa Date: Fri, 3 Mar 2023 00:02:33 +0900 Subject: [PATCH 064/373] chore(argo-rollouts): Upgrade Argo Rollouts to v.1.4.1 (#1877) * chore(argo-rollouts): Upgrade Argo Rollouts to v.1.4.1 Signed-off-by: yu-croco * chore(argo-rollouts): Add update information Signed-off-by: yu-croco --------- Co-authored-by: Jason Meridth --- charts/argo-rollouts/Chart.yaml | 10 ++++++---- charts/argo-rollouts/README.md | 5 +++++ charts/argo-rollouts/README.md.gotmpl | 5 +++++ 3 files changed, 16 insertions(+), 4 deletions(-) diff --git a/charts/argo-rollouts/Chart.yaml b/charts/argo-rollouts/Chart.yaml index 2beb83ffa..a5e8e9c59 100644 --- a/charts/argo-rollouts/Chart.yaml +++ b/charts/argo-rollouts/Chart.yaml @@ -1,8 +1,8 @@ apiVersion: v2 -appVersion: v1.4.0 +appVersion: v1.4.1 description: A Helm chart for Argo Rollouts name: argo-rollouts -version: 2.22.2 +version: 2.22.3 home: https://github.com/argoproj/argo-helm icon: https://argoproj.github.io/argo-rollouts/assets/logo.png keywords: @@ -15,5 +15,7 @@ maintainers: url: https://argoproj.github.io/ annotations: artifacthub.io/changes: | - - kind: fixed - description: Align changelog structure to show changelogs on Artifact Hub + - kind: changed + description: Upgrade Argo Rollouts to v.1.4.1 + - kind: added + description: Put Changelog URL on README.md diff --git a/charts/argo-rollouts/README.md b/charts/argo-rollouts/README.md index 73581f4ee..ee3821bf0 100644 --- a/charts/argo-rollouts/README.md +++ b/charts/argo-rollouts/README.md @@ -33,6 +33,10 @@ If dashboard is installed by `--set dashboard.enabled=true`, checkout the argo-r |:---------------------------------------------------------------------------| | The chart provides an option to change the service type (`dashboard.service.type`). Also it provides the ability to expose the dashboard via Ingress. Dashboard was never intended to be exposed as an administrative console -- it started out as a local view available via CLI. It should be protected by something (e.g. network access or even better an oauth proxy). | +## Changelog + +For full list of changes please check ArtifactHub [changelog]. + ## Chart Values ### General parameters @@ -188,3 +192,4 @@ Autogenerated from chart metadata using [helm-docs](https://github.com/norwoodj/ [priorityClassName]: https://kubernetes.io/docs/concepts/scheduling-eviction/pod-priority-preemption/ [Pod Disruption Budget]: https://kubernetes.io/docs/concepts/workloads/pods/disruptions/#pod-disruption-budgets [values.yaml]: values.yaml +[changelog]: https://artifacthub.io/packages/helm/argo/argo-rollouts?modal=changelog diff --git a/charts/argo-rollouts/README.md.gotmpl b/charts/argo-rollouts/README.md.gotmpl index 1a587350f..735dae2c5 100644 --- a/charts/argo-rollouts/README.md.gotmpl +++ b/charts/argo-rollouts/README.md.gotmpl @@ -33,6 +33,10 @@ If dashboard is installed by `--set dashboard.enabled=true`, checkout the argo-r |:---------------------------------------------------------------------------| | The chart provides an option to change the service type (`dashboard.service.type`). Also it provides the ability to expose the dashboard via Ingress. Dashboard was never intended to be exposed as an administrative console -- it started out as a local view available via CLI. It should be protected by something (e.g. network access or even better an oauth proxy). | +## Changelog + +For full list of changes please check ArtifactHub [changelog]. + ## Chart Values ### General parameters @@ -100,3 +104,4 @@ Autogenerated from chart metadata using [helm-docs](https://github.com/norwoodj/ [priorityClassName]: https://kubernetes.io/docs/concepts/scheduling-eviction/pod-priority-preemption/ [Pod Disruption Budget]: https://kubernetes.io/docs/concepts/workloads/pods/disruptions/#pod-disruption-budgets [values.yaml]: values.yaml +[changelog]: https://artifacthub.io/packages/helm/argo/argo-rollouts?modal=changelog From 77d9214543eda5c963ab80c2da99b295c6489bba Mon Sep 17 00:00:00 2001 From: Ian Martin Date: Fri, 3 Mar 2023 10:53:18 -0700 Subject: [PATCH 065/373] fix(argo-cd): ApplicationSet deployment uses global tolerations (#1881) * ApplicationSet deployment uses global tolerations Fixes #1880 Signed-off-by: Ian Martin * Bump chart version, add artifacthub annotations Signed-off-by: Ian Martin * correct change entry Signed-off-by: Ian Martin --------- Signed-off-by: Ian Martin --- charts/argo-cd/Chart.yaml | 16 +++------------- .../argocd-applicationset/deployment.yaml | 2 +- 2 files changed, 4 insertions(+), 14 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index 2760c828b..8e1e29f65 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -3,7 +3,7 @@ appVersion: v2.6.3 kubeVersion: ">=1.22.0-0" description: A Helm chart for Argo CD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 5.24.0 +version: 5.24.1 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png sources: @@ -23,15 +23,5 @@ dependencies: condition: redis-ha.enabled annotations: artifacthub.io/changes: | - - kind: added - description: Global nodeSelector configuration - - kind: added - description: Global tolerations configuration - - kind: added - description: Global topologySpreadConstraints configuration - - kind: added - description: Missing component level topologySpreadConstraints configuration - - kind: added - description: Missing component level priorityClassName configuration - - kind: changed - description: Global affinity preset can be disabled + - kind: fixed + description: ApplicationSet utilizes global tolerations diff --git a/charts/argo-cd/templates/argocd-applicationset/deployment.yaml b/charts/argo-cd/templates/argocd-applicationset/deployment.yaml index bbf8d160d..c737fb5ea 100644 --- a/charts/argo-cd/templates/argocd-applicationset/deployment.yaml +++ b/charts/argo-cd/templates/argocd-applicationset/deployment.yaml @@ -209,7 +209,7 @@ spec: nodeSelector: {{- toYaml . | nindent 8 }} {{- end }} - {{- with .Values.applicationSet.tolerations }} + {{- with .Values.applicationSet.tolerations | default .Values.global.tolerations }} tolerations: {{- toYaml . | nindent 8 }} {{- end }} From a7a4294a99f20bedc9e90baadfb19a058298703a Mon Sep 17 00:00:00 2001 From: Jason Meridth Date: Mon, 6 Mar 2023 13:00:30 -0600 Subject: [PATCH 066/373] chore(github): Add slack button to README (#1887) * chore(github): Add slack button to README Signed-off-by: jmeridth * Update README.md Co-authored-by: Marco Kilchhofer Signed-off-by: Jason Meridth --------- Signed-off-by: jmeridth Signed-off-by: Jason Meridth Co-authored-by: Marco Kilchhofer --- README.md | 1 + 1 file changed, 1 insertion(+) diff --git a/README.md b/README.md index 210b9a83a..ac71eb3ef 100644 --- a/README.md +++ b/README.md @@ -1,5 +1,6 @@ # Argo Helm Charts +[![Slack](https://img.shields.io/badge/slack-%23argo--helm--charts-brightgreen.svg?logo=slack)](https://argoproj.github.io/community/join-slack) [![License](https://img.shields.io/badge/License-Apache%202.0-blue.svg)](https://opensource.org/licenses/Apache-2.0) [![Chart Publish](https://github.com/argoproj/argo-helm/actions/workflows/publish.yml/badge.svg?branch=main)](https://github.com/argoproj/argo-helm/actions/workflows/publish.yml) [![Artifact HUB](https://img.shields.io/endpoint?url=https://artifacthub.io/badge/repository/argo)](https://artifacthub.io/packages/search?repo=argo) From 16fe47b908909141d46046d6cc98b1141f9dfd7a Mon Sep 17 00:00:00 2001 From: Aikawa Date: Wed, 8 Mar 2023 16:12:58 +0900 Subject: [PATCH 067/373] chore(argo-cd): Upgrade Argo CD v2.6.4 (#1891) Signed-off-by: yu-croco --- charts/argo-cd/Chart.yaml | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index 8e1e29f65..cc699d336 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -1,9 +1,9 @@ apiVersion: v2 -appVersion: v2.6.3 +appVersion: v2.6.4 kubeVersion: ">=1.22.0-0" description: A Helm chart for Argo CD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 5.24.1 +version: 5.24.2 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png sources: @@ -23,5 +23,5 @@ dependencies: condition: redis-ha.enabled annotations: artifacthub.io/changes: | - - kind: fixed - description: ApplicationSet utilizes global tolerations + - kind: changed + description: Upgrade Argo CD v2.6.4 From 832a1e5c109fe6e4b0134a3bd7371671dbf0ddca Mon Sep 17 00:00:00 2001 From: TheRealNoob Date: Wed, 8 Mar 2023 01:46:33 -0600 Subject: [PATCH 068/373] fix(argo-cd): Clarify syntax in values.yaml (#1864) --- charts/argo-cd/Chart.yaml | 6 +++--- charts/argo-cd/README.md | 4 ++++ charts/argo-cd/values.yaml | 16 +++++++++++----- 3 files changed, 18 insertions(+), 8 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index cc699d336..bf4ed7375 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -3,7 +3,7 @@ appVersion: v2.6.4 kubeVersion: ">=1.22.0-0" description: A Helm chart for Argo CD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 5.24.2 +version: 5.24.3 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png sources: @@ -23,5 +23,5 @@ dependencies: condition: redis-ha.enabled annotations: artifacthub.io/changes: | - - kind: changed - description: Upgrade Argo CD v2.6.4 + - kind: fixed + description: Clarify syntax in values.yaml diff --git a/charts/argo-cd/README.md b/charts/argo-cd/README.md index 21a945fa8..63806eb26 100644 --- a/charts/argo-cd/README.md +++ b/charts/argo-cd/README.md @@ -497,7 +497,11 @@ NAME: my-release | controller.metrics.applicationLabels.enabled | bool | `false` | Enables additional labels in argocd_app_labels metric | | controller.metrics.applicationLabels.labels | list | `[]` | Additional labels | | controller.metrics.enabled | bool | `false` | Deploy metrics service | +| controller.metrics.rules.additionalLabels | object | `{}` | PrometheusRule labels | +| controller.metrics.rules.annotations | object | `{}` | PrometheusRule annotations | | controller.metrics.rules.enabled | bool | `false` | Deploy a PrometheusRule for the application controller | +| controller.metrics.rules.namespace | string | `""` | PrometheusRule namespace | +| controller.metrics.rules.selector | object | `{}` | PrometheusRule selector | | controller.metrics.rules.spec | list | `[]` | PrometheusRule.Spec for the application controller | | controller.metrics.service.annotations | object | `{}` | Metrics service annotations | | controller.metrics.service.labels | object | `{}` | Metrics service labels | diff --git a/charts/argo-cd/values.yaml b/charts/argo-cd/values.yaml index 3cc933a62..f0da2fcb8 100755 --- a/charts/argo-cd/values.yaml +++ b/charts/argo-cd/values.yaml @@ -736,6 +736,17 @@ controller: rules: # -- Deploy a PrometheusRule for the application controller enabled: false + # -- PrometheusRule namespace + namespace: "" # "monitoring" + # -- PrometheusRule selector + selector: {} + # prometheus: kube-prometheus + + # -- PrometheusRule labels + additionalLabels: {} + # -- PrometheusRule annotations + annotations: {} + # -- PrometheusRule.Spec for the application controller spec: [] # - alert: ArgoAppMissing @@ -762,11 +773,6 @@ controller: # The application [{{`{{$labels.name}}`}} has not been synchronized for over # 12 hours which means that the state of this cloud has drifted away from the # state inside Git. - # selector: - # prometheus: kube-prometheus - # namespace: monitoring - # additionalLabels: {} - # annotations: {} ## Enable this and set the rules: to whatever custom rules you want for the Cluster Role resource. ## Defaults to off From 71f61651aedc798598fd1501f00869e8fa20ab49 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Tom=C3=A1=C5=A1=20Kukr=C3=A1l?= Date: Thu, 9 Mar 2023 11:48:22 +0100 Subject: [PATCH 069/373] fix(argo-cd): skip empty configmap params (#1892) --- charts/argo-cd/Chart.yaml | 4 ++-- charts/argo-cd/templates/_helpers.tpl | 5 ++++- 2 files changed, 6 insertions(+), 3 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index bf4ed7375..17ea8a45f 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -3,7 +3,7 @@ appVersion: v2.6.4 kubeVersion: ">=1.22.0-0" description: A Helm chart for Argo CD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 5.24.3 +version: 5.24.4 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png sources: @@ -24,4 +24,4 @@ dependencies: annotations: artifacthub.io/changes: | - kind: fixed - description: Clarify syntax in values.yaml + description: Updated argocd-cm to skip empty values diff --git a/charts/argo-cd/templates/_helpers.tpl b/charts/argo-cd/templates/_helpers.tpl index 377a07e12..2338d1c03 100644 --- a/charts/argo-cd/templates/_helpers.tpl +++ b/charts/argo-cd/templates/_helpers.tpl @@ -174,7 +174,10 @@ Merge Argo Configuration with Preset Configuration {{- $config := (mergeOverwrite (deepCopy (omit .Values.configs.cm "create" "annotations")) (.Values.server.config | default dict)) -}} {{- $preset := include "argo-cd.config.cm.presets" . | fromYaml | default dict -}} {{- range $key, $value := mergeOverwrite $preset $config }} -{{ $key }}: {{ toString $value | toYaml }} +{{- $fmted := $value | toString }} +{{- if not (eq $fmted "") }} +{{ $key }}: {{ $fmted | toYaml }} +{{- end }} {{- end }} {{- end -}} From 9781abdfd8e5b612dcec58f664aea45a4e26c382 Mon Sep 17 00:00:00 2001 From: Christian Groschupp Date: Thu, 9 Mar 2023 13:05:01 +0100 Subject: [PATCH 070/373] feat(argo-cd): add parameter env to redis exporter (#1876) Signed-off-by: Christian Groschupp --- charts/argo-cd/Chart.yaml | 6 +++--- charts/argo-cd/README.md | 1 + charts/argo-cd/templates/redis/deployment.yaml | 3 +++ charts/argo-cd/values.yaml | 2 ++ 4 files changed, 9 insertions(+), 3 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index 17ea8a45f..663a10815 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -3,7 +3,7 @@ appVersion: v2.6.4 kubeVersion: ">=1.22.0-0" description: A Helm chart for Argo CD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 5.24.4 +version: 5.25.0 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png sources: @@ -23,5 +23,5 @@ dependencies: condition: redis-ha.enabled annotations: artifacthub.io/changes: | - - kind: fixed - description: Updated argocd-cm to skip empty values + - kind: added + description: Add parameter env to redis exporter diff --git a/charts/argo-cd/README.md b/charts/argo-cd/README.md index 63806eb26..b5e4adba0 100644 --- a/charts/argo-cd/README.md +++ b/charts/argo-cd/README.md @@ -901,6 +901,7 @@ server: | redis.envFrom | list | `[]` (See [values.yaml]) | envFrom to pass to the Redis server | | redis.exporter.containerSecurityContext | object | See [values.yaml] | Redis exporter security context | | redis.exporter.enabled | bool | `false` | Enable Prometheus redis-exporter sidecar | +| redis.exporter.env | list | `[]` | Environment variables to pass to the Redis exporter | | redis.exporter.image.imagePullPolicy | string | `""` (defaults to global.image.imagePullPolicy) | Image pull policy for the redis-exporter | | redis.exporter.image.repository | string | `"public.ecr.aws/bitnami/redis-exporter"` | Repository to use for the redis-exporter | | redis.exporter.image.tag | string | `"1.45.0"` | Tag to use for the redis-exporter | diff --git a/charts/argo-cd/templates/redis/deployment.yaml b/charts/argo-cd/templates/redis/deployment.yaml index 389cf678a..3376d7323 100755 --- a/charts/argo-cd/templates/redis/deployment.yaml +++ b/charts/argo-cd/templates/redis/deployment.yaml @@ -89,6 +89,9 @@ spec: value: {{ printf "redis://localhost:%v" .Values.redis.containerPorts.redis }} - name: REDIS_EXPORTER_WEB_LISTEN_ADDRESS value: {{ printf "0.0.0.0:%v" .Values.redis.containerPorts.metrics }} + {{- with .Values.redis.exporter.env }} + {{- toYaml . | nindent 8 }} + {{- end }} ports: - name: metrics containerPort: {{ .Values.redis.containerPorts.metrics }} diff --git a/charts/argo-cd/values.yaml b/charts/argo-cd/values.yaml index f0da2fcb8..a5b5a9899 100755 --- a/charts/argo-cd/values.yaml +++ b/charts/argo-cd/values.yaml @@ -1068,6 +1068,8 @@ redis: exporter: # -- Enable Prometheus redis-exporter sidecar enabled: false + # -- Environment variables to pass to the Redis exporter + env: [] ## Prometheus redis-exporter image image: # -- Repository to use for the redis-exporter From 0845b604805ba32db3994e0759d46108dc18428b Mon Sep 17 00:00:00 2001 From: Saad Ali Date: Sun, 12 Mar 2023 19:00:24 +0500 Subject: [PATCH 071/373] feat(argo-cd): Added Config Management Plugins cm (#1865) * feat(argo-cd): Added Config Management Plugins cm using sidecar approach Signed-off-by: Saad Ali * fix(argo-cd): Set ConfigMap creation for CMP using sidecar approach to false by default Signed-off-by: Saad Ali --------- Signed-off-by: Saad Ali Signed-off-by: Petr Drastil Co-authored-by: Petr Drastil --- charts/argo-cd/Chart.yaml | 6 +- charts/argo-cd/README.md | 3 + .../argocd-configs/argocd-cmp-cm.yaml | 24 ++++ charts/argo-cd/values.yaml | 108 ++++++++++++++---- 4 files changed, 115 insertions(+), 26 deletions(-) create mode 100644 charts/argo-cd/templates/argocd-configs/argocd-cmp-cm.yaml diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index 663a10815..ea4a432a4 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -3,7 +3,7 @@ appVersion: v2.6.4 kubeVersion: ">=1.22.0-0" description: A Helm chart for Argo CD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 5.25.0 +version: 5.26.0 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png sources: @@ -23,5 +23,5 @@ dependencies: condition: redis-ha.enabled annotations: artifacthub.io/changes: | - - kind: added - description: Add parameter env to redis exporter + - kind: Added + description: ConfigMap for Config Management Plugins using sidecar approach diff --git a/charts/argo-cd/README.md b/charts/argo-cd/README.md index b5e4adba0..9606ee6c3 100644 --- a/charts/argo-cd/README.md +++ b/charts/argo-cd/README.md @@ -427,6 +427,9 @@ NAME: my-release | configs.cm.annotations | object | `{}` | Annotations to be added to argocd-cm configmap | | configs.cm.create | bool | `true` | Create the argocd-cm configmap for [declarative setup] | | configs.cm.url | string | `""` | Argo CD's externally facing base URL (optional). Required when configuring SSO | +| configs.cmp.annotations | object | `{}` | Annotations to be added to argocd-cmp-cm configmap | +| configs.cmp.create | bool | `false` | Create the argocd-cmp-cm configmap | +| configs.cmp.plugins | object | `{}` | Plugin yaml files to be added to argocd-cmp-cm | | configs.credentialTemplates | object | `{}` | Repository credentials to be used as Templates for other repos | | configs.credentialTemplatesAnnotations | object | `{}` | Annotations to be added to `configs.credentialTemplates` Secret | | configs.gpg.annotations | object | `{}` | Annotations to be added to argocd-gpg-keys-cm configmap | diff --git a/charts/argo-cd/templates/argocd-configs/argocd-cmp-cm.yaml b/charts/argo-cd/templates/argocd-configs/argocd-cmp-cm.yaml new file mode 100644 index 000000000..39a6db6b6 --- /dev/null +++ b/charts/argo-cd/templates/argocd-configs/argocd-cmp-cm.yaml @@ -0,0 +1,24 @@ +{{- if .Values.configs.cmp.create }} +apiVersion: v1 +kind: ConfigMap +metadata: + name: argocd-cmp-cm + labels: + {{- include "argo-cd.labels" (dict "context" . "component" .Values.repoServer.name "name" "cmp-cm") | nindent 4 }} + {{- with .Values.configs.cmp.annotations }} + annotations: + {{- range $key, $value := . }} + {{ $key }}: {{ $value | quote }} + {{- end }} + {{- end }} +data: + {{- range $cmp_plugin, $cmp_plugin_config := .Values.configs.cmp.plugins }} + {{ $cmp_plugin }}.yaml: | + apiVersion: argoproj.io/v1alpha1 + kind: ConfigManagementPlugin + metadata: + name: {{ $cmp_plugin }} + spec: + {{- toYaml $cmp_plugin_config | nindent 6 }} + {{- end }} +{{- end }} diff --git a/charts/argo-cd/values.yaml b/charts/argo-cd/values.yaml index a5b5a9899..c1a693a4e 100755 --- a/charts/argo-cd/values.yaml +++ b/charts/argo-cd/values.yaml @@ -331,6 +331,49 @@ configs: # ... # -----END CERTIFICATE----- + # ConfigMap for Config Management Plugins + # Ref: https://argo-cd.readthedocs.io/en/stable/operator-manual/config-management-plugins/ + cmp: + # -- Create the argocd-cmp-cm configmap + create: false + + # -- Annotations to be added to argocd-cmp-cm configmap + annotations: {} + + # -- Plugin yaml files to be added to argocd-cmp-cm + plugins: {} + # --- First plugin + # my-plugin: + # init: + # command: [sh] + # args: [-c, 'echo "Initializing..."'] + # generate: + # command: [sh, -c] + # args: + # - | + # echo "{\"kind\": \"ConfigMap\", \"apiVersion\": \"v1\", \"metadata\": { \"name\": \"$ARGOCD_APP_NAME\", \"namespace\": \"$ARGOCD_APP_NAMESPACE\", \"annotations\": {\"Foo\": \"$ARGOCD_ENV_FOO\", \"KubeVersion\": \"$KUBE_VERSION\", \"KubeApiVersion\": \"$KUBE_API_VERSIONS\",\"Bar\": \"baz\"}}}" + # discover: + # fileName: "./subdir/s*.yaml" + # find: + # glob: "**/Chart.yaml" + # command: [sh, -c, find . -name env.yaml] + + # --- Second plugin + # my-plugin2: + # init: + # command: [sh] + # args: [-c, 'echo "Initializing..."'] + # generate: + # command: [sh, -c] + # args: + # - | + # echo "{\"kind\": \"ConfigMap\", \"apiVersion\": \"v1\", \"metadata\": { \"name\": \"$ARGOCD_APP_NAME\", \"namespace\": \"$ARGOCD_APP_NAMESPACE\", \"annotations\": {\"Foo\": \"$ARGOCD_ENV_FOO\", \"KubeVersion\": \"$KUBE_VERSION\", \"KubeApiVersion\": \"$KUBE_API_VERSIONS\",\"Bar\": \"baz\"}}}" + # discover: + # fileName: "./subdir/s*.yaml" + # find: + # glob: "**/Chart.yaml" + # command: [sh, -c, find . -name env.yaml] + # -- Provide one or multiple [external cluster credentials] # @default -- `[]` (See [values.yaml]) ## Ref: @@ -1969,27 +2012,46 @@ repoServer: ## Ref: https://argo-cd.readthedocs.io/en/stable/user-guide/config-management-plugins/ ## Note: Supports use of custom Helm templates extraContainers: [] - # - name: cmp - # # Entrypoint should be Argo CD lightweight CMP server i.e. argocd-cmp-server - # command: [/var/run/argocd/argocd-cmp-server] - # # This can be off-the-shelf or custom-built image - # image: busybox - # securityContext: - # runAsNonRoot: true - # runAsUser: 999 - # volumeMounts: - # - mountPath: /var/run/argocd - # name: var-files - # - mountPath: /home/argocd/cmp-server/plugins - # name: plugins - # # Remove this volumeMount if you've chosen to bake the config file into the sidecar image. - # - mountPath: /home/argocd/cmp-server/config/plugin.yaml - # subPath: plugin.yaml - # name: cmp-plugin - # # Starting with v2.4, do NOT mount the same tmp volume as the repo-server container. The filesystem separation helps - # # mitigate path traversal attacks. - # - mountPath: /tmp - # name: cmp-tmp + # - name: cmp-my-plugin + # command: + # - "/var/run/argocd/argocd-cmp-server" + # image: busybox + # securityContext: + # runAsNonRoot: true + # runAsUser: 999 + # volumeMounts: + # - mountPath: /var/run/argocd + # name: var-files + # - mountPath: /home/argocd/cmp-server/plugins + # name: plugins + # # Remove this volumeMount if you've chosen to bake the config file into the sidecar image. + # - mountPath: /home/argocd/cmp-server/config/plugin.yaml + # subPath: my-plugin.yaml + # name: argocd-cmp-cm + # # Starting with v2.4, do NOT mount the same tmp volume as the repo-server container. The filesystem separation helps + # # mitigate path traversal attacks. + # - mountPath: /tmp + # name: cmp-tmp + # - name: cmp-my-plugin2 + # command: + # - "/var/run/argocd/argocd-cmp-server" + # image: busybox + # securityContext: + # runAsNonRoot: true + # runAsUser: 999 + # volumeMounts: + # - mountPath: /var/run/argocd + # name: var-files + # # Remove this volumeMount if you've chosen to bake the config file into the sidecar image. + # - mountPath: /home/argocd/cmp-server/plugins + # name: plugins + # - mountPath: /home/argocd/cmp-server/config/plugin.yaml + # subPath: my-plugin2.yaml + # name: argocd-cmp-cm + # # Starting with v2.4, do NOT mount the same tmp volume as the repo-server container. The filesystem separation helps + # # mitigate path traversal attacks. + # - mountPath: /tmp + # name: cmp-tmp # -- Init containers to add to the repo server pods initContainers: [] @@ -1999,9 +2061,9 @@ repoServer: # -- Additional volumes to the repo server pod volumes: [] - # - name: cmp-plugin + # - name: argocd-cmp-cm # configMap: - # name: cmp-plugin + # name: argocd-cmp-cm # - name: cmp-tmp # emptyDir: {} From b629a3a0960e466a46bbdabaff4325f5f40bd082 Mon Sep 17 00:00:00 2001 From: Aikawa Date: Wed, 15 Mar 2023 03:36:13 +0900 Subject: [PATCH 072/373] chore(argo-cd): Upgrade Argo CD v2.6.5 (#1900) Signed-off-by: yu-croco --- charts/argo-cd/Chart.yaml | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index ea4a432a4..ccf6f5cdc 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -1,9 +1,9 @@ apiVersion: v2 -appVersion: v2.6.4 +appVersion: v2.6.5 kubeVersion: ">=1.22.0-0" description: A Helm chart for Argo CD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 5.26.0 +version: 5.26.1 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png sources: @@ -23,5 +23,5 @@ dependencies: condition: redis-ha.enabled annotations: artifacthub.io/changes: | - - kind: Added - description: ConfigMap for Config Management Plugins using sidecar approach + - kind: changed + description: Upgrade Argo CD v2.6.5 From fca26f9e95486edc29e18f2b9263f56dbdb88ad0 Mon Sep 17 00:00:00 2001 From: Marco Kilchhofer Date: Wed, 15 Mar 2023 12:31:24 +0100 Subject: [PATCH 073/373] ci(github): Fix CI testing (#1904) Signed-off-by: Marco Kilchhofer --- .github/workflows/lint-and-test.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/.github/workflows/lint-and-test.yml b/.github/workflows/lint-and-test.yml index 0158f3fa3..5899b5596 100644 --- a/.github/workflows/lint-and-test.yml +++ b/.github/workflows/lint-and-test.yml @@ -38,8 +38,8 @@ jobs: changed=$(ct --config ./.github/configs/ct-lint.yaml list-changed) charts=$(echo "$changed" | tr '\n' ' ' | xargs) if [[ -n "$changed" ]]; then - echo "changed=true" >> $GITHUB_STATE - echo "changed_charts=$charts" >> $GITHUB_STATE + echo "changed=true" >> $GITHUB_OUTPUT + echo "changed_charts=$charts" >> $GITHUB_OUTPUT fi - name: Run chart-testing (lint) From 21f4ac8d53a94ada50c91951a4fff2c9a1761bb2 Mon Sep 17 00:00:00 2001 From: Julien Aubert Date: Wed, 15 Mar 2023 14:55:32 +0100 Subject: [PATCH 074/373] fix(argo-cd): Use nodeSelector global property as default on ApplicationSet (#1907) fix(argo-cd): Use nodeSelector global property as default value on ApplicationSet Deployment according to the documentation. Signed-off-by: Julien Aubert Co-authored-by: Aikawa --- charts/argo-cd/Chart.yaml | 4 ++-- .../argo-cd/templates/argocd-applicationset/deployment.yaml | 2 +- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index ccf6f5cdc..ccb4f7c4f 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -3,7 +3,7 @@ appVersion: v2.6.5 kubeVersion: ">=1.22.0-0" description: A Helm chart for Argo CD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 5.26.1 +version: 5.26.2 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png sources: @@ -24,4 +24,4 @@ dependencies: annotations: artifacthub.io/changes: | - kind: changed - description: Upgrade Argo CD v2.6.5 + description: Use global.nodeSelector value as default value for nodeSelector on ApplicationSet diff --git a/charts/argo-cd/templates/argocd-applicationset/deployment.yaml b/charts/argo-cd/templates/argocd-applicationset/deployment.yaml index c737fb5ea..6d8e54609 100644 --- a/charts/argo-cd/templates/argocd-applicationset/deployment.yaml +++ b/charts/argo-cd/templates/argocd-applicationset/deployment.yaml @@ -205,7 +205,7 @@ spec: affinity: {{- trim . | nindent 8 }} {{- end }} - {{- with .Values.applicationSet.nodeSelector }} + {{- with .Values.applicationSet.nodeSelector | default .Values.global.nodeSelector }} nodeSelector: {{- toYaml . | nindent 8 }} {{- end }} From 96182b4d088b7f759f894abe9e9a2e6cdfd9f6ff Mon Sep 17 00:00:00 2001 From: Aikawa Date: Thu, 16 Mar 2023 02:34:22 +0900 Subject: [PATCH 075/373] chore(argo-events): Add install guide on README (#1909) Signed-off-by: yu-croco --- charts/argo-events/Chart.yaml | 6 +++--- charts/argo-events/README.md | 13 +++++++++++++ charts/argo-events/README.md.gotmpl | 13 +++++++++++++ 3 files changed, 29 insertions(+), 3 deletions(-) diff --git a/charts/argo-events/Chart.yaml b/charts/argo-events/Chart.yaml index 9318cb850..f577f2576 100644 --- a/charts/argo-events/Chart.yaml +++ b/charts/argo-events/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v2 appVersion: v1.7.6 description: A Helm chart for Argo Events, the event-driven workflow automation framework name: argo-events -version: 2.1.3 +version: 2.1.4 home: https://github.com/argoproj/argo-helm icon: https://argoproj.github.io/argo-events/assets/logo.png keywords: @@ -15,5 +15,5 @@ maintainers: url: https://argoproj.github.io/ annotations: artifacthub.io/changes: | - - kind: changed - description: Upgrade Argo Events to v1.7.6 + - kind: added + description: Add install guide on README diff --git a/charts/argo-events/README.md b/charts/argo-events/README.md index 48597a864..f06f9d3ac 100644 --- a/charts/argo-events/README.md +++ b/charts/argo-events/README.md @@ -17,6 +17,19 @@ To regenerate this document, please run: ./scripts/helm-docs.sh ``` +## Installing the Chart + +To install the chart with the release name `my-release`: + +```console +$ helm repo add argo https://argoproj.github.io/argo-helm +"argo" has been added to your repositories + +$ helm install my-release argo/argo-events +NAME: my-release +... +``` + ## Upgrading ### Custom resource definitions diff --git a/charts/argo-events/README.md.gotmpl b/charts/argo-events/README.md.gotmpl index 7ee5cefee..c25a3e977 100644 --- a/charts/argo-events/README.md.gotmpl +++ b/charts/argo-events/README.md.gotmpl @@ -17,6 +17,19 @@ To regenerate this document, please run: ./scripts/helm-docs.sh ``` +## Installing the Chart + +To install the chart with the release name `my-release`: + +```console +$ helm repo add argo https://argoproj.github.io/argo-helm +"argo" has been added to your repositories + +$ helm install my-release argo/argo-events +NAME: my-release +... +``` + ## Upgrading ### Custom resource definitions From b34b555b7af250d82717431c561d869c819ad29e Mon Sep 17 00:00:00 2001 From: Marco Kilchhofer Date: Wed, 15 Mar 2023 20:27:34 +0100 Subject: [PATCH 076/373] fix(argo-cd): Use default metrics port for APIServer (#1911) fix(argo-cd): Use default metrics port for argocd-server Signed-off-by: Marco Kilchhofer --- charts/argo-cd/Chart.yaml | 6 +++--- charts/argo-cd/README.md | 2 +- charts/argo-cd/values.yaml | 2 +- 3 files changed, 5 insertions(+), 5 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index ccb4f7c4f..b0d0065da 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -3,7 +3,7 @@ appVersion: v2.6.5 kubeVersion: ">=1.22.0-0" description: A Helm chart for Argo CD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 5.26.2 +version: 5.26.3 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png sources: @@ -23,5 +23,5 @@ dependencies: condition: redis-ha.enabled annotations: artifacthub.io/changes: | - - kind: changed - description: Use global.nodeSelector value as default value for nodeSelector on ApplicationSet + - kind: fixed + description: Use default metrics port for argocd-server diff --git a/charts/argo-cd/README.md b/charts/argo-cd/README.md index 9606ee6c3..a71687ed1 100644 --- a/charts/argo-cd/README.md +++ b/charts/argo-cd/README.md @@ -670,7 +670,7 @@ NAME: my-release | server.certificateSecret.enabled | bool | `false` | Create argocd-server-tls secret | | server.certificateSecret.key | string | `""` | Private Key of the certificate | | server.certificateSecret.labels | object | `{}` | Labels to be added to argocd-server-tls secret | -| server.containerPorts.metrics | int | `8082` | Metrics container port | +| server.containerPorts.metrics | int | `8083` | Metrics container port | | server.containerPorts.server | int | `8080` | Server container port | | server.containerSecurityContext | object | See [values.yaml] | Server container-level security context | | server.deploymentAnnotations | object | `{}` | Annotations to be added to server Deployment | diff --git a/charts/argo-cd/values.yaml b/charts/argo-cd/values.yaml index c1a693a4e..31eda2f6f 100755 --- a/charts/argo-cd/values.yaml +++ b/charts/argo-cd/values.yaml @@ -1573,7 +1573,7 @@ server: # -- Server container port server: 8080 # -- Metrics container port - metrics: 8082 + metrics: 8083 # -- Host Network for Server pods hostNetwork: false From fa17c46a7398a9ec85b30b4e280b935561e2a3df Mon Sep 17 00:00:00 2001 From: Marco Kilchhofer Date: Thu, 16 Mar 2023 01:08:55 +0100 Subject: [PATCH 077/373] feat(argo-cd): Add ability to add project scoped cluster(s) (#1913) Signed-off-by: Marco Kilchhofer --- charts/argo-cd/Chart.yaml | 6 +++--- .../templates/argocd-configs/cluster-secrets.yaml | 3 +++ charts/argo-cd/values.yaml | 11 +++++++++++ 3 files changed, 17 insertions(+), 3 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index b0d0065da..2f77e8181 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -3,7 +3,7 @@ appVersion: v2.6.5 kubeVersion: ">=1.22.0-0" description: A Helm chart for Argo CD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 5.26.3 +version: 5.27.0 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png sources: @@ -23,5 +23,5 @@ dependencies: condition: redis-ha.enabled annotations: artifacthub.io/changes: | - - kind: fixed - description: Use default metrics port for argocd-server + - kind: added + description: Ability to add project scoped cluster(s) diff --git a/charts/argo-cd/templates/argocd-configs/cluster-secrets.yaml b/charts/argo-cd/templates/argocd-configs/cluster-secrets.yaml index aba14db7e..c1aaa531a 100644 --- a/charts/argo-cd/templates/argocd-configs/cluster-secrets.yaml +++ b/charts/argo-cd/templates/argocd-configs/cluster-secrets.yaml @@ -26,6 +26,9 @@ stringData: clusterResources: {{ .clusterResources | quote }} {{- end }} {{- end }} + {{- if .project }} + project: {{ .project | quote }} + {{- end }} config: | {{- required "A valid .Values.configs.clusterCredentials[].config entry is required!" .config | toRawJson | nindent 4 }} {{- end }} diff --git a/charts/argo-cd/values.yaml b/charts/argo-cd/values.yaml index 31eda2f6f..cad9a1b65 100755 --- a/charts/argo-cd/values.yaml +++ b/charts/argo-cd/values.yaml @@ -379,6 +379,7 @@ configs: ## Ref: ## - https://argo-cd.readthedocs.io/en/stable/operator-manual/declarative-setup/#clusters ## - https://argo-cd.readthedocs.io/en/stable/operator-manual/security/#external-cluster-credentials + ## - https://argo-cd.readthedocs.io/en/stable/user-guide/projects/#project-scoped-repositories-and-clusters clusterCredentials: [] # - name: mycluster # server: https://mycluster.com @@ -400,6 +401,16 @@ configs: # tlsClientConfig: # insecure: false # caData: "" + # - name: mycluster3-project-scoped + # server: https://mycluster3.com + # labels: {} + # annotations: {} + # project: my-project1 + # config: + # bearerToken: "" + # tlsClientConfig: + # insecure: false + # caData: "" # DEPRECATED - Moved to configs.ssh.annotations # knownHostsAnnotations: {} From 69c3e6086ba86a4b31f5306cb1b75c334279dfeb Mon Sep 17 00:00:00 2001 From: Aikawa Date: Thu, 16 Mar 2023 20:04:52 +0900 Subject: [PATCH 078/373] chore(argo-workflows): Add install guide on README (#1908) Signed-off-by: yu-croco Co-authored-by: Marco Kilchhofer --- charts/argo-workflows/Chart.yaml | 10 ++-------- charts/argo-workflows/README.md | 13 +++++++++++++ charts/argo-workflows/README.md.gotmpl | 13 +++++++++++++ 3 files changed, 28 insertions(+), 8 deletions(-) diff --git a/charts/argo-workflows/Chart.yaml b/charts/argo-workflows/Chart.yaml index b5f882111..a69edb0d5 100644 --- a/charts/argo-workflows/Chart.yaml +++ b/charts/argo-workflows/Chart.yaml @@ -3,7 +3,7 @@ appVersion: v3.4.5 name: argo-workflows description: A Helm chart for Argo Workflows type: application -version: 0.22.13 +version: 0.22.14 icon: https://raw.githubusercontent.com/argoproj/argo-workflows/master/docs/assets/argo.png home: https://github.com/argoproj/argo-helm sources: @@ -14,10 +14,4 @@ maintainers: annotations: artifacthub.io/changes: | - kind: added - description: Added workflow startup option --log-format (defaults to 'text'). - - kind: added - description: Added server startup option --log-format (defaults to 'text'). - - kind: added - description: Added server startup option --loglevel (defaults to 'info'). - - kind: added - description: Added server startup option --gloglevel (defaults to '0'). + description: Add install guide on README. diff --git a/charts/argo-workflows/README.md b/charts/argo-workflows/README.md index d6fa862c0..a9f05ab4b 100644 --- a/charts/argo-workflows/README.md +++ b/charts/argo-workflows/README.md @@ -28,6 +28,19 @@ kubectl apply -k "https://github.com/argoproj/argo-workflows/manifests/base/crds kubectl apply -k "https://github.com/argoproj/argo-workflows/manifests/base/crds/full?ref=v3.3.9" ``` +## Installing the Chart + +To install the chart with the release name `my-release`: + +```console +$ helm repo add argo https://argoproj.github.io/argo-helm +"argo" has been added to your repositories + +$ helm install my-release argo/argo-workflows +NAME: my-release +... +``` + ## Changelog For full list of changes, please check ArtifactHub [changelog]. diff --git a/charts/argo-workflows/README.md.gotmpl b/charts/argo-workflows/README.md.gotmpl index 0a441821f..95c626e26 100644 --- a/charts/argo-workflows/README.md.gotmpl +++ b/charts/argo-workflows/README.md.gotmpl @@ -28,6 +28,19 @@ kubectl apply -k "https://github.com/argoproj/argo-workflows/manifests/base/crds kubectl apply -k "https://github.com/argoproj/argo-workflows/manifests/base/crds/full?ref=v3.3.9" ``` +## Installing the Chart + +To install the chart with the release name `my-release`: + +```console +$ helm repo add argo https://argoproj.github.io/argo-helm +"argo" has been added to your repositories + +$ helm install my-release argo/argo-workflows +NAME: my-release +... +``` + ## Changelog For full list of changes, please check ArtifactHub [changelog]. From 2563d1e6f94e7102fb403bfa1ca6ece9ca39e3c3 Mon Sep 17 00:00:00 2001 From: Aikawa Date: Fri, 17 Mar 2023 17:24:44 +0900 Subject: [PATCH 079/373] chore(argo-cd): Upgrade Argo CD to v2.6.6 (#1915) Signed-off-by: yu-croco --- charts/argo-cd/Chart.yaml | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index 2f77e8181..051155f23 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -1,9 +1,9 @@ apiVersion: v2 -appVersion: v2.6.5 +appVersion: v2.6.6 kubeVersion: ">=1.22.0-0" description: A Helm chart for Argo CD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 5.27.0 +version: 5.27.1 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png sources: @@ -23,5 +23,5 @@ dependencies: condition: redis-ha.enabled annotations: artifacthub.io/changes: | - - kind: added - description: Ability to add project scoped cluster(s) + - kind: changed + description: Upgrade Argo CD to v2.6.6 From 2d193be5c0694dbe5e1568217a86bbe972bb091d Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Emil=20Smole=C5=84ski?= <20775179+moleskin-smile@users.noreply.github.com> Date: Thu, 23 Mar 2023 08:09:03 +0100 Subject: [PATCH 080/373] feat(argo-workflows): Add ability to use memoization (#1924) --- charts/argo-workflows/Chart.yaml | 4 ++-- charts/argo-workflows/README.md | 1 + .../controller/workflow-controller-cluster-roles.yaml | 4 ++++ charts/argo-workflows/values.yaml | 2 ++ 4 files changed, 9 insertions(+), 2 deletions(-) diff --git a/charts/argo-workflows/Chart.yaml b/charts/argo-workflows/Chart.yaml index a69edb0d5..b89837396 100644 --- a/charts/argo-workflows/Chart.yaml +++ b/charts/argo-workflows/Chart.yaml @@ -3,7 +3,7 @@ appVersion: v3.4.5 name: argo-workflows description: A Helm chart for Argo Workflows type: application -version: 0.22.14 +version: 0.22.15 icon: https://raw.githubusercontent.com/argoproj/argo-workflows/master/docs/assets/argo.png home: https://github.com/argoproj/argo-helm sources: @@ -14,4 +14,4 @@ maintainers: annotations: artifacthub.io/changes: | - kind: added - description: Add install guide on README. + description: Ability to use memoization feature. diff --git a/charts/argo-workflows/README.md b/charts/argo-workflows/README.md index a9f05ab4b..0c4dd649b 100644 --- a/charts/argo-workflows/README.md +++ b/charts/argo-workflows/README.md @@ -147,6 +147,7 @@ Fields to note: | controller.priorityClassName | string | `""` | Leverage a PriorityClass to ensure your pods survive resource shortages. | | controller.rbac.create | bool | `true` | Adds Role and RoleBinding for the controller. | | controller.rbac.secretWhitelist | list | `[]` | Allows controller to get, list, and watch certain k8s secrets | +| controller.rbac.writeConfigMaps | bool | `false` | Allows controller to create and update ConfigMaps. Enables memoization feature | | controller.replicas | int | `1` | The number of controller pods to run | | controller.resourceRateLimit | object | `{}` | Globally limits the rate at which pods are created. This is intended to mitigate flooding of the Kubernetes API server by workflows with a large amount of parallel nodes. | | controller.resources | object | `{}` | Resource limits and requests for the controller | diff --git a/charts/argo-workflows/templates/controller/workflow-controller-cluster-roles.yaml b/charts/argo-workflows/templates/controller/workflow-controller-cluster-roles.yaml index bb08306b8..6b1a724e8 100644 --- a/charts/argo-workflows/templates/controller/workflow-controller-cluster-roles.yaml +++ b/charts/argo-workflows/templates/controller/workflow-controller-cluster-roles.yaml @@ -36,6 +36,10 @@ rules: - get - watch - list + {{- if .Values.controller.rbac.writeConfigMaps }} + - create + - update + {{- end}} - apiGroups: - "" resources: diff --git a/charts/argo-workflows/values.yaml b/charts/argo-workflows/values.yaml index 904d766b5..3537ac894 100644 --- a/charts/argo-workflows/values.yaml +++ b/charts/argo-workflows/values.yaml @@ -74,6 +74,8 @@ controller: create: true # -- Allows controller to get, list, and watch certain k8s secrets secretWhitelist: [] + # -- Allows controller to create and update ConfigMaps. Enables memoization feature + writeConfigMaps: false # -- Limits the maximum number of incomplete workflows in a namespace namespaceParallelism: From ccef4448748601bb253a89fa86ed036b0e620cc1 Mon Sep 17 00:00:00 2001 From: Marco Kilchhofer Date: Fri, 24 Mar 2023 01:08:45 +0100 Subject: [PATCH 081/373] chore(argo-cd): Upgrade to appVersion v2.6.7 (#1926) Signed-off-by: Marco Kilchhofer --- charts/argo-cd/Chart.yaml | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index 051155f23..273a65f70 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -1,9 +1,9 @@ apiVersion: v2 -appVersion: v2.6.6 +appVersion: v2.6.7 kubeVersion: ">=1.22.0-0" description: A Helm chart for Argo CD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 5.27.1 +version: 5.27.2 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png sources: @@ -24,4 +24,4 @@ dependencies: annotations: artifacthub.io/changes: | - kind: changed - description: Upgrade Argo CD to v2.6.6 + description: Upgrade Argo CD to v2.6.7 From ceb6011cb666d64c9e36e7daf058102c5f64b6ba Mon Sep 17 00:00:00 2001 From: Miles Armstrong Date: Fri, 24 Mar 2023 09:57:01 +0000 Subject: [PATCH 082/373] chore(argo-cd): Update to use Github's new RSA SSH public key (#1927) --- charts/argo-cd/Chart.yaml | 4 ++-- charts/argo-cd/values.yaml | 2 +- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index 273a65f70..853553644 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -3,7 +3,7 @@ appVersion: v2.6.7 kubeVersion: ">=1.22.0-0" description: A Helm chart for Argo CD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 5.27.2 +version: 5.27.3 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png sources: @@ -24,4 +24,4 @@ dependencies: annotations: artifacthub.io/changes: | - kind: changed - description: Upgrade Argo CD to v2.6.7 + description: Update Github RSA SSH public key diff --git a/charts/argo-cd/values.yaml b/charts/argo-cd/values.yaml index cad9a1b65..8a558c6c0 100755 --- a/charts/argo-cd/values.yaml +++ b/charts/argo-cd/values.yaml @@ -307,7 +307,7 @@ configs: bitbucket.org ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAQEAubiN81eDcafrgMeLzaFPsw2kNvEcqTKl/VqLat/MaB33pZy0y3rJZtnqwR2qOOvbwKZYKiEO1O6VqNEBxKvJJelCq0dTXWT5pbO2gDXC6h6QDXCaHo6pOHGPUy+YBaGQRGuSusMEASYiWunYN0vCAI8QaXnWMXNMdFP3jHAJH0eDsoiGnLPBlBp4TNm6rYI74nMzgz3B9IikW4WVK+dc8KZJZWYjAuORU3jc1c/NPskD2ASinf8v3xnfXeukU0sJ5N6m5E8VLjObPEO+mN2t/FZTMZLiFqPWc/ALSqnMnnhwrNi2rbfg/rd/IpL8Le3pSBne8+seeFVBoGqzHM9yXw== github.com ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBEmKSENjQEezOmxkZMy7opKgwFB9nkt5YRrYMjNuG5N87uRgg6CLrbo5wAdT/y6v0mKV0U2w0WZ2YB/++Tpockg= github.com ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIOMqqnkVzrm0SdG6UOoqKLsabgH5C9okWi0dh2l9GKJl - github.com ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAQEAq2A7hRGmdnm9tUDbO9IDSwBK6TbQa+PXYPCPy6rbTrTtw7PHkccKrpp0yVhp5HdEIcKr6pLlVDBfOLX9QUsyCOV0wzfjIJNlGEYsdlLJizHhbn2mUjvSAHQqZETYP81eFzLQNnPHt4EVVUh7VfDESU84KezmD5QlWpXLmvU31/yMf+Se8xhHTvKSCZIFImWwoG6mbUoWf9nzpIoaSjB+weqqUUmpaaasXVal72J+UX2B+2RPW3RcT0eOzQgqlJL3RKrTJvdsjE3JEAvGq3lGHSZXy28G3skua2SmVi/w4yCE6gbODqnTWlg7+wC604ydGXA8VJiS5ap43JXiUFFAaQ== + github.com ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABgQCj7ndNxQowgcQnjshcLrqPEiiphnt+VTTvDP6mHBL9j1aNUkY4Ue1gvwnGLVlOhGeYrnZaMgRK6+PKCUXaDbC7qtbW8gIkhL7aGCsOr/C56SJMy/BCZfxd1nWzAOxSDPgVsmerOBYfNqltV9/hWCqBywINIR+5dIg6JTJ72pcEpEjcYgXkE2YEFXV1JHnsKgbLWNlhScqb2UmyRkQyytRLtL+38TGxkxCflmO+5Z8CSSNY7GidjMIZ7Q4zMjA2n1nGrlTDkzwDCsw+wqFPGQA179cnfGWOWRVruj16z6XyvxvjJwbz0wQZ75XK5tKSb7FNyeIEs4TT4jk+S4dhPeAUC5y+bDYirYgM4GC7uEnztnZyaVWQ7B381AK4Qdrwt51ZqExKbQpTUNn+EjqoTwvqNj4kqx5QUCI0ThS/YkOxJCXmPUWZbhjpCg56i+2aB6CmK2JGhn57K5mj0MNdBXA4/WnwH6XoPWJzK5Nyu2zB3nAZp+S5hpQs+p1vN1/wsjk= gitlab.com ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBFSMqzJeV9rUzU4kWitGjeR4PWSa29SPqJ1fVkhtj3Hw9xjLVXVYrU9QlYWrOLXBpQ6KWjbjTDTdDkoohFzgbEY= gitlab.com ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIAfuCHKVTjquxvt6CM6tdG4SLp1Btn/nOeHHE5UOzRdf gitlab.com ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCsj2bNKTBSpIYDEGk9KxsGh3mySTRgMtXL583qmBpzeQ+jqCMRgBqB98u3z++J1sKlXHWfM9dyhSevkMwSbhoR8XIq/U0tCNyokEi/ueaBMCvbcTHhO7FcwzY92WK4Yt0aGROY5qX2UKSeOvuP4D6TPqKF1onrSzH9bx9XUf2lEdWT/ia1NEKjunUqu1xOB/StKDHMoX4/OKyIzuS0q/T1zOATthvasJFoPrAjkohTyaDUz2LN5JoH839hViyEG82yB+MjcFV5MU3N1l1QL3cVUCh93xSaua1N85qivl+siMkPGbO5xR/En4iEY6K2XPASUEMaieWVNTRCtJ4S8H+9 From b8c86dd91461fb39342074da1e8417f813b74994 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Sat, 25 Mar 2023 15:27:19 +0100 Subject: [PATCH 083/373] chore(github): bump actions/stale from 7 to 8 (#1931) chore(deps): bump actions/stale from 7 to 8 Bumps [actions/stale](https://github.com/actions/stale) from 7 to 8. - [Release notes](https://github.com/actions/stale/releases) - [Changelog](https://github.com/actions/stale/blob/main/CHANGELOG.md) - [Commits](https://github.com/actions/stale/compare/v7...v8) --- updated-dependencies: - dependency-name: actions/stale dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> --- .github/workflows/stale.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/stale.yml b/.github/workflows/stale.yml index 3a8e77d1f..9b4053bb7 100644 --- a/.github/workflows/stale.yml +++ b/.github/workflows/stale.yml @@ -14,7 +14,7 @@ jobs: pull-requests: write # for actions/stale to close stale PRs runs-on: ubuntu-latest steps: - - uses: actions/stale@v7 + - uses: actions/stale@v8 with: repo-token: ${{ secrets.GITHUB_TOKEN }} # Number of days of inactivity before an issue becomes stale From d959c79775204facd6d413e7af53999b0fd3f776 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Sat, 25 Mar 2023 15:28:31 +0100 Subject: [PATCH 084/373] chore(github): bump helm/chart-testing-action from 2.3.1 to 2.4.0 (#1930) chore(deps): bump helm/chart-testing-action from 2.3.1 to 2.4.0 Bumps [helm/chart-testing-action](https://github.com/helm/chart-testing-action) from 2.3.1 to 2.4.0. - [Release notes](https://github.com/helm/chart-testing-action/releases) - [Commits](https://github.com/helm/chart-testing-action/compare/v2.3.1...v2.4.0) --- updated-dependencies: - dependency-name: helm/chart-testing-action dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Petr Drastil --- .github/workflows/lint-and-test.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/lint-and-test.yml b/.github/workflows/lint-and-test.yml index 5899b5596..97684b86d 100644 --- a/.github/workflows/lint-and-test.yml +++ b/.github/workflows/lint-and-test.yml @@ -26,7 +26,7 @@ jobs: - name: Setup Chart Linting id: lint - uses: helm/chart-testing-action@v2.3.1 + uses: helm/chart-testing-action@v2.4.0 with: # Note: Also update in scripts/lint.sh version: v3.7.1 From d34a3765682b52c6d02726b144759b796e9e3b07 Mon Sep 17 00:00:00 2001 From: LucasBoisserie Date: Tue, 28 Mar 2023 15:48:09 +0200 Subject: [PATCH 085/373] fix(argo-cd): Disable hostNetwork field when is set to false (#1934) * fix(argo-cd): fix host network configuration Signed-off-by: LucasBoisserie * update changelog Signed-off-by: LucasBoisserie --------- Signed-off-by: LucasBoisserie --- charts/argo-cd/Chart.yaml | 6 +++--- .../argocd-application-controller/statefulset.yaml | 2 ++ charts/argo-cd/templates/argocd-repo-server/deployment.yaml | 2 ++ charts/argo-cd/templates/argocd-server/deployment.yaml | 2 ++ 4 files changed, 9 insertions(+), 3 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index 853553644..bf4000b52 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -3,7 +3,7 @@ appVersion: v2.6.7 kubeVersion: ">=1.22.0-0" description: A Helm chart for Argo CD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 5.27.3 +version: 5.27.4 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png sources: @@ -23,5 +23,5 @@ dependencies: condition: redis-ha.enabled annotations: artifacthub.io/changes: | - - kind: changed - description: Update Github RSA SSH public key + - kind: fixed + description: Surround with if hostNetwork field to disable it when is set to false diff --git a/charts/argo-cd/templates/argocd-application-controller/statefulset.yaml b/charts/argo-cd/templates/argocd-application-controller/statefulset.yaml index ad8cbc1b7..0bef6ced9 100644 --- a/charts/argo-cd/templates/argocd-application-controller/statefulset.yaml +++ b/charts/argo-cd/templates/argocd-application-controller/statefulset.yaml @@ -312,7 +312,9 @@ spec: path: tls.key - key: ca.crt path: ca.crt + {{- if .Values.controller.hostNetwork }} hostNetwork: {{ .Values.controller.hostNetwork }} + {{- end }} {{- with .Values.controller.dnsConfig }} dnsConfig: {{- toYaml . | nindent 8 }} diff --git a/charts/argo-cd/templates/argocd-repo-server/deployment.yaml b/charts/argo-cd/templates/argocd-repo-server/deployment.yaml index 3e22a00d4..4d5fd8dc9 100755 --- a/charts/argo-cd/templates/argocd-repo-server/deployment.yaml +++ b/charts/argo-cd/templates/argocd-repo-server/deployment.yaml @@ -355,7 +355,9 @@ spec: path: tls.key - key: ca.crt path: ca.crt + {{- if .Values.repoServer.hostNetwork }} hostNetwork: {{ .Values.repoServer.hostNetwork }} + {{- end }} {{- with .Values.repoServer.dnsConfig }} dnsConfig: {{- toYaml . | nindent 8 }} diff --git a/charts/argo-cd/templates/argocd-server/deployment.yaml b/charts/argo-cd/templates/argocd-server/deployment.yaml index bb2f750b4..ddd23a02c 100755 --- a/charts/argo-cd/templates/argocd-server/deployment.yaml +++ b/charts/argo-cd/templates/argocd-server/deployment.yaml @@ -421,7 +421,9 @@ spec: path: tls.crt - key: ca.crt path: ca.crt + {{- if .Values.server.hostNetwork }} hostNetwork: {{ .Values.server.hostNetwork }} + {{- end }} {{- with .Values.server.dnsConfig }} dnsConfig: {{- toYaml . | nindent 8 }} From af90fd665f82ab314d4fad77b4c6ecbd51ae54ac Mon Sep 17 00:00:00 2001 From: Khanh Ngo Date: Wed, 29 Mar 2023 11:16:34 +0200 Subject: [PATCH 086/373] feat(argo-rollouts): support setting pod annotations separately on controller and dashboard (#1928) --- charts/argo-rollouts/Chart.yaml | 6 ++---- charts/argo-rollouts/README.md | 4 +++- charts/argo-rollouts/templates/controller/deployment.yaml | 6 ++++-- charts/argo-rollouts/templates/dashboard/deployment.yaml | 6 ++++-- charts/argo-rollouts/values.yaml | 6 +++++- 5 files changed, 18 insertions(+), 10 deletions(-) diff --git a/charts/argo-rollouts/Chart.yaml b/charts/argo-rollouts/Chart.yaml index a5e8e9c59..64cc3539d 100644 --- a/charts/argo-rollouts/Chart.yaml +++ b/charts/argo-rollouts/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v2 appVersion: v1.4.1 description: A Helm chart for Argo Rollouts name: argo-rollouts -version: 2.22.3 +version: 2.23.0 home: https://github.com/argoproj/argo-helm icon: https://argoproj.github.io/argo-rollouts/assets/logo.png keywords: @@ -15,7 +15,5 @@ maintainers: url: https://argoproj.github.io/ annotations: artifacthub.io/changes: | - - kind: changed - description: Upgrade Argo Rollouts to v.1.4.1 - kind: added - description: Put Changelog URL on README.md + description: Added the ability to set pod annotations separately on controller and dashboard deployment diff --git a/charts/argo-rollouts/README.md b/charts/argo-rollouts/README.md index ee3821bf0..1e8a29f09 100644 --- a/charts/argo-rollouts/README.md +++ b/charts/argo-rollouts/README.md @@ -95,13 +95,14 @@ For full list of changes please check ArtifactHub [changelog]. | controller.pdb.labels | object | `{}` | Labels to be added to controller [Pod Disruption Budget] | | controller.pdb.maxUnavailable | string | `nil` | Maximum number / percentage of pods that may be made unavailable | | controller.pdb.minAvailable | string | `nil` | Minimum number / percentage of pods that should remain scheduled | +| controller.podAnnotations | object | `{}` | Annotations to be added to application controller pods | | controller.priorityClassName | string | `""` | [priorityClassName] for the controller | | controller.readinessProbe | object | See [values.yaml] | Configure readiness [probe] for the controller | | controller.replicas | int | `2` | The number of controller pods to run | | controller.resources | object | `{}` | Resource limits and requests for the controller pods. | | controller.tolerations | list | `[]` | [Tolerations] for use with node taints | | controller.topologySpreadConstraints | list | `[]` | Assign custom [TopologySpreadConstraints] rules to the controller | -| podAnnotations | object | `{}` | Annotations to be added to the Rollout pods | +| podAnnotations | object | `{}` | Annotations for the all deployed pods | | podLabels | object | `{}` | Labels to be added to the Rollout pods | | podSecurityContext | object | `{"runAsNonRoot":true}` | Security Context to set on pod level | | serviceAccount.annotations | object | `{}` | Annotations to add to the service account | @@ -139,6 +140,7 @@ For full list of changes please check ArtifactHub [changelog]. | dashboard.pdb.labels | object | `{}` | Labels to be added to dashboard [Pod Disruption Budget] | | dashboard.pdb.maxUnavailable | string | `nil` | Maximum number / percentage of pods that may be made unavailable | | dashboard.pdb.minAvailable | string | `nil` | Minimum number / percentage of pods that should remain scheduled | +| dashboard.podAnnotations | object | `{}` | Annotations to be added to application dashboard pods | | dashboard.podSecurityContext | object | `{"runAsNonRoot":true}` | Security Context to set on pod level | | dashboard.priorityClassName | string | `""` | [priorityClassName] for the dashboard server | | dashboard.readonly | bool | `false` | Set cluster role to readonly | diff --git a/charts/argo-rollouts/templates/controller/deployment.yaml b/charts/argo-rollouts/templates/controller/deployment.yaml index d6adf9cfa..ee118e5a8 100644 --- a/charts/argo-rollouts/templates/controller/deployment.yaml +++ b/charts/argo-rollouts/templates/controller/deployment.yaml @@ -15,9 +15,11 @@ spec: replicas: {{ .Values.controller.replicas }} template: metadata: - {{- with .Values.podAnnotations }} + {{- with (mergeOverwrite (deepCopy .Values.podAnnotations) .Values.controller.podAnnotations) }} annotations: - {{- toYaml . | nindent 8 }} + {{- range $key, $value := . }} + {{ $key }}: {{ $value | quote }} + {{- end }} {{- end }} labels: {{- include "argo-rollouts.selectorLabels" . | nindent 8 }} diff --git a/charts/argo-rollouts/templates/dashboard/deployment.yaml b/charts/argo-rollouts/templates/dashboard/deployment.yaml index ebf9ce8b2..0d2109347 100644 --- a/charts/argo-rollouts/templates/dashboard/deployment.yaml +++ b/charts/argo-rollouts/templates/dashboard/deployment.yaml @@ -16,9 +16,11 @@ spec: replicas: {{ .Values.dashboard.replicas }} template: metadata: - {{- with .Values.podAnnotations }} + {{- with (mergeOverwrite (deepCopy .Values.podAnnotations) .Values.dashboard.podAnnotations) }} annotations: - {{- toYaml . | nindent 8 }} + {{- range $key, $value := . }} + {{ $key }}: {{ $value | quote }} + {{- end }} {{- end }} labels: {{- include "argo-rollouts.selectorLabels" . | nindent 8 }} diff --git a/charts/argo-rollouts/values.yaml b/charts/argo-rollouts/values.yaml index eb077221d..d92e93041 100644 --- a/charts/argo-rollouts/values.yaml +++ b/charts/argo-rollouts/values.yaml @@ -41,6 +41,8 @@ extraObjects: [] controller: # -- Value of label `app.kubernetes.io/component` component: rollouts-controller + # -- Annotations to be added to application controller pods + podAnnotations: {} # -- [Node selector] nodeSelector: {} # -- [Tolerations] for use with node taints @@ -164,7 +166,7 @@ serviceAccount: # -- Annotations to be added to all CRDs crdAnnotations: {} -# -- Annotations to be added to the Rollout pods +# -- Annotations for the all deployed pods podAnnotations: {} # -- Security Context to set on pod level @@ -217,6 +219,8 @@ dashboard: readonly: false # -- Value of label `app.kubernetes.io/component` component: rollouts-dashboard + # -- Annotations to be added to application dashboard pods + podAnnotations: {} # -- [Node selector] nodeSelector: {} # -- [Tolerations] for use with node taints From 3c24d55fa4029f83543308a055577457b492e719 Mon Sep 17 00:00:00 2001 From: Gergely Czuczy Date: Thu, 30 Mar 2023 18:33:14 +0200 Subject: [PATCH 087/373] feat(argo-cd): Entrypoint can be configured now (#1898) * Entrypoint can be configured now Signed-off-by: Gergely Czuczy * Updated charts.lock after following master Signed-off-by: Gergely Czuczy * Bump version Signed-off-by: Gergely Czuczy --------- Signed-off-by: Gergely Czuczy Signed-off-by: Gergely Czuczy --- charts/argo-cd/Chart.lock | 6 +++--- charts/argo-cd/Chart.yaml | 8 ++++---- charts/argo-cd/README.md | 2 ++ .../templates/argocd-applicationset/deployment.yaml | 5 ++++- .../argo-cd/templates/argocd-repo-server/deployment.yaml | 4 +++- charts/argo-cd/values.yaml | 8 ++++++++ 6 files changed, 24 insertions(+), 9 deletions(-) mode change 100755 => 100644 charts/argo-cd/values.yaml diff --git a/charts/argo-cd/Chart.lock b/charts/argo-cd/Chart.lock index a2a5011e3..e21296c6c 100644 --- a/charts/argo-cd/Chart.lock +++ b/charts/argo-cd/Chart.lock @@ -1,6 +1,6 @@ dependencies: - name: redis-ha repository: https://dandydeveloper.github.io/charts/ - version: 4.22.4 -digest: sha256:5df60910862b364ebfb82cba2b2f0951c39ad36446647fb3f501bdeadc92fbd7 -generated: "2022-12-26T22:58:11.561184+09:00" + version: 4.22.5 +digest: sha256:d2e927511e515fb862f23dd413ee3a356c855d808f6f9ad1d345ee62b8c7ea16 +generated: "2023-03-30T08:25:32.738257836+02:00" diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index bf4000b52..059c9250b 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -3,7 +3,7 @@ appVersion: v2.6.7 kubeVersion: ">=1.22.0-0" description: A Helm chart for Argo CD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 5.27.4 +version: 5.27.5 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png sources: @@ -18,10 +18,10 @@ maintainers: url: https://argoproj.github.io/ dependencies: - name: redis-ha - version: 4.22.4 + version: 4.22.5 repository: https://dandydeveloper.github.io/charts/ condition: redis-ha.enabled annotations: artifacthub.io/changes: | - - kind: fixed - description: Surround with if hostNetwork field to disable it when is set to false + - kind: changed + description: entrypoint usage can be configured diff --git a/charts/argo-cd/README.md b/charts/argo-cd/README.md index a71687ed1..2b7d4ea3c 100644 --- a/charts/argo-cd/README.md +++ b/charts/argo-cd/README.md @@ -394,6 +394,8 @@ NAME: my-release | global.affinity.nodeAffinity.type | string | `"hard"` | Default node affinity rules. Either: `none`, `soft` or `hard` | | global.affinity.podAntiAffinity | string | `"soft"` | Default pod anti-affinity rules. Either: `none`, `soft` or `hard` | | global.deploymentAnnotations | object | `{}` | Annotations for the all deployed Deployments | +| global.entrypoint.entrypoint | string | `"entrypoint.sh"` | The entrypoint to use for the containers. | +| global.entrypoint.useImplicit | bool | `false` | Implicitly use the docker image's entrypoint. This requires the image to have ENTRYPOINT set properly | | global.hostAliases | list | `[]` | Mapping between IP and hostnames that will be injected as entries in the pod's hosts files | | global.image.imagePullPolicy | string | `"IfNotPresent"` | If defined, a imagePullPolicy applied to all Argo CD deployments | | global.image.repository | string | `"quay.io/argoproj/argocd"` | If defined, a repository applied to all Argo CD deployments | diff --git a/charts/argo-cd/templates/argocd-applicationset/deployment.yaml b/charts/argo-cd/templates/argocd-applicationset/deployment.yaml index 6d8e54609..e4e865700 100644 --- a/charts/argo-cd/templates/argocd-applicationset/deployment.yaml +++ b/charts/argo-cd/templates/argocd-applicationset/deployment.yaml @@ -51,8 +51,11 @@ spec: - name: {{ .Values.applicationSet.name }} image: {{ default .Values.global.image.repository .Values.applicationSet.image.repository }}:{{ default (include "argo-cd.defaultTag" .) .Values.applicationSet.image.tag }} imagePullPolicy: {{ default .Values.global.image.imagePullPolicy .Values.applicationSet.image.imagePullPolicy }} + {{- if not .Values.global.entrypoint.useImplicit }} command: - - entrypoint.sh + - {{ .Values.global.entrypoint.entrypoint | quote }} + {{- end }} + args: - argocd-applicationset-controller - --metrics-addr=:{{ .Values.applicationSet.containerPorts.metrics }} - --probe-addr=:{{ .Values.applicationSet.containerPorts.probe }} diff --git a/charts/argo-cd/templates/argocd-repo-server/deployment.yaml b/charts/argo-cd/templates/argocd-repo-server/deployment.yaml index 4d5fd8dc9..01a792046 100755 --- a/charts/argo-cd/templates/argocd-repo-server/deployment.yaml +++ b/charts/argo-cd/templates/argocd-repo-server/deployment.yaml @@ -56,8 +56,10 @@ spec: - name: {{ .Values.repoServer.name }} image: {{ default .Values.global.image.repository .Values.repoServer.image.repository }}:{{ default (include "argo-cd.defaultTag" .) .Values.repoServer.image.tag }} imagePullPolicy: {{ default .Values.global.image.imagePullPolicy .Values.repoServer.image.imagePullPolicy }} + {{- if not .Values.global.entrypoint.useImplicit }} command: - - entrypoint.sh + - {{ .Values.global.entrypoint.entrypoint | quote }} + {{- end }} args: - argocd-repo-server - --port={{ .Values.repoServer.containerPorts.server }} diff --git a/charts/argo-cd/values.yaml b/charts/argo-cd/values.yaml old mode 100755 new mode 100644 index 8a558c6c0..418153142 --- a/charts/argo-cd/values.yaml +++ b/charts/argo-cd/values.yaml @@ -132,6 +132,14 @@ global: # topologyKey: topology.kubernetes.io/zone # whenUnsatisfiable: DoNotSchedule + # POD entrypoint configuration + entrypoint: + # -- Implicitly use the docker image's entrypoint. This requires the image to have + # ENTRYPOINT set properly + useImplicit: false + # -- The entrypoint to use for the containers. + entrypoint: "entrypoint.sh" + ## Argo Configs configs: From 0697ab1e4b15a0f323469a65f858622a5692f0e5 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Rafa=C5=82=20Boniecki?= Date: Sat, 1 Apr 2023 20:40:02 +0000 Subject: [PATCH 088/373] fix(argo-events): wire up priorityClassName (#1940) --- charts/argo-events/Chart.yaml | 6 +++--- .../templates/argo-events-controller/deployment.yaml | 3 +++ .../templates/argo-events-webhook/deployment.yaml | 3 +++ 3 files changed, 9 insertions(+), 3 deletions(-) diff --git a/charts/argo-events/Chart.yaml b/charts/argo-events/Chart.yaml index f577f2576..a702a6255 100644 --- a/charts/argo-events/Chart.yaml +++ b/charts/argo-events/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v2 appVersion: v1.7.6 description: A Helm chart for Argo Events, the event-driven workflow automation framework name: argo-events -version: 2.1.4 +version: 2.1.5 home: https://github.com/argoproj/argo-helm icon: https://argoproj.github.io/argo-events/assets/logo.png keywords: @@ -15,5 +15,5 @@ maintainers: url: https://argoproj.github.io/ annotations: artifacthub.io/changes: | - - kind: added - description: Add install guide on README + - kind: fixed + description: priorityClassName was not being set on pods. diff --git a/charts/argo-events/templates/argo-events-controller/deployment.yaml b/charts/argo-events/templates/argo-events-controller/deployment.yaml index ab41c26b4..0ca65ee2f 100644 --- a/charts/argo-events/templates/argo-events-controller/deployment.yaml +++ b/charts/argo-events/templates/argo-events-controller/deployment.yaml @@ -27,6 +27,9 @@ spec: {{- toYaml . | nindent 8 }} {{- end }} spec: + {{- with .Values.controller.priorityClassName }} + priorityClassName: {{ . }} + {{- end }} {{- with .Values.global.imagePullSecrets }} imagePullSecrets: {{- toYaml . | nindent 8 }} diff --git a/charts/argo-events/templates/argo-events-webhook/deployment.yaml b/charts/argo-events/templates/argo-events-webhook/deployment.yaml index 2f0478afd..e3839caf8 100644 --- a/charts/argo-events/templates/argo-events-webhook/deployment.yaml +++ b/charts/argo-events/templates/argo-events-webhook/deployment.yaml @@ -27,6 +27,9 @@ spec: {{- toYaml . | nindent 8 }} {{- end }} spec: + {{- with .Values.webhook.priorityClassName }} + priorityClassName: {{ . }} + {{- end }} {{- with .Values.global.imagePullSecrets }} imagePullSecrets: {{- toYaml . | nindent 8 }} From 4ea0119321d9c58c75eaef889033f98994af40a6 Mon Sep 17 00:00:00 2001 From: Laurent Lavaud Date: Mon, 3 Apr 2023 11:58:50 +0200 Subject: [PATCH 089/373] feat(argo-cd): Add support for custom Deployment strategy (#1918) Signed-off-by: Laurent Lavaud --- charts/argo-cd/Chart.yaml | 6 +-- charts/argo-cd/README.md | 6 +++ charts/argo-cd/templates/_common.tpl | 17 +++++++++ .../argocd-applicationset/deployment.yaml | 4 ++ .../argocd-notifications/deployment.yaml | 4 +- .../argocd-repo-server/deployment.yaml | 4 ++ .../templates/argocd-server/deployment.yaml | 4 ++ charts/argo-cd/templates/dex/deployment.yaml | 4 ++ charts/argo-cd/values.yaml | 38 +++++++++++++++++++ 9 files changed, 83 insertions(+), 4 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index 059c9250b..09552820b 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -3,7 +3,7 @@ appVersion: v2.6.7 kubeVersion: ">=1.22.0-0" description: A Helm chart for Argo CD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 5.27.5 +version: 5.28.0 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png sources: @@ -23,5 +23,5 @@ dependencies: condition: redis-ha.enabled annotations: artifacthub.io/changes: | - - kind: changed - description: entrypoint usage can be configured + - kind: added + description: Add support for custom Deployment strategy diff --git a/charts/argo-cd/README.md b/charts/argo-cd/README.md index 2b7d4ea3c..faa370222 100644 --- a/charts/argo-cd/README.md +++ b/charts/argo-cd/README.md @@ -394,6 +394,7 @@ NAME: my-release | global.affinity.nodeAffinity.type | string | `"hard"` | Default node affinity rules. Either: `none`, `soft` or `hard` | | global.affinity.podAntiAffinity | string | `"soft"` | Default pod anti-affinity rules. Either: `none`, `soft` or `hard` | | global.deploymentAnnotations | object | `{}` | Annotations for the all deployed Deployments | +| global.deploymentStrategy | object | `{}` | Deployment strategy for the all deployed Deployments | | global.entrypoint.entrypoint | string | `"entrypoint.sh"` | The entrypoint to use for the containers. | | global.entrypoint.useImplicit | bool | `false` | Implicitly use the docker image's entrypoint. This requires the image to have ENTRYPOINT set properly | | global.hostAliases | list | `[]` | Mapping between IP and hostnames that will be injected as entries in the pod's hosts files | @@ -573,6 +574,7 @@ NAME: my-release | repoServer.containerPorts.server | int | `8081` | Repo server container port | | repoServer.containerSecurityContext | object | See [values.yaml] | Repo server container-level security context | | repoServer.deploymentAnnotations | object | `{}` | Annotations to be added to repo server Deployment | +| repoServer.deploymentStrategy | object | `{}` | Deployment strategy to be added to the repo server Deployment | | repoServer.dnsConfig | object | `{}` | [DNS configuration] | | repoServer.dnsPolicy | string | `"ClusterFirst"` | Alternative DNS policy for Repo server pods | | repoServer.env | list | `[]` | Environment variables to pass to repo server | @@ -676,6 +678,7 @@ NAME: my-release | server.containerPorts.server | int | `8080` | Server container port | | server.containerSecurityContext | object | See [values.yaml] | Server container-level security context | | server.deploymentAnnotations | object | `{}` | Annotations to be added to server Deployment | +| server.deploymentStrategy | object | `{}` | Deployment strategy to be added to the server Deployment | | server.dnsConfig | object | `{}` | [DNS configuration] | | server.dnsPolicy | string | `"ClusterFirst"` | Alternative DNS policy for Server pods | | server.env | list | `[]` | Environment variables to pass to Argo CD server | @@ -822,6 +825,7 @@ server: | dex.containerPorts.metrics | int | `5558` | Metrics container port | | dex.containerSecurityContext | object | See [values.yaml] | Dex container-level security context | | dex.deploymentAnnotations | object | `{}` | Annotations to be added to the Dex server Deployment | +| dex.deploymentStrategy | object | `{}` | Deployment strategy to be added to the Dex server Deployment | | dex.dnsConfig | object | `{}` | [DNS configuration] | | dex.dnsPolicy | string | `"ClusterFirst"` | Alternative DNS policy for Dex server pods | | dex.enabled | bool | `true` | Enable dex | @@ -1012,6 +1016,7 @@ If you want to use an existing Redis (eg. a managed service from a cloud provide | applicationSet.containerPorts.webhook | int | `7000` | Webhook container port | | applicationSet.containerSecurityContext | object | See [values.yaml] | ApplicationSet controller container-level security context | | applicationSet.deploymentAnnotations | object | `{}` | Annotations to be added to ApplicationSet controller Deployment | +| applicationSet.deploymentStrategy | object | `{}` | Deployment strategy to be added to the ApplicationSet controller Deployment | | applicationSet.dnsConfig | object | `{}` | [DNS configuration] | | applicationSet.dnsPolicy | string | `"ClusterFirst"` | Alternative DNS policy for ApplicationSet controller pods | | applicationSet.enabled | bool | `true` | Enable ApplicationSet controller | @@ -1097,6 +1102,7 @@ If you want to use an existing Redis (eg. a managed service from a cloud provide | notifications.containerSecurityContext | object | See [values.yaml] | Notification controller container-level security Context | | notifications.context | object | `{}` | Define user-defined context | | notifications.deploymentAnnotations | object | `{}` | Annotations to be applied to the notifications controller Deployment | +| notifications.deploymentStrategy | object | `{"type":"Recreate"}` | Deployment strategy to be added to the notifications controller Deployment | | notifications.dnsConfig | object | `{}` | [DNS configuration] | | notifications.dnsPolicy | string | `"ClusterFirst"` | Alternative DNS policy for notifications controller Pods | | notifications.enabled | bool | `true` | Enable notifications controller | diff --git a/charts/argo-cd/templates/_common.tpl b/charts/argo-cd/templates/_common.tpl index dd43d0d5f..bf0c1e842 100644 --- a/charts/argo-cd/templates/_common.tpl +++ b/charts/argo-cd/templates/_common.tpl @@ -120,3 +120,20 @@ nodeAffinity: {{- end -}} {{- end -}} {{- end -}} + +{{/* +Common deployment strategy definition +- Recreate don't have additional fields, we need to remove them if added by the mergeOverwrite +*/}} +{{- define "argo-cd.strategy" -}} +{{- $preset := . -}} +{{- if (eq $preset.type "Recreate") }} +type: Recreate +{{- else if (eq $preset.type "RollingUpdate") }} +type: RollingUpdate +{{- with $preset.rollingUpdate }} +rollingUpdate: + {{- toYaml . | nindent 2 }} +{{- end }} +{{- end }} +{{- end -}} diff --git a/charts/argo-cd/templates/argocd-applicationset/deployment.yaml b/charts/argo-cd/templates/argocd-applicationset/deployment.yaml index e4e865700..76d77b424 100644 --- a/charts/argo-cd/templates/argocd-applicationset/deployment.yaml +++ b/charts/argo-cd/templates/argocd-applicationset/deployment.yaml @@ -12,6 +12,10 @@ metadata: labels: {{- include "argo-cd.labels" (dict "context" . "component" .Values.applicationSet.name "name" .Values.applicationSet.name) | nindent 4 }} spec: + {{- with include "argo-cd.strategy" (mergeOverwrite (deepCopy .Values.global.deploymentStrategy) .Values.applicationSet.deploymentStrategy) }} + strategy: + {{- trim . | nindent 4 }} + {{- end }} replicas: {{ .Values.applicationSet.replicaCount }} revisionHistoryLimit: {{ .Values.global.revisionHistoryLimit }} selector: diff --git a/charts/argo-cd/templates/argocd-notifications/deployment.yaml b/charts/argo-cd/templates/argocd-notifications/deployment.yaml index 45ba1de0b..fc51bb002 100644 --- a/charts/argo-cd/templates/argocd-notifications/deployment.yaml +++ b/charts/argo-cd/templates/argocd-notifications/deployment.yaml @@ -14,8 +14,10 @@ metadata: spec: replicas: 1 revisionHistoryLimit: {{ .Values.global.revisionHistoryLimit }} + {{- with include "argo-cd.strategy" (mergeOverwrite (deepCopy .Values.global.deploymentStrategy) .Values.notifications.deploymentStrategy) }} strategy: - type: Recreate + {{- trim . | nindent 4 }} + {{- end }} selector: matchLabels: {{- include "argo-cd.selectorLabels" (dict "context" . "name" .Values.notifications.name) | nindent 6 }} diff --git a/charts/argo-cd/templates/argocd-repo-server/deployment.yaml b/charts/argo-cd/templates/argocd-repo-server/deployment.yaml index 01a792046..906a544fb 100755 --- a/charts/argo-cd/templates/argocd-repo-server/deployment.yaml +++ b/charts/argo-cd/templates/argocd-repo-server/deployment.yaml @@ -11,6 +11,10 @@ metadata: labels: {{- include "argo-cd.labels" (dict "context" . "component" .Values.repoServer.name "name" .Values.repoServer.name) | nindent 4 }} spec: + {{- with include "argo-cd.strategy" (mergeOverwrite (deepCopy .Values.global.deploymentStrategy) .Values.repoServer.deploymentStrategy) }} + strategy: + {{- trim . | nindent 4 }} + {{- end }} {{- if not .Values.repoServer.autoscaling.enabled }} replicas: {{ .Values.repoServer.replicas }} {{- end }} diff --git a/charts/argo-cd/templates/argocd-server/deployment.yaml b/charts/argo-cd/templates/argocd-server/deployment.yaml index ddd23a02c..a5bea81be 100755 --- a/charts/argo-cd/templates/argocd-server/deployment.yaml +++ b/charts/argo-cd/templates/argocd-server/deployment.yaml @@ -11,6 +11,10 @@ metadata: labels: {{- include "argo-cd.labels" (dict "context" . "component" .Values.server.name "name" .Values.server.name) | nindent 4 }} spec: + {{- with include "argo-cd.strategy" (mergeOverwrite (deepCopy .Values.global.deploymentStrategy) .Values.server.deploymentStrategy) }} + strategy: + {{- trim . | nindent 4 }} + {{- end }} {{- if not .Values.server.autoscaling.enabled }} replicas: {{ .Values.server.replicas }} {{- end }} diff --git a/charts/argo-cd/templates/dex/deployment.yaml b/charts/argo-cd/templates/dex/deployment.yaml index fd5e00d9d..af6523d50 100755 --- a/charts/argo-cd/templates/dex/deployment.yaml +++ b/charts/argo-cd/templates/dex/deployment.yaml @@ -12,6 +12,10 @@ metadata: labels: {{- include "argo-cd.labels" (dict "context" . "component" .Values.dex.name "name" .Values.dex.name) | nindent 4 }} spec: + {{- with include "argo-cd.strategy" (mergeOverwrite (deepCopy .Values.global.deploymentStrategy) .Values.dex.deploymentStrategy) }} + strategy: + {{- trim . | nindent 4 }} + {{- end }} replicas: 1 revisionHistoryLimit: {{ .Values.global.revisionHistoryLimit }} selector: diff --git a/charts/argo-cd/values.yaml b/charts/argo-cd/values.yaml index 418153142..640f1a48a 100644 --- a/charts/argo-cd/values.yaml +++ b/charts/argo-cd/values.yaml @@ -140,6 +140,12 @@ global: # -- The entrypoint to use for the containers. entrypoint: "entrypoint.sh" + # -- Deployment strategy for the all deployed Deployments + deploymentStrategy: {} + # type: RollingUpdate + # rollingUpdate: + # maxSurge: 25% + # maxUnavailable: 25% ## Argo Configs configs: @@ -1093,6 +1099,13 @@ dex: # topologyKey: topology.kubernetes.io/zone # whenUnsatisfiable: DoNotSchedule + # -- Deployment strategy to be added to the Dex server Deployment + deploymentStrategy: {} + # type: RollingUpdate + # rollingUpdate: + # maxSurge: 25% + # maxUnavailable: 25% + ## Redis redis: # -- Enable redis @@ -1665,6 +1678,13 @@ server: # topologyKey: topology.kubernetes.io/zone # whenUnsatisfiable: DoNotSchedule + # -- Deployment strategy to be added to the server Deployment + deploymentStrategy: {} + # type: RollingUpdate + # rollingUpdate: + # maxSurge: 25% + # maxUnavailable: 25% + # TLS certificate configuration via cert-manager ## Ref: https://argo-cd.readthedocs.io/en/stable/operator-manual/tls/#tls-certificates-used-by-argocd-server certificate: @@ -2178,6 +2198,13 @@ repoServer: # topologyKey: topology.kubernetes.io/zone # whenUnsatisfiable: DoNotSchedule + # -- Deployment strategy to be added to the repo server Deployment + deploymentStrategy: {} + # type: RollingUpdate + # rollingUpdate: + # maxSurge: 25% + # maxUnavailable: 25% + # -- Priority class for the repo server pods # @default -- `""` (defaults to global.priorityClassName) priorityClassName: "" @@ -2518,6 +2545,13 @@ applicationSet: # topologyKey: topology.kubernetes.io/zone # whenUnsatisfiable: DoNotSchedule + # -- Deployment strategy to be added to the ApplicationSet controller Deployment + deploymentStrategy: {} + # type: RollingUpdate + # rollingUpdate: + # maxSurge: 25% + # maxUnavailable: 25% + # -- Priority class for the ApplicationSet controller pods # @default -- `""` (defaults to global.priorityClassName) priorityClassName: "" @@ -2776,6 +2810,10 @@ notifications: # topologyKey: topology.kubernetes.io/zone # whenUnsatisfiable: DoNotSchedule + # -- Deployment strategy to be added to the notifications controller Deployment + deploymentStrategy: + type: Recreate + # -- Priority class for the notifications controller pods # @default -- `""` (defaults to global.priorityClassName) priorityClassName: "" From a012bd41c9d070d71633aa65d64c644146f719cf Mon Sep 17 00:00:00 2001 From: Aikawa Date: Tue, 4 Apr 2023 20:10:13 +0900 Subject: [PATCH 090/373] chore(argo-workflows): Upgrade Argo Workflows to v3.4.6 (#1942) Signed-off-by: yu-croco Co-authored-by: Jason Meridth --- charts/argo-workflows/Chart.yaml | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/charts/argo-workflows/Chart.yaml b/charts/argo-workflows/Chart.yaml index b89837396..6524a4726 100644 --- a/charts/argo-workflows/Chart.yaml +++ b/charts/argo-workflows/Chart.yaml @@ -1,9 +1,9 @@ apiVersion: v2 -appVersion: v3.4.5 +appVersion: v3.4.6 name: argo-workflows description: A Helm chart for Argo Workflows type: application -version: 0.22.15 +version: 0.22.16 icon: https://raw.githubusercontent.com/argoproj/argo-workflows/master/docs/assets/argo.png home: https://github.com/argoproj/argo-helm sources: @@ -13,5 +13,5 @@ maintainers: url: https://argoproj.github.io/ annotations: artifacthub.io/changes: | - - kind: added - description: Ability to use memoization feature. + - kind: changed + description: Upgrade Argo Workflows to v3.4.6. From c3759febbd4b6fee5a09aa75f194a018b88869f2 Mon Sep 17 00:00:00 2001 From: Ilia Lazebnik Date: Thu, 6 Apr 2023 16:52:19 +0300 Subject: [PATCH 091/373] feat(argocd-image-updater): Add support for pod labels (#1944) Signed-off-by: drfaust92 --- charts/argocd-image-updater/Chart.yaml | 4 ++-- charts/argocd-image-updater/README.md | 1 + charts/argocd-image-updater/templates/deployment.yaml | 3 +++ charts/argocd-image-updater/values.yaml | 3 +++ 4 files changed, 9 insertions(+), 2 deletions(-) diff --git a/charts/argocd-image-updater/Chart.yaml b/charts/argocd-image-updater/Chart.yaml index 5d599c41b..f64d558be 100644 --- a/charts/argocd-image-updater/Chart.yaml +++ b/charts/argocd-image-updater/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v2 name: argocd-image-updater description: A Helm chart for Argo CD Image Updater, a tool to automatically update the container images of Kubernetes workloads which are managed by Argo CD type: application -version: 0.8.4 +version: 0.8.5 appVersion: v0.12.2 home: https://github.com/argoproj-labs/argocd-image-updater icon: https://argocd-image-updater.readthedocs.io/en/stable/assets/logo.png @@ -16,4 +16,4 @@ maintainers: annotations: artifacthub.io/changes: | - kind: changed - description: Update Argo CD Image Updater to v0.12.2 + description: Added support for pod labels diff --git a/charts/argocd-image-updater/README.md b/charts/argocd-image-updater/README.md index 10259e19c..5d5c72537 100644 --- a/charts/argocd-image-updater/README.md +++ b/charts/argocd-image-updater/README.md @@ -106,6 +106,7 @@ The `config.registries` value can be used exactly as it looks in the documentati | nameOverride | string | `""` | Global name (argocd-image-updater.name in _helpers.tpl) override | | nodeSelector | object | `{}` | Kubernetes nodeSelector settings for the deployment | | podAnnotations | object | `{}` | Pod Annotations for the deployment | +| podLabels | object | `{}` | Pod Labels for the deployment | | podSecurityContext | object | `{}` | Pod security context settings for the deployment | | rbac.enabled | bool | `true` | Enable RBAC creation | | replicaCount | int | `1` | Replica count for the deployment. It is not advised to run more than one replica. | diff --git a/charts/argocd-image-updater/templates/deployment.yaml b/charts/argocd-image-updater/templates/deployment.yaml index 61136fb8f..936a4a708 100644 --- a/charts/argocd-image-updater/templates/deployment.yaml +++ b/charts/argocd-image-updater/templates/deployment.yaml @@ -19,6 +19,9 @@ spec: {{- end }} checksum/config: {{ include (print $.Template.BasePath "/configmap.yaml") . | sha256sum }} labels: + {{- with .Values.podLabels }} + {{- toYaml . | nindent 8 }} + {{- end }} {{- include "argocd-image-updater.selectorLabels" . | nindent 8 }} spec: {{- with .Values.imagePullSecrets }} diff --git a/charts/argocd-image-updater/values.yaml b/charts/argocd-image-updater/values.yaml index 9ac3e1ef0..90498e269 100644 --- a/charts/argocd-image-updater/values.yaml +++ b/charts/argocd-image-updater/values.yaml @@ -156,6 +156,9 @@ serviceAccount: # -- Pod Annotations for the deployment podAnnotations: {} +# -- Pod Labels for the deployment +podLabels: {} + # -- Pod security context settings for the deployment podSecurityContext: {} # fsGroup: 2000 From b19beee4f8cea0c1b9a37511c92a5e9b09a8e141 Mon Sep 17 00:00:00 2001 From: Aikawa Date: Fri, 7 Apr 2023 01:16:40 +0900 Subject: [PATCH 092/373] fix(argo-cd): Change default value for global.tolerations, from object to array (#1947) Signed-off-by: yu-croco --- charts/argo-cd/Chart.yaml | 6 +++--- charts/argo-cd/README.md | 2 +- charts/argo-cd/values.yaml | 2 +- 3 files changed, 5 insertions(+), 5 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index 09552820b..fc35d6b42 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -3,7 +3,7 @@ appVersion: v2.6.7 kubeVersion: ">=1.22.0-0" description: A Helm chart for Argo CD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 5.28.0 +version: 5.28.1 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png sources: @@ -23,5 +23,5 @@ dependencies: condition: redis-ha.enabled annotations: artifacthub.io/changes: | - - kind: added - description: Add support for custom Deployment strategy + - kind: fixed + description: Change default value for global.tolerations, from object to array. diff --git a/charts/argo-cd/README.md b/charts/argo-cd/README.md index faa370222..a3e43b0fc 100644 --- a/charts/argo-cd/README.md +++ b/charts/argo-cd/README.md @@ -413,7 +413,7 @@ NAME: my-release | global.revisionHistoryLimit | int | `3` | Number of old deployment ReplicaSets to retain. The rest will be garbage collected. | | global.securityContext | object | `{}` (See [values.yaml]) | Toggle and define pod-level security context. | | global.statefulsetAnnotations | object | `{}` | Annotations for the all deployed Statefulsets | -| global.tolerations | object | `{}` | Default tolerations for all components | +| global.tolerations | list | `[]` | Default tolerations for all components | | global.topologySpreadConstraints | list | `[]` | Default [TopologySpreadConstraints] rules for all components | ## Argo CD Configs diff --git a/charts/argo-cd/values.yaml b/charts/argo-cd/values.yaml index 640f1a48a..40eee8cb6 100644 --- a/charts/argo-cd/values.yaml +++ b/charts/argo-cd/values.yaml @@ -106,7 +106,7 @@ global: nodeSelector: {} # -- Default tolerations for all components - tolerations: {} + tolerations: [] # Default affinity preset for all components affinity: From 56136f65185ba97ac14543d49413626dd49e3f78 Mon Sep 17 00:00:00 2001 From: Justin Sievenpiper Date: Thu, 6 Apr 2023 16:43:01 -0700 Subject: [PATCH 093/373] feat(argo-workflows): add the ability to declare initContainers (#1923) feat(argo-workflows): add the ability to declare initContainers to server and controller deployments Signed-off-by: Justin Sievenpiper --- charts/argo-workflows/Chart.yaml | 6 +++--- charts/argo-workflows/README.md | 2 ++ .../controller/workflow-controller-deployment.yaml | 4 ++++ .../argo-workflows/templates/server/server-deployment.yaml | 4 ++++ charts/argo-workflows/values.yaml | 6 ++++++ 5 files changed, 19 insertions(+), 3 deletions(-) diff --git a/charts/argo-workflows/Chart.yaml b/charts/argo-workflows/Chart.yaml index 6524a4726..59a8a66aa 100644 --- a/charts/argo-workflows/Chart.yaml +++ b/charts/argo-workflows/Chart.yaml @@ -3,7 +3,7 @@ appVersion: v3.4.6 name: argo-workflows description: A Helm chart for Argo Workflows type: application -version: 0.22.16 +version: 0.23.0 icon: https://raw.githubusercontent.com/argoproj/argo-workflows/master/docs/assets/argo.png home: https://github.com/argoproj/argo-helm sources: @@ -13,5 +13,5 @@ maintainers: url: https://argoproj.github.io/ annotations: artifacthub.io/changes: | - - kind: changed - description: Upgrade Argo Workflows to v3.4.6. + - kind: added + description: Added the ability to deploy init containers alongside the controller and server deployments. diff --git a/charts/argo-workflows/README.md b/charts/argo-workflows/README.md index 0c4dd649b..0cd083191 100644 --- a/charts/argo-workflows/README.md +++ b/charts/argo-workflows/README.md @@ -108,6 +108,7 @@ Fields to note: | controller.extraArgs | list | `[]` | Extra arguments to be added to the controller | | controller.extraContainers | list | `[]` | Extra containers to be added to the controller deployment | | controller.extraEnv | list | `[]` | Extra environment variables to provide to the controller container | +| controller.extraInitContainers | list | `[]` | Enables init containers to be added to the controller deployment | | controller.image.registry | string | `"quay.io"` | Registry to use for the controller | | controller.image.repository | string | `"argoproj/workflow-controller"` | Registry to use for the controller | | controller.image.tag | string | `""` | Image tag for the workflow controller. Defaults to `.Values.images.tag`. | @@ -215,6 +216,7 @@ Fields to note: | server.extraArgs | list | `[]` | Extra arguments to provide to the Argo server binary, such as for disabling authentication. | | server.extraContainers | list | `[]` | Extra containers to be added to the server deployment | | server.extraEnv | list | `[]` | Extra environment variables to provide to the argo-server container | +| server.extraInitContainers | list | `[]` | Enables init containers to be added to the server deployment | | server.image.registry | string | `"quay.io"` | Registry to use for the server | | server.image.repository | string | `"argoproj/argocli"` | Repository to use for the server | | server.image.tag | string | `""` | Image tag for the Argo Workflows server. Defaults to `.Values.images.tag`. | diff --git a/charts/argo-workflows/templates/controller/workflow-controller-deployment.yaml b/charts/argo-workflows/templates/controller/workflow-controller-deployment.yaml index 8f4f783f2..021a2e76a 100644 --- a/charts/argo-workflows/templates/controller/workflow-controller-deployment.yaml +++ b/charts/argo-workflows/templates/controller/workflow-controller-deployment.yaml @@ -32,6 +32,10 @@ spec: securityContext: {{- toYaml . | nindent 8 }} {{- end }} + {{- with .Values.controller.extraInitContainers }} + initContainers: + {{- toYaml . | nindent 8 }} + {{- end }} containers: - name: controller image: "{{- include "argo-workflows.image" (dict "context" . "image" .Values.controller.image) }}:{{ default (include "argo-workflows.defaultTag" .) .Values.controller.image.tag }}" diff --git a/charts/argo-workflows/templates/server/server-deployment.yaml b/charts/argo-workflows/templates/server/server-deployment.yaml index e5230cd0d..552c7d052 100644 --- a/charts/argo-workflows/templates/server/server-deployment.yaml +++ b/charts/argo-workflows/templates/server/server-deployment.yaml @@ -33,6 +33,10 @@ spec: securityContext: {{- toYaml . | nindent 8 }} {{- end }} + {{- with .Values.server.extraInitContainers }} + initContainers: + {{- toYaml . | nindent 8 }} + {{- end }} containers: - name: argo-server image: "{{- include "argo-workflows.image" (dict "context" . "image" .Values.server.image) }}:{{ default (include "argo-workflows.defaultTag" .) .Values.server.image.tag }}" diff --git a/charts/argo-workflows/values.yaml b/charts/argo-workflows/values.yaml index 3537ac894..155a0acd9 100644 --- a/charts/argo-workflows/values.yaml +++ b/charts/argo-workflows/values.yaml @@ -295,6 +295,9 @@ controller: # -- Extra containers to be added to the controller deployment extraContainers: [] + # -- Enables init containers to be added to the controller deployment + extraInitContainers: [] + # -- Workflow retention by number of workflows retentionPolicy: {} # completed: 10 @@ -570,6 +573,9 @@ server: # -- Extra containers to be added to the server deployment extraContainers: [] + # -- Enables init containers to be added to the server deployment + extraInitContainers: [] + # -- Array of extra K8s manifests to deploy extraObjects: [] # - apiVersion: secrets-store.csi.x-k8s.io/v1 From 950c5be7256b0f2a4360de275d56c644e7e8fb42 Mon Sep 17 00:00:00 2001 From: Shawqi <74347460+shaw8ii@users.noreply.github.com> Date: Fri, 7 Apr 2023 15:45:35 +0300 Subject: [PATCH 094/373] fix(argo-events): missing argument for toYaml function in deployment template (#1933) * fix(argo-events): missing argument for toYaml function in deployment template Signed-off-by: Shawqi <74347460+shaw8ii@users.noreply.github.com> * Add description to Chart.yaml Signed-off-by: Shawqi <74347460+shaw8ii@users.noreply.github.com> * bump version Signed-off-by: Shawqi <74347460+shaw8ii@users.noreply.github.com> --------- Signed-off-by: Shawqi <74347460+shaw8ii@users.noreply.github.com> Co-authored-by: Petr Drastil --- charts/argo-events/Chart.yaml | 4 ++-- .../templates/argo-events-controller/deployment.yaml | 2 +- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/charts/argo-events/Chart.yaml b/charts/argo-events/Chart.yaml index a702a6255..f11e6a0af 100644 --- a/charts/argo-events/Chart.yaml +++ b/charts/argo-events/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v2 appVersion: v1.7.6 description: A Helm chart for Argo Events, the event-driven workflow automation framework name: argo-events -version: 2.1.5 +version: 2.1.6 home: https://github.com/argoproj/argo-helm icon: https://argoproj.github.io/argo-events/assets/logo.png keywords: @@ -16,4 +16,4 @@ maintainers: annotations: artifacthub.io/changes: | - kind: fixed - description: priorityClassName was not being set on pods. + description: fix toYaml function in deployment template for envFrom block diff --git a/charts/argo-events/templates/argo-events-controller/deployment.yaml b/charts/argo-events/templates/argo-events-controller/deployment.yaml index 0ca65ee2f..6f6a965b9 100644 --- a/charts/argo-events/templates/argo-events-controller/deployment.yaml +++ b/charts/argo-events/templates/argo-events-controller/deployment.yaml @@ -63,7 +63,7 @@ spec: {{- end }} {{- with .Values.controller.envFrom }} envFrom: - {{- toYaml | nindent 8 }} + {{- toYaml . | nindent 8 }} {{- end }} volumeMounts: - name: config From 7eafaa742e6c14f3ed0d21614f53826848044ec4 Mon Sep 17 00:00:00 2001 From: Aikawa Date: Tue, 11 Apr 2023 22:33:49 +0900 Subject: [PATCH 095/373] chore(argo-cd): Add log format and log level to dex (#1951) Signed-off-by: yu-croco --- charts/argo-cd/Chart.yaml | 6 +++--- charts/argo-cd/README.md | 2 ++ charts/argo-cd/templates/dex/deployment.yaml | 2 ++ charts/argo-cd/values.yaml | 7 +++++++ 4 files changed, 14 insertions(+), 3 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index fc35d6b42..be815df3d 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -3,7 +3,7 @@ appVersion: v2.6.7 kubeVersion: ">=1.22.0-0" description: A Helm chart for Argo CD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 5.28.1 +version: 5.28.2 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png sources: @@ -23,5 +23,5 @@ dependencies: condition: redis-ha.enabled annotations: artifacthub.io/changes: | - - kind: fixed - description: Change default value for global.tolerations, from object to array. + - kind: added + description: Add log format and log level to dex. diff --git a/charts/argo-cd/README.md b/charts/argo-cd/README.md index a3e43b0fc..b90af7afa 100644 --- a/charts/argo-cd/README.md +++ b/charts/argo-cd/README.md @@ -847,6 +847,8 @@ server: | dex.livenessProbe.periodSeconds | int | `10` | How often (in seconds) to perform the [probe] | | dex.livenessProbe.successThreshold | int | `1` | Minimum consecutive successes for the [probe] to be considered successful after having failed | | dex.livenessProbe.timeoutSeconds | int | `1` | Number of seconds after which the [probe] times out | +| dex.logFormat | string | `""` (defaults to global.logging.format) | Dex log format. Either `text` or `json` | +| dex.logLevel | string | `""` (defaults to global.logging.level) | Dex log level. One of: `debug`, `info`, `warn`, `error` | | dex.metrics.enabled | bool | `false` | Deploy metrics service | | dex.metrics.service.annotations | object | `{}` | Metrics service annotations | | dex.metrics.service.labels | object | `{}` | Metrics service labels | diff --git a/charts/argo-cd/templates/dex/deployment.yaml b/charts/argo-cd/templates/dex/deployment.yaml index af6523d50..f83422331 100755 --- a/charts/argo-cd/templates/dex/deployment.yaml +++ b/charts/argo-cd/templates/dex/deployment.yaml @@ -61,6 +61,8 @@ spec: imagePullPolicy: {{ default .Values.global.image.imagePullPolicy .Values.dex.image.imagePullPolicy }} command: - /shared/argocd-dex + - --logformat={{ default .Values.global.logging.format .Values.dex.logFormat }} + - --loglevel={{ default .Values.global.logging.level .Values.dex.logLevel }} args: - rundex {{- with .Values.dex.extraArgs }} diff --git a/charts/argo-cd/values.yaml b/charts/argo-cd/values.yaml index 40eee8cb6..32b9060c9 100644 --- a/charts/argo-cd/values.yaml +++ b/charts/argo-cd/values.yaml @@ -1106,6 +1106,13 @@ dex: # maxSurge: 25% # maxUnavailable: 25% + # -- Dex log format. Either `text` or `json` + # @default -- `""` (defaults to global.logging.format) + logFormat: "" + # -- Dex log level. One of: `debug`, `info`, `warn`, `error` + # @default -- `""` (defaults to global.logging.level) + logLevel: "" + ## Redis redis: # -- Enable redis From 633954386f82ff86fe1504afbdc92b7673246ff7 Mon Sep 17 00:00:00 2001 From: Aikawa Date: Tue, 11 Apr 2023 22:50:22 +0900 Subject: [PATCH 096/373] fix(argo-workflows): Update outdated content on README (#1948) fix(argo-workflows): Remove outdated content on README Signed-off-by: yu-croco --- charts/argo-workflows/Chart.yaml | 6 ++-- charts/argo-workflows/README.md | 42 +++++++++++++++++++++----- charts/argo-workflows/README.md.gotmpl | 42 +++++++++++++++++++++----- 3 files changed, 73 insertions(+), 17 deletions(-) diff --git a/charts/argo-workflows/Chart.yaml b/charts/argo-workflows/Chart.yaml index 59a8a66aa..e648478f5 100644 --- a/charts/argo-workflows/Chart.yaml +++ b/charts/argo-workflows/Chart.yaml @@ -3,7 +3,7 @@ appVersion: v3.4.6 name: argo-workflows description: A Helm chart for Argo Workflows type: application -version: 0.23.0 +version: 0.23.1 icon: https://raw.githubusercontent.com/argoproj/argo-workflows/master/docs/assets/argo.png home: https://github.com/argoproj/argo-helm sources: @@ -13,5 +13,5 @@ maintainers: url: https://argoproj.github.io/ annotations: artifacthub.io/changes: | - - kind: added - description: Added the ability to deploy init containers alongside the controller and server deployments. + - kind: fixed + description: Update outdated content on README. diff --git a/charts/argo-workflows/README.md b/charts/argo-workflows/README.md index 0cd083191..2c8ceb70c 100644 --- a/charts/argo-workflows/README.md +++ b/charts/argo-workflows/README.md @@ -6,13 +6,6 @@ If you want your deployment of this helm chart to most closely match the [argo C ## Pre-Requisites -This chart uses an install hook to configure the CRD definition. Installation of CRDs is a somewhat privileged process in itself and in RBAC enabled clusters the `default` service account for namespaces does not typically have the ability to create these. - -A few options are: - -- Manually create a ServiceAccount in the Namespace in which your release will be deployed w/ appropriate bindings to perform this action and set the `serviceAccountName` field in the Workflow spec -- Augment the `default` ServiceAccount permissions in the Namespace in which your Release is deployed to have the appropriate permissions - ### Custom resource definitions Some users would prefer to install the CRDs _outside_ of the chart. You can disable the CRD installation of this chart by using `--set crds.install=false` when installing the chart. @@ -28,6 +21,41 @@ kubectl apply -k "https://github.com/argoproj/argo-workflows/manifests/base/crds kubectl apply -k "https://github.com/argoproj/argo-workflows/manifests/base/crds/full?ref=v3.3.9" ``` +### ServiceAccount for Workflow Spec +In order for each Workflow run, you create ServiceAccount via `values.yaml` like below. + +```yaml +workflow: + serviceAccount: + create: true + name: "argo-workflow" + rbac: + create: true +controller: + workflowNamespaces: + - default + - foo + - bar +``` + +Set ServiceAccount on Workflow. + +```yaml +apiVersion: argoproj.io/v1alpha1 +kind: Workflow +metadata: + generateName: hello-world- +spec: + entrypoint: whalesay + serviceAccountName: argo-workflow # Set ServiceAccount + templates: + - name: whalesay + container: + image: docker/whalesay + command: [ cowsay ] + args: [ "hello world" ] +``` + ## Installing the Chart To install the chart with the release name `my-release`: diff --git a/charts/argo-workflows/README.md.gotmpl b/charts/argo-workflows/README.md.gotmpl index 95c626e26..398a8788e 100644 --- a/charts/argo-workflows/README.md.gotmpl +++ b/charts/argo-workflows/README.md.gotmpl @@ -6,13 +6,6 @@ If you want your deployment of this helm chart to most closely match the [argo C ## Pre-Requisites -This chart uses an install hook to configure the CRD definition. Installation of CRDs is a somewhat privileged process in itself and in RBAC enabled clusters the `default` service account for namespaces does not typically have the ability to create these. - -A few options are: - -- Manually create a ServiceAccount in the Namespace in which your release will be deployed w/ appropriate bindings to perform this action and set the `serviceAccountName` field in the Workflow spec -- Augment the `default` ServiceAccount permissions in the Namespace in which your Release is deployed to have the appropriate permissions - ### Custom resource definitions Some users would prefer to install the CRDs _outside_ of the chart. You can disable the CRD installation of this chart by using `--set crds.install=false` when installing the chart. @@ -28,6 +21,41 @@ kubectl apply -k "https://github.com/argoproj/argo-workflows/manifests/base/crds kubectl apply -k "https://github.com/argoproj/argo-workflows/manifests/base/crds/full?ref=v3.3.9" ``` +### ServiceAccount for Workflow Spec +In order for each Workflow run, you create ServiceAccount via `values.yaml` like below. + +```yaml +workflow: + serviceAccount: + create: true + name: "argo-workflow" + rbac: + create: true +controller: + workflowNamespaces: + - default + - foo + - bar +``` + +Set ServiceAccount on Workflow. + +```yaml +apiVersion: argoproj.io/v1alpha1 +kind: Workflow +metadata: + generateName: hello-world- +spec: + entrypoint: whalesay + serviceAccountName: argo-workflow # Set ServiceAccount + templates: + - name: whalesay + container: + image: docker/whalesay + command: [ cowsay ] + args: [ "hello world" ] +``` + ## Installing the Chart To install the chart with the release name `my-release`: From 1d17840549a7956e437069132b0513f6d2e4824a Mon Sep 17 00:00:00 2001 From: Julien Duchesne Date: Wed, 12 Apr 2023 00:52:28 -0400 Subject: [PATCH 097/373] chore(argo-workflows): Upgrade Argo Workflows to v3.4.7 (#1954) --- charts/argo-workflows/Chart.yaml | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/charts/argo-workflows/Chart.yaml b/charts/argo-workflows/Chart.yaml index e648478f5..bde79c697 100644 --- a/charts/argo-workflows/Chart.yaml +++ b/charts/argo-workflows/Chart.yaml @@ -1,9 +1,9 @@ apiVersion: v2 -appVersion: v3.4.6 +appVersion: v3.4.7 name: argo-workflows description: A Helm chart for Argo Workflows type: application -version: 0.23.1 +version: 0.23.2 icon: https://raw.githubusercontent.com/argoproj/argo-workflows/master/docs/assets/argo.png home: https://github.com/argoproj/argo-helm sources: @@ -13,5 +13,5 @@ maintainers: url: https://argoproj.github.io/ annotations: artifacthub.io/changes: | - - kind: fixed - description: Update outdated content on README. + - kind: changed + description: Upgrade Argo Workflows to v3.4.7. From 7eeb70f7117df0e25ebf30ed193c11a3b9960e24 Mon Sep 17 00:00:00 2001 From: Aikawa Date: Thu, 13 Apr 2023 18:25:06 +0900 Subject: [PATCH 098/373] fix(argo-workflows): Add namespace field to all namespace scoped resources (#1956) Reason: `helm template` doesn't add the namespace field automatically * fix(argo-workflows): Add namespace field to all namespace scoped resources because `helm template` doesn't add the namespace filed automatically Signed-off-by: yu-croco * chore(argo-workflows): bump minor version Signed-off-by: yu-croco * refactor(argo-workflows): reflect review points Signed-off-by: yu-croco --- charts/argo-workflows/Chart.yaml | 6 +++--- .../controller/workflow-controller-cluster-roles.yaml | 3 +++ .../controller/workflow-controller-config-map.yaml | 1 + .../templates/controller/workflow-controller-crb.yaml | 7 +++++-- .../controller/workflow-controller-deployment-pdb.yaml | 1 + .../controller/workflow-controller-deployment.yaml | 1 + .../templates/controller/workflow-controller-sa.yaml | 1 + .../templates/controller/workflow-controller-service.yaml | 1 + .../controller/workflow-controller-servicemonitor.yaml | 6 ++---- .../templates/server/server-cluster-roles.yaml | 3 +++ charts/argo-workflows/templates/server/server-crb.yaml | 7 +++++-- .../templates/server/server-deployment-pdb.yaml | 1 + .../argo-workflows/templates/server/server-deployment.yaml | 1 + charts/argo-workflows/templates/server/server-ingress.yaml | 1 + charts/argo-workflows/templates/server/server-sa.yaml | 1 + charts/argo-workflows/templates/server/server-service.yaml | 1 + 16 files changed, 31 insertions(+), 11 deletions(-) diff --git a/charts/argo-workflows/Chart.yaml b/charts/argo-workflows/Chart.yaml index bde79c697..69cbe88f2 100644 --- a/charts/argo-workflows/Chart.yaml +++ b/charts/argo-workflows/Chart.yaml @@ -3,7 +3,7 @@ appVersion: v3.4.7 name: argo-workflows description: A Helm chart for Argo Workflows type: application -version: 0.23.2 +version: 0.24.0 icon: https://raw.githubusercontent.com/argoproj/argo-workflows/master/docs/assets/argo.png home: https://github.com/argoproj/argo-helm sources: @@ -13,5 +13,5 @@ maintainers: url: https://argoproj.github.io/ annotations: artifacthub.io/changes: | - - kind: changed - description: Upgrade Argo Workflows to v3.4.7. + - kind: fixed + description: Add namespace field to all namespace scoped resources because `helm template` doesn't add the namespace filed automatically. diff --git a/charts/argo-workflows/templates/controller/workflow-controller-cluster-roles.yaml b/charts/argo-workflows/templates/controller/workflow-controller-cluster-roles.yaml index 6b1a724e8..b5d78afa0 100644 --- a/charts/argo-workflows/templates/controller/workflow-controller-cluster-roles.yaml +++ b/charts/argo-workflows/templates/controller/workflow-controller-cluster-roles.yaml @@ -7,6 +7,9 @@ kind: ClusterRole {{- end }} metadata: name: {{ template "argo-workflows.controller.fullname" . }} + {{- if .Values.singleNamespace }} + namespace: {{ .Release.Namespace | quote }} + {{- end }} labels: {{- include "argo-workflows.labels" (dict "context" . "component" .Values.controller.name "name" .Values.controller.name) | nindent 4 }} rules: diff --git a/charts/argo-workflows/templates/controller/workflow-controller-config-map.yaml b/charts/argo-workflows/templates/controller/workflow-controller-config-map.yaml index 125f48d37..7327ecac1 100644 --- a/charts/argo-workflows/templates/controller/workflow-controller-config-map.yaml +++ b/charts/argo-workflows/templates/controller/workflow-controller-config-map.yaml @@ -2,6 +2,7 @@ apiVersion: v1 kind: ConfigMap metadata: name: {{ template "argo-workflows.controller.fullname" . }}-configmap + namespace: {{ .Release.Namespace | quote }} labels: {{- include "argo-workflows.labels" (dict "context" . "component" .Values.controller.name "name" "cm") | nindent 4 }} data: diff --git a/charts/argo-workflows/templates/controller/workflow-controller-crb.yaml b/charts/argo-workflows/templates/controller/workflow-controller-crb.yaml index c630bac69..9fa7a7f6f 100644 --- a/charts/argo-workflows/templates/controller/workflow-controller-crb.yaml +++ b/charts/argo-workflows/templates/controller/workflow-controller-crb.yaml @@ -7,6 +7,9 @@ kind: ClusterRoleBinding {{- end }} metadata: name: {{ template "argo-workflows.controller.fullname" . }} + {{- if .Values.singleNamespace }} + namespace: {{ .Release.Namespace | quote }} + {{- end }} labels: {{- include "argo-workflows.labels" (dict "context" . "component" .Values.controller.name "name" .Values.controller.name) | nindent 4 }} roleRef: @@ -20,7 +23,7 @@ roleRef: subjects: - kind: ServiceAccount name: {{ template "argo-workflows.controllerServiceAccountName" . }} - namespace: {{ .Release.Namespace }} + namespace: {{ .Release.Namespace | quote }} {{- if .Values.controller.clusterWorkflowTemplates.enabled }} --- @@ -37,6 +40,6 @@ roleRef: subjects: - kind: ServiceAccount name: {{ template "argo-workflows.controllerServiceAccountName" . }} - namespace: {{ .Release.Namespace }} + namespace: {{ .Release.Namespace | quote }} {{- end }} {{- end }} diff --git a/charts/argo-workflows/templates/controller/workflow-controller-deployment-pdb.yaml b/charts/argo-workflows/templates/controller/workflow-controller-deployment-pdb.yaml index 4e7545c73..ee38445f2 100644 --- a/charts/argo-workflows/templates/controller/workflow-controller-deployment-pdb.yaml +++ b/charts/argo-workflows/templates/controller/workflow-controller-deployment-pdb.yaml @@ -3,6 +3,7 @@ apiVersion: policy/v1 kind: PodDisruptionBudget metadata: name: {{ template "argo-workflows.controller.fullname" . }} + namespace: {{ .Release.Namespace | quote }} labels: {{- include "argo-workflows.labels" (dict "context" . "component" .Values.controller.name "name" .Values.controller.name) | nindent 4 }} spec: diff --git a/charts/argo-workflows/templates/controller/workflow-controller-deployment.yaml b/charts/argo-workflows/templates/controller/workflow-controller-deployment.yaml index 021a2e76a..4ee117b8b 100644 --- a/charts/argo-workflows/templates/controller/workflow-controller-deployment.yaml +++ b/charts/argo-workflows/templates/controller/workflow-controller-deployment.yaml @@ -2,6 +2,7 @@ apiVersion: apps/v1 kind: Deployment metadata: name: {{ template "argo-workflows.controller.fullname" . }} + namespace: {{ .Release.Namespace | quote }} labels: {{- include "argo-workflows.labels" (dict "context" . "component" .Values.controller.name "name" .Values.controller.name) | nindent 4 }} app.kubernetes.io/version: {{ include "argo-workflows.controller_chart_version_label" . }} diff --git a/charts/argo-workflows/templates/controller/workflow-controller-sa.yaml b/charts/argo-workflows/templates/controller/workflow-controller-sa.yaml index 362459005..c6a8bf663 100644 --- a/charts/argo-workflows/templates/controller/workflow-controller-sa.yaml +++ b/charts/argo-workflows/templates/controller/workflow-controller-sa.yaml @@ -3,6 +3,7 @@ apiVersion: v1 kind: ServiceAccount metadata: name: {{ template "argo-workflows.controllerServiceAccountName" . }} + namespace: {{ .Release.Namespace | quote }} labels: {{- include "argo-workflows.labels" (dict "context" . "component" .Values.controller.name "name" .Values.controller.name) | nindent 4 }} {{- with .Values.controller.serviceAccount.labels }} diff --git a/charts/argo-workflows/templates/controller/workflow-controller-service.yaml b/charts/argo-workflows/templates/controller/workflow-controller-service.yaml index 3ca1afad6..5ade3d401 100644 --- a/charts/argo-workflows/templates/controller/workflow-controller-service.yaml +++ b/charts/argo-workflows/templates/controller/workflow-controller-service.yaml @@ -3,6 +3,7 @@ apiVersion: v1 kind: Service metadata: name: {{ template "argo-workflows.controller.fullname" . }} + namespace: {{ .Release.Namespace | quote }} labels: {{- include "argo-workflows.labels" (dict "context" . "component" .Values.controller.name "name" .Values.controller.name) | nindent 4 }} app.kubernetes.io/version: {{ default (include "argo-workflows.defaultTag" .) .Values.controller.image.tag | trunc 63 | quote }} diff --git a/charts/argo-workflows/templates/controller/workflow-controller-servicemonitor.yaml b/charts/argo-workflows/templates/controller/workflow-controller-servicemonitor.yaml index f71d35077..29fe1b59e 100644 --- a/charts/argo-workflows/templates/controller/workflow-controller-servicemonitor.yaml +++ b/charts/argo-workflows/templates/controller/workflow-controller-servicemonitor.yaml @@ -3,9 +3,7 @@ apiVersion: monitoring.coreos.com/v1 kind: ServiceMonitor metadata: name: {{ template "argo-workflows.controller.fullname" . }} - {{- with .Values.controller.serviceMonitor.namespace }} - namespace: {{ . }} - {{- end }} + namespace: {{ default .Release.Namespace .Values.controller.serviceMonitor.namespace | quote }} labels: {{- include "argo-workflows.labels" (dict "context" . "component" .Values.controller.name "name" .Values.controller.name) | nindent 4 }} {{- with .Values.controller.serviceMonitor.additionalLabels }} @@ -25,7 +23,7 @@ spec: {{- end }} namespaceSelector: matchNames: - - {{ .Release.Namespace }} + - {{ .Release.Namespace | quote }} selector: matchLabels: {{- include "argo-workflows.selectorLabels" (dict "context" . "name" .Values.controller.name) | nindent 6 }} diff --git a/charts/argo-workflows/templates/server/server-cluster-roles.yaml b/charts/argo-workflows/templates/server/server-cluster-roles.yaml index c7d18f50c..96f12bfa0 100644 --- a/charts/argo-workflows/templates/server/server-cluster-roles.yaml +++ b/charts/argo-workflows/templates/server/server-cluster-roles.yaml @@ -7,6 +7,9 @@ kind: ClusterRole {{- end }} metadata: name: {{ template "argo-workflows.server.fullname" . }} + {{- if .Values.singleNamespace }} + namespace: {{ .Release.Namespace | quote }} + {{- end }} labels: {{- include "argo-workflows.labels" (dict "context" . "component" .Values.server.name "name" .Values.server.name) | nindent 4 }} rules: diff --git a/charts/argo-workflows/templates/server/server-crb.yaml b/charts/argo-workflows/templates/server/server-crb.yaml index 6ac17aef4..ec4f6435a 100644 --- a/charts/argo-workflows/templates/server/server-crb.yaml +++ b/charts/argo-workflows/templates/server/server-crb.yaml @@ -7,6 +7,9 @@ kind: ClusterRoleBinding {{- end }} metadata: name: {{ template "argo-workflows.server.fullname" . }} + {{- if .Values.singleNamespace }} + namespace: {{ .Release.Namespace | quote }} + {{- end }} labels: {{- include "argo-workflows.labels" (dict "context" . "component" .Values.server.name "name" .Values.server.name) | nindent 4 }} roleRef: @@ -20,7 +23,7 @@ roleRef: subjects: - kind: ServiceAccount name: {{ template "argo-workflows.serverServiceAccountName" . }} - namespace: {{ .Release.Namespace }} + namespace: {{ .Release.Namespace | quote }} {{- if .Values.server.clusterWorkflowTemplates.enabled }} --- @@ -37,6 +40,6 @@ roleRef: subjects: - kind: ServiceAccount name: {{ template "argo-workflows.serverServiceAccountName" . }} - namespace: {{ .Release.Namespace }} + namespace: {{ .Release.Namespace | quote }} {{- end -}} {{- end -}} diff --git a/charts/argo-workflows/templates/server/server-deployment-pdb.yaml b/charts/argo-workflows/templates/server/server-deployment-pdb.yaml index d92a40830..7ea6d465f 100644 --- a/charts/argo-workflows/templates/server/server-deployment-pdb.yaml +++ b/charts/argo-workflows/templates/server/server-deployment-pdb.yaml @@ -3,6 +3,7 @@ apiVersion: policy/v1 kind: PodDisruptionBudget metadata: name: {{ template "argo-workflows.server.fullname" . }} + namespace: {{ .Release.Namespace | quote }} labels: {{- include "argo-workflows.labels" (dict "context" . "component" .Values.server.name "name" .Values.server.name) | nindent 4 }} spec: diff --git a/charts/argo-workflows/templates/server/server-deployment.yaml b/charts/argo-workflows/templates/server/server-deployment.yaml index 552c7d052..e9da0a1de 100644 --- a/charts/argo-workflows/templates/server/server-deployment.yaml +++ b/charts/argo-workflows/templates/server/server-deployment.yaml @@ -3,6 +3,7 @@ apiVersion: apps/v1 kind: Deployment metadata: name: {{ template "argo-workflows.server.fullname" . }} + namespace: {{ .Release.Namespace | quote }} labels: {{- include "argo-workflows.labels" (dict "context" . "component" .Values.server.name "name" .Values.server.name) | nindent 4 }} app.kubernetes.io/version: {{ include "argo-workflows.server_chart_version_label" . }} diff --git a/charts/argo-workflows/templates/server/server-ingress.yaml b/charts/argo-workflows/templates/server/server-ingress.yaml index 969676e14..36209f5b0 100644 --- a/charts/argo-workflows/templates/server/server-ingress.yaml +++ b/charts/argo-workflows/templates/server/server-ingress.yaml @@ -14,6 +14,7 @@ metadata: {{- end }} {{- end }} name: {{ template "argo-workflows.server.fullname" . }} + namespace: {{ .Release.Namespace | quote }} labels: {{- include "argo-workflows.labels" (dict "context" . "component" .Values.server.name "name" .Values.server.name) | nindent 4 }} {{- if .Values.server.ingress.labels }} diff --git a/charts/argo-workflows/templates/server/server-sa.yaml b/charts/argo-workflows/templates/server/server-sa.yaml index 2f6644edb..382d565ee 100644 --- a/charts/argo-workflows/templates/server/server-sa.yaml +++ b/charts/argo-workflows/templates/server/server-sa.yaml @@ -3,6 +3,7 @@ apiVersion: v1 kind: ServiceAccount metadata: name: {{ template "argo-workflows.serverServiceAccountName" . }} + namespace: {{ .Release.Namespace | quote }} labels: {{- include "argo-workflows.labels" (dict "context" . "component" .Values.server.name "name" .Values.server.name) | nindent 4 }} {{- with .Values.server.serviceAccount.labels }} diff --git a/charts/argo-workflows/templates/server/server-service.yaml b/charts/argo-workflows/templates/server/server-service.yaml index 22fc2b01d..f7096a8df 100644 --- a/charts/argo-workflows/templates/server/server-service.yaml +++ b/charts/argo-workflows/templates/server/server-service.yaml @@ -3,6 +3,7 @@ apiVersion: v1 kind: Service metadata: name: {{ template "argo-workflows.server.fullname" . }} + namespace: {{ .Release.Namespace | quote }} labels: {{- include "argo-workflows.labels" (dict "context" . "component" .Values.server.name "name" .Values.server.name) | nindent 4 }} app.kubernetes.io/version: {{ include "argo-workflows.server_chart_version_label" . }} From 88d690ef62e40547e951d708bcbd6806e8d579ae Mon Sep 17 00:00:00 2001 From: Jakub Oskera Date: Thu, 13 Apr 2023 16:08:34 +0200 Subject: [PATCH 099/373] fix(argo-cd): add namespace field for namespace scoped resources (#1937) --- charts/argo-cd/Chart.yaml | 6 +++--- .../templates/argocd-application-controller/metrics.yaml | 1 + .../argocd-application-controller/networkpolicy.yaml | 1 + .../templates/argocd-application-controller/pdb.yaml | 1 + .../argocd-application-controller/prometheusrule.yaml | 4 +--- .../templates/argocd-application-controller/role.yaml | 1 + .../argocd-application-controller/rolebinding.yaml | 1 + .../argocd-application-controller/serviceaccount.yaml | 1 + .../argocd-application-controller/servicemonitor.yaml | 4 +--- .../argocd-application-controller/statefulset.yaml | 1 + .../argo-cd/templates/argocd-applicationset/deployment.yaml | 1 + charts/argo-cd/templates/argocd-applicationset/metrics.yaml | 1 + .../templates/argocd-applicationset/networkpolicy.yaml | 1 + charts/argo-cd/templates/argocd-applicationset/pdb.yaml | 1 + charts/argo-cd/templates/argocd-applicationset/role.yaml | 1 + .../templates/argocd-applicationset/rolebinding.yaml | 1 + charts/argo-cd/templates/argocd-applicationset/service.yaml | 1 + .../templates/argocd-applicationset/serviceaccount.yaml | 1 + .../templates/argocd-applicationset/servicemonitor.yaml | 4 +--- .../templates/argocd-applicationset/webhook-ingress.yaml | 1 + charts/argo-cd/templates/argocd-configs/argocd-cm.yaml | 1 + .../templates/argocd-configs/argocd-cmd-params-cm.yaml | 1 + charts/argo-cd/templates/argocd-configs/argocd-cmp-cm.yaml | 1 + .../argocd-configs/argocd-dex-server-tls-secret.yaml | 1 + .../templates/argocd-configs/argocd-gpg-keys-cm.yaml | 1 + .../templates/argocd-configs/argocd-notifications-cm.yaml | 1 + .../argocd-configs/argocd-notifications-secret.yaml | 1 + charts/argo-cd/templates/argocd-configs/argocd-rbac-cm.yaml | 1 + .../argocd-configs/argocd-repo-server-tls-secret.yaml | 1 + charts/argo-cd/templates/argocd-configs/argocd-secret.yaml | 1 + .../templates/argocd-configs/argocd-server-tls-secret.yaml | 1 + .../templates/argocd-configs/argocd-ssh-known-hosts-cm.yaml | 1 + .../argo-cd/templates/argocd-configs/argocd-styles-cm.yaml | 1 + .../templates/argocd-configs/argocd-tls-certs-cm.yaml | 1 + .../argo-cd/templates/argocd-configs/cluster-secrets.yaml | 1 + .../templates/argocd-configs/externalredis-secret.yaml | 1 + .../argocd-configs/repository-credentials-secret.yaml | 1 + .../argo-cd/templates/argocd-configs/repository-secret.yaml | 1 + .../argo-cd/templates/argocd-notifications/deployment.yaml | 1 + charts/argo-cd/templates/argocd-notifications/metrics.yaml | 1 + .../templates/argocd-notifications/networkpolicy.yaml | 1 + charts/argo-cd/templates/argocd-notifications/pdb.yaml | 1 + charts/argo-cd/templates/argocd-notifications/role.yaml | 1 + .../argo-cd/templates/argocd-notifications/rolebinding.yaml | 1 + .../templates/argocd-notifications/serviceaccount.yaml | 1 + .../templates/argocd-notifications/servicemonitor.yaml | 4 +--- charts/argo-cd/templates/argocd-repo-server/deployment.yaml | 1 + charts/argo-cd/templates/argocd-repo-server/hpa.yaml | 1 + charts/argo-cd/templates/argocd-repo-server/metrics.yaml | 1 + .../argo-cd/templates/argocd-repo-server/networkpolicy.yaml | 1 + charts/argo-cd/templates/argocd-repo-server/pdb.yaml | 1 + charts/argo-cd/templates/argocd-repo-server/role.yaml | 1 + .../argo-cd/templates/argocd-repo-server/rolebinding.yaml | 1 + charts/argo-cd/templates/argocd-repo-server/service.yaml | 1 + .../templates/argocd-repo-server/serviceaccount.yaml | 1 + .../templates/argocd-repo-server/servicemonitor.yaml | 4 +--- charts/argo-cd/templates/argocd-server/aws/service.yaml | 1 + charts/argo-cd/templates/argocd-server/certificate.yaml | 1 + charts/argo-cd/templates/argocd-server/deployment.yaml | 1 + .../argo-cd/templates/argocd-server/gke/backendconfig.yaml | 1 + .../argo-cd/templates/argocd-server/gke/frontendconfig.yaml | 1 + .../templates/argocd-server/gke/managedcertificate.yaml | 1 + charts/argo-cd/templates/argocd-server/hpa.yaml | 1 + charts/argo-cd/templates/argocd-server/ingress-grpc.yaml | 1 + charts/argo-cd/templates/argocd-server/ingress.yaml | 1 + charts/argo-cd/templates/argocd-server/metrics.yaml | 1 + charts/argo-cd/templates/argocd-server/networkpolicy.yaml | 1 + charts/argo-cd/templates/argocd-server/openshift/route.yaml | 1 + charts/argo-cd/templates/argocd-server/pdb.yaml | 1 + charts/argo-cd/templates/argocd-server/role.yaml | 1 + charts/argo-cd/templates/argocd-server/rolebinding.yaml | 1 + charts/argo-cd/templates/argocd-server/service.yaml | 1 + charts/argo-cd/templates/argocd-server/serviceaccount.yaml | 1 + charts/argo-cd/templates/argocd-server/servicemonitor.yaml | 4 +--- charts/argo-cd/templates/dex/deployment.yaml | 1 + charts/argo-cd/templates/dex/networkpolicy.yaml | 1 + charts/argo-cd/templates/dex/pdb.yaml | 1 + charts/argo-cd/templates/dex/role.yaml | 1 + charts/argo-cd/templates/dex/rolebinding.yaml | 1 + charts/argo-cd/templates/dex/service.yaml | 1 + charts/argo-cd/templates/dex/serviceaccount.yaml | 1 + charts/argo-cd/templates/dex/servicemonitor.yaml | 4 +--- charts/argo-cd/templates/networkpolicy-default-deny.yaml | 1 + charts/argo-cd/templates/redis/deployment.yaml | 1 + charts/argo-cd/templates/redis/metrics.yaml | 1 + charts/argo-cd/templates/redis/networkpolicy.yaml | 1 + charts/argo-cd/templates/redis/pdb.yaml | 1 + charts/argo-cd/templates/redis/service.yaml | 1 + charts/argo-cd/templates/redis/serviceaccount.yaml | 1 + charts/argo-cd/templates/redis/servicemonitor.yaml | 4 +--- 90 files changed, 92 insertions(+), 27 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index be815df3d..81666537d 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -3,7 +3,7 @@ appVersion: v2.6.7 kubeVersion: ">=1.22.0-0" description: A Helm chart for Argo CD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 5.28.2 +version: 5.29.0 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png sources: @@ -23,5 +23,5 @@ dependencies: condition: redis-ha.enabled annotations: artifacthub.io/changes: | - - kind: added - description: Add log format and log level to dex. + - kind: fixed + description: Add namespace field for namespace scoped resources diff --git a/charts/argo-cd/templates/argocd-application-controller/metrics.yaml b/charts/argo-cd/templates/argocd-application-controller/metrics.yaml index 88827a850..754b8490a 100644 --- a/charts/argo-cd/templates/argocd-application-controller/metrics.yaml +++ b/charts/argo-cd/templates/argocd-application-controller/metrics.yaml @@ -3,6 +3,7 @@ apiVersion: v1 kind: Service metadata: name: {{ include "argo-cd.controller.fullname" . }}-metrics + namespace: {{ .Release.Namespace | quote }} labels: {{- include "argo-cd.labels" (dict "context" . "component" .Values.controller.name "name" "metrics") | nindent 4 }} {{- with .Values.controller.metrics.service.labels }} diff --git a/charts/argo-cd/templates/argocd-application-controller/networkpolicy.yaml b/charts/argo-cd/templates/argocd-application-controller/networkpolicy.yaml index bbb6b324b..e7448c52f 100644 --- a/charts/argo-cd/templates/argocd-application-controller/networkpolicy.yaml +++ b/charts/argo-cd/templates/argocd-application-controller/networkpolicy.yaml @@ -5,6 +5,7 @@ metadata: labels: {{- include "argo-cd.labels" (dict "context" . "component" .Values.controller.name "name" .Values.controller.name) | nindent 4 }} name: {{ template "argo-cd.controller.fullname" . }} + namespace: {{ .Release.Namespace | quote }} spec: ingress: - from: diff --git a/charts/argo-cd/templates/argocd-application-controller/pdb.yaml b/charts/argo-cd/templates/argocd-application-controller/pdb.yaml index b6804c549..7eaf28e18 100644 --- a/charts/argo-cd/templates/argocd-application-controller/pdb.yaml +++ b/charts/argo-cd/templates/argocd-application-controller/pdb.yaml @@ -3,6 +3,7 @@ apiVersion: policy/v1 kind: PodDisruptionBudget metadata: name: {{ include "argo-cd.controller.fullname" . }} + namespace: {{ .Release.Namespace | quote }} labels: {{- include "argo-cd.labels" (dict "context" . "component" .Values.controller.name "name" .Values.controller.name) | nindent 4 }} {{- with .Values.controller.pdb.labels }} diff --git a/charts/argo-cd/templates/argocd-application-controller/prometheusrule.yaml b/charts/argo-cd/templates/argocd-application-controller/prometheusrule.yaml index c44a63f5a..86d665648 100644 --- a/charts/argo-cd/templates/argocd-application-controller/prometheusrule.yaml +++ b/charts/argo-cd/templates/argocd-application-controller/prometheusrule.yaml @@ -3,9 +3,7 @@ apiVersion: monitoring.coreos.com/v1 kind: PrometheusRule metadata: name: {{ template "argo-cd.controller.fullname" . }} - {{- if .Values.controller.metrics.rules.namespace }} - namespace: {{ .Values.controller.metrics.rules.namespace }} - {{- end }} + namespace: {{ default .Release.Namespace .Values.controller.metrics.rules.namespace | quote }} labels: {{- include "argo-cd.labels" (dict "context" . "component" .Values.controller.name "name" .Values.controller.name) | nindent 4 }} {{- if .Values.controller.metrics.rules.selector }} diff --git a/charts/argo-cd/templates/argocd-application-controller/role.yaml b/charts/argo-cd/templates/argocd-application-controller/role.yaml index 75aec8dbb..56ef17b5d 100644 --- a/charts/argo-cd/templates/argocd-application-controller/role.yaml +++ b/charts/argo-cd/templates/argocd-application-controller/role.yaml @@ -2,6 +2,7 @@ apiVersion: rbac.authorization.k8s.io/v1 kind: Role metadata: name: {{ template "argo-cd.controller.fullname" . }} + namespace: {{ .Release.Namespace | quote }} labels: {{- include "argo-cd.labels" (dict "context" . "component" .Values.controller.name "name" .Values.controller.name) | nindent 4 }} rules: diff --git a/charts/argo-cd/templates/argocd-application-controller/rolebinding.yaml b/charts/argo-cd/templates/argocd-application-controller/rolebinding.yaml index f37f4b0ca..5f07f1090 100644 --- a/charts/argo-cd/templates/argocd-application-controller/rolebinding.yaml +++ b/charts/argo-cd/templates/argocd-application-controller/rolebinding.yaml @@ -2,6 +2,7 @@ apiVersion: rbac.authorization.k8s.io/v1 kind: RoleBinding metadata: name: {{ template "argo-cd.controller.fullname" . }} + namespace: {{ .Release.Namespace | quote }} labels: {{- include "argo-cd.labels" (dict "context" . "component" .Values.controller.name "name" .Values.controller.name) | nindent 4 }} roleRef: diff --git a/charts/argo-cd/templates/argocd-application-controller/serviceaccount.yaml b/charts/argo-cd/templates/argocd-application-controller/serviceaccount.yaml index 96d786cd7..fe56d3767 100644 --- a/charts/argo-cd/templates/argocd-application-controller/serviceaccount.yaml +++ b/charts/argo-cd/templates/argocd-application-controller/serviceaccount.yaml @@ -4,6 +4,7 @@ kind: ServiceAccount automountServiceAccountToken: {{ .Values.controller.serviceAccount.automountServiceAccountToken }} metadata: name: {{ template "argo-cd.controllerServiceAccountName" . }} + namespace: {{ .Release.Namespace | quote }} {{- if .Values.controller.serviceAccount.annotations }} annotations: {{- range $key, $value := .Values.controller.serviceAccount.annotations }} diff --git a/charts/argo-cd/templates/argocd-application-controller/servicemonitor.yaml b/charts/argo-cd/templates/argocd-application-controller/servicemonitor.yaml index 3c8b0ca47..10ba77678 100644 --- a/charts/argo-cd/templates/argocd-application-controller/servicemonitor.yaml +++ b/charts/argo-cd/templates/argocd-application-controller/servicemonitor.yaml @@ -3,9 +3,7 @@ apiVersion: monitoring.coreos.com/v1 kind: ServiceMonitor metadata: name: {{ template "argo-cd.controller.fullname" . }} - {{- with .Values.controller.metrics.serviceMonitor.namespace }} - namespace: {{ . }} - {{- end }} + namespace: {{ default .Release.Namespace .Values.controller.metrics.serviceMonitor.namespace | quote }} labels: {{- include "argo-cd.labels" (dict "context" . "component" .Values.controller.name "name" .Values.controller.name) | nindent 4 }} {{- with .Values.controller.metrics.serviceMonitor.selector }} diff --git a/charts/argo-cd/templates/argocd-application-controller/statefulset.yaml b/charts/argo-cd/templates/argocd-application-controller/statefulset.yaml index 0bef6ced9..2a067a63f 100644 --- a/charts/argo-cd/templates/argocd-application-controller/statefulset.yaml +++ b/charts/argo-cd/templates/argocd-application-controller/statefulset.yaml @@ -8,6 +8,7 @@ metadata: {{- end }} {{- end }} name: {{ template "argo-cd.controller.fullname" . }} + namespace: {{ .Release.Namespace | quote }} labels: {{- include "argo-cd.labels" (dict "context" . "component" .Values.controller.name "name" .Values.controller.name) | nindent 4 }} spec: diff --git a/charts/argo-cd/templates/argocd-applicationset/deployment.yaml b/charts/argo-cd/templates/argocd-applicationset/deployment.yaml index 76d77b424..90863cce6 100644 --- a/charts/argo-cd/templates/argocd-applicationset/deployment.yaml +++ b/charts/argo-cd/templates/argocd-applicationset/deployment.yaml @@ -9,6 +9,7 @@ metadata: {{- end }} {{- end }} name: {{ include "argo-cd.applicationSet.fullname" . }} + namespace: {{ .Release.Namespace | quote }} labels: {{- include "argo-cd.labels" (dict "context" . "component" .Values.applicationSet.name "name" .Values.applicationSet.name) | nindent 4 }} spec: diff --git a/charts/argo-cd/templates/argocd-applicationset/metrics.yaml b/charts/argo-cd/templates/argocd-applicationset/metrics.yaml index 7a9397cdc..fdac0bcf3 100644 --- a/charts/argo-cd/templates/argocd-applicationset/metrics.yaml +++ b/charts/argo-cd/templates/argocd-applicationset/metrics.yaml @@ -3,6 +3,7 @@ apiVersion: v1 kind: Service metadata: name: {{ include "argo-cd.applicationSet.fullname" . }}-metrics + namespace: {{ .Release.Namespace | quote }} labels: {{- include "argo-cd.labels" (dict "context" . "component" .Values.applicationSet.name "name" "metrics") | nindent 4 }} {{- with .Values.applicationSet.metrics.service.labels }} diff --git a/charts/argo-cd/templates/argocd-applicationset/networkpolicy.yaml b/charts/argo-cd/templates/argocd-applicationset/networkpolicy.yaml index 176de64b0..81020f54c 100644 --- a/charts/argo-cd/templates/argocd-applicationset/networkpolicy.yaml +++ b/charts/argo-cd/templates/argocd-applicationset/networkpolicy.yaml @@ -3,6 +3,7 @@ apiVersion: networking.k8s.io/v1 kind: NetworkPolicy metadata: name: {{ template "argo-cd.applicationSet.fullname" . }} + namespace: {{ .Release.Namespace | quote }} labels: {{- include "argo-cd.labels" (dict "context" . "component" .Values.applicationSet.name "name" .Values.applicationSet.name) | nindent 4 }} spec: diff --git a/charts/argo-cd/templates/argocd-applicationset/pdb.yaml b/charts/argo-cd/templates/argocd-applicationset/pdb.yaml index 51974356d..8f179032a 100644 --- a/charts/argo-cd/templates/argocd-applicationset/pdb.yaml +++ b/charts/argo-cd/templates/argocd-applicationset/pdb.yaml @@ -3,6 +3,7 @@ apiVersion: policy/v1 kind: PodDisruptionBudget metadata: name: {{ include "argo-cd.applicationSet.fullname" . }} + namespace: {{ .Release.Namespace | quote }} labels: {{- include "argo-cd.labels" (dict "context" . "component" .Values.applicationSet.name "name" .Values.applicationSet.name) | nindent 4 }} {{- with .Values.applicationSet.pdb.labels }} diff --git a/charts/argo-cd/templates/argocd-applicationset/role.yaml b/charts/argo-cd/templates/argocd-applicationset/role.yaml index a9ec2f92b..f8f55405f 100644 --- a/charts/argo-cd/templates/argocd-applicationset/role.yaml +++ b/charts/argo-cd/templates/argocd-applicationset/role.yaml @@ -3,6 +3,7 @@ apiVersion: rbac.authorization.k8s.io/v1 kind: Role metadata: name: {{ include "argo-cd.applicationSet.fullname" . }} + namespace: {{ .Release.Namespace | quote }} labels: {{- include "argo-cd.labels" (dict "context" . "component" .Values.applicationSet.name "name" .Values.applicationSet.name) | nindent 4 }} rules: diff --git a/charts/argo-cd/templates/argocd-applicationset/rolebinding.yaml b/charts/argo-cd/templates/argocd-applicationset/rolebinding.yaml index 91cddeae9..8a70526c6 100644 --- a/charts/argo-cd/templates/argocd-applicationset/rolebinding.yaml +++ b/charts/argo-cd/templates/argocd-applicationset/rolebinding.yaml @@ -3,6 +3,7 @@ apiVersion: rbac.authorization.k8s.io/v1 kind: RoleBinding metadata: name: {{ template "argo-cd.applicationSet.fullname" . }} + namespace: {{ .Release.Namespace | quote }} labels: {{- include "argo-cd.labels" (dict "context" . "component" .Values.applicationSet.name "name" .Values.applicationSet.name) | nindent 4 }} roleRef: diff --git a/charts/argo-cd/templates/argocd-applicationset/service.yaml b/charts/argo-cd/templates/argocd-applicationset/service.yaml index 9e0de5339..640b195a7 100644 --- a/charts/argo-cd/templates/argocd-applicationset/service.yaml +++ b/charts/argo-cd/templates/argocd-applicationset/service.yaml @@ -9,6 +9,7 @@ metadata: {{- end }} {{- end }} name: {{ template "argo-cd.applicationSet.fullname" . }} + namespace: {{ .Release.Namespace | quote }} labels: {{- include "argo-cd.labels" (dict "context" . "component" .Values.applicationSet.name "name" .Values.applicationSet.name) | nindent 4 }} {{- with .Values.applicationSet.service.labels }} diff --git a/charts/argo-cd/templates/argocd-applicationset/serviceaccount.yaml b/charts/argo-cd/templates/argocd-applicationset/serviceaccount.yaml index cf5c0ef51..a196626eb 100644 --- a/charts/argo-cd/templates/argocd-applicationset/serviceaccount.yaml +++ b/charts/argo-cd/templates/argocd-applicationset/serviceaccount.yaml @@ -4,6 +4,7 @@ kind: ServiceAccount automountServiceAccountToken: {{ .Values.applicationSet.serviceAccount.automountServiceAccountToken }} metadata: name: {{ template "argo-cd.applicationSetServiceAccountName" . }} + namespace: {{ .Release.Namespace | quote }} {{- if .Values.applicationSet.serviceAccount.annotations }} annotations: {{- range $key, $value := .Values.applicationSet.serviceAccount.annotations }} diff --git a/charts/argo-cd/templates/argocd-applicationset/servicemonitor.yaml b/charts/argo-cd/templates/argocd-applicationset/servicemonitor.yaml index b836ccc5b..bb814a254 100644 --- a/charts/argo-cd/templates/argocd-applicationset/servicemonitor.yaml +++ b/charts/argo-cd/templates/argocd-applicationset/servicemonitor.yaml @@ -4,9 +4,7 @@ apiVersion: monitoring.coreos.com/v1 kind: ServiceMonitor metadata: name: {{ template "argo-cd.applicationSet.fullname" . }} - {{- with .Values.applicationSet.metrics.serviceMonitor.namespace }} - namespace: {{ . }} - {{- end }} + namespace: {{ default .Release.Namespace .Values.applicationSet.metrics.serviceMonitor.namespace | quote }} labels: {{- include "argo-cd.labels" (dict "context" . "component" .Values.applicationSet.name "name" .Values.applicationSet.name) | nindent 4 }} {{- with .Values.applicationSet.metrics.serviceMonitor.selector }} diff --git a/charts/argo-cd/templates/argocd-applicationset/webhook-ingress.yaml b/charts/argo-cd/templates/argocd-applicationset/webhook-ingress.yaml index 5285c6f2d..d98f94237 100644 --- a/charts/argo-cd/templates/argocd-applicationset/webhook-ingress.yaml +++ b/charts/argo-cd/templates/argocd-applicationset/webhook-ingress.yaml @@ -7,6 +7,7 @@ apiVersion: networking.k8s.io/v1 kind: Ingress metadata: name: {{ include "argo-cd.applicationSet.fullname" . }} + namespace: {{ .Release.Namespace | quote }} labels: {{- include "argo-cd.labels" (dict "context" . "component" .Values.applicationSet.name "name" .Values.applicationSet.name) | nindent 4 }} {{- with .Values.applicationSet.webhook.ingress.labels }} diff --git a/charts/argo-cd/templates/argocd-configs/argocd-cm.yaml b/charts/argo-cd/templates/argocd-configs/argocd-cm.yaml index a9ff71d9f..829a67769 100644 --- a/charts/argo-cd/templates/argocd-configs/argocd-cm.yaml +++ b/charts/argo-cd/templates/argocd-configs/argocd-cm.yaml @@ -3,6 +3,7 @@ apiVersion: v1 kind: ConfigMap metadata: name: argocd-cm + namespace: {{ .Release.Namespace | quote }} labels: {{- include "argo-cd.labels" (dict "context" . "component" .Values.server.name "name" "cm") | nindent 4 }} {{- with (mergeOverwrite (deepCopy .Values.configs.cm.annotations) (.Values.server.configAnnotations | default dict)) }} diff --git a/charts/argo-cd/templates/argocd-configs/argocd-cmd-params-cm.yaml b/charts/argo-cd/templates/argocd-configs/argocd-cmd-params-cm.yaml index 0628ff9c8..18fead9bb 100644 --- a/charts/argo-cd/templates/argocd-configs/argocd-cmd-params-cm.yaml +++ b/charts/argo-cd/templates/argocd-configs/argocd-cmd-params-cm.yaml @@ -2,6 +2,7 @@ apiVersion: v1 kind: ConfigMap metadata: name: argocd-cmd-params-cm + namespace: {{ .Release.Namespace | quote }} labels: {{- include "argo-cd.labels" (dict "context" . "component" .Values.server.name "name" "cmd-params-cm") | nindent 4 }} {{- if .Values.configs.params.annotations }} diff --git a/charts/argo-cd/templates/argocd-configs/argocd-cmp-cm.yaml b/charts/argo-cd/templates/argocd-configs/argocd-cmp-cm.yaml index 39a6db6b6..a3400605e 100644 --- a/charts/argo-cd/templates/argocd-configs/argocd-cmp-cm.yaml +++ b/charts/argo-cd/templates/argocd-configs/argocd-cmp-cm.yaml @@ -3,6 +3,7 @@ apiVersion: v1 kind: ConfigMap metadata: name: argocd-cmp-cm + namespace: {{ .Release.Namespace | quote }} labels: {{- include "argo-cd.labels" (dict "context" . "component" .Values.repoServer.name "name" "cmp-cm") | nindent 4 }} {{- with .Values.configs.cmp.annotations }} diff --git a/charts/argo-cd/templates/argocd-configs/argocd-dex-server-tls-secret.yaml b/charts/argo-cd/templates/argocd-configs/argocd-dex-server-tls-secret.yaml index 7e3ae6b0a..c543e8a74 100644 --- a/charts/argo-cd/templates/argocd-configs/argocd-dex-server-tls-secret.yaml +++ b/charts/argo-cd/templates/argocd-configs/argocd-dex-server-tls-secret.yaml @@ -3,6 +3,7 @@ apiVersion: v1 kind: Secret metadata: name: argocd-dex-server-tls + namespace: {{ .Release.Namespace | quote }} labels: {{- include "argo-cd.labels" (dict "context" . "component" .Values.dex.name "name" "dex-server-tls") | nindent 4 }} {{- with .Values.dex.certificateSecret.labels }} diff --git a/charts/argo-cd/templates/argocd-configs/argocd-gpg-keys-cm.yaml b/charts/argo-cd/templates/argocd-configs/argocd-gpg-keys-cm.yaml index 72f9823b5..982867f92 100644 --- a/charts/argo-cd/templates/argocd-configs/argocd-gpg-keys-cm.yaml +++ b/charts/argo-cd/templates/argocd-configs/argocd-gpg-keys-cm.yaml @@ -2,6 +2,7 @@ apiVersion: v1 kind: ConfigMap metadata: name: argocd-gpg-keys-cm + namespace: {{ .Release.Namespace | quote }} labels: {{- include "argo-cd.labels" (dict "context" . "name" "gpg-keys-cm") | nindent 4 }} {{ with (mergeOverwrite (deepCopy .Values.configs.gpg.annotations) (.Values.configs.gpgKeysAnnotations | default dict)) -}} diff --git a/charts/argo-cd/templates/argocd-configs/argocd-notifications-cm.yaml b/charts/argo-cd/templates/argocd-configs/argocd-notifications-cm.yaml index 593da721c..c8cdefc4c 100644 --- a/charts/argo-cd/templates/argocd-configs/argocd-notifications-cm.yaml +++ b/charts/argo-cd/templates/argocd-configs/argocd-notifications-cm.yaml @@ -3,6 +3,7 @@ apiVersion: v1 kind: ConfigMap metadata: name: argocd-notifications-cm + namespace: {{ .Release.Namespace | quote }} labels: {{- include "argo-cd.labels" (dict "context" . "component" .Values.notifications.name "name" .Values.notifications.name) | nindent 4 }} data: diff --git a/charts/argo-cd/templates/argocd-configs/argocd-notifications-secret.yaml b/charts/argo-cd/templates/argocd-configs/argocd-notifications-secret.yaml index dc5bd383c..cde4d555b 100644 --- a/charts/argo-cd/templates/argocd-configs/argocd-notifications-secret.yaml +++ b/charts/argo-cd/templates/argocd-configs/argocd-notifications-secret.yaml @@ -3,6 +3,7 @@ apiVersion: v1 kind: Secret metadata: name: argocd-notifications-secret + namespace: {{ .Release.Namespace | quote }} labels: {{- include "argo-cd.labels" (dict "context" . "component" .Values.notifications.name "name" .Values.notifications.name) | nindent 4 }} {{- with .Values.notifications.secret.annotations }} diff --git a/charts/argo-cd/templates/argocd-configs/argocd-rbac-cm.yaml b/charts/argo-cd/templates/argocd-configs/argocd-rbac-cm.yaml index 8ebb43d28..c882cb394 100644 --- a/charts/argo-cd/templates/argocd-configs/argocd-rbac-cm.yaml +++ b/charts/argo-cd/templates/argocd-configs/argocd-rbac-cm.yaml @@ -3,6 +3,7 @@ apiVersion: v1 kind: ConfigMap metadata: name: argocd-rbac-cm + namespace: {{ .Release.Namespace | quote }} labels: {{- include "argo-cd.labels" (dict "context" . "component" .Values.server.name "name" "rbac-cm") | nindent 4 }} {{- with (mergeOverwrite (deepCopy .Values.configs.rbac.annotations) (.Values.server.rbacConfigAnnotations | default dict)) }} diff --git a/charts/argo-cd/templates/argocd-configs/argocd-repo-server-tls-secret.yaml b/charts/argo-cd/templates/argocd-configs/argocd-repo-server-tls-secret.yaml index b0f35aa23..4e1b3dc90 100644 --- a/charts/argo-cd/templates/argocd-configs/argocd-repo-server-tls-secret.yaml +++ b/charts/argo-cd/templates/argocd-configs/argocd-repo-server-tls-secret.yaml @@ -3,6 +3,7 @@ apiVersion: v1 kind: Secret metadata: name: argocd-repo-server-tls + namespace: {{ .Release.Namespace | quote }} labels: {{- include "argo-cd.labels" (dict "context" . "component" .Values.repoServer.name "name" "repo-server-tls") | nindent 4 }} {{- with .Values.repoServer.certificateSecret.labels }} diff --git a/charts/argo-cd/templates/argocd-configs/argocd-secret.yaml b/charts/argo-cd/templates/argocd-configs/argocd-secret.yaml index 84a51197c..1e69bcead 100644 --- a/charts/argo-cd/templates/argocd-configs/argocd-secret.yaml +++ b/charts/argo-cd/templates/argocd-configs/argocd-secret.yaml @@ -3,6 +3,7 @@ apiVersion: v1 kind: Secret metadata: name: argocd-secret + namespace: {{ .Release.Namespace | quote }} labels: {{- include "argo-cd.labels" (dict "context" . "component" .Values.server.name "name" "secret") | nindent 4 }} {{- with .Values.configs.secret.labels }} diff --git a/charts/argo-cd/templates/argocd-configs/argocd-server-tls-secret.yaml b/charts/argo-cd/templates/argocd-configs/argocd-server-tls-secret.yaml index 1e9f8dd38..c612a62c7 100644 --- a/charts/argo-cd/templates/argocd-configs/argocd-server-tls-secret.yaml +++ b/charts/argo-cd/templates/argocd-configs/argocd-server-tls-secret.yaml @@ -3,6 +3,7 @@ apiVersion: v1 kind: Secret metadata: name: argocd-server-tls + namespace: {{ .Release.Namespace | quote }} labels: {{- include "argo-cd.labels" (dict "context" . "component" .Values.server.name "name" "server-tls") | nindent 4 }} {{- with .Values.server.certificateSecret.labels }} diff --git a/charts/argo-cd/templates/argocd-configs/argocd-ssh-known-hosts-cm.yaml b/charts/argo-cd/templates/argocd-configs/argocd-ssh-known-hosts-cm.yaml index 7b8e5d0b8..a7f3abdf8 100644 --- a/charts/argo-cd/templates/argocd-configs/argocd-ssh-known-hosts-cm.yaml +++ b/charts/argo-cd/templates/argocd-configs/argocd-ssh-known-hosts-cm.yaml @@ -2,6 +2,7 @@ apiVersion: v1 kind: ConfigMap metadata: name: argocd-ssh-known-hosts-cm + namespace: {{ .Release.Namespace | quote }} labels: {{- include "argo-cd.labels" (dict "context" . "name" "ssh-known-hosts-cm") | nindent 4 }} {{- with (mergeOverwrite (deepCopy .Values.configs.ssh.annotations) (.Values.configs.knownHostsAnnotations | default dict)) }} diff --git a/charts/argo-cd/templates/argocd-configs/argocd-styles-cm.yaml b/charts/argo-cd/templates/argocd-configs/argocd-styles-cm.yaml index 149104f16..b98e40df2 100644 --- a/charts/argo-cd/templates/argocd-configs/argocd-styles-cm.yaml +++ b/charts/argo-cd/templates/argocd-configs/argocd-styles-cm.yaml @@ -3,6 +3,7 @@ apiVersion: v1 kind: ConfigMap metadata: name: argocd-styles-cm + namespace: {{ .Release.Namespace | quote }} labels: {{- include "argo-cd.labels" (dict "context" . "component" .Values.repoServer.name "name" .Values.repoServer.name) | nindent 4 }} data: diff --git a/charts/argo-cd/templates/argocd-configs/argocd-tls-certs-cm.yaml b/charts/argo-cd/templates/argocd-configs/argocd-tls-certs-cm.yaml index 1ba0176d8..6a5a95e54 100644 --- a/charts/argo-cd/templates/argocd-configs/argocd-tls-certs-cm.yaml +++ b/charts/argo-cd/templates/argocd-configs/argocd-tls-certs-cm.yaml @@ -2,6 +2,7 @@ apiVersion: v1 kind: ConfigMap metadata: name: argocd-tls-certs-cm + namespace: {{ .Release.Namespace | quote }} labels: {{- include "argo-cd.labels" (dict "context" . "name" "tls-certs-cm") | nindent 4 }} {{- with (mergeOverwrite (deepCopy .Values.configs.tls.annotations) (.Values.configs.tlsCertsAnnotations | default dict)) }} diff --git a/charts/argo-cd/templates/argocd-configs/cluster-secrets.yaml b/charts/argo-cd/templates/argocd-configs/cluster-secrets.yaml index c1aaa531a..259ee3484 100644 --- a/charts/argo-cd/templates/argocd-configs/cluster-secrets.yaml +++ b/charts/argo-cd/templates/argocd-configs/cluster-secrets.yaml @@ -4,6 +4,7 @@ apiVersion: v1 kind: Secret metadata: name: {{ include "argo-cd.name" $ }}-cluster-{{ .name }} + namespace: {{ .Release.Namespace | quote }} labels: {{- include "argo-cd.labels" (dict "context" $) | nindent 4 }} {{- with .labels }} diff --git a/charts/argo-cd/templates/argocd-configs/externalredis-secret.yaml b/charts/argo-cd/templates/argocd-configs/externalredis-secret.yaml index 80dfc475b..9bfcd9836 100644 --- a/charts/argo-cd/templates/argocd-configs/externalredis-secret.yaml +++ b/charts/argo-cd/templates/argocd-configs/externalredis-secret.yaml @@ -3,6 +3,7 @@ apiVersion: v1 kind: Secret metadata: name: {{ include "argo-cd.redis.fullname" . }} + namespace: {{ .Release.Namespace | quote }} labels: {{- include "argo-cd.labels" (dict "context" $) | nindent 4 }} {{- with .Values.externalRedis.secretAnnotations }} diff --git a/charts/argo-cd/templates/argocd-configs/repository-credentials-secret.yaml b/charts/argo-cd/templates/argocd-configs/repository-credentials-secret.yaml index 96efd67c6..748718abf 100644 --- a/charts/argo-cd/templates/argocd-configs/repository-credentials-secret.yaml +++ b/charts/argo-cd/templates/argocd-configs/repository-credentials-secret.yaml @@ -4,6 +4,7 @@ apiVersion: v1 kind: Secret metadata: name: argocd-repo-creds-{{ $repo_cred_key }} + namespace: {{ .Release.Namespace | quote }} labels: argocd.argoproj.io/secret-type: repo-creds {{- include "argo-cd.labels" (dict "context" $) | nindent 4 }} diff --git a/charts/argo-cd/templates/argocd-configs/repository-secret.yaml b/charts/argo-cd/templates/argocd-configs/repository-secret.yaml index bd0c067ca..d64ae5ccd 100644 --- a/charts/argo-cd/templates/argocd-configs/repository-secret.yaml +++ b/charts/argo-cd/templates/argocd-configs/repository-secret.yaml @@ -4,6 +4,7 @@ apiVersion: v1 kind: Secret metadata: name: argocd-repo-{{ $repo_key }} + namespace: {{ .Release.Namespace | quote }} labels: argocd.argoproj.io/secret-type: repository {{- include "argo-cd.labels" (dict "context" $) | nindent 4 }} diff --git a/charts/argo-cd/templates/argocd-notifications/deployment.yaml b/charts/argo-cd/templates/argocd-notifications/deployment.yaml index fc51bb002..729e57dbb 100644 --- a/charts/argo-cd/templates/argocd-notifications/deployment.yaml +++ b/charts/argo-cd/templates/argocd-notifications/deployment.yaml @@ -9,6 +9,7 @@ metadata: {{- end }} {{- end }} name: {{ include "argo-cd.notifications.fullname" . }} + namespace: {{ .Release.Namespace | quote }} labels: {{- include "argo-cd.labels" (dict "context" . "component" .Values.notifications.name "name" .Values.notifications.name) | nindent 4 }} spec: diff --git a/charts/argo-cd/templates/argocd-notifications/metrics.yaml b/charts/argo-cd/templates/argocd-notifications/metrics.yaml index 3b80e97b9..3c30a0853 100644 --- a/charts/argo-cd/templates/argocd-notifications/metrics.yaml +++ b/charts/argo-cd/templates/argocd-notifications/metrics.yaml @@ -3,6 +3,7 @@ apiVersion: v1 kind: Service metadata: name: {{ include "argo-cd.notifications.fullname" . }}-metrics + namespace: {{ .Release.Namespace | quote }} labels: {{- include "argo-cd.labels" (dict "context" . "component" .Values.notifications.name "name" "metrics") | nindent 4 }} {{- with .Values.notifications.metrics.service.labels }} diff --git a/charts/argo-cd/templates/argocd-notifications/networkpolicy.yaml b/charts/argo-cd/templates/argocd-notifications/networkpolicy.yaml index 6bd0c04e0..011a7c337 100644 --- a/charts/argo-cd/templates/argocd-notifications/networkpolicy.yaml +++ b/charts/argo-cd/templates/argocd-notifications/networkpolicy.yaml @@ -3,6 +3,7 @@ apiVersion: networking.k8s.io/v1 kind: NetworkPolicy metadata: name: {{ template "argo-cd.notifications.fullname" . }} + namespace: {{ .Release.Namespace | quote }} labels: {{- include "argo-cd.labels" (dict "context" . "component" .Values.notifications.name "name" .Values.notifications.name) | nindent 4 }} spec: diff --git a/charts/argo-cd/templates/argocd-notifications/pdb.yaml b/charts/argo-cd/templates/argocd-notifications/pdb.yaml index f1f32715c..716195479 100644 --- a/charts/argo-cd/templates/argocd-notifications/pdb.yaml +++ b/charts/argo-cd/templates/argocd-notifications/pdb.yaml @@ -3,6 +3,7 @@ apiVersion: policy/v1 kind: PodDisruptionBudget metadata: name: {{ include "argo-cd.notifications.fullname" . }} + namespace: {{ .Release.Namespace | quote }} labels: {{- include "argo-cd.labels" (dict "context" . "component" .Values.notifications.name "name" .Values.notifications.name) | nindent 4 }} {{- with .Values.notifications.pdb.labels }} diff --git a/charts/argo-cd/templates/argocd-notifications/role.yaml b/charts/argo-cd/templates/argocd-notifications/role.yaml index 52df9ad16..128c24f5d 100644 --- a/charts/argo-cd/templates/argocd-notifications/role.yaml +++ b/charts/argo-cd/templates/argocd-notifications/role.yaml @@ -3,6 +3,7 @@ apiVersion: rbac.authorization.k8s.io/v1 kind: Role metadata: name: {{ template "argo-cd.notifications.fullname" . }} + namespace: {{ .Release.Namespace | quote }} labels: {{- include "argo-cd.labels" (dict "context" . "component" .Values.notifications.name "name" .Values.notifications.name) | nindent 4 }} rules: diff --git a/charts/argo-cd/templates/argocd-notifications/rolebinding.yaml b/charts/argo-cd/templates/argocd-notifications/rolebinding.yaml index e78ac5c65..7bc6e1d12 100644 --- a/charts/argo-cd/templates/argocd-notifications/rolebinding.yaml +++ b/charts/argo-cd/templates/argocd-notifications/rolebinding.yaml @@ -3,6 +3,7 @@ apiVersion: rbac.authorization.k8s.io/v1 kind: RoleBinding metadata: name: {{ template "argo-cd.notifications.fullname" . }} + namespace: {{ .Release.Namespace | quote }} labels: {{- include "argo-cd.labels" (dict "context" . "component" .Values.notifications.name "name" .Values.notifications.name) | nindent 4 }} roleRef: diff --git a/charts/argo-cd/templates/argocd-notifications/serviceaccount.yaml b/charts/argo-cd/templates/argocd-notifications/serviceaccount.yaml index d62192804..aa8242420 100644 --- a/charts/argo-cd/templates/argocd-notifications/serviceaccount.yaml +++ b/charts/argo-cd/templates/argocd-notifications/serviceaccount.yaml @@ -4,6 +4,7 @@ kind: ServiceAccount automountServiceAccountToken: {{ .Values.notifications.serviceAccount.automountServiceAccountToken }} metadata: name: {{ template "argo-cd.notificationsServiceAccountName" . }} + namespace: {{ .Release.Namespace | quote }} {{- if .Values.notifications.serviceAccount.annotations }} annotations: {{- range $key, $value := .Values.notifications.serviceAccount.annotations }} diff --git a/charts/argo-cd/templates/argocd-notifications/servicemonitor.yaml b/charts/argo-cd/templates/argocd-notifications/servicemonitor.yaml index 2dd280bf2..de3cc5a35 100644 --- a/charts/argo-cd/templates/argocd-notifications/servicemonitor.yaml +++ b/charts/argo-cd/templates/argocd-notifications/servicemonitor.yaml @@ -3,9 +3,7 @@ apiVersion: monitoring.coreos.com/v1 kind: ServiceMonitor metadata: name: {{ template "argo-cd.notifications.fullname" . }} - {{- if .Values.notifications.metrics.serviceMonitor.namespace }} - namespace: {{ .Values.notifications.metrics.serviceMonitor.namespace }} - {{- end }} + namespace: {{ default .Release.Namespace .Values.notifications.metrics.serviceMonitor.namespace | quote }} labels: {{- include "argo-cd.labels" (dict "context" . "component" .Values.notifications.name "name" .Values.notifications.name) | nindent 4 }} {{- with .Values.notifications.metrics.serviceMonitor.selector }} diff --git a/charts/argo-cd/templates/argocd-repo-server/deployment.yaml b/charts/argo-cd/templates/argocd-repo-server/deployment.yaml index 906a544fb..f5272bc20 100755 --- a/charts/argo-cd/templates/argocd-repo-server/deployment.yaml +++ b/charts/argo-cd/templates/argocd-repo-server/deployment.yaml @@ -8,6 +8,7 @@ metadata: {{- end }} {{- end }} name: {{ template "argo-cd.repoServer.fullname" . }} + namespace: {{ .Release.Namespace | quote }} labels: {{- include "argo-cd.labels" (dict "context" . "component" .Values.repoServer.name "name" .Values.repoServer.name) | nindent 4 }} spec: diff --git a/charts/argo-cd/templates/argocd-repo-server/hpa.yaml b/charts/argo-cd/templates/argocd-repo-server/hpa.yaml index d7f743205..2cba83248 100644 --- a/charts/argo-cd/templates/argocd-repo-server/hpa.yaml +++ b/charts/argo-cd/templates/argocd-repo-server/hpa.yaml @@ -5,6 +5,7 @@ metadata: labels: {{- include "argo-cd.labels" (dict "context" . "component" .Values.repoServer.name "name" (printf "%s-hpa" .Values.repoServer.name)) | nindent 4 }} name: {{ template "argo-cd.repoServer.fullname" . }}-hpa + namespace: {{ .Release.Namespace | quote }} spec: scaleTargetRef: apiVersion: apps/v1 diff --git a/charts/argo-cd/templates/argocd-repo-server/metrics.yaml b/charts/argo-cd/templates/argocd-repo-server/metrics.yaml index 1124057ea..b2be38eeb 100644 --- a/charts/argo-cd/templates/argocd-repo-server/metrics.yaml +++ b/charts/argo-cd/templates/argocd-repo-server/metrics.yaml @@ -3,6 +3,7 @@ apiVersion: v1 kind: Service metadata: name: {{ include "argo-cd.repoServer.fullname" . }}-metrics + namespace: {{ .Release.Namespace | quote }} labels: {{- include "argo-cd.labels" (dict "context" . "component" .Values.repoServer.name "name" (printf "%s-metrics" .Values.repoServer.name)) | nindent 4 }} {{- with .Values.repoServer.metrics.service.labels }} diff --git a/charts/argo-cd/templates/argocd-repo-server/networkpolicy.yaml b/charts/argo-cd/templates/argocd-repo-server/networkpolicy.yaml index 619a65ca5..08a1c214c 100644 --- a/charts/argo-cd/templates/argocd-repo-server/networkpolicy.yaml +++ b/charts/argo-cd/templates/argocd-repo-server/networkpolicy.yaml @@ -5,6 +5,7 @@ metadata: labels: {{- include "argo-cd.labels" (dict "context" . "component" .Values.repoServer.name "name" .Values.repoServer.name) | nindent 4 }} name: {{ template "argo-cd.repoServer.fullname" . }} + namespace: {{ .Release.Namespace | quote }} spec: ingress: - from: diff --git a/charts/argo-cd/templates/argocd-repo-server/pdb.yaml b/charts/argo-cd/templates/argocd-repo-server/pdb.yaml index 318671f02..658a1fe36 100644 --- a/charts/argo-cd/templates/argocd-repo-server/pdb.yaml +++ b/charts/argo-cd/templates/argocd-repo-server/pdb.yaml @@ -3,6 +3,7 @@ apiVersion: policy/v1 kind: PodDisruptionBudget metadata: name: {{ include "argo-cd.repoServer.fullname" . }} + namespace: {{ .Release.Namespace | quote }} labels: {{- include "argo-cd.labels" (dict "context" . "component" .Values.repoServer.name "name" .Values.repoServer.name) | nindent 4 }} {{- with .Values.repoServer.pdb.labels }} diff --git a/charts/argo-cd/templates/argocd-repo-server/role.yaml b/charts/argo-cd/templates/argocd-repo-server/role.yaml index bc422c433..5f9324d51 100644 --- a/charts/argo-cd/templates/argocd-repo-server/role.yaml +++ b/charts/argo-cd/templates/argocd-repo-server/role.yaml @@ -3,6 +3,7 @@ apiVersion: rbac.authorization.k8s.io/v1 kind: Role metadata: name: {{ template "argo-cd.repoServer.fullname" . }} + namespace: {{ .Release.Namespace | quote }} labels: {{- include "argo-cd.labels" (dict "context" . "component" .Values.repoServer.name "name" .Values.repoServer.name) | nindent 4 }} rules: diff --git a/charts/argo-cd/templates/argocd-repo-server/rolebinding.yaml b/charts/argo-cd/templates/argocd-repo-server/rolebinding.yaml index 3cfa312f3..8834b7789 100644 --- a/charts/argo-cd/templates/argocd-repo-server/rolebinding.yaml +++ b/charts/argo-cd/templates/argocd-repo-server/rolebinding.yaml @@ -3,6 +3,7 @@ apiVersion: rbac.authorization.k8s.io/v1 kind: RoleBinding metadata: name: {{ template "argo-cd.repoServer.fullname" . }} + namespace: {{ .Release.Namespace | quote }} labels: {{- include "argo-cd.labels" (dict "context" . "component" .Values.repoServer.name "name" .Values.repoServer.name) | nindent 4 }} roleRef: diff --git a/charts/argo-cd/templates/argocd-repo-server/service.yaml b/charts/argo-cd/templates/argocd-repo-server/service.yaml index 541ea41ee..c2c434639 100644 --- a/charts/argo-cd/templates/argocd-repo-server/service.yaml +++ b/charts/argo-cd/templates/argocd-repo-server/service.yaml @@ -13,6 +13,7 @@ metadata: {{- toYaml . | nindent 4 }} {{- end }} name: {{ template "argo-cd.repoServer.fullname" . }} + namespace: {{ .Release.Namespace | quote }} spec: ports: - name: {{ .Values.repoServer.service.portName }} diff --git a/charts/argo-cd/templates/argocd-repo-server/serviceaccount.yaml b/charts/argo-cd/templates/argocd-repo-server/serviceaccount.yaml index 71f75583e..7b26928fa 100644 --- a/charts/argo-cd/templates/argocd-repo-server/serviceaccount.yaml +++ b/charts/argo-cd/templates/argocd-repo-server/serviceaccount.yaml @@ -4,6 +4,7 @@ kind: ServiceAccount automountServiceAccountToken: {{ .Values.repoServer.serviceAccount.automountServiceAccountToken }} metadata: name: {{ template "argo-cd.repoServerServiceAccountName" . }} + namespace: {{ .Release.Namespace | quote }} {{- if .Values.repoServer.serviceAccount.annotations }} annotations: {{- range $key, $value := .Values.repoServer.serviceAccount.annotations }} diff --git a/charts/argo-cd/templates/argocd-repo-server/servicemonitor.yaml b/charts/argo-cd/templates/argocd-repo-server/servicemonitor.yaml index 82937d9b8..aec96461c 100644 --- a/charts/argo-cd/templates/argocd-repo-server/servicemonitor.yaml +++ b/charts/argo-cd/templates/argocd-repo-server/servicemonitor.yaml @@ -3,9 +3,7 @@ apiVersion: monitoring.coreos.com/v1 kind: ServiceMonitor metadata: name: {{ template "argo-cd.repoServer.fullname" . }} - {{- with .Values.repoServer.metrics.serviceMonitor.namespace }} - namespace: {{ . }} - {{- end }} + namespace: {{ default .Release.Namespace .Values.repoServer.metrics.serviceMonitor.namespace | default }} labels: {{- include "argo-cd.labels" (dict "context" . "component" .Values.repoServer.name "name" .Values.repoServer.name) | nindent 4 }} {{- with .Values.repoServer.metrics.serviceMonitor.selector }} diff --git a/charts/argo-cd/templates/argocd-server/aws/service.yaml b/charts/argo-cd/templates/argocd-server/aws/service.yaml index a0368023c..02c543d52 100644 --- a/charts/argo-cd/templates/argocd-server/aws/service.yaml +++ b/charts/argo-cd/templates/argocd-server/aws/service.yaml @@ -7,6 +7,7 @@ metadata: labels: {{- include "argo-cd.labels" (dict "context" . "component" (print .Values.server.name "-gprc") "name" (print .Values.server.name "-grpc")) | nindent 4 }} name: {{ template "argo-cd.server.fullname" . }}-grpc + namespace: {{ .Release.Namespace | quote }} spec: ports: - name: {{ .Values.server.service.servicePortHttpName }} diff --git a/charts/argo-cd/templates/argocd-server/certificate.yaml b/charts/argo-cd/templates/argocd-server/certificate.yaml index ed844aa2c..eec82ae6a 100644 --- a/charts/argo-cd/templates/argocd-server/certificate.yaml +++ b/charts/argo-cd/templates/argocd-server/certificate.yaml @@ -3,6 +3,7 @@ apiVersion: {{ include "argo-cd.apiVersion.cert-manager" . }} kind: Certificate metadata: name: {{ include "argo-cd.server.fullname" . }} + namespace: {{ .Release.Namespace | quote }} labels: {{- include "argo-cd.labels" (dict "context" . "component" .Values.server.name "name" .Values.server.name) | nindent 4 }} spec: diff --git a/charts/argo-cd/templates/argocd-server/deployment.yaml b/charts/argo-cd/templates/argocd-server/deployment.yaml index a5bea81be..aa7320e71 100755 --- a/charts/argo-cd/templates/argocd-server/deployment.yaml +++ b/charts/argo-cd/templates/argocd-server/deployment.yaml @@ -8,6 +8,7 @@ metadata: {{- end }} {{- end }} name: {{ template "argo-cd.server.fullname" . }} + namespace: {{ .Release.Namespace | quote }} labels: {{- include "argo-cd.labels" (dict "context" . "component" .Values.server.name "name" .Values.server.name) | nindent 4 }} spec: diff --git a/charts/argo-cd/templates/argocd-server/gke/backendconfig.yaml b/charts/argo-cd/templates/argocd-server/gke/backendconfig.yaml index 69a420930..e2ae3d844 100644 --- a/charts/argo-cd/templates/argocd-server/gke/backendconfig.yaml +++ b/charts/argo-cd/templates/argocd-server/gke/backendconfig.yaml @@ -3,6 +3,7 @@ apiVersion: {{ include "argo-cd.apiVersions.cloudgoogle" . }} kind: BackendConfig metadata: name: {{ template "argo-cd.server.fullname" . }} + namespace: {{ .Release.Namespace | quote }} labels: {{- include "argo-cd.labels" (dict "context" . "component" .Values.server.name "name" .Values.server.name) | nindent 4 }} spec: diff --git a/charts/argo-cd/templates/argocd-server/gke/frontendconfig.yaml b/charts/argo-cd/templates/argocd-server/gke/frontendconfig.yaml index 46fc43a9c..316875969 100644 --- a/charts/argo-cd/templates/argocd-server/gke/frontendconfig.yaml +++ b/charts/argo-cd/templates/argocd-server/gke/frontendconfig.yaml @@ -3,6 +3,7 @@ apiVersion: networking.gke.io/v1beta1 kind: FrontendConfig metadata: name: {{ template "argo-cd.server.fullname" . }} + namespace: {{ .Release.Namespace | quote }} labels: {{- include "argo-cd.labels" (dict "context" . "component" .Values.server.name "name" .Values.server.name) | nindent 4 }} spec: diff --git a/charts/argo-cd/templates/argocd-server/gke/managedcertificate.yaml b/charts/argo-cd/templates/argocd-server/gke/managedcertificate.yaml index 81e1e7101..942c6b3f8 100644 --- a/charts/argo-cd/templates/argocd-server/gke/managedcertificate.yaml +++ b/charts/argo-cd/templates/argocd-server/gke/managedcertificate.yaml @@ -3,6 +3,7 @@ apiVersion: networking.gke.io/v1 kind: ManagedCertificate metadata: name: {{ template "argo-cd.server.fullname" . }} + namespace: {{ .Release.Namespace | quote }} spec: domains: {{- with .Values.server.GKEmanagedCertificate.domains }} diff --git a/charts/argo-cd/templates/argocd-server/hpa.yaml b/charts/argo-cd/templates/argocd-server/hpa.yaml index af107b7fb..cbc17c319 100644 --- a/charts/argo-cd/templates/argocd-server/hpa.yaml +++ b/charts/argo-cd/templates/argocd-server/hpa.yaml @@ -5,6 +5,7 @@ metadata: labels: {{- include "argo-cd.labels" (dict "context" . "component" .Values.server.name "name" (printf "%s-hpa" .Values.server.name)) | nindent 4 }} name: {{ template "argo-cd.server.fullname" . }}-hpa + namespace: {{ .Release.Namespace | quote }} spec: scaleTargetRef: apiVersion: apps/v1 diff --git a/charts/argo-cd/templates/argocd-server/ingress-grpc.yaml b/charts/argo-cd/templates/argocd-server/ingress-grpc.yaml index b728a11ba..b671f86fc 100644 --- a/charts/argo-cd/templates/argocd-server/ingress-grpc.yaml +++ b/charts/argo-cd/templates/argocd-server/ingress-grpc.yaml @@ -7,6 +7,7 @@ apiVersion: networking.k8s.io/v1 kind: Ingress metadata: name: {{ include "argo-cd.server.fullname" . }}-grpc + namespace: {{ .Release.Namespace | quote }} labels: {{- include "argo-cd.labels" (dict "context" . "component" .Values.server.name "name" .Values.server.name) | nindent 4 }} {{- with .Values.server.ingressGrpc.labels }} diff --git a/charts/argo-cd/templates/argocd-server/ingress.yaml b/charts/argo-cd/templates/argocd-server/ingress.yaml index 0e064b0b3..98ec1cb12 100644 --- a/charts/argo-cd/templates/argocd-server/ingress.yaml +++ b/charts/argo-cd/templates/argocd-server/ingress.yaml @@ -7,6 +7,7 @@ apiVersion: networking.k8s.io/v1 kind: Ingress metadata: name: {{ include "argo-cd.server.fullname" . }} + namespace: {{ .Release.Namespace | quote }} labels: {{- include "argo-cd.labels" (dict "context" . "component" .Values.server.name "name" .Values.server.name) | nindent 4 }} {{- with .Values.server.ingress.labels }} diff --git a/charts/argo-cd/templates/argocd-server/metrics.yaml b/charts/argo-cd/templates/argocd-server/metrics.yaml index bf8ee083f..3a9f46f71 100644 --- a/charts/argo-cd/templates/argocd-server/metrics.yaml +++ b/charts/argo-cd/templates/argocd-server/metrics.yaml @@ -3,6 +3,7 @@ apiVersion: v1 kind: Service metadata: name: {{ include "argo-cd.server.fullname" . }}-metrics + namespace: {{ .Release.Namespace | quote }} labels: {{- include "argo-cd.labels" (dict "context" . "component" .Values.server.name "name" (printf "%s-metrics" .Values.server.name)) | nindent 4 }} {{- with .Values.server.metrics.service.labels }} diff --git a/charts/argo-cd/templates/argocd-server/networkpolicy.yaml b/charts/argo-cd/templates/argocd-server/networkpolicy.yaml index 8300d696c..443ff3599 100644 --- a/charts/argo-cd/templates/argocd-server/networkpolicy.yaml +++ b/charts/argo-cd/templates/argocd-server/networkpolicy.yaml @@ -5,6 +5,7 @@ metadata: labels: {{- include "argo-cd.labels" (dict "context" . "component" .Values.server.name "name" .Values.server.name) | nindent 4 }} name: {{ template "argo-cd.server.fullname" . }} + namespace: {{ .Release.Namespace | quote }} spec: ingress: - {} diff --git a/charts/argo-cd/templates/argocd-server/openshift/route.yaml b/charts/argo-cd/templates/argocd-server/openshift/route.yaml index f1fc80124..593137986 100644 --- a/charts/argo-cd/templates/argocd-server/openshift/route.yaml +++ b/charts/argo-cd/templates/argocd-server/openshift/route.yaml @@ -3,6 +3,7 @@ apiVersion: route.openshift.io/v1 kind: Route metadata: name: {{ template "argo-cd.server.fullname" . }} + namespace: {{ .Release.Namespace | quote }} labels: {{- include "argo-cd.labels" (dict "context" . "component" .Values.server.name "name" .Values.server.name) | nindent 4 }} {{- with .Values.server.route.annotations }} diff --git a/charts/argo-cd/templates/argocd-server/pdb.yaml b/charts/argo-cd/templates/argocd-server/pdb.yaml index 89c54c65b..adc47aeca 100644 --- a/charts/argo-cd/templates/argocd-server/pdb.yaml +++ b/charts/argo-cd/templates/argocd-server/pdb.yaml @@ -3,6 +3,7 @@ apiVersion: policy/v1 kind: PodDisruptionBudget metadata: name: {{ include "argo-cd.server.fullname" . }} + namespace: {{ .Release.Namespace | quote }} labels: {{- include "argo-cd.labels" (dict "context" . "component" .Values.server.name "name" .Values.server.name) | nindent 4 }} {{- with .Values.server.pdb.labels }} diff --git a/charts/argo-cd/templates/argocd-server/role.yaml b/charts/argo-cd/templates/argocd-server/role.yaml index 16164a9a4..f156bc187 100644 --- a/charts/argo-cd/templates/argocd-server/role.yaml +++ b/charts/argo-cd/templates/argocd-server/role.yaml @@ -2,6 +2,7 @@ apiVersion: rbac.authorization.k8s.io/v1 kind: Role metadata: name: {{ include "argo-cd.server.fullname" . }} + namespace: {{ .Release.Namespace | quote }} labels: {{- include "argo-cd.labels" (dict "context" . "component" .Values.server.name "name" .Values.server.name) | nindent 4 }} rules: diff --git a/charts/argo-cd/templates/argocd-server/rolebinding.yaml b/charts/argo-cd/templates/argocd-server/rolebinding.yaml index 54d4eaeba..93b1fa948 100644 --- a/charts/argo-cd/templates/argocd-server/rolebinding.yaml +++ b/charts/argo-cd/templates/argocd-server/rolebinding.yaml @@ -2,6 +2,7 @@ apiVersion: rbac.authorization.k8s.io/v1 kind: RoleBinding metadata: name: {{ template "argo-cd.server.fullname" . }} + namespace: {{ .Release.Namespace | quote }} labels: {{- include "argo-cd.labels" (dict "context" . "component" .Values.server.name "name" .Values.server.name) | nindent 4 }} roleRef: diff --git a/charts/argo-cd/templates/argocd-server/service.yaml b/charts/argo-cd/templates/argocd-server/service.yaml index 879bdb32e..5a31f0b87 100644 --- a/charts/argo-cd/templates/argocd-server/service.yaml +++ b/charts/argo-cd/templates/argocd-server/service.yaml @@ -8,6 +8,7 @@ metadata: {{- end }} {{- end }} name: {{ template "argo-cd.server.fullname" . }} + namespace: {{ .Release.Namespace | quote }} labels: {{- include "argo-cd.labels" (dict "context" . "component" .Values.server.name "name" .Values.server.name) | nindent 4 }} {{- if .Values.server.service.labels }} diff --git a/charts/argo-cd/templates/argocd-server/serviceaccount.yaml b/charts/argo-cd/templates/argocd-server/serviceaccount.yaml index a2eb9b119..5d03aaf60 100644 --- a/charts/argo-cd/templates/argocd-server/serviceaccount.yaml +++ b/charts/argo-cd/templates/argocd-server/serviceaccount.yaml @@ -4,6 +4,7 @@ kind: ServiceAccount automountServiceAccountToken: {{ .Values.server.serviceAccount.automountServiceAccountToken }} metadata: name: {{ template "argo-cd.serverServiceAccountName" . }} + namespace: {{ .Release.Namespace | quote }} {{- if .Values.server.serviceAccount.annotations }} annotations: {{- range $key, $value := .Values.server.serviceAccount.annotations }} diff --git a/charts/argo-cd/templates/argocd-server/servicemonitor.yaml b/charts/argo-cd/templates/argocd-server/servicemonitor.yaml index d00e5657d..65d102e3b 100644 --- a/charts/argo-cd/templates/argocd-server/servicemonitor.yaml +++ b/charts/argo-cd/templates/argocd-server/servicemonitor.yaml @@ -3,9 +3,7 @@ apiVersion: monitoring.coreos.com/v1 kind: ServiceMonitor metadata: name: {{ template "argo-cd.server.fullname" . }} - {{- if .Values.server.metrics.serviceMonitor.namespace }} - namespace: {{ .Values.server.metrics.serviceMonitor.namespace }} - {{- end }} + namespace: {{ default .Release.Namespace .Values.server.metrics.serviceMonitor.namespace | quote }} labels: {{- include "argo-cd.labels" (dict "context" . "component" .Values.server.name "name" .Values.server.name) | nindent 4 }} {{- with .Values.server.metrics.serviceMonitor.selector }} diff --git a/charts/argo-cd/templates/dex/deployment.yaml b/charts/argo-cd/templates/dex/deployment.yaml index f83422331..8359a6a88 100755 --- a/charts/argo-cd/templates/dex/deployment.yaml +++ b/charts/argo-cd/templates/dex/deployment.yaml @@ -9,6 +9,7 @@ metadata: {{- end }} {{- end }} name: {{ template "argo-cd.dex.fullname" . }} + namespace: {{ .Release.Namespace | quote }} labels: {{- include "argo-cd.labels" (dict "context" . "component" .Values.dex.name "name" .Values.dex.name) | nindent 4 }} spec: diff --git a/charts/argo-cd/templates/dex/networkpolicy.yaml b/charts/argo-cd/templates/dex/networkpolicy.yaml index e79a2e3e4..cb0fcc55e 100644 --- a/charts/argo-cd/templates/dex/networkpolicy.yaml +++ b/charts/argo-cd/templates/dex/networkpolicy.yaml @@ -5,6 +5,7 @@ metadata: labels: {{- include "argo-cd.labels" (dict "context" . "component" .Values.dex.name "name" .Values.dex.name) | nindent 4 }} name: {{ template "argo-cd.dex.fullname" . }} + namespace: {{ .Release.Namespace | quote }} spec: ingress: - from: diff --git a/charts/argo-cd/templates/dex/pdb.yaml b/charts/argo-cd/templates/dex/pdb.yaml index 45bd00500..c0adc73f0 100644 --- a/charts/argo-cd/templates/dex/pdb.yaml +++ b/charts/argo-cd/templates/dex/pdb.yaml @@ -3,6 +3,7 @@ apiVersion: policy/v1 kind: PodDisruptionBudget metadata: name: {{ include "argo-cd.dex.fullname" . }} + namespace: {{ .Release.Namespace | quote }} labels: {{- include "argo-cd.labels" (dict "context" . "component" .Values.dex.name "name" .Values.dex.name) | nindent 4 }} {{- with .Values.dex.pdb.labels }} diff --git a/charts/argo-cd/templates/dex/role.yaml b/charts/argo-cd/templates/dex/role.yaml index 6b9b3f69d..49d40891f 100644 --- a/charts/argo-cd/templates/dex/role.yaml +++ b/charts/argo-cd/templates/dex/role.yaml @@ -3,6 +3,7 @@ apiVersion: rbac.authorization.k8s.io/v1 kind: Role metadata: name: {{ template "argo-cd.dex.fullname" . }} + namespace: {{ .Release.Namespace | quote }} labels: {{- include "argo-cd.labels" (dict "context" . "component" .Values.dex.name "name" .Values.dex.name) | nindent 4 }} rules: diff --git a/charts/argo-cd/templates/dex/rolebinding.yaml b/charts/argo-cd/templates/dex/rolebinding.yaml index 4cc47005b..08da15442 100644 --- a/charts/argo-cd/templates/dex/rolebinding.yaml +++ b/charts/argo-cd/templates/dex/rolebinding.yaml @@ -3,6 +3,7 @@ apiVersion: rbac.authorization.k8s.io/v1 kind: RoleBinding metadata: name: {{ template "argo-cd.dex.fullname" . }} + namespace: {{ .Release.Namespace | quote }} labels: {{- include "argo-cd.labels" (dict "context" . "component" .Values.dex.name "name" .Values.dex.name) | nindent 4 }} roleRef: diff --git a/charts/argo-cd/templates/dex/service.yaml b/charts/argo-cd/templates/dex/service.yaml index 9661c7e0d..73c984832 100644 --- a/charts/argo-cd/templates/dex/service.yaml +++ b/charts/argo-cd/templates/dex/service.yaml @@ -3,6 +3,7 @@ apiVersion: v1 kind: Service metadata: name: {{ template "argo-cd.dex.fullname" . }} + namespace: {{ .Release.Namespace | quote }} {{- if .Values.dex.metrics.service.annotations }} annotations: {{- range $key, $value := .Values.dex.metrics.service.annotations }} diff --git a/charts/argo-cd/templates/dex/serviceaccount.yaml b/charts/argo-cd/templates/dex/serviceaccount.yaml index 71707f099..65abd57cd 100644 --- a/charts/argo-cd/templates/dex/serviceaccount.yaml +++ b/charts/argo-cd/templates/dex/serviceaccount.yaml @@ -4,6 +4,7 @@ kind: ServiceAccount automountServiceAccountToken: {{ .Values.dex.serviceAccount.automountServiceAccountToken }} metadata: name: {{ template "argo-cd.dexServiceAccountName" . }} + namespace: {{ .Release.Namespace | quote }} {{- if .Values.dex.serviceAccount.annotations }} annotations: {{- range $key, $value := .Values.dex.serviceAccount.annotations }} diff --git a/charts/argo-cd/templates/dex/servicemonitor.yaml b/charts/argo-cd/templates/dex/servicemonitor.yaml index d08d018f6..21d12be25 100644 --- a/charts/argo-cd/templates/dex/servicemonitor.yaml +++ b/charts/argo-cd/templates/dex/servicemonitor.yaml @@ -3,9 +3,7 @@ apiVersion: monitoring.coreos.com/v1 kind: ServiceMonitor metadata: name: {{ template "argo-cd.dex.fullname" . }} - {{- with .Values.dex.metrics.serviceMonitor.namespace }} - namespace: {{ . }} - {{- end }} + namespace: {{ default .Release.Namespace .Values.dex.metrics.serviceMonitor.namespace | quote }} labels: {{- include "argo-cd.labels" (dict "context" . "component" .Values.dex.name "name" .Values.dex.name) | nindent 4 }} {{- with .Values.dex.metrics.serviceMonitor.selector }} diff --git a/charts/argo-cd/templates/networkpolicy-default-deny.yaml b/charts/argo-cd/templates/networkpolicy-default-deny.yaml index 3d47a3975..b499ab035 100644 --- a/charts/argo-cd/templates/networkpolicy-default-deny.yaml +++ b/charts/argo-cd/templates/networkpolicy-default-deny.yaml @@ -5,6 +5,7 @@ metadata: labels: {{- include "argo-cd.labels" (dict "context" .) | nindent 4 }} name: {{ template "argo-cd.fullname" . }}-default-deny + namespace: {{ .Release.Namespace | quote }} spec: podSelector: {} policyTypes: diff --git a/charts/argo-cd/templates/redis/deployment.yaml b/charts/argo-cd/templates/redis/deployment.yaml index 3376d7323..fc0bebbdc 100755 --- a/charts/argo-cd/templates/redis/deployment.yaml +++ b/charts/argo-cd/templates/redis/deployment.yaml @@ -10,6 +10,7 @@ metadata: {{- end }} {{- end }} name: {{ include "argo-cd.redis.fullname" . }} + namespace: {{ .Release.Namespace | quote }} labels: {{- include "argo-cd.labels" (dict "context" . "component" .Values.redis.name "name" .Values.redis.name) | nindent 4 }} spec: diff --git a/charts/argo-cd/templates/redis/metrics.yaml b/charts/argo-cd/templates/redis/metrics.yaml index 6886a7402..db5262855 100644 --- a/charts/argo-cd/templates/redis/metrics.yaml +++ b/charts/argo-cd/templates/redis/metrics.yaml @@ -4,6 +4,7 @@ apiVersion: v1 kind: Service metadata: name: {{ include "argo-cd.redis.fullname" . }}-metrics + namespace: {{ .Release.Namespace | quote }} labels: {{- include "argo-cd.labels" (dict "context" . "component" .Values.redis.name "name" .Values.redis.name) | nindent 4 }} {{- with .Values.redis.metrics.service.labels }} diff --git a/charts/argo-cd/templates/redis/networkpolicy.yaml b/charts/argo-cd/templates/redis/networkpolicy.yaml index 8b564add4..cd8150e14 100644 --- a/charts/argo-cd/templates/redis/networkpolicy.yaml +++ b/charts/argo-cd/templates/redis/networkpolicy.yaml @@ -6,6 +6,7 @@ metadata: labels: {{- include "argo-cd.labels" (dict "context" . "component" .Values.redis.name "name" .Values.redis.name) | nindent 4 }} name: {{ template "argo-cd.redis.fullname" . }} + namespace: {{ .Release.Namespace | quote }} spec: ingress: - from: diff --git a/charts/argo-cd/templates/redis/pdb.yaml b/charts/argo-cd/templates/redis/pdb.yaml index 223c57589..59423b475 100644 --- a/charts/argo-cd/templates/redis/pdb.yaml +++ b/charts/argo-cd/templates/redis/pdb.yaml @@ -4,6 +4,7 @@ apiVersion: policy/v1 kind: PodDisruptionBudget metadata: name: {{ include "argo-cd.redis.fullname" . }} + namespace: {{ .Release.Namespace | quote }} labels: {{- include "argo-cd.labels" (dict "context" . "component" .Values.redis.name "name" .Values.redis.name) | nindent 4 }} {{- with .Values.redis.pdb.labels }} diff --git a/charts/argo-cd/templates/redis/service.yaml b/charts/argo-cd/templates/redis/service.yaml index 6e949fd4b..31f497d72 100644 --- a/charts/argo-cd/templates/redis/service.yaml +++ b/charts/argo-cd/templates/redis/service.yaml @@ -4,6 +4,7 @@ apiVersion: v1 kind: Service metadata: name: {{ template "argo-cd.redis.fullname" . }} + namespace: {{ .Release.Namespace | quote }} labels: {{- include "argo-cd.labels" (dict "context" . "component" .Values.redis.name "name" .Values.redis.name) | nindent 4 }} {{- with .Values.redis.service.labels }} diff --git a/charts/argo-cd/templates/redis/serviceaccount.yaml b/charts/argo-cd/templates/redis/serviceaccount.yaml index ae67d3b2a..503fb4347 100644 --- a/charts/argo-cd/templates/redis/serviceaccount.yaml +++ b/charts/argo-cd/templates/redis/serviceaccount.yaml @@ -4,6 +4,7 @@ kind: ServiceAccount automountServiceAccountToken: {{ .Values.redis.serviceAccount.automountServiceAccountToken }} metadata: name: {{ template "argo-cd.redisServiceAccountName" . }} + namespace: {{ .Release.Namespace | quote }} {{- if .Values.redis.serviceAccount.annotations }} annotations: {{- range $key, $value := .Values.redis.serviceAccount.annotations }} diff --git a/charts/argo-cd/templates/redis/servicemonitor.yaml b/charts/argo-cd/templates/redis/servicemonitor.yaml index ea913467a..46a7e32ca 100644 --- a/charts/argo-cd/templates/redis/servicemonitor.yaml +++ b/charts/argo-cd/templates/redis/servicemonitor.yaml @@ -4,9 +4,7 @@ apiVersion: monitoring.coreos.com/v1 kind: ServiceMonitor metadata: name: {{ template "argo-cd.redis.fullname" . }} - {{- with .Values.redis.metrics.serviceMonitor.namespace }} - namespace: {{ . }} - {{- end }} + namespace: {{ default .Release.Namespace .Values.redis.metrics.serviceMonitor.namespace | quote }} labels: {{- include "argo-cd.labels" (dict "context" . "component" .Values.redis.name "name" .Values.redis.name) | nindent 4 }} {{- with .Values.redis.metrics.serviceMonitor.selector }} From 406e07b46b62e1f6efef6d035110d02b7a8019f5 Mon Sep 17 00:00:00 2001 From: Aikawa Date: Fri, 14 Apr 2023 03:16:20 +0900 Subject: [PATCH 100/373] fix(argo-rollouts): add namespace field for namespace scoped resources (#1960) Signed-off-by: yu-croco --- charts/argo-rollouts/Chart.yaml | 6 +++--- .../templates/controller/clusterrolebinding.yaml | 2 +- charts/argo-rollouts/templates/controller/deployment.yaml | 1 + .../argo-rollouts/templates/controller/metrics-service.yaml | 1 + .../templates/controller/notifcations-configmap.yaml | 1 + .../templates/controller/notifications-secret.yaml | 1 + .../templates/controller/poddisruptionbudget.yaml | 1 + charts/argo-rollouts/templates/controller/role.yaml | 1 + charts/argo-rollouts/templates/controller/rolebinding.yaml | 2 ++ .../argo-rollouts/templates/controller/serviceaccount.yaml | 1 + .../argo-rollouts/templates/controller/servicemonitor.yaml | 1 + .../templates/dashboard/clusterrolebinding.yaml | 2 +- charts/argo-rollouts/templates/dashboard/deployment.yaml | 1 + charts/argo-rollouts/templates/dashboard/ingress.yaml | 1 + .../templates/dashboard/poddisruptionbudget.yaml | 1 + charts/argo-rollouts/templates/dashboard/service.yaml | 1 + .../argo-rollouts/templates/dashboard/serviceaccount.yaml | 1 + 17 files changed, 20 insertions(+), 5 deletions(-) diff --git a/charts/argo-rollouts/Chart.yaml b/charts/argo-rollouts/Chart.yaml index 64cc3539d..a5f3e2497 100644 --- a/charts/argo-rollouts/Chart.yaml +++ b/charts/argo-rollouts/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v2 appVersion: v1.4.1 description: A Helm chart for Argo Rollouts name: argo-rollouts -version: 2.23.0 +version: 2.24.0 home: https://github.com/argoproj/argo-helm icon: https://argoproj.github.io/argo-rollouts/assets/logo.png keywords: @@ -15,5 +15,5 @@ maintainers: url: https://argoproj.github.io/ annotations: artifacthub.io/changes: | - - kind: added - description: Added the ability to set pod annotations separately on controller and dashboard deployment + - kind: fixed + description: add namespace field for namespace scoped resources diff --git a/charts/argo-rollouts/templates/controller/clusterrolebinding.yaml b/charts/argo-rollouts/templates/controller/clusterrolebinding.yaml index cbdb0e239..740f8f6b9 100644 --- a/charts/argo-rollouts/templates/controller/clusterrolebinding.yaml +++ b/charts/argo-rollouts/templates/controller/clusterrolebinding.yaml @@ -13,5 +13,5 @@ roleRef: subjects: - kind: ServiceAccount name: {{ include "argo-rollouts.serviceAccountName" . }} - namespace: {{ .Release.Namespace }} + namespace: {{ .Release.Namespace | quote }} {{- end }} diff --git a/charts/argo-rollouts/templates/controller/deployment.yaml b/charts/argo-rollouts/templates/controller/deployment.yaml index ee118e5a8..7f30da021 100644 --- a/charts/argo-rollouts/templates/controller/deployment.yaml +++ b/charts/argo-rollouts/templates/controller/deployment.yaml @@ -2,6 +2,7 @@ apiVersion: apps/v1 kind: Deployment metadata: name: {{ include "argo-rollouts.fullname" . }} + namespace: {{ .Release.Namespace | quote }} labels: app.kubernetes.io/component: {{ .Values.controller.component }} {{- include "argo-rollouts.labels" . | nindent 4 }} diff --git a/charts/argo-rollouts/templates/controller/metrics-service.yaml b/charts/argo-rollouts/templates/controller/metrics-service.yaml index 5e3803474..0effcc23b 100644 --- a/charts/argo-rollouts/templates/controller/metrics-service.yaml +++ b/charts/argo-rollouts/templates/controller/metrics-service.yaml @@ -3,6 +3,7 @@ apiVersion: v1 kind: Service metadata: name: {{ include "argo-rollouts.fullname" . }}-metrics + namespace: {{ .Release.Namespace | quote }} labels: app.kubernetes.io/component: {{ .Values.controller.component }} {{- include "argo-rollouts.labels" . | nindent 4 }} diff --git a/charts/argo-rollouts/templates/controller/notifcations-configmap.yaml b/charts/argo-rollouts/templates/controller/notifcations-configmap.yaml index 3008b327e..a370a6000 100644 --- a/charts/argo-rollouts/templates/controller/notifcations-configmap.yaml +++ b/charts/argo-rollouts/templates/controller/notifcations-configmap.yaml @@ -2,6 +2,7 @@ apiVersion: v1 kind: ConfigMap metadata: name: argo-rollouts-notification-configmap + namespace: {{ .Release.Namespace | quote }} labels: app.kubernetes.io/component: {{ .Values.controller.component }} {{- include "argo-rollouts.labels" . | nindent 4 }} diff --git a/charts/argo-rollouts/templates/controller/notifications-secret.yaml b/charts/argo-rollouts/templates/controller/notifications-secret.yaml index 4e9cc64ce..52b393df4 100644 --- a/charts/argo-rollouts/templates/controller/notifications-secret.yaml +++ b/charts/argo-rollouts/templates/controller/notifications-secret.yaml @@ -3,6 +3,7 @@ apiVersion: v1 kind: Secret metadata: name: argo-rollouts-notification-secret + namespace: {{ .Release.Namespace | quote }} labels: app.kubernetes.io/component: {{ .Values.controller.component }} {{- include "argo-rollouts.labels" . | nindent 4 }} diff --git a/charts/argo-rollouts/templates/controller/poddisruptionbudget.yaml b/charts/argo-rollouts/templates/controller/poddisruptionbudget.yaml index 437efab9b..7080b55cd 100644 --- a/charts/argo-rollouts/templates/controller/poddisruptionbudget.yaml +++ b/charts/argo-rollouts/templates/controller/poddisruptionbudget.yaml @@ -3,6 +3,7 @@ apiVersion: {{ include "argo-rollouts.podDisruptionBudget.apiVersion" . }} kind: PodDisruptionBudget metadata: name: {{ template "argo-rollouts.fullname" . }} + namespace: {{ .Release.Namespace | quote }} labels: {{- include "argo-rollouts.labels" . | nindent 4 }} {{- with .Values.controller.pdb.labels }} diff --git a/charts/argo-rollouts/templates/controller/role.yaml b/charts/argo-rollouts/templates/controller/role.yaml index 72ebdbc94..e3b80672b 100644 --- a/charts/argo-rollouts/templates/controller/role.yaml +++ b/charts/argo-rollouts/templates/controller/role.yaml @@ -3,6 +3,7 @@ apiVersion: rbac.authorization.k8s.io/v1 kind: Role metadata: name: {{ include "argo-rollouts.fullname" . }} + namespace: {{ .Release.Namespace | quote }} labels: app.kubernetes.io/component: {{ .Values.controller.component }} {{- include "argo-rollouts.labels" . | nindent 4 }} diff --git a/charts/argo-rollouts/templates/controller/rolebinding.yaml b/charts/argo-rollouts/templates/controller/rolebinding.yaml index 128df3abd..e76bb194f 100644 --- a/charts/argo-rollouts/templates/controller/rolebinding.yaml +++ b/charts/argo-rollouts/templates/controller/rolebinding.yaml @@ -3,6 +3,7 @@ apiVersion: rbac.authorization.k8s.io/v1 kind: RoleBinding metadata: name: {{ include "argo-rollouts.fullname" . }} + namespace: {{ .Release.Namespace | quote }} labels: app.kubernetes.io/component: {{ .Values.controller.component }} {{- include "argo-rollouts.labels" . | nindent 4 }} @@ -13,4 +14,5 @@ roleRef: subjects: - kind: ServiceAccount name: {{ include "argo-rollouts.serviceAccountName" . }} + namespace: {{ .Release.Namespace | quote }} {{- end }} diff --git a/charts/argo-rollouts/templates/controller/serviceaccount.yaml b/charts/argo-rollouts/templates/controller/serviceaccount.yaml index 327eb6a59..b0f566333 100644 --- a/charts/argo-rollouts/templates/controller/serviceaccount.yaml +++ b/charts/argo-rollouts/templates/controller/serviceaccount.yaml @@ -3,6 +3,7 @@ apiVersion: v1 kind: ServiceAccount metadata: name: {{ include "argo-rollouts.serviceAccountName" . }} + namespace: {{ .Release.Namespace | quote }} labels: app.kubernetes.io/component: {{ .Values.controller.component }} {{- include "argo-rollouts.labels" . | nindent 4 }} diff --git a/charts/argo-rollouts/templates/controller/servicemonitor.yaml b/charts/argo-rollouts/templates/controller/servicemonitor.yaml index 72d9a691f..f64dc3285 100644 --- a/charts/argo-rollouts/templates/controller/servicemonitor.yaml +++ b/charts/argo-rollouts/templates/controller/servicemonitor.yaml @@ -3,6 +3,7 @@ apiVersion: monitoring.coreos.com/v1 kind: ServiceMonitor metadata: name: {{ include "argo-rollouts.fullname" . }} + namespace: {{ .Release.Namespace | quote }} labels: app.kubernetes.io/component: {{ .Values.controller.component }} {{- include "argo-rollouts.labels" . | nindent 4 }} diff --git a/charts/argo-rollouts/templates/dashboard/clusterrolebinding.yaml b/charts/argo-rollouts/templates/dashboard/clusterrolebinding.yaml index 3296060cc..2dbf7379f 100644 --- a/charts/argo-rollouts/templates/dashboard/clusterrolebinding.yaml +++ b/charts/argo-rollouts/templates/dashboard/clusterrolebinding.yaml @@ -13,5 +13,5 @@ roleRef: subjects: - kind: ServiceAccount name: {{ include "argo-rollouts.serviceAccountName" . }}-dashboard - namespace: {{ .Release.Namespace }} + namespace: {{ .Release.Namespace | quote }} {{- end }} diff --git a/charts/argo-rollouts/templates/dashboard/deployment.yaml b/charts/argo-rollouts/templates/dashboard/deployment.yaml index 0d2109347..8a47608f2 100644 --- a/charts/argo-rollouts/templates/dashboard/deployment.yaml +++ b/charts/argo-rollouts/templates/dashboard/deployment.yaml @@ -3,6 +3,7 @@ apiVersion: apps/v1 kind: Deployment metadata: name: {{ include "argo-rollouts.fullname" . }}-dashboard + namespace: {{ .Release.Namespace | quote }} labels: app.kubernetes.io/component: {{ .Values.dashboard.component }} {{- include "argo-rollouts.labels" . | nindent 4 }} diff --git a/charts/argo-rollouts/templates/dashboard/ingress.yaml b/charts/argo-rollouts/templates/dashboard/ingress.yaml index 0555d1fcc..e7f9e41ed 100644 --- a/charts/argo-rollouts/templates/dashboard/ingress.yaml +++ b/charts/argo-rollouts/templates/dashboard/ingress.yaml @@ -14,6 +14,7 @@ metadata: {{- end }} {{- end }} name: {{ template "argo-rollouts.fullname" . }}-dashboard + namespace: {{ .Release.Namespace | quote }} labels: {{- include "argo-rollouts.labels" . | nindent 4 }} {{- if .Values.dashboard.ingress.labels }} diff --git a/charts/argo-rollouts/templates/dashboard/poddisruptionbudget.yaml b/charts/argo-rollouts/templates/dashboard/poddisruptionbudget.yaml index 742b149fe..d12ba62a1 100644 --- a/charts/argo-rollouts/templates/dashboard/poddisruptionbudget.yaml +++ b/charts/argo-rollouts/templates/dashboard/poddisruptionbudget.yaml @@ -3,6 +3,7 @@ apiVersion: {{ include "argo-rollouts.podDisruptionBudget.apiVersion" . }} kind: PodDisruptionBudget metadata: name: {{ template "argo-rollouts.fullname" . }}-dashboard + namespace: {{ .Release.Namespace | quote }} labels: {{- include "argo-rollouts.labels" . | nindent 4 }} {{- with .Values.dashboard.pdb.labels }} diff --git a/charts/argo-rollouts/templates/dashboard/service.yaml b/charts/argo-rollouts/templates/dashboard/service.yaml index 589781503..6a304b82d 100644 --- a/charts/argo-rollouts/templates/dashboard/service.yaml +++ b/charts/argo-rollouts/templates/dashboard/service.yaml @@ -3,6 +3,7 @@ apiVersion: v1 kind: Service metadata: name: {{ include "argo-rollouts.fullname" . }}-dashboard + namespace: {{ .Release.Namespace | quote }} labels: app.kubernetes.io/component: {{ .Values.dashboard.component }} {{- include "argo-rollouts.labels" . | nindent 4 }} diff --git a/charts/argo-rollouts/templates/dashboard/serviceaccount.yaml b/charts/argo-rollouts/templates/dashboard/serviceaccount.yaml index ff0c73005..4b531bd98 100644 --- a/charts/argo-rollouts/templates/dashboard/serviceaccount.yaml +++ b/charts/argo-rollouts/templates/dashboard/serviceaccount.yaml @@ -3,6 +3,7 @@ apiVersion: v1 kind: ServiceAccount metadata: name: {{ include "argo-rollouts.serviceAccountName" . }}-dashboard + namespace: {{ .Release.Namespace | quote }} labels: app.kubernetes.io/component: {{ .Values.dashboard.component }} {{- include "argo-rollouts.labels" . | nindent 4 }} From 076cf82ddd77126cd7ecf24e2c8882b5cbff9342 Mon Sep 17 00:00:00 2001 From: Aikawa Date: Fri, 14 Apr 2023 03:38:04 +0900 Subject: [PATCH 101/373] fix(argo-events): add namespace field for namespace scoped resources (#1959) * fix(argo-events): add namespace field for namespace scoped resources Signed-off-by: yu-croco * Apply suggestion from code review Signed-off-by: Marco Kilchhofer --------- Signed-off-by: Marco Kilchhofer Co-authored-by: Marco Kilchhofer --- charts/argo-events/Chart.yaml | 4 ++-- .../templates/argo-events-controller/config.yaml | 1 + .../templates/argo-events-controller/deployment.yaml | 1 + .../argo-events/templates/argo-events-controller/pdb.yaml | 1 + .../argo-events/templates/argo-events-controller/rbac.yaml | 5 ++++- .../templates/argo-events-controller/service.yaml | 1 + .../templates/argo-events-controller/serviceaccount.yaml | 1 + .../templates/argo-events-controller/servicemonitor.yaml | 6 ++---- .../templates/argo-events-webhook/clusterrolebinding.yaml | 2 +- .../templates/argo-events-webhook/deployment.yaml | 1 + charts/argo-events/templates/argo-events-webhook/pdb.yaml | 1 + .../argo-events/templates/argo-events-webhook/service.yaml | 1 + .../templates/argo-events-webhook/serviceaccount.yaml | 1 + 13 files changed, 18 insertions(+), 8 deletions(-) diff --git a/charts/argo-events/Chart.yaml b/charts/argo-events/Chart.yaml index f11e6a0af..a9f379e72 100644 --- a/charts/argo-events/Chart.yaml +++ b/charts/argo-events/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v2 appVersion: v1.7.6 description: A Helm chart for Argo Events, the event-driven workflow automation framework name: argo-events -version: 2.1.6 +version: 2.2.0 home: https://github.com/argoproj/argo-helm icon: https://argoproj.github.io/argo-events/assets/logo.png keywords: @@ -16,4 +16,4 @@ maintainers: annotations: artifacthub.io/changes: | - kind: fixed - description: fix toYaml function in deployment template for envFrom block + description: add namespace field for namespace scoped resources diff --git a/charts/argo-events/templates/argo-events-controller/config.yaml b/charts/argo-events/templates/argo-events-controller/config.yaml index 486fa3645..b32933857 100644 --- a/charts/argo-events/templates/argo-events-controller/config.yaml +++ b/charts/argo-events/templates/argo-events-controller/config.yaml @@ -2,6 +2,7 @@ apiVersion: v1 kind: ConfigMap metadata: name: {{ include "argo-events.controller.fullname" . }} + namespace: {{ .Release.Namespace | quote }} labels: {{- include "argo-events.labels" (dict "context" . "name" .Values.controller.name) | nindent 4 }} data: diff --git a/charts/argo-events/templates/argo-events-controller/deployment.yaml b/charts/argo-events/templates/argo-events-controller/deployment.yaml index 6f6a965b9..9b7ace1b9 100644 --- a/charts/argo-events/templates/argo-events-controller/deployment.yaml +++ b/charts/argo-events/templates/argo-events-controller/deployment.yaml @@ -2,6 +2,7 @@ apiVersion: apps/v1 kind: Deployment metadata: name: {{ include "argo-events.controller.fullname" . }} + namespace: {{ .Release.Namespace | quote }} labels: {{- include "argo-events.labels" (dict "context" . "component" .Values.controller.name "name" .Values.controller.name) | nindent 4 }} app.kubernetes.io/version: {{ include "argo-events.controller_chart_version_label" . }} diff --git a/charts/argo-events/templates/argo-events-controller/pdb.yaml b/charts/argo-events/templates/argo-events-controller/pdb.yaml index f1a7b7217..0451ecd72 100644 --- a/charts/argo-events/templates/argo-events-controller/pdb.yaml +++ b/charts/argo-events/templates/argo-events-controller/pdb.yaml @@ -3,6 +3,7 @@ apiVersion: {{ template "argo-events.pdb.apiVersion" . }} kind: PodDisruptionBudget metadata: name: {{ template "argo-events.controller.fullname" . }} + namespace: {{ .Release.Namespace | quote }} labels: {{- include "argo-events.labels" (dict "context" . "component" .Values.controller.name "name" .Values.controller.name) | nindent 4 }} {{- with .Values.controller.pdb.labels }} diff --git a/charts/argo-events/templates/argo-events-controller/rbac.yaml b/charts/argo-events/templates/argo-events-controller/rbac.yaml index 1d9a2e558..aa9c7c2b9 100644 --- a/charts/argo-events/templates/argo-events-controller/rbac.yaml +++ b/charts/argo-events/templates/argo-events-controller/rbac.yaml @@ -3,6 +3,9 @@ apiVersion: rbac.authorization.k8s.io/v1 kind: {{ .Values.controller.rbac.namespaced | ternary "Role" "ClusterRole" }} metadata: name: {{ include "argo-events.controller.fullname" . }} + {{- if .Values.controller.rbac.namespaced }} + namespace: {{ .Release.Namespace | quote }} + {{- end }} labels: {{- include "argo-events.labels" (dict "context" . "component" .Values.controller.name "name" .Values.controller.name) | nindent 4 }} rules: @@ -119,5 +122,5 @@ roleRef: subjects: - kind: ServiceAccount name: {{ include "argo-events.controller.serviceAccountName" . }} - namespace: {{ .Release.Namespace }} + namespace: {{ .Release.Namespace | quote }} {{- end }} diff --git a/charts/argo-events/templates/argo-events-controller/service.yaml b/charts/argo-events/templates/argo-events-controller/service.yaml index d0d6ab333..fe36320b6 100644 --- a/charts/argo-events/templates/argo-events-controller/service.yaml +++ b/charts/argo-events/templates/argo-events-controller/service.yaml @@ -3,6 +3,7 @@ apiVersion: v1 kind: Service metadata: name: {{ template "argo-events.controller.fullname" . }}-metrics + namespace: {{ .Release.Namespace | quote }} {{- with .Values.controller.metrics.service.annotations }} annotations: {{- range $key, $value := . }} diff --git a/charts/argo-events/templates/argo-events-controller/serviceaccount.yaml b/charts/argo-events/templates/argo-events-controller/serviceaccount.yaml index 7a035b76a..3b8a9c81f 100644 --- a/charts/argo-events/templates/argo-events-controller/serviceaccount.yaml +++ b/charts/argo-events/templates/argo-events-controller/serviceaccount.yaml @@ -4,6 +4,7 @@ kind: ServiceAccount automountServiceAccountToken: {{ .Values.controller.serviceAccount.automountServiceAccountToken }} metadata: name: {{ include "argo-events.controller.serviceAccountName" . }} + namespace: {{ .Release.Namespace | quote }} {{- with .Values.controller.serviceAccount.annotations }} annotations: {{- range $key, $value := . }} diff --git a/charts/argo-events/templates/argo-events-controller/servicemonitor.yaml b/charts/argo-events/templates/argo-events-controller/servicemonitor.yaml index 6c1f23ca0..55cda1d41 100644 --- a/charts/argo-events/templates/argo-events-controller/servicemonitor.yaml +++ b/charts/argo-events/templates/argo-events-controller/servicemonitor.yaml @@ -3,9 +3,7 @@ apiVersion: monitoring.coreos.com/v1 kind: ServiceMonitor metadata: name: {{ template "argo-events.controller.fullname" . }} - {{- with .Values.controller.metrics.serviceMonitor.namespace }} - namespace: {{ . }} - {{- end }} + namespace: {{ default .Release.Namespace .Values.controller.metrics.serviceMonitor.namespace | quote }} labels: {{- include "argo-events.labels" (dict "context" . "component" .Values.controller.name "name" .Values.controller.name) | nindent 4 }} {{- with .Values.controller.metrics.serviceMonitor.selector }} @@ -31,7 +29,7 @@ spec: {{- end }} namespaceSelector: matchNames: - - {{ .Release.Namespace }} + - {{ .Release.Namespace | quote }} selector: matchLabels: {{- include "argo-events.selectorLabels" (dict "context" . "component" .Values.controller.name "name" (printf "%s-metrics" .Values.controller.name)) | nindent 6 }} diff --git a/charts/argo-events/templates/argo-events-webhook/clusterrolebinding.yaml b/charts/argo-events/templates/argo-events-webhook/clusterrolebinding.yaml index 5562f139f..89226483b 100644 --- a/charts/argo-events/templates/argo-events-webhook/clusterrolebinding.yaml +++ b/charts/argo-events/templates/argo-events-webhook/clusterrolebinding.yaml @@ -12,5 +12,5 @@ roleRef: subjects: - kind: ServiceAccount name: {{ include "argo-events.webhook.serviceAccountName" . }} - namespace: {{ .Release.Namespace }} + namespace: {{ .Release.Namespace | quote }} {{- end }} diff --git a/charts/argo-events/templates/argo-events-webhook/deployment.yaml b/charts/argo-events/templates/argo-events-webhook/deployment.yaml index e3839caf8..0445484e8 100644 --- a/charts/argo-events/templates/argo-events-webhook/deployment.yaml +++ b/charts/argo-events/templates/argo-events-webhook/deployment.yaml @@ -3,6 +3,7 @@ apiVersion: apps/v1 kind: Deployment metadata: name: events-webhook + namespace: {{ .Release.Namespace | quote }} labels: {{- include "argo-events.labels" (dict "context" . "component" .Values.webhook.name "name" .Values.webhook.name) | nindent 4 }} app.kubernetes.io/version: {{ include "argo-events.webhook_chart_version_label" . }} diff --git a/charts/argo-events/templates/argo-events-webhook/pdb.yaml b/charts/argo-events/templates/argo-events-webhook/pdb.yaml index 15bf97bf7..a3daa7457 100644 --- a/charts/argo-events/templates/argo-events-webhook/pdb.yaml +++ b/charts/argo-events/templates/argo-events-webhook/pdb.yaml @@ -3,6 +3,7 @@ apiVersion: {{ template "argo-events.pdb.apiVersion" . }} kind: PodDisruptionBudget metadata: name: {{ template "argo-events.webhook.fullname" . }} + namespace: {{ .Release.Namespace | quote }} labels: {{- include "argo-events.labels" (dict "context" . "component" .Values.webhook.name "name" .Values.webhook.name) | nindent 4 }} {{- with .Values.webhook.pdb.labels }} diff --git a/charts/argo-events/templates/argo-events-webhook/service.yaml b/charts/argo-events/templates/argo-events-webhook/service.yaml index cb85a8cb1..15563d0e2 100644 --- a/charts/argo-events/templates/argo-events-webhook/service.yaml +++ b/charts/argo-events/templates/argo-events-webhook/service.yaml @@ -3,6 +3,7 @@ apiVersion: v1 kind: Service metadata: name: events-webhook + namespace: {{ .Release.Namespace | quote }} labels: {{- include "argo-events.labels" (dict "context" . "name" .Values.webhook.name) | nindent 4 }} spec: diff --git a/charts/argo-events/templates/argo-events-webhook/serviceaccount.yaml b/charts/argo-events/templates/argo-events-webhook/serviceaccount.yaml index b723a77f3..e3e2ac5b8 100644 --- a/charts/argo-events/templates/argo-events-webhook/serviceaccount.yaml +++ b/charts/argo-events/templates/argo-events-webhook/serviceaccount.yaml @@ -4,6 +4,7 @@ kind: ServiceAccount automountServiceAccountToken: {{ .Values.webhook.serviceAccount.automountServiceAccountToken }} metadata: name: {{ include "argo-events.webhook.serviceAccountName" . }} + namespace: {{ .Release.Namespace | quote }} {{- with .Values.webhook.serviceAccount.annotations }} annotations: {{- range $key, $value := . }} From 388102400faf26b4f60f002c4e816256e21e63aa Mon Sep 17 00:00:00 2001 From: Marco Kilchhofer Date: Fri, 14 Apr 2023 01:44:19 +0200 Subject: [PATCH 102/373] fix(argo-cd): Evaluate namespace field via helm root scope (#1963) Signed-off-by: Marco Kilchhofer --- charts/argo-cd/Chart.yaml | 4 ++-- charts/argo-cd/templates/argocd-configs/cluster-secrets.yaml | 2 +- .../argocd-configs/repository-credentials-secret.yaml | 2 +- .../argo-cd/templates/argocd-configs/repository-secret.yaml | 2 +- 4 files changed, 5 insertions(+), 5 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index 81666537d..01aab8419 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -3,7 +3,7 @@ appVersion: v2.6.7 kubeVersion: ">=1.22.0-0" description: A Helm chart for Argo CD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 5.29.0 +version: 5.29.1 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png sources: @@ -24,4 +24,4 @@ dependencies: annotations: artifacthub.io/changes: | - kind: fixed - description: Add namespace field for namespace scoped resources + description: Namespace field for some namespaced resources needs to be evaluated via helm root scope diff --git a/charts/argo-cd/templates/argocd-configs/cluster-secrets.yaml b/charts/argo-cd/templates/argocd-configs/cluster-secrets.yaml index 259ee3484..83b1c15d7 100644 --- a/charts/argo-cd/templates/argocd-configs/cluster-secrets.yaml +++ b/charts/argo-cd/templates/argocd-configs/cluster-secrets.yaml @@ -4,7 +4,7 @@ apiVersion: v1 kind: Secret metadata: name: {{ include "argo-cd.name" $ }}-cluster-{{ .name }} - namespace: {{ .Release.Namespace | quote }} + namespace: {{ $.Release.Namespace | quote }} labels: {{- include "argo-cd.labels" (dict "context" $) | nindent 4 }} {{- with .labels }} diff --git a/charts/argo-cd/templates/argocd-configs/repository-credentials-secret.yaml b/charts/argo-cd/templates/argocd-configs/repository-credentials-secret.yaml index 748718abf..ed1d2fd76 100644 --- a/charts/argo-cd/templates/argocd-configs/repository-credentials-secret.yaml +++ b/charts/argo-cd/templates/argocd-configs/repository-credentials-secret.yaml @@ -4,7 +4,7 @@ apiVersion: v1 kind: Secret metadata: name: argocd-repo-creds-{{ $repo_cred_key }} - namespace: {{ .Release.Namespace | quote }} + namespace: {{ $.Release.Namespace | quote }} labels: argocd.argoproj.io/secret-type: repo-creds {{- include "argo-cd.labels" (dict "context" $) | nindent 4 }} diff --git a/charts/argo-cd/templates/argocd-configs/repository-secret.yaml b/charts/argo-cd/templates/argocd-configs/repository-secret.yaml index d64ae5ccd..4c0289585 100644 --- a/charts/argo-cd/templates/argocd-configs/repository-secret.yaml +++ b/charts/argo-cd/templates/argocd-configs/repository-secret.yaml @@ -4,7 +4,7 @@ apiVersion: v1 kind: Secret metadata: name: argocd-repo-{{ $repo_key }} - namespace: {{ .Release.Namespace | quote }} + namespace: {{ $.Release.Namespace | quote }} labels: argocd.argoproj.io/secret-type: repository {{- include "argo-cd.labels" (dict "context" $) | nindent 4 }} From dfe36fbde955e525c706243f887e34e127ea2259 Mon Sep 17 00:00:00 2001 From: Marco Kilchhofer Date: Fri, 14 Apr 2023 01:58:48 +0200 Subject: [PATCH 103/373] feat(argo-rollouts): Add ability to provide additional volumes (#1965) --- charts/argo-rollouts/Chart.yaml | 6 +++--- charts/argo-rollouts/README.md | 4 ++++ .../templates/controller/deployment.yaml | 8 ++++++++ .../templates/dashboard/deployment.yaml | 8 ++++++++ charts/argo-rollouts/values.yaml | 17 +++++++++++++++++ 5 files changed, 40 insertions(+), 3 deletions(-) diff --git a/charts/argo-rollouts/Chart.yaml b/charts/argo-rollouts/Chart.yaml index a5f3e2497..376cd8ce1 100644 --- a/charts/argo-rollouts/Chart.yaml +++ b/charts/argo-rollouts/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v2 appVersion: v1.4.1 description: A Helm chart for Argo Rollouts name: argo-rollouts -version: 2.24.0 +version: 2.25.0 home: https://github.com/argoproj/argo-helm icon: https://argoproj.github.io/argo-rollouts/assets/logo.png keywords: @@ -15,5 +15,5 @@ maintainers: url: https://argoproj.github.io/ annotations: artifacthub.io/changes: | - - kind: fixed - description: add namespace field for namespace scoped resources + - kind: added + description: Ability to provide additional volumes and volumeMounts diff --git a/charts/argo-rollouts/README.md b/charts/argo-rollouts/README.md index 1e8a29f09..56a798527 100644 --- a/charts/argo-rollouts/README.md +++ b/charts/argo-rollouts/README.md @@ -102,6 +102,8 @@ For full list of changes please check ArtifactHub [changelog]. | controller.resources | object | `{}` | Resource limits and requests for the controller pods. | | controller.tolerations | list | `[]` | [Tolerations] for use with node taints | | controller.topologySpreadConstraints | list | `[]` | Assign custom [TopologySpreadConstraints] rules to the controller | +| controller.volumeMounts | list | `[]` | Additional volumeMounts to add to the controller container | +| controller.volumes | list | `[]` | Additional volumes to add to the controller pod | | podAnnotations | object | `{}` | Annotations for the all deployed pods | | podLabels | object | `{}` | Labels to be added to the Rollout pods | | podSecurityContext | object | `{"runAsNonRoot":true}` | Security Context to set on pod level | @@ -161,6 +163,8 @@ For full list of changes please check ArtifactHub [changelog]. | dashboard.serviceAccount.name | string | `""` | The name of the service account to use. If not set and create is true, a name is generated using the fullname template | | dashboard.tolerations | list | `[]` | [Tolerations] for use with node taints | | dashboard.topologySpreadConstraints | list | `[]` | Assign custom [TopologySpreadConstraints] rules to the dashboard server | +| dashboard.volumeMounts | list | `[]` | Additional volumeMounts to add to the dashboard container | +| dashboard.volumes | list | `[]` | Additional volumes to add to the dashboard pod | ## Upgrading diff --git a/charts/argo-rollouts/templates/controller/deployment.yaml b/charts/argo-rollouts/templates/controller/deployment.yaml index 7f30da021..95ec845fc 100644 --- a/charts/argo-rollouts/templates/controller/deployment.yaml +++ b/charts/argo-rollouts/templates/controller/deployment.yaml @@ -65,6 +65,10 @@ spec: {{- toYaml .Values.containerSecurityContext | nindent 10 }} resources: {{- toYaml .Values.controller.resources | nindent 10 }} + {{- with .Values.controller.volumeMounts }} + volumeMounts: + {{- toYaml . | nindent 8 }} + {{- end }} {{- with .Values.controller.extraContainers }} {{- toYaml . | nindent 6 }} {{- end }} @@ -101,3 +105,7 @@ spec: {{- with .Values.controller.priorityClassName }} priorityClassName: {{ . }} {{- end }} + {{- with .Values.controller.volumes }} + volumes: + {{- toYaml . | nindent 6 }} + {{- end }} diff --git a/charts/argo-rollouts/templates/dashboard/deployment.yaml b/charts/argo-rollouts/templates/dashboard/deployment.yaml index 8a47608f2..342e19968 100644 --- a/charts/argo-rollouts/templates/dashboard/deployment.yaml +++ b/charts/argo-rollouts/templates/dashboard/deployment.yaml @@ -54,6 +54,10 @@ spec: {{- toYaml .Values.dashboard.containerSecurityContext | nindent 10 }} resources: {{- toYaml .Values.dashboard.resources | nindent 10 }} + {{- with .Values.dashboard.volumeMounts }} + volumeMounts: + {{- toYaml . | nindent 8 }} + {{- end }} {{- if .Values.dashboard.nodeSelector }} nodeSelector: {{- toYaml .Values.dashboard.nodeSelector | nindent 8 }} @@ -83,4 +87,8 @@ spec: {{- with .Values.dashboard.priorityClassName }} priorityClassName: {{ . }} {{- end }} + {{- with .Values.dashboard.volumes }} + volumes: + {{- toYaml . | nindent 6 }} + {{- end }} {{- end }} diff --git a/charts/argo-rollouts/values.yaml b/charts/argo-rollouts/values.yaml index d92e93041..e451602f2 100644 --- a/charts/argo-rollouts/values.yaml +++ b/charts/argo-rollouts/values.yaml @@ -154,6 +154,17 @@ controller: # -- Maximum number / percentage of pods that may be made unavailable maxUnavailable: # 0 + # -- Additional volumes to add to the controller pod + volumes: [] + # - configMap: + # name: my-certs-cm + # name: my-certs + + # -- Additional volumeMounts to add to the controller container + volumeMounts: [] + # - mountPath: /etc/ssl/certs + # name: my-certs + serviceAccount: # -- Specifies whether a service account should be created create: true @@ -355,6 +366,12 @@ dashboard: # hosts: # - argorollouts.example.com + # -- Additional volumes to add to the dashboard pod + volumes: [] + + # -- Additional volumeMounts to add to the dashboard container + volumeMounts: [] + notifications: secret: # -- Whether to create notifications secret From 22356c77af3e672bf6a5ee97ed7305bb367beccb Mon Sep 17 00:00:00 2001 From: Tim Collins <45351296+tico24@users.noreply.github.com> Date: Fri, 14 Apr 2023 14:53:40 +0100 Subject: [PATCH 104/373] feat(argo-workflows): Add option for controller to read all secrets (#1967) --- charts/argo-workflows/Chart.yaml | 6 +++--- charts/argo-workflows/README.md | 1 + .../controller/workflow-controller-cluster-roles.yaml | 10 ++++++++++ charts/argo-workflows/values.yaml | 2 ++ 4 files changed, 16 insertions(+), 3 deletions(-) diff --git a/charts/argo-workflows/Chart.yaml b/charts/argo-workflows/Chart.yaml index 69cbe88f2..616f3cc40 100644 --- a/charts/argo-workflows/Chart.yaml +++ b/charts/argo-workflows/Chart.yaml @@ -3,7 +3,7 @@ appVersion: v3.4.7 name: argo-workflows description: A Helm chart for Argo Workflows type: application -version: 0.24.0 +version: 0.24.1 icon: https://raw.githubusercontent.com/argoproj/argo-workflows/master/docs/assets/argo.png home: https://github.com/argoproj/argo-helm sources: @@ -13,5 +13,5 @@ maintainers: url: https://argoproj.github.io/ annotations: artifacthub.io/changes: | - - kind: fixed - description: Add namespace field to all namespace scoped resources because `helm template` doesn't add the namespace filed automatically. + - kind: added + description: Add option for workflow controller to read all secrets. diff --git a/charts/argo-workflows/README.md b/charts/argo-workflows/README.md index 2c8ceb70c..463fa4858 100644 --- a/charts/argo-workflows/README.md +++ b/charts/argo-workflows/README.md @@ -174,6 +174,7 @@ Fields to note: | controller.podLabels | object | `{}` | Optional labels to add to the controller pods | | controller.podSecurityContext | object | `{}` | SecurityContext to set on the controller pods | | controller.priorityClassName | string | `""` | Leverage a PriorityClass to ensure your pods survive resource shortages. | +| controller.rbac.accessAllSecrets | bool | `false` | Allows controller to get, list and watch all k8s secrets. Can only be used if secretWhitelist is empty. | | controller.rbac.create | bool | `true` | Adds Role and RoleBinding for the controller. | | controller.rbac.secretWhitelist | list | `[]` | Allows controller to get, list, and watch certain k8s secrets | | controller.rbac.writeConfigMaps | bool | `false` | Allows controller to create and update ConfigMaps. Enables memoization feature | diff --git a/charts/argo-workflows/templates/controller/workflow-controller-cluster-roles.yaml b/charts/argo-workflows/templates/controller/workflow-controller-cluster-roles.yaml index b5d78afa0..c2d2a7713 100644 --- a/charts/argo-workflows/templates/controller/workflow-controller-cluster-roles.yaml +++ b/charts/argo-workflows/templates/controller/workflow-controller-cluster-roles.yaml @@ -187,6 +187,16 @@ rules: - watch resourceNames: {{- toYaml . | nindent 4 }} {{- end }} +{{- if and (not .Values.controller.rbac.secretWhitelist) (.Values.controller.rbac.accessAllSecrets) }} +- apiGroups: + - "" + resources: + - secrets + verbs: + - get + - list + - watch +{{- end }} {{- if .Values.controller.clusterWorkflowTemplates.enabled }} --- diff --git a/charts/argo-workflows/values.yaml b/charts/argo-workflows/values.yaml index 155a0acd9..4783e0a6c 100644 --- a/charts/argo-workflows/values.yaml +++ b/charts/argo-workflows/values.yaml @@ -74,6 +74,8 @@ controller: create: true # -- Allows controller to get, list, and watch certain k8s secrets secretWhitelist: [] + # -- Allows controller to get, list and watch all k8s secrets. Can only be used if secretWhitelist is empty. + accessAllSecrets: false # -- Allows controller to create and update ConfigMaps. Enables memoization feature writeConfigMaps: false From 29b753057bf605e95d07017d6f7e000d3cc808f6 Mon Sep 17 00:00:00 2001 From: Aikawa Date: Sun, 16 Apr 2023 17:13:00 +0900 Subject: [PATCH 105/373] fix(argocd-image-updater): add namespace field for namespace scoped resources (#1970) Signed-off-by: yu-croco --- charts/argocd-image-updater/Chart.yaml | 6 +++--- .../templates/configmap-authscripts.yaml | 1 + .../argocd-image-updater/templates/configmap-sshconfig.yaml | 1 + charts/argocd-image-updater/templates/configmap.yaml | 1 + charts/argocd-image-updater/templates/deployment.yaml | 3 ++- charts/argocd-image-updater/templates/metrics-service.yaml | 1 + charts/argocd-image-updater/templates/rbac.yaml | 4 +++- charts/argocd-image-updater/templates/secret.yaml | 3 ++- charts/argocd-image-updater/templates/serviceaccount.yaml | 1 + charts/argocd-image-updater/templates/servicemonitor.yaml | 4 +--- 10 files changed, 16 insertions(+), 9 deletions(-) diff --git a/charts/argocd-image-updater/Chart.yaml b/charts/argocd-image-updater/Chart.yaml index f64d558be..d6ec30ef3 100644 --- a/charts/argocd-image-updater/Chart.yaml +++ b/charts/argocd-image-updater/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v2 name: argocd-image-updater description: A Helm chart for Argo CD Image Updater, a tool to automatically update the container images of Kubernetes workloads which are managed by Argo CD type: application -version: 0.8.5 +version: 0.9.0 appVersion: v0.12.2 home: https://github.com/argoproj-labs/argocd-image-updater icon: https://argocd-image-updater.readthedocs.io/en/stable/assets/logo.png @@ -15,5 +15,5 @@ maintainers: url: https://argoproj.github.io/ annotations: artifacthub.io/changes: | - - kind: changed - description: Added support for pod labels + - kind: fixed + description: add namespace field for namespace scoped resources diff --git a/charts/argocd-image-updater/templates/configmap-authscripts.yaml b/charts/argocd-image-updater/templates/configmap-authscripts.yaml index fe8341493..3659fbaf5 100644 --- a/charts/argocd-image-updater/templates/configmap-authscripts.yaml +++ b/charts/argocd-image-updater/templates/configmap-authscripts.yaml @@ -5,6 +5,7 @@ metadata: labels: {{- include "argocd-image-updater.labels" . | nindent 4 }} name: argocd-image-updater-authscripts + namespace: {{ .Release.Namespace | quote }} data: {{- toYaml .Values.authScripts.scripts | nindent 2}} {{- end }} diff --git a/charts/argocd-image-updater/templates/configmap-sshconfig.yaml b/charts/argocd-image-updater/templates/configmap-sshconfig.yaml index 548f3100f..45554c0e4 100644 --- a/charts/argocd-image-updater/templates/configmap-sshconfig.yaml +++ b/charts/argocd-image-updater/templates/configmap-sshconfig.yaml @@ -4,6 +4,7 @@ metadata: labels: {{- include "argocd-image-updater.labels" . | nindent 4 }} name: argocd-image-updater-ssh-config + namespace: {{ .Release.Namespace | quote }} data: {{- with .Values.config.sshConfig }} {{- toYaml . | nindent 2 }} diff --git a/charts/argocd-image-updater/templates/configmap.yaml b/charts/argocd-image-updater/templates/configmap.yaml index 0e0b6cfc9..75f69b135 100644 --- a/charts/argocd-image-updater/templates/configmap.yaml +++ b/charts/argocd-image-updater/templates/configmap.yaml @@ -5,6 +5,7 @@ metadata: labels: {{- include "argocd-image-updater.labels" . | nindent 4 }} name: argocd-image-updater-config + namespace: {{ .Release.Namespace | quote }} data: {{- with .Values.config.applicationsAPIKind }} applications_api: {{ . }} diff --git a/charts/argocd-image-updater/templates/deployment.yaml b/charts/argocd-image-updater/templates/deployment.yaml index 936a4a708..9cc71fe3e 100644 --- a/charts/argocd-image-updater/templates/deployment.yaml +++ b/charts/argocd-image-updater/templates/deployment.yaml @@ -2,6 +2,7 @@ apiVersion: apps/v1 kind: Deployment metadata: name: {{ include "argocd-image-updater.fullname" . }} + namespace: {{ .Release.Namespace | quote }} labels: {{- include "argocd-image-updater.labels" . | nindent 4 }} spec: @@ -21,7 +22,7 @@ spec: labels: {{- with .Values.podLabels }} {{- toYaml . | nindent 8 }} - {{- end }} + {{- end }} {{- include "argocd-image-updater.selectorLabels" . | nindent 8 }} spec: {{- with .Values.imagePullSecrets }} diff --git a/charts/argocd-image-updater/templates/metrics-service.yaml b/charts/argocd-image-updater/templates/metrics-service.yaml index 5d1232ae3..186abb41f 100644 --- a/charts/argocd-image-updater/templates/metrics-service.yaml +++ b/charts/argocd-image-updater/templates/metrics-service.yaml @@ -14,6 +14,7 @@ metadata: {{- toYaml . | nindent 4 }} {{- end }} name: {{ include "argocd-image-updater.fullname" . }}-metrics + namespace: {{ .Release.Namespace | quote }} spec: ports: - name: metrics diff --git a/charts/argocd-image-updater/templates/rbac.yaml b/charts/argocd-image-updater/templates/rbac.yaml index cb508a43d..c6316f421 100644 --- a/charts/argocd-image-updater/templates/rbac.yaml +++ b/charts/argocd-image-updater/templates/rbac.yaml @@ -5,7 +5,8 @@ kind: Role metadata: labels: {{ include "argocd-image-updater.labels" . | nindent 4 }} - name: {{ include "argocd-image-updater.fullname" . }} + name: {{ include "argocd-image-updater.fullname" . }} + namespace: {{ .Release.Namespace | quote }} rules: - apiGroups: - '' @@ -45,4 +46,5 @@ roleRef: subjects: - kind: ServiceAccount name: {{ include "argocd-image-updater.serviceAccountName" . }} + namespace: {{ .Release.Namespace | quote }} {{- end }} diff --git a/charts/argocd-image-updater/templates/secret.yaml b/charts/argocd-image-updater/templates/secret.yaml index d0e7bb240..c4cb77818 100644 --- a/charts/argocd-image-updater/templates/secret.yaml +++ b/charts/argocd-image-updater/templates/secret.yaml @@ -3,9 +3,10 @@ apiVersion: v1 kind: Secret metadata: name: argocd-image-updater-secret + namespace: {{ .Release.Namespace | quote }} labels: {{- include "argocd-image-updater.labels" . | nindent 4 }} type: Opaque -data: +data: argocd.token: {{ .Values.config.argocd.token | b64enc }} {{- end }} diff --git a/charts/argocd-image-updater/templates/serviceaccount.yaml b/charts/argocd-image-updater/templates/serviceaccount.yaml index c208ee697..c755731de 100644 --- a/charts/argocd-image-updater/templates/serviceaccount.yaml +++ b/charts/argocd-image-updater/templates/serviceaccount.yaml @@ -3,6 +3,7 @@ apiVersion: v1 kind: ServiceAccount metadata: name: {{ include "argocd-image-updater.serviceAccountName" . }} + namespace: {{ .Release.Namespace | quote }} labels: {{- include "argocd-image-updater.labels" . | nindent 4 }} {{- with .Values.serviceAccount.annotations }} diff --git a/charts/argocd-image-updater/templates/servicemonitor.yaml b/charts/argocd-image-updater/templates/servicemonitor.yaml index fa0b26a6b..969f1190d 100644 --- a/charts/argocd-image-updater/templates/servicemonitor.yaml +++ b/charts/argocd-image-updater/templates/servicemonitor.yaml @@ -3,9 +3,7 @@ apiVersion: monitoring.coreos.com/v1 kind: ServiceMonitor metadata: name: {{ include "argocd-image-updater.fullname" . }}-metrics - {{- with .Values.metrics.serviceMonitor.namespace }} - namespace: {{ . }} - {{- end }} + namespace: {{ default .Release.Namespace .Values.metrics.serviceMonitor.namespace | quote }} labels: {{- include "argocd-image-updater.labels" . | nindent 4 }} {{- with .Values.metrics.serviceMonitor.selector }} From 429b474a4f44e073f8ef2a4da03325083c0122e4 Mon Sep 17 00:00:00 2001 From: Anton Gilgur <4970083+agilgur5@users.noreply.github.com> Date: Sat, 22 Apr 2023 01:53:02 -0400 Subject: [PATCH 106/373] docs(github): comment out notational pieces of PR template (#1969) github: comment out notational pieces of PR template - the DCO and publishing sentences are not filled out during PRs and are purely notational - comment them out with HTML comments, as is common practice - example from a repo I maintain: https://github.com/ezolenko/rollup-plugin-typescript2/blob/f6db59613a66f58c48310aa8fa785951970b5d6d/.github/issue_template.md?plain=1#L2 - I copied that from other repos too - these comments are still visible to the PR author, just not visible when rendered, keeping the PR more concise Signed-off-by: Anton Gilgur Co-authored-by: Marco Kilchhofer --- .github/pull_request_template.md | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/.github/pull_request_template.md b/.github/pull_request_template.md index 65c36c002..ed14509e3 100644 --- a/.github/pull_request_template.md +++ b/.github/pull_request_template.md @@ -1,6 +1,8 @@ + Checklist: @@ -11,4 +13,4 @@ Checklist: * [ ] I have signed off all my commits as required by [DCO](https://github.com/argoproj/argoproj/blob/master/community/CONTRIBUTING.md). * [ ] My build is green ([troubleshooting builds](https://argo-cd.readthedocs.io/en/stable/developer-guide/ci/)). -Changes are automatically published when merged to `main`. They are not published on branches. + From aef554340ff52643c9fbd67afd14fdfa3a0a8b3e Mon Sep 17 00:00:00 2001 From: Anton Gilgur <4970083+agilgur5@users.noreply.github.com> Date: Mon, 24 Apr 2023 01:47:18 -0400 Subject: [PATCH 107/373] feat(argo-workflows): add optional HPA to Server (#1974) --- charts/argo-workflows/Chart.yaml | 4 +- charts/argo-workflows/README.md | 6 +++ .../server/server-deployment-hpa.yaml | 45 +++++++++++++++++++ .../templates/server/server-deployment.yaml | 2 + charts/argo-workflows/values.yaml | 26 +++++++++++ 5 files changed, 81 insertions(+), 2 deletions(-) create mode 100644 charts/argo-workflows/templates/server/server-deployment-hpa.yaml diff --git a/charts/argo-workflows/Chart.yaml b/charts/argo-workflows/Chart.yaml index 616f3cc40..fe52da193 100644 --- a/charts/argo-workflows/Chart.yaml +++ b/charts/argo-workflows/Chart.yaml @@ -3,7 +3,7 @@ appVersion: v3.4.7 name: argo-workflows description: A Helm chart for Argo Workflows type: application -version: 0.24.1 +version: 0.25.0 icon: https://raw.githubusercontent.com/argoproj/argo-workflows/master/docs/assets/argo.png home: https://github.com/argoproj/argo-helm sources: @@ -14,4 +14,4 @@ maintainers: annotations: artifacthub.io/changes: | - kind: added - description: Add option for workflow controller to read all secrets. + description: Add optional HPA for Argo Server diff --git a/charts/argo-workflows/README.md b/charts/argo-workflows/README.md index 463fa4858..50bc7ce9e 100644 --- a/charts/argo-workflows/README.md +++ b/charts/argo-workflows/README.md @@ -237,6 +237,12 @@ Fields to note: | Key | Type | Default | Description | |-----|------|---------|-------------| | server.affinity | object | `{}` | Assign custom [affinity] rules | +| server.autoscaling.behavior | object | `{}` | Configures the scaling behavior of the target in both Up and Down directions. This is only available on HPA apiVersion `autoscaling/v2beta2` and newer | +| server.autoscaling.enabled | bool | `false` | Enable Horizontal Pod Autoscaler ([HPA]) for the Argo Server | +| server.autoscaling.maxReplicas | int | `5` | Maximum number of replicas for the Argo Server [HPA] | +| server.autoscaling.minReplicas | int | `1` | Minimum number of replicas for the Argo Server [HPA] | +| server.autoscaling.targetCPUUtilizationPercentage | int | `50` | Average CPU utilization percentage for the Argo Server [HPA] | +| server.autoscaling.targetMemoryUtilizationPercentage | int | `50` | Average memory utilization percentage for the Argo Server [HPA] | | server.baseHref | string | `"/"` | Value for base href in index.html. Used if the server is running behind reverse proxy under subpath different from /. | | server.clusterWorkflowTemplates.enableEditing | bool | `true` | Give the server permissions to edit ClusterWorkflowTemplates. | | server.clusterWorkflowTemplates.enabled | bool | `true` | Create a ClusterRole and CRB for the server to access ClusterWorkflowTemplates. | diff --git a/charts/argo-workflows/templates/server/server-deployment-hpa.yaml b/charts/argo-workflows/templates/server/server-deployment-hpa.yaml new file mode 100644 index 000000000..ebc45925e --- /dev/null +++ b/charts/argo-workflows/templates/server/server-deployment-hpa.yaml @@ -0,0 +1,45 @@ +{{- if and .Values.server.enabled .Values.server.autoscaling.enabled }} +apiVersion: autoscaling/v2beta1 +kind: HorizontalPodAutoscaler +metadata: + name: {{ template "argo-workflows.server.fullname" . }} + namespace: {{ .Release.Namespace | quote }} + labels: + {{- include "argo-workflows.labels" (dict "context" . "component" .Values.server.name "name" .Values.server.name) | nindent 4 }} +spec: + scaleTargetRef: + apiVersion: apps/v1 + kind: Deployment + name: {{ template "argo-workflows.server.fullname" . }} + minReplicas: {{ .Values.server.autoscaling.minReplicas }} + maxReplicas: {{ .Values.server.autoscaling.maxReplicas }} + metrics: + {{- with .Values.server.autoscaling.targetMemoryUtilizationPercentage }} + - type: Resource + resource: + name: memory + {{- if eq (include "argo-workflows.apiVersion.autoscaling" $) "autoscaling/v2beta1" }} + targetAverageUtilization: {{ . }} + {{- else }} + target: + averageUtilization: {{ . }} + type: Utilization + {{- end }} + {{- end }} + {{- with .Values.server.autoscaling.targetCPUUtilizationPercentage }} + - type: Resource + resource: + name: cpu + {{- if eq (include "argo-workflows.apiVersion.autoscaling" $) "autoscaling/v2beta1" }} + targetAverageUtilization: {{ . }} + {{- else }} + target: + averageUtilization: {{ . }} + type: Utilization + {{- end }} + {{- end }} + {{- with .Values.server.autoscaling.behavior }} + behavior: + {{- toYaml . | nindent 4 }} + {{- end }} +{{- end }} diff --git a/charts/argo-workflows/templates/server/server-deployment.yaml b/charts/argo-workflows/templates/server/server-deployment.yaml index e9da0a1de..d75933ac2 100644 --- a/charts/argo-workflows/templates/server/server-deployment.yaml +++ b/charts/argo-workflows/templates/server/server-deployment.yaml @@ -12,7 +12,9 @@ metadata: {{- toYaml . | nindent 4 }} {{- end }} spec: + {{- if not .Values.server.autoscaling.enabled }} replicas: {{ .Values.server.replicas }} + {{- end }} selector: matchLabels: {{- include "argo-workflows.selectorLabels" (dict "context" . "name" .Values.server.name) | nindent 6 }} diff --git a/charts/argo-workflows/values.yaml b/charts/argo-workflows/values.yaml index 4783e0a6c..2fd166b5c 100644 --- a/charts/argo-workflows/values.yaml +++ b/charts/argo-workflows/values.yaml @@ -431,6 +431,32 @@ server: resources: {} # -- The number of server pods to run replicas: 1 + ## Argo Server Horizontal Pod Autoscaler + autoscaling: + # -- Enable Horizontal Pod Autoscaler ([HPA]) for the Argo Server + enabled: false + # -- Minimum number of replicas for the Argo Server [HPA] + minReplicas: 1 + # -- Maximum number of replicas for the Argo Server [HPA] + maxReplicas: 5 + # -- Average CPU utilization percentage for the Argo Server [HPA] + targetCPUUtilizationPercentage: 50 + # -- Average memory utilization percentage for the Argo Server [HPA] + targetMemoryUtilizationPercentage: 50 + # -- Configures the scaling behavior of the target in both Up and Down directions. + # This is only available on HPA apiVersion `autoscaling/v2beta2` and newer + behavior: {} + # scaleDown: + # stabilizationWindowSeconds: 300 + # policies: + # - type: Pods + # value: 1 + # periodSeconds: 180 + # scaleUp: + # stabilizationWindowSeconds: 300 + # policies: + # - type: Pods + # value: 2 pdb: # -- Configure [Pod Disruption Budget] for the server pods enabled: false From d2853afc24766cee089c918dc0bd0ba77ca57e84 Mon Sep 17 00:00:00 2001 From: aniekgul <13356402+aniekgul@users.noreply.github.com> Date: Mon, 24 Apr 2023 10:40:40 -0400 Subject: [PATCH 108/373] feat(argo-rollouts): add service monitor relabeling configs (#1972) Signed-off-by: Aniek Gul <13356402+aniekgul@users.noreply.github.com> Co-authored-by: Aikawa --- charts/argo-rollouts/Chart.yaml | 4 ++-- charts/argo-rollouts/README.md | 2 ++ .../templates/controller/servicemonitor.yaml | 8 ++++++++ charts/argo-rollouts/values.yaml | 4 ++++ 4 files changed, 16 insertions(+), 2 deletions(-) diff --git a/charts/argo-rollouts/Chart.yaml b/charts/argo-rollouts/Chart.yaml index 376cd8ce1..895826e98 100644 --- a/charts/argo-rollouts/Chart.yaml +++ b/charts/argo-rollouts/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v2 appVersion: v1.4.1 description: A Helm chart for Argo Rollouts name: argo-rollouts -version: 2.25.0 +version: 2.26.0 home: https://github.com/argoproj/argo-helm icon: https://argoproj.github.io/argo-rollouts/assets/logo.png keywords: @@ -16,4 +16,4 @@ maintainers: annotations: artifacthub.io/changes: | - kind: added - description: Ability to provide additional volumes and volumeMounts + description: Ability to provide service monitor relabeling configs diff --git a/charts/argo-rollouts/README.md b/charts/argo-rollouts/README.md index 56a798527..58784cf03 100644 --- a/charts/argo-rollouts/README.md +++ b/charts/argo-rollouts/README.md @@ -89,6 +89,8 @@ For full list of changes please check ArtifactHub [changelog]. | controller.metrics.serviceMonitor.additionalAnnotations | object | `{}` | Annotations to be added to the ServiceMonitor | | controller.metrics.serviceMonitor.additionalLabels | object | `{}` | Labels to be added to the ServiceMonitor | | controller.metrics.serviceMonitor.enabled | bool | `false` | Enable a prometheus ServiceMonitor | +| controller.metrics.serviceMonitor.metricRelabelings | list | `[]` | MetricRelabelConfigs to apply to samples before ingestion | +| controller.metrics.serviceMonitor.relabelings | list | `[]` | RelabelConfigs to apply to samples before scraping | | controller.nodeSelector | object | `{}` | [Node selector] | | controller.pdb.annotations | object | `{}` | Annotations to be added to controller [Pod Disruption Budget] | | controller.pdb.enabled | bool | `false` | Deploy a [Pod Disruption Budget] for the controller | diff --git a/charts/argo-rollouts/templates/controller/servicemonitor.yaml b/charts/argo-rollouts/templates/controller/servicemonitor.yaml index f64dc3285..cb489e3b9 100644 --- a/charts/argo-rollouts/templates/controller/servicemonitor.yaml +++ b/charts/argo-rollouts/templates/controller/servicemonitor.yaml @@ -17,6 +17,14 @@ metadata: spec: endpoints: - port: metrics + {{- with .Values.controller.metrics.serviceMonitor.relabelings }} + relabelings: + {{- toYaml . | nindent 6 }} + {{- end }} + {{- with .Values.controller.metrics.serviceMonitor.metricRelabelings }} + metricRelabelings: + {{- toYaml . | nindent 6 }} + {{- end }} namespaceSelector: matchNames: - {{ .Release.Namespace }} diff --git a/charts/argo-rollouts/values.yaml b/charts/argo-rollouts/values.yaml index e451602f2..28a6f1f81 100644 --- a/charts/argo-rollouts/values.yaml +++ b/charts/argo-rollouts/values.yaml @@ -116,6 +116,10 @@ controller: additionalLabels: {} # -- Annotations to be added to the ServiceMonitor additionalAnnotations: {} + # -- RelabelConfigs to apply to samples before scraping + relabelings: [] + # -- MetricRelabelConfigs to apply to samples before ingestion + metricRelabelings: [] # -- Configure liveness [probe] for the controller # @default -- See [values.yaml] From 00e585342a099fdc4435b816ba6b33b47424afbe Mon Sep 17 00:00:00 2001 From: Stefan Tertan Date: Mon, 24 Apr 2023 17:57:36 +0100 Subject: [PATCH 109/373] feat(argo-workflows): add Prometheus ServiceMonitor relabelings, metricRelabelings & targetLabels (#1977) * feat(argo-workflows): add Prometheus ServiceMonitor relabelings, metricRelabelings & targetLabels Signed-off-by: Stefan Tertan * chore(argo-workflows): bump Helm chart patch version Signed-off-by: Stefan Tertan * docs(argo-workflows): update README.md via `helm-docs` Signed-off-by: Stefan Tertan * chore(argo-workflows): update changelog via chart annotation Signed-off-by: Stefan Tertan * chore(argo-workflows): remove URLs from README Signed-off-by: Stefan Tertan --------- Signed-off-by: Stefan Tertan Co-authored-by: Aikawa --- charts/argo-workflows/Chart.yaml | 4 ++-- charts/argo-workflows/README.md | 3 +++ .../workflow-controller-servicemonitor.yaml | 20 +++++++++++++++++++ charts/argo-workflows/values.yaml | 9 +++++++++ 4 files changed, 34 insertions(+), 2 deletions(-) diff --git a/charts/argo-workflows/Chart.yaml b/charts/argo-workflows/Chart.yaml index fe52da193..51e901cc6 100644 --- a/charts/argo-workflows/Chart.yaml +++ b/charts/argo-workflows/Chart.yaml @@ -3,7 +3,7 @@ appVersion: v3.4.7 name: argo-workflows description: A Helm chart for Argo Workflows type: application -version: 0.25.0 +version: 0.25.1 icon: https://raw.githubusercontent.com/argoproj/argo-workflows/master/docs/assets/argo.png home: https://github.com/argoproj/argo-helm sources: @@ -14,4 +14,4 @@ maintainers: annotations: artifacthub.io/changes: | - kind: added - description: Add optional HPA for Argo Server + description: Add Prometheus ServiceMonitor relabelings, metricRelabelings & targetLabels diff --git a/charts/argo-workflows/README.md b/charts/argo-workflows/README.md index 50bc7ce9e..d918b444b 100644 --- a/charts/argo-workflows/README.md +++ b/charts/argo-workflows/README.md @@ -153,13 +153,16 @@ Fields to note: | controller.logging.level | string | `"info"` | Set the logging level (one of: `debug`, `info`, `warn`, `error`) | | controller.metricsConfig.enabled | bool | `false` | Enables prometheus metrics server | | controller.metricsConfig.ignoreErrors | bool | `false` | Flag that instructs prometheus to ignore metric emission errors. | +| controller.metricsConfig.metricRelabelings | list | `[]` | ServiceMonitor metric relabel configs to apply to samples before ingestion | | controller.metricsConfig.metricsTTL | string | `""` | How often custom metrics are cleared from memory | | controller.metricsConfig.path | string | `"/metrics"` | Path is the path where metrics are emitted. Must start with a "/". | | controller.metricsConfig.port | int | `9090` | Port is the port where metrics are emitted | | controller.metricsConfig.portName | string | `"metrics"` | Container metrics port name | +| controller.metricsConfig.relabelings | list | `[]` | ServiceMonitor relabel configs to apply to samples before scraping | | controller.metricsConfig.secure | bool | `false` | Flag that use a self-signed cert for TLS | | controller.metricsConfig.servicePort | int | `8080` | Service metrics port | | controller.metricsConfig.servicePortName | string | `"metrics"` | Service metrics port name | +| controller.metricsConfig.targetLabels | list | `[]` | ServiceMonitor will add labels from the service to the Prometheus metric | | controller.name | string | `"workflow-controller"` | Workflow controller name string | | controller.namespaceParallelism | string | `nil` | Limits the maximum number of incomplete workflows in a namespace | | controller.navColor | string | `""` | Set ui navigation bar background color | diff --git a/charts/argo-workflows/templates/controller/workflow-controller-servicemonitor.yaml b/charts/argo-workflows/templates/controller/workflow-controller-servicemonitor.yaml index 29fe1b59e..e5e8307fa 100644 --- a/charts/argo-workflows/templates/controller/workflow-controller-servicemonitor.yaml +++ b/charts/argo-workflows/templates/controller/workflow-controller-servicemonitor.yaml @@ -15,11 +15,31 @@ spec: - port: metrics path: {{ .Values.controller.metricsConfig.path }} interval: 30s + {{- with .Values.controller.metricsConfig.relabelings }} + relabelings: + {{- toYaml . | nindent 8 }} + {{- end }} + {{- with .Values.controller.metricsConfig.metricRelabelings }} + metricRelabelings: + {{- toYaml . | nindent 8 }} + {{- end }} {{- end }} {{- if .Values.controller.telemetryConfig.enabled }} - port: telemetry path: {{ .Values.controller.telemetryConfig.path }} interval: 30s + {{- with .Values.controller.metricsConfig.relabelings }} + relabelings: + {{- toYaml . | nindent 8 }} + {{- end }} + {{- with .Values.controller.metricsConfig.metricRelabelings }} + metricRelabelings: + {{- toYaml . | nindent 8 }} + {{- end }} + {{- end }} + {{- with .Values.controller.metricsConfig.targetLabels }} + targetLabels: + {{- toYaml . | nindent 8 }} {{- end }} namespaceSelector: matchNames: diff --git a/charts/argo-workflows/values.yaml b/charts/argo-workflows/values.yaml index 2fd166b5c..7dddf89e6 100644 --- a/charts/argo-workflows/values.yaml +++ b/charts/argo-workflows/values.yaml @@ -111,6 +111,15 @@ controller: servicePort: 8080 # -- Service metrics port name servicePortName: metrics + # -- ServiceMonitor relabel configs to apply to samples before scraping + ## Ref: https://github.com/prometheus-operator/prometheus-operator/blob/master/Documentation/api.md#relabelconfig + relabelings: [] + # -- ServiceMonitor metric relabel configs to apply to samples before ingestion + ## Ref: https://github.com/prometheus-operator/prometheus-operator/blob/main/Documentation/api.md#endpoint + metricRelabelings: [] + # -- ServiceMonitor will add labels from the service to the Prometheus metric + ## Ref: https://github.com/prometheus-operator/prometheus-operator/blob/main/Documentation/api.md#servicemonitorspec + targetLabels: [] # -- the controller container's securityContext securityContext: readOnlyRootFilesystem: true From 086310f23701dff84067a077b987a779ec6cd5b1 Mon Sep 17 00:00:00 2001 From: toyamagu <83329336+toyamagu-2021@users.noreply.github.com> Date: Thu, 27 Apr 2023 21:49:02 +0900 Subject: [PATCH 110/373] fix(argocd-apps): Changed the project field of the applicationset from a tpl to str(#1978) (#1979) fix: Changed the project field of the applicationset from a tpl function to a string. Signed-off-by: tomoki-yamaguchi --- charts/argocd-apps/Chart.yaml | 6 ++-- .../ci/applicationsets-values.yaml | 29 +++++++++++++++++++ .../templates/applicationsets.yaml | 2 +- 3 files changed, 33 insertions(+), 4 deletions(-) diff --git a/charts/argocd-apps/Chart.yaml b/charts/argocd-apps/Chart.yaml index 2f7a6d5cc..c8e37b3b9 100644 --- a/charts/argocd-apps/Chart.yaml +++ b/charts/argocd-apps/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v2 name: argocd-apps description: A Helm chart for managing additional Argo CD Applications and Projects type: application -version: 0.0.9 +version: 1.0.0 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png keywords: @@ -14,5 +14,5 @@ maintainers: url: https://argoproj.github.io/ annotations: artifacthub.io/changes: | - - kind: added - description: Multiple sources for Application and ApplicationSet + - kind: fixed + description: Changed the project field of the applicationset from a tpl function to a string. diff --git a/charts/argocd-apps/ci/applicationsets-values.yaml b/charts/argocd-apps/ci/applicationsets-values.yaml index 2258f422b..6142b1bb5 100644 --- a/charts/argocd-apps/ci/applicationsets-values.yaml +++ b/charts/argocd-apps/ci/applicationsets-values.yaml @@ -42,3 +42,32 @@ applicationsets: syncPolicy: # Set Application finalizer preserveResourcesOnDeletion: false +- name: applicationset-list-generator + generators: + - list: + elements: + - cluster: engineering-dev + url: https://kubernetes.default.svc + template: + metadata: {} + spec: + project: '{{cluster}}' + source: + targetRevision: HEAD + repoURL: https://github.com/argoproj/argo-cd.git + # New path value is generated here: + path: 'applicationset/examples/template-override/{{cluster}}-override' + destination: {} + template: + metadata: + name: '{{cluster}}-guestbook' + spec: + project: '{{cluster}}' + source: + repoURL: https://github.com/argoproj/argo-cd.git + targetRevision: HEAD + # This 'default' value is not used: it is is replaced by the generator's template path, above + path: applicationset/examples/template-override/default + destination: + server: '{{url}}' + namespace: guestbook diff --git a/charts/argocd-apps/templates/applicationsets.yaml b/charts/argocd-apps/templates/applicationsets.yaml index aa7a3b791..bb8b09d1c 100644 --- a/charts/argocd-apps/templates/applicationsets.yaml +++ b/charts/argocd-apps/templates/applicationsets.yaml @@ -51,7 +51,7 @@ spec: {{- end }} {{- with .spec }} spec: - project: {{ tpl .project $ }} + project: {{ .project | squote }} {{- with .source }} source: {{- toYaml . | nindent 8 }} From bc4e00b836335731e4b78dd19e396992dfb068fe Mon Sep 17 00:00:00 2001 From: Tal Yitzhak Date: Fri, 28 Apr 2023 10:54:32 +0300 Subject: [PATCH 111/373] fix(argo-rollouts): Added missing permissions for argo rollouts dashboard cluster role (#1988) --- charts/argo-rollouts/Chart.yaml | 4 ++-- charts/argo-rollouts/templates/dashboard/clusterrole.yaml | 8 ++++++++ 2 files changed, 10 insertions(+), 2 deletions(-) diff --git a/charts/argo-rollouts/Chart.yaml b/charts/argo-rollouts/Chart.yaml index 895826e98..bb95a9865 100644 --- a/charts/argo-rollouts/Chart.yaml +++ b/charts/argo-rollouts/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v2 appVersion: v1.4.1 description: A Helm chart for Argo Rollouts name: argo-rollouts -version: 2.26.0 +version: 2.26.1 home: https://github.com/argoproj/argo-helm icon: https://argoproj.github.io/argo-rollouts/assets/logo.png keywords: @@ -16,4 +16,4 @@ maintainers: annotations: artifacthub.io/changes: | - kind: added - description: Ability to provide service monitor relabeling configs + description: Missing permissions to leases under coordination api group diff --git a/charts/argo-rollouts/templates/dashboard/clusterrole.yaml b/charts/argo-rollouts/templates/dashboard/clusterrole.yaml index 5f05d6e6e..0d69d67e4 100644 --- a/charts/argo-rollouts/templates/dashboard/clusterrole.yaml +++ b/charts/argo-rollouts/templates/dashboard/clusterrole.yaml @@ -71,4 +71,12 @@ rules: verbs: - list - watch + - apiGroups: + - coordination.k8s.io + resources: + - leases + verbs: + - create + - get + - update {{- end }} From 5f807d903b89b3cc2daf02efb08a33b845f01e1f Mon Sep 17 00:00:00 2001 From: Aikawa Date: Tue, 2 May 2023 16:28:34 +0900 Subject: [PATCH 112/373] feat(argo-cd): Upgrade Argo CD to v2.7.0 (#1989) * chore(argo-cd): Upgrade Argo CD to v2.7.0 Signed-off-by: yu-croco * fix(argo-cd): collect syntax Signed-off-by: yu-croco --- charts/argo-cd/Chart.yaml | 8 +- .../templates/crds/crd-application.yaml | 333 +++++++ .../templates/crds/crd-applicationset.yaml | 811 ++++++++++++++++++ 3 files changed, 1148 insertions(+), 4 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index 01aab8419..169a53299 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -1,9 +1,9 @@ apiVersion: v2 -appVersion: v2.6.7 +appVersion: v2.7.0 kubeVersion: ">=1.22.0-0" description: A Helm chart for Argo CD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 5.29.1 +version: 5.30.0 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png sources: @@ -23,5 +23,5 @@ dependencies: condition: redis-ha.enabled annotations: artifacthub.io/changes: | - - kind: fixed - description: Namespace field for some namespaced resources needs to be evaluated via helm root scope + - kind: changed + description: Upgrade Argo CD to v2.7.0 diff --git a/charts/argo-cd/templates/crds/crd-application.yaml b/charts/argo-cd/templates/crds/crd-application.yaml index ae0f7295f..5bb7bfb3e 100644 --- a/charts/argo-cd/templates/crds/crd-application.yaml +++ b/charts/argo-cd/templates/crds/crd-application.yaml @@ -310,6 +310,10 @@ spec: description: CommonAnnotations is a list of additional annotations to add to rendered manifests type: object + commonAnnotationsEnvsubst: + description: CommonAnnotationsEnvsubst specifies whether + to apply env variables substitution for annotation values + type: boolean commonLabels: additionalProperties: type: string @@ -341,6 +345,29 @@ spec: description: NameSuffix is a suffix appended to resources for Kustomize apps type: string + namespace: + description: Namespace sets the namespace that Kustomize + adds to all resources + type: string + replicas: + description: Replicas is a list of Kustomize Replicas + override specifications + items: + properties: + count: + anyOf: + - type: integer + - type: string + description: Number of replicas + x-kubernetes-int-or-string: true + name: + description: Name of Deployment or StatefulSet + type: string + required: + - count + - name + type: object + type: array version: description: Version controls which version of Kustomize to use for rendering manifests @@ -572,6 +599,11 @@ spec: description: CommonAnnotations is a list of additional annotations to add to rendered manifests type: object + commonAnnotationsEnvsubst: + description: CommonAnnotationsEnvsubst specifies whether + to apply env variables substitution for annotation + values + type: boolean commonLabels: additionalProperties: type: string @@ -604,6 +636,29 @@ spec: description: NameSuffix is a suffix appended to resources for Kustomize apps type: string + namespace: + description: Namespace sets the namespace that Kustomize + adds to all resources + type: string + replicas: + description: Replicas is a list of Kustomize Replicas + override specifications + items: + properties: + count: + anyOf: + - type: integer + - type: string + description: Number of replicas + x-kubernetes-int-or-string: true + name: + description: Name of Deployment or StatefulSet + type: string + required: + - count + - name + type: object + type: array version: description: Version controls which version of Kustomize to use for rendering manifests @@ -950,6 +1005,10 @@ spec: description: CommonAnnotations is a list of additional annotations to add to rendered manifests type: object + commonAnnotationsEnvsubst: + description: CommonAnnotationsEnvsubst specifies whether to + apply env variables substitution for annotation values + type: boolean commonLabels: additionalProperties: type: string @@ -980,6 +1039,29 @@ spec: description: NameSuffix is a suffix appended to resources for Kustomize apps type: string + namespace: + description: Namespace sets the namespace that Kustomize adds + to all resources + type: string + replicas: + description: Replicas is a list of Kustomize Replicas override + specifications + items: + properties: + count: + anyOf: + - type: integer + - type: string + description: Number of replicas + x-kubernetes-int-or-string: true + name: + description: Name of Deployment or StatefulSet + type: string + required: + - count + - name + type: object + type: array version: description: Version controls which version of Kustomize to use for rendering manifests @@ -1203,6 +1285,10 @@ spec: description: CommonAnnotations is a list of additional annotations to add to rendered manifests type: object + commonAnnotationsEnvsubst: + description: CommonAnnotationsEnvsubst specifies whether + to apply env variables substitution for annotation values + type: boolean commonLabels: additionalProperties: type: string @@ -1234,6 +1320,29 @@ spec: description: NameSuffix is a suffix appended to resources for Kustomize apps type: string + namespace: + description: Namespace sets the namespace that Kustomize + adds to all resources + type: string + replicas: + description: Replicas is a list of Kustomize Replicas override + specifications + items: + properties: + count: + anyOf: + - type: integer + - type: string + description: Number of replicas + x-kubernetes-int-or-string: true + name: + description: Name of Deployment or StatefulSet + type: string + required: + - count + - name + type: object + type: array version: description: Version controls which version of Kustomize to use for rendering manifests @@ -1604,6 +1713,11 @@ spec: description: CommonAnnotations is a list of additional annotations to add to rendered manifests type: object + commonAnnotationsEnvsubst: + description: CommonAnnotationsEnvsubst specifies whether + to apply env variables substitution for annotation + values + type: boolean commonLabels: additionalProperties: type: string @@ -1636,6 +1750,29 @@ spec: description: NameSuffix is a suffix appended to resources for Kustomize apps type: string + namespace: + description: Namespace sets the namespace that Kustomize + adds to all resources + type: string + replicas: + description: Replicas is a list of Kustomize Replicas + override specifications + items: + properties: + count: + anyOf: + - type: integer + - type: string + description: Number of replicas + x-kubernetes-int-or-string: true + name: + description: Name of Deployment or StatefulSet + type: string + required: + - count + - name + type: object + type: array version: description: Version controls which version of Kustomize to use for rendering manifests @@ -1869,6 +2006,11 @@ spec: description: CommonAnnotations is a list of additional annotations to add to rendered manifests type: object + commonAnnotationsEnvsubst: + description: CommonAnnotationsEnvsubst specifies whether + to apply env variables substitution for annotation + values + type: boolean commonLabels: additionalProperties: type: string @@ -1901,6 +2043,29 @@ spec: description: NameSuffix is a suffix appended to resources for Kustomize apps type: string + namespace: + description: Namespace sets the namespace that Kustomize + adds to all resources + type: string + replicas: + description: Replicas is a list of Kustomize Replicas + override specifications + items: + properties: + count: + anyOf: + - type: integer + - type: string + description: Number of replicas + x-kubernetes-int-or-string: true + name: + description: Name of Deployment or StatefulSet + type: string + required: + - count + - name + type: object + type: array version: description: Version controls which version of Kustomize to use for rendering manifests @@ -2279,6 +2444,11 @@ spec: description: CommonAnnotations is a list of additional annotations to add to rendered manifests type: object + commonAnnotationsEnvsubst: + description: CommonAnnotationsEnvsubst specifies + whether to apply env variables substitution + for annotation values + type: boolean commonLabels: additionalProperties: type: string @@ -2311,6 +2481,29 @@ spec: description: NameSuffix is a suffix appended to resources for Kustomize apps type: string + namespace: + description: Namespace sets the namespace that + Kustomize adds to all resources + type: string + replicas: + description: Replicas is a list of Kustomize Replicas + override specifications + items: + properties: + count: + anyOf: + - type: integer + - type: string + description: Number of replicas + x-kubernetes-int-or-string: true + name: + description: Name of Deployment or StatefulSet + type: string + required: + - count + - name + type: object + type: array version: description: Version controls which version of Kustomize to use for rendering manifests @@ -2562,6 +2755,11 @@ spec: additional annotations to add to rendered manifests type: object + commonAnnotationsEnvsubst: + description: CommonAnnotationsEnvsubst specifies + whether to apply env variables substitution + for annotation values + type: boolean commonLabels: additionalProperties: type: string @@ -2594,6 +2792,29 @@ spec: description: NameSuffix is a suffix appended to resources for Kustomize apps type: string + namespace: + description: Namespace sets the namespace that + Kustomize adds to all resources + type: string + replicas: + description: Replicas is a list of Kustomize + Replicas override specifications + items: + properties: + count: + anyOf: + - type: integer + - type: string + description: Number of replicas + x-kubernetes-int-or-string: true + name: + description: Name of Deployment or StatefulSet + type: string + required: + - count + - name + type: object + type: array version: description: Version controls which version of Kustomize to use for rendering manifests @@ -2945,6 +3166,11 @@ spec: description: CommonAnnotations is a list of additional annotations to add to rendered manifests type: object + commonAnnotationsEnvsubst: + description: CommonAnnotationsEnvsubst specifies whether + to apply env variables substitution for annotation + values + type: boolean commonLabels: additionalProperties: type: string @@ -2977,6 +3203,29 @@ spec: description: NameSuffix is a suffix appended to resources for Kustomize apps type: string + namespace: + description: Namespace sets the namespace that Kustomize + adds to all resources + type: string + replicas: + description: Replicas is a list of Kustomize Replicas + override specifications + items: + properties: + count: + anyOf: + - type: integer + - type: string + description: Number of replicas + x-kubernetes-int-or-string: true + name: + description: Name of Deployment or StatefulSet + type: string + required: + - count + - name + type: object + type: array version: description: Version controls which version of Kustomize to use for rendering manifests @@ -3221,6 +3470,11 @@ spec: description: CommonAnnotations is a list of additional annotations to add to rendered manifests type: object + commonAnnotationsEnvsubst: + description: CommonAnnotationsEnvsubst specifies + whether to apply env variables substitution for + annotation values + type: boolean commonLabels: additionalProperties: type: string @@ -3253,6 +3507,29 @@ spec: description: NameSuffix is a suffix appended to resources for Kustomize apps type: string + namespace: + description: Namespace sets the namespace that Kustomize + adds to all resources + type: string + replicas: + description: Replicas is a list of Kustomize Replicas + override specifications + items: + properties: + count: + anyOf: + - type: integer + - type: string + description: Number of replicas + x-kubernetes-int-or-string: true + name: + description: Name of Deployment or StatefulSet + type: string + required: + - count + - name + type: object + type: array version: description: Version controls which version of Kustomize to use for rendering manifests @@ -3602,6 +3879,11 @@ spec: description: CommonAnnotations is a list of additional annotations to add to rendered manifests type: object + commonAnnotationsEnvsubst: + description: CommonAnnotationsEnvsubst specifies whether + to apply env variables substitution for annotation + values + type: boolean commonLabels: additionalProperties: type: string @@ -3634,6 +3916,29 @@ spec: description: NameSuffix is a suffix appended to resources for Kustomize apps type: string + namespace: + description: Namespace sets the namespace that Kustomize + adds to all resources + type: string + replicas: + description: Replicas is a list of Kustomize Replicas + override specifications + items: + properties: + count: + anyOf: + - type: integer + - type: string + description: Number of replicas + x-kubernetes-int-or-string: true + name: + description: Name of Deployment or StatefulSet + type: string + required: + - count + - name + type: object + type: array version: description: Version controls which version of Kustomize to use for rendering manifests @@ -3878,6 +4183,11 @@ spec: description: CommonAnnotations is a list of additional annotations to add to rendered manifests type: object + commonAnnotationsEnvsubst: + description: CommonAnnotationsEnvsubst specifies + whether to apply env variables substitution for + annotation values + type: boolean commonLabels: additionalProperties: type: string @@ -3910,6 +4220,29 @@ spec: description: NameSuffix is a suffix appended to resources for Kustomize apps type: string + namespace: + description: Namespace sets the namespace that Kustomize + adds to all resources + type: string + replicas: + description: Replicas is a list of Kustomize Replicas + override specifications + items: + properties: + count: + anyOf: + - type: integer + - type: string + description: Number of replicas + x-kubernetes-int-or-string: true + name: + description: Name of Deployment or StatefulSet + type: string + required: + - count + - name + type: object + type: array version: description: Version controls which version of Kustomize to use for rendering manifests diff --git a/charts/argo-cd/templates/crds/crd-applicationset.yaml b/charts/argo-cd/templates/crds/crd-applicationset.yaml index 434522422..f9bfde6c6 100644 --- a/charts/argo-cd/templates/crds/crd-applicationset.yaml +++ b/charts/argo-cd/templates/crds/crd-applicationset.yaml @@ -241,6 +241,8 @@ spec: additionalProperties: type: string type: object + commonAnnotationsEnvsubst: + type: boolean commonLabels: additionalProperties: type: string @@ -257,6 +259,23 @@ spec: type: string nameSuffix: type: string + namespace: + type: string + replicas: + items: + properties: + count: + anyOf: + - type: integer + - type: string + x-kubernetes-int-or-string: true + name: + type: string + required: + - count + - name + type: object + type: array version: type: string type: object @@ -399,6 +418,8 @@ spec: additionalProperties: type: string type: object + commonAnnotationsEnvsubst: + type: boolean commonLabels: additionalProperties: type: string @@ -415,6 +436,23 @@ spec: type: string nameSuffix: type: string + namespace: + type: string + replicas: + items: + properties: + count: + anyOf: + - type: integer + - type: string + x-kubernetes-int-or-string: true + name: + type: string + required: + - count + - name + type: object + type: array version: type: string type: object @@ -716,6 +754,8 @@ spec: additionalProperties: type: string type: object + commonAnnotationsEnvsubst: + type: boolean commonLabels: additionalProperties: type: string @@ -732,6 +772,23 @@ spec: type: string nameSuffix: type: string + namespace: + type: string + replicas: + items: + properties: + count: + anyOf: + - type: integer + - type: string + x-kubernetes-int-or-string: true + name: + type: string + required: + - count + - name + type: object + type: array version: type: string type: object @@ -874,6 +931,8 @@ spec: additionalProperties: type: string type: object + commonAnnotationsEnvsubst: + type: boolean commonLabels: additionalProperties: type: string @@ -890,6 +949,23 @@ spec: type: string nameSuffix: type: string + namespace: + type: string + replicas: + items: + properties: + count: + anyOf: + - type: integer + - type: string + x-kubernetes-int-or-string: true + name: + type: string + required: + - count + - name + type: object + type: array version: type: string type: object @@ -1195,6 +1271,8 @@ spec: additionalProperties: type: string type: object + commonAnnotationsEnvsubst: + type: boolean commonLabels: additionalProperties: type: string @@ -1211,6 +1289,23 @@ spec: type: string nameSuffix: type: string + namespace: + type: string + replicas: + items: + properties: + count: + anyOf: + - type: integer + - type: string + x-kubernetes-int-or-string: true + name: + type: string + required: + - count + - name + type: object + type: array version: type: string type: object @@ -1353,6 +1448,8 @@ spec: additionalProperties: type: string type: object + commonAnnotationsEnvsubst: + type: boolean commonLabels: additionalProperties: type: string @@ -1369,6 +1466,23 @@ spec: type: string nameSuffix: type: string + namespace: + type: string + replicas: + items: + properties: + count: + anyOf: + - type: integer + - type: string + x-kubernetes-int-or-string: true + name: + type: string + required: + - count + - name + type: object + type: array version: type: string type: object @@ -1479,6 +1593,8 @@ spec: items: x-kubernetes-preserve-unknown-fields: true type: array + elementsYaml: + type: string template: properties: metadata: @@ -1648,6 +1764,8 @@ spec: additionalProperties: type: string type: object + commonAnnotationsEnvsubst: + type: boolean commonLabels: additionalProperties: type: string @@ -1664,6 +1782,23 @@ spec: type: string nameSuffix: type: string + namespace: + type: string + replicas: + items: + properties: + count: + anyOf: + - type: integer + - type: string + x-kubernetes-int-or-string: true + name: + type: string + required: + - count + - name + type: object + type: array version: type: string type: object @@ -1806,6 +1941,8 @@ spec: additionalProperties: type: string type: object + commonAnnotationsEnvsubst: + type: boolean commonLabels: additionalProperties: type: string @@ -1822,6 +1959,23 @@ spec: type: string nameSuffix: type: string + namespace: + type: string + replicas: + items: + properties: + count: + anyOf: + - type: integer + - type: string + x-kubernetes-int-or-string: true + name: + type: string + required: + - count + - name + type: object + type: array version: type: string type: object @@ -2131,6 +2285,8 @@ spec: additionalProperties: type: string type: object + commonAnnotationsEnvsubst: + type: boolean commonLabels: additionalProperties: type: string @@ -2147,6 +2303,23 @@ spec: type: string nameSuffix: type: string + namespace: + type: string + replicas: + items: + properties: + count: + anyOf: + - type: integer + - type: string + x-kubernetes-int-or-string: true + name: + type: string + required: + - count + - name + type: object + type: array version: type: string type: object @@ -2289,6 +2462,8 @@ spec: additionalProperties: type: string type: object + commonAnnotationsEnvsubst: + type: boolean commonLabels: additionalProperties: type: string @@ -2305,6 +2480,23 @@ spec: type: string nameSuffix: type: string + namespace: + type: string + replicas: + items: + properties: + count: + anyOf: + - type: integer + - type: string + x-kubernetes-int-or-string: true + name: + type: string + required: + - count + - name + type: object + type: array version: type: string type: object @@ -2606,6 +2798,8 @@ spec: additionalProperties: type: string type: object + commonAnnotationsEnvsubst: + type: boolean commonLabels: additionalProperties: type: string @@ -2622,6 +2816,23 @@ spec: type: string nameSuffix: type: string + namespace: + type: string + replicas: + items: + properties: + count: + anyOf: + - type: integer + - type: string + x-kubernetes-int-or-string: true + name: + type: string + required: + - count + - name + type: object + type: array version: type: string type: object @@ -2764,6 +2975,8 @@ spec: additionalProperties: type: string type: object + commonAnnotationsEnvsubst: + type: boolean commonLabels: additionalProperties: type: string @@ -2780,6 +2993,23 @@ spec: type: string nameSuffix: type: string + namespace: + type: string + replicas: + items: + properties: + count: + anyOf: + - type: integer + - type: string + x-kubernetes-int-or-string: true + name: + type: string + required: + - count + - name + type: object + type: array version: type: string type: object @@ -3085,6 +3315,8 @@ spec: additionalProperties: type: string type: object + commonAnnotationsEnvsubst: + type: boolean commonLabels: additionalProperties: type: string @@ -3101,6 +3333,23 @@ spec: type: string nameSuffix: type: string + namespace: + type: string + replicas: + items: + properties: + count: + anyOf: + - type: integer + - type: string + x-kubernetes-int-or-string: true + name: + type: string + required: + - count + - name + type: object + type: array version: type: string type: object @@ -3243,6 +3492,8 @@ spec: additionalProperties: type: string type: object + commonAnnotationsEnvsubst: + type: boolean commonLabels: additionalProperties: type: string @@ -3259,6 +3510,23 @@ spec: type: string nameSuffix: type: string + namespace: + type: string + replicas: + items: + properties: + count: + anyOf: + - type: integer + - type: string + x-kubernetes-int-or-string: true + name: + type: string + required: + - count + - name + type: object + type: array version: type: string type: object @@ -3369,6 +3637,8 @@ spec: items: x-kubernetes-preserve-unknown-fields: true type: array + elementsYaml: + type: string template: properties: metadata: @@ -3538,6 +3808,8 @@ spec: additionalProperties: type: string type: object + commonAnnotationsEnvsubst: + type: boolean commonLabels: additionalProperties: type: string @@ -3554,6 +3826,23 @@ spec: type: string nameSuffix: type: string + namespace: + type: string + replicas: + items: + properties: + count: + anyOf: + - type: integer + - type: string + x-kubernetes-int-or-string: true + name: + type: string + required: + - count + - name + type: object + type: array version: type: string type: object @@ -3696,6 +3985,8 @@ spec: additionalProperties: type: string type: object + commonAnnotationsEnvsubst: + type: boolean commonLabels: additionalProperties: type: string @@ -3712,6 +4003,23 @@ spec: type: string nameSuffix: type: string + namespace: + type: string + replicas: + items: + properties: + count: + anyOf: + - type: integer + - type: string + x-kubernetes-int-or-string: true + name: + type: string + required: + - count + - name + type: object + type: array version: type: string type: object @@ -4109,6 +4417,8 @@ spec: additionalProperties: type: string type: object + commonAnnotationsEnvsubst: + type: boolean commonLabels: additionalProperties: type: string @@ -4125,6 +4435,23 @@ spec: type: string nameSuffix: type: string + namespace: + type: string + replicas: + items: + properties: + count: + anyOf: + - type: integer + - type: string + x-kubernetes-int-or-string: true + name: + type: string + required: + - count + - name + type: object + type: array version: type: string type: object @@ -4267,6 +4594,8 @@ spec: additionalProperties: type: string type: object + commonAnnotationsEnvsubst: + type: boolean commonLabels: additionalProperties: type: string @@ -4283,6 +4612,23 @@ spec: type: string nameSuffix: type: string + namespace: + type: string + replicas: + items: + properties: + count: + anyOf: + - type: integer + - type: string + x-kubernetes-int-or-string: true + name: + type: string + required: + - count + - name + type: object + type: array version: type: string type: object @@ -4727,6 +5073,8 @@ spec: additionalProperties: type: string type: object + commonAnnotationsEnvsubst: + type: boolean commonLabels: additionalProperties: type: string @@ -4743,6 +5091,23 @@ spec: type: string nameSuffix: type: string + namespace: + type: string + replicas: + items: + properties: + count: + anyOf: + - type: integer + - type: string + x-kubernetes-int-or-string: true + name: + type: string + required: + - count + - name + type: object + type: array version: type: string type: object @@ -4885,6 +5250,8 @@ spec: additionalProperties: type: string type: object + commonAnnotationsEnvsubst: + type: boolean commonLabels: additionalProperties: type: string @@ -4901,6 +5268,23 @@ spec: type: string nameSuffix: type: string + namespace: + type: string + replicas: + items: + properties: + count: + anyOf: + - type: integer + - type: string + x-kubernetes-int-or-string: true + name: + type: string + required: + - count + - name + type: object + type: array version: type: string type: object @@ -5196,6 +5580,8 @@ spec: additionalProperties: type: string type: object + commonAnnotationsEnvsubst: + type: boolean commonLabels: additionalProperties: type: string @@ -5212,6 +5598,23 @@ spec: type: string nameSuffix: type: string + namespace: + type: string + replicas: + items: + properties: + count: + anyOf: + - type: integer + - type: string + x-kubernetes-int-or-string: true + name: + type: string + required: + - count + - name + type: object + type: array version: type: string type: object @@ -5354,6 +5757,8 @@ spec: additionalProperties: type: string type: object + commonAnnotationsEnvsubst: + type: boolean commonLabels: additionalProperties: type: string @@ -5370,6 +5775,23 @@ spec: type: string nameSuffix: type: string + namespace: + type: string + replicas: + items: + properties: + count: + anyOf: + - type: integer + - type: string + x-kubernetes-int-or-string: true + name: + type: string + required: + - count + - name + type: object + type: array version: type: string type: object @@ -5679,6 +6101,8 @@ spec: additionalProperties: type: string type: object + commonAnnotationsEnvsubst: + type: boolean commonLabels: additionalProperties: type: string @@ -5695,6 +6119,23 @@ spec: type: string nameSuffix: type: string + namespace: + type: string + replicas: + items: + properties: + count: + anyOf: + - type: integer + - type: string + x-kubernetes-int-or-string: true + name: + type: string + required: + - count + - name + type: object + type: array version: type: string type: object @@ -5837,6 +6278,8 @@ spec: additionalProperties: type: string type: object + commonAnnotationsEnvsubst: + type: boolean commonLabels: additionalProperties: type: string @@ -5853,6 +6296,23 @@ spec: type: string nameSuffix: type: string + namespace: + type: string + replicas: + items: + properties: + count: + anyOf: + - type: integer + - type: string + x-kubernetes-int-or-string: true + name: + type: string + required: + - count + - name + type: object + type: array version: type: string type: object @@ -6154,6 +6614,8 @@ spec: additionalProperties: type: string type: object + commonAnnotationsEnvsubst: + type: boolean commonLabels: additionalProperties: type: string @@ -6170,6 +6632,23 @@ spec: type: string nameSuffix: type: string + namespace: + type: string + replicas: + items: + properties: + count: + anyOf: + - type: integer + - type: string + x-kubernetes-int-or-string: true + name: + type: string + required: + - count + - name + type: object + type: array version: type: string type: object @@ -6312,6 +6791,8 @@ spec: additionalProperties: type: string type: object + commonAnnotationsEnvsubst: + type: boolean commonLabels: additionalProperties: type: string @@ -6328,6 +6809,23 @@ spec: type: string nameSuffix: type: string + namespace: + type: string + replicas: + items: + properties: + count: + anyOf: + - type: integer + - type: string + x-kubernetes-int-or-string: true + name: + type: string + required: + - count + - name + type: object + type: array version: type: string type: object @@ -6633,6 +7131,8 @@ spec: additionalProperties: type: string type: object + commonAnnotationsEnvsubst: + type: boolean commonLabels: additionalProperties: type: string @@ -6649,6 +7149,23 @@ spec: type: string nameSuffix: type: string + namespace: + type: string + replicas: + items: + properties: + count: + anyOf: + - type: integer + - type: string + x-kubernetes-int-or-string: true + name: + type: string + required: + - count + - name + type: object + type: array version: type: string type: object @@ -6791,6 +7308,8 @@ spec: additionalProperties: type: string type: object + commonAnnotationsEnvsubst: + type: boolean commonLabels: additionalProperties: type: string @@ -6807,6 +7326,23 @@ spec: type: string nameSuffix: type: string + namespace: + type: string + replicas: + items: + properties: + count: + anyOf: + - type: integer + - type: string + x-kubernetes-int-or-string: true + name: + type: string + required: + - count + - name + type: object + type: array version: type: string type: object @@ -6917,6 +7453,8 @@ spec: items: x-kubernetes-preserve-unknown-fields: true type: array + elementsYaml: + type: string template: properties: metadata: @@ -7086,6 +7624,8 @@ spec: additionalProperties: type: string type: object + commonAnnotationsEnvsubst: + type: boolean commonLabels: additionalProperties: type: string @@ -7102,6 +7642,23 @@ spec: type: string nameSuffix: type: string + namespace: + type: string + replicas: + items: + properties: + count: + anyOf: + - type: integer + - type: string + x-kubernetes-int-or-string: true + name: + type: string + required: + - count + - name + type: object + type: array version: type: string type: object @@ -7244,6 +7801,8 @@ spec: additionalProperties: type: string type: object + commonAnnotationsEnvsubst: + type: boolean commonLabels: additionalProperties: type: string @@ -7260,6 +7819,23 @@ spec: type: string nameSuffix: type: string + namespace: + type: string + replicas: + items: + properties: + count: + anyOf: + - type: integer + - type: string + x-kubernetes-int-or-string: true + name: + type: string + required: + - count + - name + type: object + type: array version: type: string type: object @@ -7657,6 +8233,8 @@ spec: additionalProperties: type: string type: object + commonAnnotationsEnvsubst: + type: boolean commonLabels: additionalProperties: type: string @@ -7673,6 +8251,23 @@ spec: type: string nameSuffix: type: string + namespace: + type: string + replicas: + items: + properties: + count: + anyOf: + - type: integer + - type: string + x-kubernetes-int-or-string: true + name: + type: string + required: + - count + - name + type: object + type: array version: type: string type: object @@ -7815,6 +8410,8 @@ spec: additionalProperties: type: string type: object + commonAnnotationsEnvsubst: + type: boolean commonLabels: additionalProperties: type: string @@ -7831,6 +8428,23 @@ spec: type: string nameSuffix: type: string + namespace: + type: string + replicas: + items: + properties: + count: + anyOf: + - type: integer + - type: string + x-kubernetes-int-or-string: true + name: + type: string + required: + - count + - name + type: object + type: array version: type: string type: object @@ -8275,6 +8889,8 @@ spec: additionalProperties: type: string type: object + commonAnnotationsEnvsubst: + type: boolean commonLabels: additionalProperties: type: string @@ -8291,6 +8907,23 @@ spec: type: string nameSuffix: type: string + namespace: + type: string + replicas: + items: + properties: + count: + anyOf: + - type: integer + - type: string + x-kubernetes-int-or-string: true + name: + type: string + required: + - count + - name + type: object + type: array version: type: string type: object @@ -8433,6 +9066,8 @@ spec: additionalProperties: type: string type: object + commonAnnotationsEnvsubst: + type: boolean commonLabels: additionalProperties: type: string @@ -8449,6 +9084,23 @@ spec: type: string nameSuffix: type: string + namespace: + type: string + replicas: + items: + properties: + count: + anyOf: + - type: integer + - type: string + x-kubernetes-int-or-string: true + name: + type: string + required: + - count + - name + type: object + type: array version: type: string type: object @@ -8748,6 +9400,8 @@ spec: additionalProperties: type: string type: object + commonAnnotationsEnvsubst: + type: boolean commonLabels: additionalProperties: type: string @@ -8764,6 +9418,23 @@ spec: type: string nameSuffix: type: string + namespace: + type: string + replicas: + items: + properties: + count: + anyOf: + - type: integer + - type: string + x-kubernetes-int-or-string: true + name: + type: string + required: + - count + - name + type: object + type: array version: type: string type: object @@ -8906,6 +9577,8 @@ spec: additionalProperties: type: string type: object + commonAnnotationsEnvsubst: + type: boolean commonLabels: additionalProperties: type: string @@ -8922,6 +9595,23 @@ spec: type: string nameSuffix: type: string + namespace: + type: string + replicas: + items: + properties: + count: + anyOf: + - type: integer + - type: string + x-kubernetes-int-or-string: true + name: + type: string + required: + - count + - name + type: object + type: array version: type: string type: object @@ -9316,6 +10006,8 @@ spec: additionalProperties: type: string type: object + commonAnnotationsEnvsubst: + type: boolean commonLabels: additionalProperties: type: string @@ -9332,6 +10024,23 @@ spec: type: string nameSuffix: type: string + namespace: + type: string + replicas: + items: + properties: + count: + anyOf: + - type: integer + - type: string + x-kubernetes-int-or-string: true + name: + type: string + required: + - count + - name + type: object + type: array version: type: string type: object @@ -9474,6 +10183,8 @@ spec: additionalProperties: type: string type: object + commonAnnotationsEnvsubst: + type: boolean commonLabels: additionalProperties: type: string @@ -9490,6 +10201,23 @@ spec: type: string nameSuffix: type: string + namespace: + type: string + replicas: + items: + properties: + count: + anyOf: + - type: integer + - type: string + x-kubernetes-int-or-string: true + name: + type: string + required: + - count + - name + type: object + type: array version: type: string type: object @@ -9934,6 +10662,8 @@ spec: additionalProperties: type: string type: object + commonAnnotationsEnvsubst: + type: boolean commonLabels: additionalProperties: type: string @@ -9950,6 +10680,23 @@ spec: type: string nameSuffix: type: string + namespace: + type: string + replicas: + items: + properties: + count: + anyOf: + - type: integer + - type: string + x-kubernetes-int-or-string: true + name: + type: string + required: + - count + - name + type: object + type: array version: type: string type: object @@ -10092,6 +10839,8 @@ spec: additionalProperties: type: string type: object + commonAnnotationsEnvsubst: + type: boolean commonLabels: additionalProperties: type: string @@ -10108,6 +10857,23 @@ spec: type: string nameSuffix: type: string + namespace: + type: string + replicas: + items: + properties: + count: + anyOf: + - type: integer + - type: string + x-kubernetes-int-or-string: true + name: + type: string + required: + - count + - name + type: object + type: array version: type: string type: object @@ -10236,6 +11002,13 @@ spec: type: array goTemplate: type: boolean + preservedFields: + properties: + annotations: + items: + type: string + type: array + type: object strategy: properties: rollingSync: @@ -10441,6 +11214,8 @@ spec: additionalProperties: type: string type: object + commonAnnotationsEnvsubst: + type: boolean commonLabels: additionalProperties: type: string @@ -10457,6 +11232,23 @@ spec: type: string nameSuffix: type: string + namespace: + type: string + replicas: + items: + properties: + count: + anyOf: + - type: integer + - type: string + x-kubernetes-int-or-string: true + name: + type: string + required: + - count + - name + type: object + type: array version: type: string type: object @@ -10599,6 +11391,8 @@ spec: additionalProperties: type: string type: object + commonAnnotationsEnvsubst: + type: boolean commonLabels: additionalProperties: type: string @@ -10615,6 +11409,23 @@ spec: type: string nameSuffix: type: string + namespace: + type: string + replicas: + items: + properties: + count: + anyOf: + - type: integer + - type: string + x-kubernetes-int-or-string: true + name: + type: string + required: + - count + - name + type: object + type: array version: type: string type: object From b9fa30883b5dae8648b822f56ffb81a6f566653f Mon Sep 17 00:00:00 2001 From: Aikawa Date: Tue, 2 May 2023 19:28:13 +0900 Subject: [PATCH 113/373] chore(argo-cd): Upgrade Dex and Redis (#1990) Signed-off-by: yu-croco --- charts/argo-cd/Chart.yaml | 6 ++++-- charts/argo-cd/README.md | 6 +++--- charts/argo-cd/values.yaml | 6 +++--- 3 files changed, 10 insertions(+), 8 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index 169a53299..675f66eda 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -3,7 +3,7 @@ appVersion: v2.7.0 kubeVersion: ">=1.22.0-0" description: A Helm chart for Argo CD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 5.30.0 +version: 5.30.1 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png sources: @@ -24,4 +24,6 @@ dependencies: annotations: artifacthub.io/changes: | - kind: changed - description: Upgrade Argo CD to v2.7.0 + description: Upgrade Dex to v2.36.0 + - kind: changed + description: Upgrade Redis to v7.0.11 for avoiding CVE-2023-0464 diff --git a/charts/argo-cd/README.md b/charts/argo-cd/README.md index b90af7afa..254f25578 100644 --- a/charts/argo-cd/README.md +++ b/charts/argo-cd/README.md @@ -835,7 +835,7 @@ server: | dex.extraContainers | list | `[]` | Additional containers to be added to the dex pod | | dex.image.imagePullPolicy | string | `""` (defaults to global.image.imagePullPolicy) | Dex imagePullPolicy | | dex.image.repository | string | `"ghcr.io/dexidp/dex"` | Dex image repository | -| dex.image.tag | string | `"v2.35.3"` | Dex image tag | +| dex.image.tag | string | `"v2.36.0"` | Dex image tag | | dex.imagePullSecrets | list | `[]` (defaults to global.imagePullSecrets) | Secrets with credentials to pull images from a private registry | | dex.initContainers | list | `[]` | Init containers to add to the dex pod | | dex.initImage.imagePullPolicy | string | `""` (defaults to global.image.imagePullPolicy) | Argo CD init image imagePullPolicy | @@ -921,7 +921,7 @@ server: | redis.extraContainers | list | `[]` | Additional containers to be added to the redis pod | | redis.image.imagePullPolicy | string | `""` (defaults to global.image.imagePullPolicy) | Redis image pull policy | | redis.image.repository | string | `"public.ecr.aws/docker/library/redis"` | Redis repository | -| redis.image.tag | string | `"7.0.7-alpine"` | Redis tag | +| redis.image.tag | string | `"7.0.11-alpine"` | Redis tag | | redis.imagePullSecrets | list | `[]` (defaults to global.imagePullSecrets) | Secrets with credentials to pull images from a private registry | | redis.initContainers | list | `[]` | Init containers to add to the redis pod | | redis.metrics.enabled | bool | `false` | Deploy metrics service | @@ -979,7 +979,7 @@ The main options are listed here: | redis-ha.exporter.tag | string | `"1.45.0"` | Tag to use for the redis-exporter | | redis-ha.haproxy.enabled | bool | `true` | Enabled HAProxy LoadBalancing/Proxy | | redis-ha.haproxy.metrics.enabled | bool | `true` | HAProxy enable prometheus metric scraping | -| redis-ha.image.tag | string | `"7.0.7-alpine"` | Redis tag | +| redis-ha.image.tag | string | `"7.0.11-alpine"` | Redis tag | | redis-ha.persistentVolume.enabled | bool | `false` | Configures persistence on Redis nodes | | redis-ha.redis.config | object | See [values.yaml] | Any valid redis config options in this section will be applied to each server (see `redis-ha` chart) | | redis-ha.redis.config.save | string | `'""'` | Will save the DB if both the given number of seconds and the given number of write operations against the DB occurred. `""` is disabled | diff --git a/charts/argo-cd/values.yaml b/charts/argo-cd/values.yaml index 32b9060c9..6702078eb 100644 --- a/charts/argo-cd/values.yaml +++ b/charts/argo-cd/values.yaml @@ -915,7 +915,7 @@ dex: # -- Dex image repository repository: ghcr.io/dexidp/dex # -- Dex image tag - tag: v2.35.3 + tag: v2.36.0 # -- Dex imagePullPolicy # @default -- `""` (defaults to global.image.imagePullPolicy) imagePullPolicy: "" @@ -1141,7 +1141,7 @@ redis: # -- Redis repository repository: public.ecr.aws/docker/library/redis # -- Redis tag - tag: 7.0.7-alpine + tag: 7.0.11-alpine # -- Redis image pull policy # @default -- `""` (defaults to global.image.imagePullPolicy) imagePullPolicy: "" @@ -1384,7 +1384,7 @@ redis-ha: enabled: true image: # -- Redis tag - tag: 7.0.7-alpine + tag: 7.0.11-alpine ## https://kubernetes.io/docs/concepts/workloads/pods/pod-topology-spread-constraints/ topologySpreadConstraints: From decfc73a3fb794c375bd5a3dbd798be8cdfe51cc Mon Sep 17 00:00:00 2001 From: Aikawa Date: Tue, 2 May 2023 21:29:30 +0900 Subject: [PATCH 114/373] feat(argo-cd): Use tini as the ENTRYPOINT (#1991) --- charts/argo-cd/Chart.yaml | 6 ++---- charts/argo-cd/README.md | 8 ++++++-- charts/argo-cd/README.md.gotmpl | 6 ++++++ .../argocd-application-controller/statefulset.yaml | 4 ++-- .../templates/argocd-applicationset/deployment.yaml | 6 +----- .../templates/argocd-notifications/deployment.yaml | 4 ++-- .../argo-cd/templates/argocd-repo-server/deployment.yaml | 8 ++------ charts/argo-cd/templates/argocd-server/deployment.yaml | 4 ++-- charts/argo-cd/templates/dex/deployment.yaml | 4 ++-- charts/argo-cd/values.yaml | 8 -------- 10 files changed, 25 insertions(+), 33 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index 675f66eda..2467144f0 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -3,7 +3,7 @@ appVersion: v2.7.0 kubeVersion: ">=1.22.0-0" description: A Helm chart for Argo CD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 5.30.1 +version: 5.31.0 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png sources: @@ -24,6 +24,4 @@ dependencies: annotations: artifacthub.io/changes: | - kind: changed - description: Upgrade Dex to v2.36.0 - - kind: changed - description: Upgrade Redis to v7.0.11 for avoiding CVE-2023-0464 + description: Use tini as the ENTRYPOINT diff --git a/charts/argo-cd/README.md b/charts/argo-cd/README.md index 254f25578..f1f0845fc 100644 --- a/charts/argo-cd/README.md +++ b/charts/argo-cd/README.md @@ -105,6 +105,11 @@ For full list of changes please check ArtifactHub [changelog]. Highlighted versions provide information about additional steps that should be performed by user when upgrading to newer version. +### 5.31.0 +The manifests are now using [`tini` as entrypoint][tini], instead of `entrypoint.sh`. Until Argo CD v2.8, `entrypoint.sh` is retained for upgrade compatibility. +This means that the deployment manifests have to be updated after upgrading to Argo CD v2.7, and before upgrading to Argo CD v2.8 later. +In case the manifests are updated before moving to Argo CD v2.8, the containers will not be able to start. + ### 5.24.0 This versions adds additional global parameters for scheduling (`nodeSelector`, `tolerations`, `topologySpreadConstraints`). @@ -395,8 +400,6 @@ NAME: my-release | global.affinity.podAntiAffinity | string | `"soft"` | Default pod anti-affinity rules. Either: `none`, `soft` or `hard` | | global.deploymentAnnotations | object | `{}` | Annotations for the all deployed Deployments | | global.deploymentStrategy | object | `{}` | Deployment strategy for the all deployed Deployments | -| global.entrypoint.entrypoint | string | `"entrypoint.sh"` | The entrypoint to use for the containers. | -| global.entrypoint.useImplicit | bool | `false` | Implicitly use the docker image's entrypoint. This requires the image to have ENTRYPOINT set properly | | global.hostAliases | list | `[]` | Mapping between IP and hostnames that will be injected as entries in the pod's hosts files | | global.image.imagePullPolicy | string | `"IfNotPresent"` | If defined, a imagePullPolicy applied to all Argo CD deployments | | global.image.repository | string | `"quay.io/argoproj/argocd"` | If defined, a repository applied to all Argo CD deployments | @@ -1184,3 +1187,4 @@ Autogenerated from chart metadata using [helm-docs](https://github.com/norwoodj/ [TopologySpreadConstraints]: https://kubernetes.io/docs/concepts/workloads/pods/pod-topology-spread-constraints/ [values.yaml]: values.yaml [v2.2 to 2.3 upgrade instructions]: https://github.com/argoproj/argo-cd/blob/v2.3.0/docs/operator-manual/upgrading/2.2-2.3.md +[tini]: https://github.com/argoproj/argo-cd/pull/12707 diff --git a/charts/argo-cd/README.md.gotmpl b/charts/argo-cd/README.md.gotmpl index 945bab728..92d7f354a 100644 --- a/charts/argo-cd/README.md.gotmpl +++ b/charts/argo-cd/README.md.gotmpl @@ -104,6 +104,11 @@ For full list of changes please check ArtifactHub [changelog]. Highlighted versions provide information about additional steps that should be performed by user when upgrading to newer version. +### 5.31.0 +The manifests are now using [`tini` as entrypoint][tini], instead of `entrypoint.sh`. Until Argo CD v2.8, `entrypoint.sh` is retained for upgrade compatibility. +This means that the deployment manifests have to be updated after upgrading to Argo CD v2.7, and before upgrading to Argo CD v2.8 later. +In case the manifests are updated before moving to Argo CD v2.8, the containers will not be able to start. + ### 5.24.0 This versions adds additional global parameters for scheduling (`nodeSelector`, `tolerations`, `topologySpreadConstraints`). @@ -546,3 +551,4 @@ Autogenerated from chart metadata using [helm-docs](https://github.com/norwoodj/ [TopologySpreadConstraints]: https://kubernetes.io/docs/concepts/workloads/pods/pod-topology-spread-constraints/ [values.yaml]: values.yaml [v2.2 to 2.3 upgrade instructions]: https://github.com/argoproj/argo-cd/blob/v2.3.0/docs/operator-manual/upgrading/2.2-2.3.md +[tini]: https://github.com/argoproj/argo-cd/pull/12707 diff --git a/charts/argo-cd/templates/argocd-application-controller/statefulset.yaml b/charts/argo-cd/templates/argocd-application-controller/statefulset.yaml index 2a067a63f..c56bf0b33 100644 --- a/charts/argo-cd/templates/argocd-application-controller/statefulset.yaml +++ b/charts/argo-cd/templates/argocd-application-controller/statefulset.yaml @@ -51,8 +51,8 @@ spec: {{- end }} serviceAccountName: {{ include "argo-cd.controllerServiceAccountName" . }} containers: - - command: - - argocd-application-controller + - args: + - /usr/local/bin/argocd-application-controller - --metrics-port={{ .Values.controller.containerPorts.metrics }} {{- if .Values.controller.metrics.applicationLabels.enabled }} {{- range .Values.controller.metrics.applicationLabels.labels }} diff --git a/charts/argo-cd/templates/argocd-applicationset/deployment.yaml b/charts/argo-cd/templates/argocd-applicationset/deployment.yaml index 90863cce6..9033f5b47 100644 --- a/charts/argo-cd/templates/argocd-applicationset/deployment.yaml +++ b/charts/argo-cd/templates/argocd-applicationset/deployment.yaml @@ -56,12 +56,8 @@ spec: - name: {{ .Values.applicationSet.name }} image: {{ default .Values.global.image.repository .Values.applicationSet.image.repository }}:{{ default (include "argo-cd.defaultTag" .) .Values.applicationSet.image.tag }} imagePullPolicy: {{ default .Values.global.image.imagePullPolicy .Values.applicationSet.image.imagePullPolicy }} - {{- if not .Values.global.entrypoint.useImplicit }} - command: - - {{ .Values.global.entrypoint.entrypoint | quote }} - {{- end }} args: - - argocd-applicationset-controller + - /usr/local/bin/argocd-applicationset-controller - --metrics-addr=:{{ .Values.applicationSet.containerPorts.metrics }} - --probe-addr=:{{ .Values.applicationSet.containerPorts.probe }} - --webhook-addr=:{{ .Values.applicationSet.containerPorts.webhook }} diff --git a/charts/argo-cd/templates/argocd-notifications/deployment.yaml b/charts/argo-cd/templates/argocd-notifications/deployment.yaml index 729e57dbb..d49944fdc 100644 --- a/charts/argo-cd/templates/argocd-notifications/deployment.yaml +++ b/charts/argo-cd/templates/argocd-notifications/deployment.yaml @@ -56,8 +56,8 @@ spec: - name: {{ .Values.notifications.name }} image: {{ default .Values.global.image.repository .Values.notifications.image.repository }}:{{ default (include "argo-cd.defaultTag" .) .Values.notifications.image.tag }} imagePullPolicy: {{ default .Values.global.image.imagePullPolicy .Values.notifications.image.imagePullPolicy }} - command: - - argocd-notifications + args: + - /usr/local/bin/argocd-notifications - --metrics-port={{ .Values.notifications.containerPorts.metrics }} - --loglevel={{ default .Values.global.logging.level .Values.notifications.logLevel }} - --logformat={{ default .Values.global.logging.format .Values.notifications.logFormat }} diff --git a/charts/argo-cd/templates/argocd-repo-server/deployment.yaml b/charts/argo-cd/templates/argocd-repo-server/deployment.yaml index f5272bc20..0226b48fc 100755 --- a/charts/argo-cd/templates/argocd-repo-server/deployment.yaml +++ b/charts/argo-cd/templates/argocd-repo-server/deployment.yaml @@ -61,12 +61,8 @@ spec: - name: {{ .Values.repoServer.name }} image: {{ default .Values.global.image.repository .Values.repoServer.image.repository }}:{{ default (include "argo-cd.defaultTag" .) .Values.repoServer.image.tag }} imagePullPolicy: {{ default .Values.global.image.imagePullPolicy .Values.repoServer.image.imagePullPolicy }} - {{- if not .Values.global.entrypoint.useImplicit }} - command: - - {{ .Values.global.entrypoint.entrypoint | quote }} - {{- end }} args: - - argocd-repo-server + - /usr/local/bin/argocd-repo-server - --port={{ .Values.repoServer.containerPorts.server }} - --metrics-port={{ .Values.repoServer.containerPorts.metrics }} {{- with .Values.repoServer.logFormat }} @@ -284,7 +280,7 @@ spec: {{- end }} initContainers: - command: - - cp + - /bin/cp - -n - /usr/local/bin/argocd - /var/run/argocd/argocd-cmp-server diff --git a/charts/argo-cd/templates/argocd-server/deployment.yaml b/charts/argo-cd/templates/argocd-server/deployment.yaml index aa7320e71..7ce72e800 100755 --- a/charts/argo-cd/templates/argocd-server/deployment.yaml +++ b/charts/argo-cd/templates/argocd-server/deployment.yaml @@ -58,8 +58,8 @@ spec: - name: {{ .Values.server.name }} image: {{ default .Values.global.image.repository .Values.server.image.repository }}:{{ default (include "argo-cd.defaultTag" .) .Values.server.image.tag }} imagePullPolicy: {{ default .Values.global.image.imagePullPolicy .Values.server.image.imagePullPolicy }} - command: - - argocd-server + args: + - /usr/local/bin/argocd-server - --port={{ .Values.server.containerPorts.server }} - --metrics-port={{ .Values.server.containerPorts.metrics }} {{- with .Values.server.logFormat }} diff --git a/charts/argo-cd/templates/dex/deployment.yaml b/charts/argo-cd/templates/dex/deployment.yaml index 8359a6a88..6ae171706 100755 --- a/charts/argo-cd/templates/dex/deployment.yaml +++ b/charts/argo-cd/templates/dex/deployment.yaml @@ -136,8 +136,8 @@ spec: - name: copyutil image: {{ default .Values.global.image.repository .Values.dex.initImage.repository }}:{{ default (include "argo-cd.defaultTag" .) .Values.dex.initImage.tag }} imagePullPolicy: {{ default .Values.global.image.imagePullPolicy .Values.dex.initImage.imagePullPolicy }} - command: - - cp + args: + - /bin/cp - -n - /usr/local/bin/argocd - /shared/argocd-dex diff --git a/charts/argo-cd/values.yaml b/charts/argo-cd/values.yaml index 6702078eb..afdaa0955 100644 --- a/charts/argo-cd/values.yaml +++ b/charts/argo-cd/values.yaml @@ -132,14 +132,6 @@ global: # topologyKey: topology.kubernetes.io/zone # whenUnsatisfiable: DoNotSchedule - # POD entrypoint configuration - entrypoint: - # -- Implicitly use the docker image's entrypoint. This requires the image to have - # ENTRYPOINT set properly - useImplicit: false - # -- The entrypoint to use for the containers. - entrypoint: "entrypoint.sh" - # -- Deployment strategy for the all deployed Deployments deploymentStrategy: {} # type: RollingUpdate From bb4d3154e63c89939c732ef89e404f2cba2f03e9 Mon Sep 17 00:00:00 2001 From: Aikawa Date: Wed, 3 May 2023 18:48:03 +0900 Subject: [PATCH 115/373] chore(argo-cd): Update Argo CD to v2.7.1 (#1999) Signed-off-by: yu-croco --- charts/argo-cd/Chart.yaml | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index 2467144f0..9d2226089 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -1,9 +1,9 @@ apiVersion: v2 -appVersion: v2.7.0 +appVersion: v2.7.1 kubeVersion: ">=1.22.0-0" description: A Helm chart for Argo CD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 5.31.0 +version: 5.31.1 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png sources: @@ -24,4 +24,4 @@ dependencies: annotations: artifacthub.io/changes: | - kind: changed - description: Use tini as the ENTRYPOINT + description: Update Argo CD v2.7.1 From 513df3df8f7cd781fec944ea3699568831265507 Mon Sep 17 00:00:00 2001 From: Jason Meridth Date: Fri, 5 May 2023 09:13:41 -0500 Subject: [PATCH 116/373] fix(argo-workflows): Add missing argo-workflows.apiVersion.autoscaling helper function for HPA configuration (#2001) fix: Add missing argo-workflows.apiVersion.autoscaling helper function for HPA configuration Signed-off-by: jmeridth --- charts/argo-workflows/Chart.yaml | 6 +++--- charts/argo-workflows/templates/_helpers.tpl | 13 +++++++++++++ 2 files changed, 16 insertions(+), 3 deletions(-) diff --git a/charts/argo-workflows/Chart.yaml b/charts/argo-workflows/Chart.yaml index 51e901cc6..2d52acbdd 100644 --- a/charts/argo-workflows/Chart.yaml +++ b/charts/argo-workflows/Chart.yaml @@ -3,7 +3,7 @@ appVersion: v3.4.7 name: argo-workflows description: A Helm chart for Argo Workflows type: application -version: 0.25.1 +version: 0.25.2 icon: https://raw.githubusercontent.com/argoproj/argo-workflows/master/docs/assets/argo.png home: https://github.com/argoproj/argo-helm sources: @@ -13,5 +13,5 @@ maintainers: url: https://argoproj.github.io/ annotations: artifacthub.io/changes: | - - kind: added - description: Add Prometheus ServiceMonitor relabelings, metricRelabelings & targetLabels + - kind: fix + description: Add missing argo-workflows.apiVersion.autoscaling helper function used for HPA configuration diff --git a/charts/argo-workflows/templates/_helpers.tpl b/charts/argo-workflows/templates/_helpers.tpl index 7719052d1..2fbcc708b 100644 --- a/charts/argo-workflows/templates/_helpers.tpl +++ b/charts/argo-workflows/templates/_helpers.tpl @@ -153,3 +153,16 @@ Return full image name including or excluding registry based on existence {{ .image.repository }} {{- end -}} {{- end -}} + +{{/* +Return the appropriate apiVersion for autoscaling +*/}} +{{- define "argo-workflows.apiVersion.autoscaling" -}} +{{- if .Values.apiVersionOverrides.autoscaling -}} +{{- print .Values.apiVersionOverrides.autoscaling -}} +{{- else if semverCompare "<1.23-0" (include "argo-cd.kubeVersion" .) -}} +{{- print "autoscaling/v2beta1" -}} +{{- else -}} +{{- print "autoscaling/v2" -}} +{{- end -}} +{{- end -}} From 2197c8e0402ab1074761af8d5f45825f0d59d4e1 Mon Sep 17 00:00:00 2001 From: Jason Meridth Date: Fri, 5 May 2023 09:30:53 -0500 Subject: [PATCH 117/373] fix(argo-workflows): Drop .Values.useDefaultArtifactRepo flag to simplify usage (#2002) Fixes #1140 - [x] remove `.Values.useDefaultArtifactRepo` to ensure if items populated they get into the configmap. - [x] change structure of `.Values.customArtifactRepository` to only include the custom information Signed-off-by: jmeridth --- charts/argo-workflows/Chart.yaml | 4 ++-- charts/argo-workflows/README.md | 3 +-- .../workflow-controller-config-map.yaml | 7 ++---- charts/argo-workflows/values.yaml | 22 ++++++++----------- 4 files changed, 14 insertions(+), 22 deletions(-) diff --git a/charts/argo-workflows/Chart.yaml b/charts/argo-workflows/Chart.yaml index 2d52acbdd..443bffb70 100644 --- a/charts/argo-workflows/Chart.yaml +++ b/charts/argo-workflows/Chart.yaml @@ -3,7 +3,7 @@ appVersion: v3.4.7 name: argo-workflows description: A Helm chart for Argo Workflows type: application -version: 0.25.2 +version: 0.26.0 icon: https://raw.githubusercontent.com/argoproj/argo-workflows/master/docs/assets/argo.png home: https://github.com/argoproj/argo-helm sources: @@ -14,4 +14,4 @@ maintainers: annotations: artifacthub.io/changes: | - kind: fix - description: Add missing argo-workflows.apiVersion.autoscaling helper function used for HPA configuration + description: Drop .Values.useDefaultArtifactRepo flag to simplify usage diff --git a/charts/argo-workflows/README.md b/charts/argo-workflows/README.md index d918b444b..dae6972b8 100644 --- a/charts/argo-workflows/README.md +++ b/charts/argo-workflows/README.md @@ -308,8 +308,7 @@ Fields to note: | artifactRepository.azure | object | `{}` (See [values.yaml]) | Store artifact in Azure Blob Storage | | artifactRepository.gcs | object | `{}` (See [values.yaml]) | Store artifact in a GCS object store | | artifactRepository.s3 | object | See [values.yaml] | Store artifact in a S3-compliant object store | -| customArtifactRepository | object | `{}` | The section of custom artifact repository. Will be added to the config in case useDefaultArtifactRepo is set to false | -| useDefaultArtifactRepo | bool | `false` | Influences the creation of the ConfigMap for the workflow-controller itself. | +| customArtifactRepository | object | `{}` | The section of custom artifact repository. Utilize a custom artifact repository that is not one of the current base ones (s3, gcs, azure) | | useStaticCredentials | bool | `true` | Use static credentials for S3 (eg. when not using AWS IRSA) | ## Breaking changes from the deprecated `argo` chart diff --git a/charts/argo-workflows/templates/controller/workflow-controller-config-map.yaml b/charts/argo-workflows/templates/controller/workflow-controller-config-map.yaml index 7327ecac1..55720eb2c 100644 --- a/charts/argo-workflows/templates/controller/workflow-controller-config-map.yaml +++ b/charts/argo-workflows/templates/controller/workflow-controller-config-map.yaml @@ -55,7 +55,6 @@ data: securityContext: {{- toYaml . | nindent 8 }} {{- end }} {{- end }} - {{- if .Values.useDefaultArtifactRepo }} artifactRepository: {{- if .Values.artifactRepository.archiveLogs }} archiveLogs: {{ .Values.artifactRepository.archiveLogs }} @@ -96,10 +95,8 @@ data: {{- toYaml . | nindent 10 }} {{- end }} {{- end }} - {{- else }} - {{- if .Values.customArtifactRepository }} - artifactRepository: {{- toYaml .Values.customArtifactRepository | nindent 6 }} - {{- end }} + {{- if .Values.customArtifactRepository }} + {{- toYaml .Values.customArtifactRepository | nindent 6 }} {{- end }} {{- if .Values.controller.metricsConfig.enabled }} metricsConfig: diff --git a/charts/argo-workflows/values.yaml b/charts/argo-workflows/values.yaml index 7dddf89e6..c1c0229e2 100644 --- a/charts/argo-workflows/values.yaml +++ b/charts/argo-workflows/values.yaml @@ -639,8 +639,6 @@ extraObjects: [] # secretName: argo-server-sso-secrets-store # type: Opaque -# -- Influences the creation of the ConfigMap for the workflow-controller itself. -useDefaultArtifactRepo: false # -- Use static credentials for S3 (eg. when not using AWS IRSA) useStaticCredentials: true artifactRepository: @@ -702,18 +700,16 @@ artifactRepository: # key: account-access-key # -- The section of custom artifact repository. -# Will be added to the config in case useDefaultArtifactRepo is set to false +# Utilize a custom artifact repository that is not one of the current base ones (s3, gcs, azure) customArtifactRepository: {} -# customArtifactRepository: -# archiveLogs: true -# artifactory: -# repoUrl: https://artifactory.example.com/raw -# usernameSecret: -# name: artifactory-creds -# key: username -# passwordSecret: -# name: artifactory-creds -# key: password +# artifactory: +# repoUrl: https://artifactory.example.com/raw +# usernameSecret: +# name: artifactory-creds +# key: username +# passwordSecret: +# name: artifactory-creds +# key: password emissary: # -- The command/args for each image on workflow, needed when the command is not specified and the emissary executor is used. From e980b71b83c037c6e8503413aeeff27aedc48ebd Mon Sep 17 00:00:00 2001 From: Cyril Jouve Date: Fri, 5 May 2023 22:19:18 +0200 Subject: [PATCH 118/373] feat(argo-cd): allow extraObjects to contain string template (#1993) [argo-cd] allow extraObjects to contain string template Signed-off-by: Cyril Jouve Signed-off-by: Marco Kilchhofer Co-authored-by: Marco Kilchhofer --- charts/argo-cd/Chart.yaml | 6 +++--- charts/argo-cd/templates/extra-manifests.yaml | 6 +++++- 2 files changed, 8 insertions(+), 4 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index 9d2226089..759449169 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -3,7 +3,7 @@ appVersion: v2.7.1 kubeVersion: ">=1.22.0-0" description: A Helm chart for Argo CD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 5.31.1 +version: 5.32.0 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png sources: @@ -23,5 +23,5 @@ dependencies: condition: redis-ha.enabled annotations: artifacthub.io/changes: | - - kind: changed - description: Update Argo CD v2.7.1 + - kind: added + description: Allow extraObjects to contain string templates diff --git a/charts/argo-cd/templates/extra-manifests.yaml b/charts/argo-cd/templates/extra-manifests.yaml index a9bb3b6ba..f17b1a93b 100644 --- a/charts/argo-cd/templates/extra-manifests.yaml +++ b/charts/argo-cd/templates/extra-manifests.yaml @@ -1,4 +1,8 @@ {{ range .Values.extraObjects }} --- -{{ tpl (toYaml .) $ }} +{{- if typeIs "string" . }} + {{- tpl . $ }} +{{- else }} + {{- tpl (toYaml .) $ }} +{{- end }} {{ end }} From 71462b7f6d29c68cb5b39ddc57e3e4daf416867a Mon Sep 17 00:00:00 2001 From: Marco Kilchhofer Date: Fri, 5 May 2023 22:21:46 +0200 Subject: [PATCH 119/373] feat(github): Add OpenSSF Scorecard action (#2009) Signed-off-by: Marco Kilchhofer Co-authored-by: Marko Bevc --- .github/workflows/scorecard.yml | 72 +++++++++++++++++++++++++++++++++ README.md | 1 + 2 files changed, 73 insertions(+) create mode 100644 .github/workflows/scorecard.yml diff --git a/.github/workflows/scorecard.yml b/.github/workflows/scorecard.yml new file mode 100644 index 000000000..c5ec11595 --- /dev/null +++ b/.github/workflows/scorecard.yml @@ -0,0 +1,72 @@ +# This workflow uses actions that are not certified by GitHub. They are provided +# by a third-party and are governed by separate terms of service, privacy +# policy, and support documentation. + +name: Scorecard supply-chain security +on: + # For Branch-Protection check. Only the default branch is supported. See + # https://github.com/ossf/scorecard/blob/main/docs/checks.md#branch-protection + branch_protection_rule: + # To guarantee Maintained check is occasionally updated. See + # https://github.com/ossf/scorecard/blob/main/docs/checks.md#maintained + schedule: + - cron: '21 6 * * 6' + push: + branches: [ "main" ] + +# Declare default permissions as read only. +permissions: read-all + +jobs: + analysis: + name: Scorecard analysis + runs-on: ubuntu-latest + permissions: + # Needed to upload the results to code-scanning dashboard. + security-events: write + # Needed to publish results and get a badge (see publish_results below). + id-token: write + # Uncomment the permissions below if installing in a private repository. + # contents: read + # actions: read + + steps: + - name: "Checkout code" + uses: actions/checkout@93ea575cb5d8a053eaa0ac8fa3b40d7e05a33cc8 # v3.1.0 + with: + persist-credentials: false + + - name: "Run analysis" + uses: ossf/scorecard-action@e38b1902ae4f44df626f11ba0734b14fb91f8f86 # v2.1.2 + with: + results_file: results.sarif + results_format: sarif + # (Optional) "write" PAT token. Uncomment the `repo_token` line below if: + # - you want to enable the Branch-Protection check on a *public* repository, or + # - you are installing Scorecard on a *private* repository + # To create the PAT, follow the steps in https://github.com/ossf/scorecard-action#authentication-with-pat. + repo_token: ${{ secrets.SCORECARD_TOKEN }} + + # Public repositories: + # - Publish results to OpenSSF REST API for easy access by consumers + # - Allows the repository to include the Scorecard badge. + # - See https://github.com/ossf/scorecard-action#publishing-results. + # For private repositories: + # - `publish_results` will always be set to `false`, regardless + # of the value entered here. + publish_results: true + + # Upload the results as artifacts (optional). Commenting out will disable uploads of run results in SARIF + # format to the repository Actions tab. + - name: "Upload artifact" + uses: actions/upload-artifact@3cea5372237819ed00197afe530f5a7ea3e805c8 # v3.1.0 + with: + name: SARIF file + path: results.sarif + retention-days: 5 + + # Upload the results to GitHub's code scanning dashboard. + - name: "Upload to code-scanning" + uses: github/codeql-action/upload-sarif@17573ee1cc1b9d061760f3a006fc4aac4f944fd5 # v2.2.4 + with: + sarif_file: results.sarif diff --git a/README.md b/README.md index ac71eb3ef..e8544439a 100644 --- a/README.md +++ b/README.md @@ -5,6 +5,7 @@ [![Chart Publish](https://github.com/argoproj/argo-helm/actions/workflows/publish.yml/badge.svg?branch=main)](https://github.com/argoproj/argo-helm/actions/workflows/publish.yml) [![Artifact HUB](https://img.shields.io/endpoint?url=https://artifacthub.io/badge/repository/argo)](https://artifacthub.io/packages/search?repo=argo) [![CLOMonitor](https://img.shields.io/endpoint?url=https://clomonitor.io/api/projects/cncf/argo/badge)](https://clomonitor.io/projects/cncf/argo) +[![OpenSSF Scorecard](https://api.securityscorecards.dev/projects/github.com/argoproj/argo-helm/badge)](https://api.securityscorecards.dev/projects/github.com/argoproj/argo-helm) Argo Helm is a collection of **community maintained** charts for [https://argoproj.github.io](https://argoproj.github.io) projects. The charts can be added using following command: From fe901f4dfb786c45a0d6a022e8a731b0564db70e Mon Sep 17 00:00:00 2001 From: Jason Meridth Date: Fri, 5 May 2023 15:23:04 -0500 Subject: [PATCH 120/373] chore(github): Update repo files (#2006) - [x] DELETE OWNERS file, not parsed, only used for bookkeeping, CODEOWNERS does this - [x] update CODEOWNERS to people who have committed in the last year - [x] create EMERITUS.md to list former CODEOWNERS and thank them for their contribution - [x] create SECURITY.md so people know how to report security issues - [x] turn on private vulnerability reporting in the repository - [x] create CODE_OF_CONDUCT.md linking to CNCF code of conduct By adding a code of conduct and security file we can set our Community Standards to 100% [here](https://github.com/argoproj/argo-helm/community) Signed-off-by: jmeridth Co-authored-by: Marko Bevc --- CODEOWNERS | 14 ++++++-------- CODE_OF_CONDUCT.md | 9 +++++++++ EMERITUS.md | 12 ++++++++++++ OWNERS | 9 --------- SECURITY.md | 21 +++++++++++++++++++++ 5 files changed, 48 insertions(+), 17 deletions(-) create mode 100644 CODE_OF_CONDUCT.md create mode 100644 EMERITUS.md delete mode 100644 OWNERS create mode 100644 SECURITY.md diff --git a/CODEOWNERS b/CODEOWNERS index aea8942f7..bd5df3d06 100644 --- a/CODEOWNERS +++ b/CODEOWNERS @@ -1,16 +1,14 @@ -# https://help.github.com/en/github/creating-cloning-and-archiving-repositories/about-code-owners - -# Other and new charts -/charts/ @oliverbaehler +# All +* @mkilchhofer @jmeridth # Argo Workflows -/charts/argo-workflows/ @stefansedich @paguos @vladlosev @yann-soubeyrand @jmeridth @yu-croco +/charts/argo-workflows/ @vladlosev @yann-soubeyrand @jmeridth @yu-croco # Argo CD -/charts/argo-cd/ @davidkarlsen @mr-sour @yann-soubeyrand @mbevc1 @mkilchhofer @yu-croco @jmeridth @pdrastil +/charts/argo-cd/ @mbevc1 @mkilchhofer @yu-croco @jmeridth @pdrastil # Argo Events -/charts/argo-events/ @jbehling @VaibhavPage @pdrastil +/charts/argo-events/ @pdrastil @jmeridth # Argo Rollouts -/charts/argo-rollouts/ +/charts/argo-rollouts/ @jmeridth diff --git a/CODE_OF_CONDUCT.md b/CODE_OF_CONDUCT.md new file mode 100644 index 000000000..37789a9d0 --- /dev/null +++ b/CODE_OF_CONDUCT.md @@ -0,0 +1,9 @@ +# Code of Conduct + +We adhere to the [CNCF Code of Conduct](https://github.com/cncf/foundation/blob/main/code-of-conduct.md). Please reference the link for details. + +## TL;DR (too long didn't read) + +Be kind + +Your participation is at the discression of the maintainers of this project. diff --git a/EMERITUS.md b/EMERITUS.md new file mode 100644 index 000000000..2c2996902 --- /dev/null +++ b/EMERITUS.md @@ -0,0 +1,12 @@ +# Emeritus Approvers + +These are the people who have been approvers in the past, and have since retired from the role. + +We thank them for their service to the project. + +* @oliverbaehler +* @stefansedich +* @paguos +* @yann-soubeyrand +* @davidkarlsen +* @jbehling diff --git a/OWNERS b/OWNERS deleted file mode 100644 index e393c5ba6..000000000 --- a/OWNERS +++ /dev/null @@ -1,9 +0,0 @@ -owners: -- alexec -- alexmt -- jessesuen - -approvers: -- alexec -- alexmt -- jessesuen diff --git a/SECURITY.md b/SECURITY.md new file mode 100644 index 000000000..7c30259c2 --- /dev/null +++ b/SECURITY.md @@ -0,0 +1,21 @@ +# Security Policy + +## Supported Versions and Upstream Reporting + +Each helm chart currently supports the designated application version in the Chart.yaml. There is a chance a security issue you've discovered may not be with the helm chart but with the upstream application. Please visit that application's Security policy docueent to find out how to report the security issue. + +* [Security Policy for Argo Workflows](https://github.com/argoproj/argo-workflows/blob/master/SECURITY.md) +* [Security Policy for Argo Events](https://github.com/argoproj/argo-events/blob/master/SECURITY.md) +* [Security Policy for Argo Rollouts](https://github.com/argoproj/argo-rollouts/blob/master/docs/security.md) +* [Security Policy for Argo CD](https://github.com/argoproj/argo-cd/blob/master/SECURITY.md) +* [Security Policy for Argo CD Image Updater](https://github.com/argoproj-labs/argocd-image-updater/blob/master/SECURITY.md) + +## Reporting a Vulnerability for Argo Helm Charts + +We have enabled the ability to privately report security issues through the Security tab above. + +[Here are the details on how to file](https://docs.github.com/en/code-security/security-advisories/guidance-on-reporting-and-writing/privately-reporting-a-security-vulnerability#privately-reporting-a-security-vulnerability) on how to do that + +A repository owner/maintainer will respond as fast as possible to coordinate confirmation of issue and remediation. + +Thank you for helping to ensure this code stays secure. From 15ade97f88757218ec3ec1f7add96f2526179edd Mon Sep 17 00:00:00 2001 From: Jason Meridth Date: Sat, 6 May 2023 05:17:19 -0500 Subject: [PATCH 121/373] chore(github): Add deps pr title scope for dependabot PRs (#2013) Signed-off-by: jmeridth --- .github/workflows/pr-title.yml | 1 + 1 file changed, 1 insertion(+) diff --git a/.github/workflows/pr-title.yml b/.github/workflows/pr-title.yml index a636b08bd..f72814434 100644 --- a/.github/workflows/pr-title.yml +++ b/.github/workflows/pr-title.yml @@ -31,6 +31,7 @@ jobs: argo-workflows argocd-image-updater argocd-apps + deps github # Configure that a scope must always be provided. requireScope: true From 2762902b1fc4d3217db257db146ca4d9e99acbe9 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Sat, 6 May 2023 19:23:23 +0900 Subject: [PATCH 122/373] chore(deps): bump actions/upload-artifact from 3.1.0 to 3.1.2 (#2012) Bumps [actions/upload-artifact](https://github.com/actions/upload-artifact) from 3.1.0 to 3.1.2. - [Release notes](https://github.com/actions/upload-artifact/releases) - [Commits](https://github.com/actions/upload-artifact/compare/3cea5372237819ed00197afe530f5a7ea3e805c8...0b7f8abb1508181956e8e162db84b466c27e18ce) --- updated-dependencies: - dependency-name: actions/upload-artifact dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> --- .github/workflows/scorecard.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/scorecard.yml b/.github/workflows/scorecard.yml index c5ec11595..2ab79857e 100644 --- a/.github/workflows/scorecard.yml +++ b/.github/workflows/scorecard.yml @@ -59,7 +59,7 @@ jobs: # Upload the results as artifacts (optional). Commenting out will disable uploads of run results in SARIF # format to the repository Actions tab. - name: "Upload artifact" - uses: actions/upload-artifact@3cea5372237819ed00197afe530f5a7ea3e805c8 # v3.1.0 + uses: actions/upload-artifact@0b7f8abb1508181956e8e162db84b466c27e18ce # v3.1.2 with: name: SARIF file path: results.sarif From 0b965f93572534ae8cf1d8f6f540a62673dc34d2 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Sat, 6 May 2023 19:27:47 +0900 Subject: [PATCH 123/373] chore(deps): bump ossf/scorecard-action from 2.1.2 to 2.1.3 (#2011) Bumps [ossf/scorecard-action](https://github.com/ossf/scorecard-action) from 2.1.2 to 2.1.3. - [Release notes](https://github.com/ossf/scorecard-action/releases) - [Changelog](https://github.com/ossf/scorecard-action/blob/main/RELEASE.md) - [Commits](https://github.com/ossf/scorecard-action/compare/e38b1902ae4f44df626f11ba0734b14fb91f8f86...80e868c13c90f172d68d1f4501dee99e2479f7af) --- updated-dependencies: - dependency-name: ossf/scorecard-action dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Aikawa --- .github/workflows/scorecard.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/scorecard.yml b/.github/workflows/scorecard.yml index 2ab79857e..99fb29455 100644 --- a/.github/workflows/scorecard.yml +++ b/.github/workflows/scorecard.yml @@ -37,7 +37,7 @@ jobs: persist-credentials: false - name: "Run analysis" - uses: ossf/scorecard-action@e38b1902ae4f44df626f11ba0734b14fb91f8f86 # v2.1.2 + uses: ossf/scorecard-action@80e868c13c90f172d68d1f4501dee99e2479f7af # v2.1.3 with: results_file: results.sarif results_format: sarif From 6cf01708d36fe7d7bf997a2f77425763bceaf31d Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Sat, 6 May 2023 19:35:03 +0900 Subject: [PATCH 124/373] chore(deps): bump github/codeql-action from 2.2.4 to 2.3.3 (#2010) Bumps [github/codeql-action](https://github.com/github/codeql-action) from 2.2.4 to 2.3.3. - [Release notes](https://github.com/github/codeql-action/releases) - [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md) - [Commits](https://github.com/github/codeql-action/compare/17573ee1cc1b9d061760f3a006fc4aac4f944fd5...29b1f65c5e92e24fe6b6647da1eaabe529cec70f) --- updated-dependencies: - dependency-name: github/codeql-action dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Aikawa --- .github/workflows/scorecard.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/scorecard.yml b/.github/workflows/scorecard.yml index 99fb29455..66e1d5ee9 100644 --- a/.github/workflows/scorecard.yml +++ b/.github/workflows/scorecard.yml @@ -67,6 +67,6 @@ jobs: # Upload the results to GitHub's code scanning dashboard. - name: "Upload to code-scanning" - uses: github/codeql-action/upload-sarif@17573ee1cc1b9d061760f3a006fc4aac4f944fd5 # v2.2.4 + uses: github/codeql-action/upload-sarif@29b1f65c5e92e24fe6b6647da1eaabe529cec70f # v2.3.3 with: sarif_file: results.sarif From 430aaea83c06e08e88c7d479d02252822fcf5520 Mon Sep 17 00:00:00 2001 From: Cyril Jouve Date: Sat, 6 May 2023 13:18:22 +0200 Subject: [PATCH 125/373] feat(argo-events): allow extraObjects to contain string template (#1994) [argo-event] allow extraObjects to contain string template Signed-off-by: Cyril Jouve Co-authored-by: Jason Meridth --- charts/argo-events/Chart.yaml | 6 +++--- charts/argo-events/templates/extra-manifests.yaml | 6 +++++- 2 files changed, 8 insertions(+), 4 deletions(-) diff --git a/charts/argo-events/Chart.yaml b/charts/argo-events/Chart.yaml index a9f379e72..2adfec2b8 100644 --- a/charts/argo-events/Chart.yaml +++ b/charts/argo-events/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v2 appVersion: v1.7.6 description: A Helm chart for Argo Events, the event-driven workflow automation framework name: argo-events -version: 2.2.0 +version: 2.3.0 home: https://github.com/argoproj/argo-helm icon: https://argoproj.github.io/argo-events/assets/logo.png keywords: @@ -15,5 +15,5 @@ maintainers: url: https://argoproj.github.io/ annotations: artifacthub.io/changes: | - - kind: fixed - description: add namespace field for namespace scoped resources + - kind: added + description: Allow extraObjects to contain string templates diff --git a/charts/argo-events/templates/extra-manifests.yaml b/charts/argo-events/templates/extra-manifests.yaml index a9bb3b6ba..f17b1a93b 100644 --- a/charts/argo-events/templates/extra-manifests.yaml +++ b/charts/argo-events/templates/extra-manifests.yaml @@ -1,4 +1,8 @@ {{ range .Values.extraObjects }} --- -{{ tpl (toYaml .) $ }} +{{- if typeIs "string" . }} + {{- tpl . $ }} +{{- else }} + {{- tpl (toYaml .) $ }} +{{- end }} {{ end }} From 80d5a6a65d309385a442a5d523f7a5d023390f32 Mon Sep 17 00:00:00 2001 From: Cyril Jouve Date: Sat, 6 May 2023 13:31:50 +0200 Subject: [PATCH 126/373] feat(argo-rollouts): allow extraObjects to contain string template (#1996) [argo-event] allow extraObjects to contain string template Signed-off-by: Cyril Jouve Co-authored-by: Jason Meridth Co-authored-by: Aikawa --- charts/argo-rollouts/Chart.yaml | 4 ++-- charts/argo-rollouts/templates/extra-manifests.yaml | 6 +++++- 2 files changed, 7 insertions(+), 3 deletions(-) diff --git a/charts/argo-rollouts/Chart.yaml b/charts/argo-rollouts/Chart.yaml index bb95a9865..46ca6ba73 100644 --- a/charts/argo-rollouts/Chart.yaml +++ b/charts/argo-rollouts/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v2 appVersion: v1.4.1 description: A Helm chart for Argo Rollouts name: argo-rollouts -version: 2.26.1 +version: 2.27.0 home: https://github.com/argoproj/argo-helm icon: https://argoproj.github.io/argo-rollouts/assets/logo.png keywords: @@ -16,4 +16,4 @@ maintainers: annotations: artifacthub.io/changes: | - kind: added - description: Missing permissions to leases under coordination api group + description: Allow extraObjects to contain string templates diff --git a/charts/argo-rollouts/templates/extra-manifests.yaml b/charts/argo-rollouts/templates/extra-manifests.yaml index a9bb3b6ba..f17b1a93b 100644 --- a/charts/argo-rollouts/templates/extra-manifests.yaml +++ b/charts/argo-rollouts/templates/extra-manifests.yaml @@ -1,4 +1,8 @@ {{ range .Values.extraObjects }} --- -{{ tpl (toYaml .) $ }} +{{- if typeIs "string" . }} + {{- tpl . $ }} +{{- else }} + {{- tpl (toYaml .) $ }} +{{- end }} {{ end }} From f40c1d81ca379f93ca19726639444a94a07c8e7d Mon Sep 17 00:00:00 2001 From: Jason Meridth Date: Sat, 6 May 2023 08:18:37 -0500 Subject: [PATCH 127/373] fix(github): fix error in codeowners file and update README about security (#2015) This is a follow-up of #2006. We cleared out users who have not contributed in the last year and moved them to EMERITUS.md We also created SECURITY.md Signed-off-by: jmeridth --- CODEOWNERS | 2 +- README.md | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/CODEOWNERS b/CODEOWNERS index bd5df3d06..9b0a95c5a 100644 --- a/CODEOWNERS +++ b/CODEOWNERS @@ -2,7 +2,7 @@ * @mkilchhofer @jmeridth # Argo Workflows -/charts/argo-workflows/ @vladlosev @yann-soubeyrand @jmeridth @yu-croco +/charts/argo-workflows/ @vladlosev @jmeridth @yu-croco # Argo CD /charts/argo-cd/ @mbevc1 @mkilchhofer @yu-croco @jmeridth @pdrastil diff --git a/README.md b/README.md index e8544439a..b29bb3d13 100644 --- a/README.md +++ b/README.md @@ -36,7 +36,7 @@ kubectl apply -k "https://github.com/argoproj/argo-cd/manifests/crds?ref=v2.4.9" ### Security Policy -If you have a security concern relating to either this project repo or an individual helm chart, please [open an issue](https://github.com/argoproj/argo-helm/issues/new/choose) or [start a discussion](https://github.com/argoproj/argo-helm/discussions/new). +Please refer to [SECURITY.md](SECURITY.md) for details on how to report security issues. ### Changelog From 5cff9158985f9daa8eb7f00719bba532d0e4aea6 Mon Sep 17 00:00:00 2001 From: Jason Meridth Date: Sat, 6 May 2023 11:20:18 -0500 Subject: [PATCH 128/373] fix(argo-workflows): change chart icon to match other charts (#2018) fix(argo-workflows): change chart image to match other charts This will make the charts all look nice when you go to https://artifacthub.io/packages/search?repo=argo&sort=relevance&page=1 Signed-off-by: jmeridth --- charts/argo-workflows/Chart.yaml | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/charts/argo-workflows/Chart.yaml b/charts/argo-workflows/Chart.yaml index 443bffb70..3eb787b82 100644 --- a/charts/argo-workflows/Chart.yaml +++ b/charts/argo-workflows/Chart.yaml @@ -3,8 +3,8 @@ appVersion: v3.4.7 name: argo-workflows description: A Helm chart for Argo Workflows type: application -version: 0.26.0 -icon: https://raw.githubusercontent.com/argoproj/argo-workflows/master/docs/assets/argo.png +version: 0.26.1 +icon: https://argoproj.github.io/argo-workflows/assets/logo.png home: https://github.com/argoproj/argo-helm sources: - https://github.com/argoproj/argo-workflows @@ -13,5 +13,5 @@ maintainers: url: https://argoproj.github.io/ annotations: artifacthub.io/changes: | - - kind: fix - description: Drop .Values.useDefaultArtifactRepo flag to simplify usage + - kind: chore + description: Update Chart icon From 2a480226c43b3656a15b4a9691d76f791903c385 Mon Sep 17 00:00:00 2001 From: Jason Meridth Date: Sun, 7 May 2023 09:18:39 -0500 Subject: [PATCH 129/373] chore(argo-events): Update chart icon to standard image (#2020) This will make the charts all look nice when you go to https://artifacthub.io/packages/search?repo=argo&sort=relevance&page=1 Signed-off-by: jmeridth --- charts/argo-events/Chart.yaml | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/charts/argo-events/Chart.yaml b/charts/argo-events/Chart.yaml index 2adfec2b8..b763af570 100644 --- a/charts/argo-events/Chart.yaml +++ b/charts/argo-events/Chart.yaml @@ -2,9 +2,9 @@ apiVersion: v2 appVersion: v1.7.6 description: A Helm chart for Argo Events, the event-driven workflow automation framework name: argo-events -version: 2.3.0 +version: 2.3.1 home: https://github.com/argoproj/argo-helm -icon: https://argoproj.github.io/argo-events/assets/logo.png +icon: https://avatars.githubusercontent.com/u/30269780?s=200&v=4 keywords: - argoproj - argo-events @@ -15,5 +15,5 @@ maintainers: url: https://argoproj.github.io/ annotations: artifacthub.io/changes: | - - kind: added - description: Allow extraObjects to contain string templates + - kind: chore + description: Update chart icon From ebae3d2462f754fac64bde0d88901c3451ae84dd Mon Sep 17 00:00:00 2001 From: Marco Kilchhofer Date: Sun, 7 May 2023 16:57:01 +0200 Subject: [PATCH 130/373] chore(deps): Pin all workflow deps (#2021) --- .github/workflows/lint-and-test.yml | 10 +++++----- .github/workflows/pr-sizing.yml | 4 ++-- .github/workflows/pr-title.yml | 2 +- .github/workflows/publish.yml | 6 +++--- .github/workflows/stale.yml | 2 +- 5 files changed, 12 insertions(+), 12 deletions(-) diff --git a/.github/workflows/lint-and-test.yml b/.github/workflows/lint-and-test.yml index 97684b86d..1f75294af 100644 --- a/.github/workflows/lint-and-test.yml +++ b/.github/workflows/lint-and-test.yml @@ -10,23 +10,23 @@ jobs: runs-on: ubuntu-latest steps: - name: Checkout - uses: actions/checkout@v3 + uses: actions/checkout@8e5e7e5ab8b370d6c329ec480221332ada57f0ab # v3.5.2 with: fetch-depth: 0 - name: Set up Helm - uses: azure/setup-helm@v3 + uses: azure/setup-helm@5119fcb9089d432beecbf79bb2c7915207344b78 # v3.5 with: version: v3.10.1 # Also update in publish.yaml - name: Set up python - uses: actions/setup-python@v4 + uses: actions/setup-python@57ded4d7d5e986d7296eab16560982c6dd7c923b # v4.6.0 with: python-version: 3.9 - name: Setup Chart Linting id: lint - uses: helm/chart-testing-action@v2.4.0 + uses: helm/chart-testing-action@e8788873172cb653a90ca2e819d79d65a66d4e76 # v2.4.0 with: # Note: Also update in scripts/lint.sh version: v3.7.1 @@ -58,7 +58,7 @@ jobs: fi - name: Create kind cluster - uses: helm/kind-action@v1.5.0 + uses: helm/kind-action@d8ccf8fb623ce1bb360ae2f45f323d9d5c5e9f00 # v1.5.0 if: steps.list-changed.outputs.changed == 'true' with: config: .github/configs/kind-config.yaml diff --git a/.github/workflows/pr-sizing.yml b/.github/workflows/pr-sizing.yml index bcdfc4408..fa9c4c976 100644 --- a/.github/workflows/pr-sizing.yml +++ b/.github/workflows/pr-sizing.yml @@ -12,7 +12,7 @@ jobs: triage: runs-on: ubuntu-latest steps: - - uses: actions/labeler@v4 + - uses: actions/labeler@ba790c862c380240c6d5e7427be5ace9a05c754b # v4.0.3 with: configuration-path: ".github/configs/labeler.yaml" repo-token: "${{ secrets.GITHUB_TOKEN }}" @@ -22,6 +22,6 @@ jobs: runs-on: ubuntu-latest steps: - name: size-label - uses: "pascalgn/size-label-action@v0.4.3" + uses: "pascalgn/size-label-action@1619680c5ac1ef360b944bb56a57587ba4aa2af8 # v0.4.3" env: GITHUB_TOKEN: "${{ secrets.GITHUB_TOKEN }}" diff --git a/.github/workflows/pr-title.yml b/.github/workflows/pr-title.yml index f72814434..2d45de124 100644 --- a/.github/workflows/pr-title.yml +++ b/.github/workflows/pr-title.yml @@ -19,7 +19,7 @@ jobs: name: Validate PR title runs-on: ubuntu-latest steps: - - uses: amannn/action-semantic-pull-request@v5 + - uses: amannn/action-semantic-pull-request@c3cd5d1ea3580753008872425915e343e351ab54 # v5.2.0 env: GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} with: diff --git a/.github/workflows/publish.yml b/.github/workflows/publish.yml index cb56596bc..e104fde25 100644 --- a/.github/workflows/publish.yml +++ b/.github/workflows/publish.yml @@ -15,12 +15,12 @@ jobs: runs-on: ubuntu-latest steps: - name: Checkout - uses: actions/checkout@v3 + uses: actions/checkout@8e5e7e5ab8b370d6c329ec480221332ada57f0ab # v3.5.2 with: fetch-depth: 0 - name: Install Helm - uses: azure/setup-helm@v3 + uses: azure/setup-helm@5119fcb9089d432beecbf79bb2c7915207344b78 # v3.5 with: version: v3.10.1 # Also update in lint-and-test.yaml @@ -39,7 +39,7 @@ jobs: git checkout origin/gh-pages index.yaml - name: Run chart-releaser - uses: helm/chart-releaser-action@v1.5.0 + uses: helm/chart-releaser-action@be16258da8010256c6e82849661221415f031968 # v1.5.0 with: config: "./.github/configs/cr.yaml" env: diff --git a/.github/workflows/stale.yml b/.github/workflows/stale.yml index 9b4053bb7..b0356dc79 100644 --- a/.github/workflows/stale.yml +++ b/.github/workflows/stale.yml @@ -14,7 +14,7 @@ jobs: pull-requests: write # for actions/stale to close stale PRs runs-on: ubuntu-latest steps: - - uses: actions/stale@v8 + - uses: actions/stale@1160a2240286f5da8ec72b1c0816ce2481aabf84 # v8.0.0 with: repo-token: ${{ secrets.GITHUB_TOKEN }} # Number of days of inactivity before an issue becomes stale From a99b021f153c793a2f0b66eff483c756a41cfa39 Mon Sep 17 00:00:00 2001 From: Marco Kilchhofer Date: Mon, 8 May 2023 02:39:28 +0200 Subject: [PATCH 131/373] fix(github): Remove quotes in `uses` statement (#2022) Signed-off-by: Marco Kilchhofer --- .github/workflows/pr-sizing.yml | 9 ++++++--- 1 file changed, 6 insertions(+), 3 deletions(-) diff --git a/.github/workflows/pr-sizing.yml b/.github/workflows/pr-sizing.yml index fa9c4c976..f75d7f82b 100644 --- a/.github/workflows/pr-sizing.yml +++ b/.github/workflows/pr-sizing.yml @@ -1,8 +1,12 @@ ## Reference: https://github.com/pascalgn/size-label-action name: 'PR Labeling' + on: pull_request_target: - types: [opened, synchronize, reopened] + types: + - opened + - synchronize + - reopened permissions: contents: read @@ -21,7 +25,6 @@ jobs: size-label: runs-on: ubuntu-latest steps: - - name: size-label - uses: "pascalgn/size-label-action@1619680c5ac1ef360b944bb56a57587ba4aa2af8 # v0.4.3" + - uses: pascalgn/size-label-action@1619680c5ac1ef360b944bb56a57587ba4aa2af8 # v0.4.3 env: GITHUB_TOKEN: "${{ secrets.GITHUB_TOKEN }}" From 9d108349099d75bb4b8ef017a7cdae93b033c68d Mon Sep 17 00:00:00 2001 From: Aikawa Date: Mon, 8 May 2023 20:22:52 +0900 Subject: [PATCH 132/373] feat(argo-cd): Enable to customize Service type of applicationset-controller (#2014) chore(argo-cd): Enable to customize Service type of applicationset-controller Signed-off-by: yu-croco --- charts/argo-cd/Chart.yaml | 4 ++-- charts/argo-cd/README.md | 1 + charts/argo-cd/templates/argocd-applicationset/service.yaml | 1 + charts/argo-cd/values.yaml | 2 ++ 4 files changed, 6 insertions(+), 2 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index 759449169..dd40f29b9 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -3,7 +3,7 @@ appVersion: v2.7.1 kubeVersion: ">=1.22.0-0" description: A Helm chart for Argo CD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 5.32.0 +version: 5.32.1 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png sources: @@ -24,4 +24,4 @@ dependencies: annotations: artifacthub.io/changes: | - kind: added - description: Allow extraObjects to contain string templates + description: Enable to customize Service type of applicationset-controller diff --git a/charts/argo-cd/README.md b/charts/argo-cd/README.md index f1f0845fc..054dc2f9c 100644 --- a/charts/argo-cd/README.md +++ b/charts/argo-cd/README.md @@ -1079,6 +1079,7 @@ If you want to use an existing Redis (eg. a managed service from a cloud provide | applicationSet.service.labels | object | `{}` | ApplicationSet service labels | | applicationSet.service.port | int | `7000` | ApplicationSet service port | | applicationSet.service.portName | string | `"webhook"` | ApplicationSet service port name | +| applicationSet.service.type | string | `"ClusterIP"` | ApplicationSet service type | | applicationSet.serviceAccount.annotations | object | `{}` | Annotations applied to created service account | | applicationSet.serviceAccount.automountServiceAccountToken | bool | `true` | Automount API credentials for the Service Account | | applicationSet.serviceAccount.create | bool | `true` | Create ApplicationSet controller service account | diff --git a/charts/argo-cd/templates/argocd-applicationset/service.yaml b/charts/argo-cd/templates/argocd-applicationset/service.yaml index 640b195a7..e3a07b6f5 100644 --- a/charts/argo-cd/templates/argocd-applicationset/service.yaml +++ b/charts/argo-cd/templates/argocd-applicationset/service.yaml @@ -16,6 +16,7 @@ metadata: {{- toYaml . | nindent 4 }} {{- end }} spec: + type: {{ .Values.applicationSet.service.type }} ports: - name: {{ .Values.applicationSet.service.portName }} port: {{ .Values.applicationSet.service.port }} diff --git a/charts/argo-cd/values.yaml b/charts/argo-cd/values.yaml index afdaa0955..3f95a663d 100644 --- a/charts/argo-cd/values.yaml +++ b/charts/argo-cd/values.yaml @@ -2432,6 +2432,8 @@ applicationSet: annotations: {} # -- ApplicationSet service labels labels: {} + # -- ApplicationSet service type + type: ClusterIP # -- ApplicationSet service port port: 7000 # -- ApplicationSet service port name From 24089bdd384283e51c87046a589fda7522339b0b Mon Sep 17 00:00:00 2001 From: Jason Meridth Date: Mon, 8 May 2023 15:02:25 -0500 Subject: [PATCH 133/373] fix(argo-workflows): use correct artifacthub annotation kind (#2031) This is to get latest argo-workflows chart version out to artifacthub. Can't get the previous ones that had incorrect kinds. #2030 adds linting so this doesn't happen again. Signed-off-by: jmeridth --- charts/argo-workflows/Chart.yaml | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/charts/argo-workflows/Chart.yaml b/charts/argo-workflows/Chart.yaml index 3eb787b82..11bdb8edf 100644 --- a/charts/argo-workflows/Chart.yaml +++ b/charts/argo-workflows/Chart.yaml @@ -3,7 +3,7 @@ appVersion: v3.4.7 name: argo-workflows description: A Helm chart for Argo Workflows type: application -version: 0.26.1 +version: 0.26.2 icon: https://argoproj.github.io/argo-workflows/assets/logo.png home: https://github.com/argoproj/argo-helm sources: @@ -13,5 +13,5 @@ maintainers: url: https://argoproj.github.io/ annotations: artifacthub.io/changes: | - - kind: chore - description: Update Chart icon + - kind: fixed + description: Use correct artifacthub kind and get latest chart version to artifacthub From 442fa22edcd5f980b2b4297d0d2d1bad1f820b2a Mon Sep 17 00:00:00 2001 From: Jason Meridth Date: Mon, 8 May 2023 19:38:23 -0500 Subject: [PATCH 134/373] fix(argo-events): use correct artifacthub annotation kind (#2032) This is to get latest argo-workflows chart version out to artifacthub. Can't get the previous ones that had incorrect kinds. argoproj#2030 adds linting so this doesn't happen again. Will merge after argo-workflows and argo-events charts are fixed. Signed-off-by: jmeridth Co-authored-by: Marco Kilchhofer --- charts/argo-events/Chart.yaml | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/charts/argo-events/Chart.yaml b/charts/argo-events/Chart.yaml index b763af570..d6ce3465a 100644 --- a/charts/argo-events/Chart.yaml +++ b/charts/argo-events/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v2 appVersion: v1.7.6 description: A Helm chart for Argo Events, the event-driven workflow automation framework name: argo-events -version: 2.3.1 +version: 2.3.2 home: https://github.com/argoproj/argo-helm icon: https://avatars.githubusercontent.com/u/30269780?s=200&v=4 keywords: @@ -15,5 +15,5 @@ maintainers: url: https://argoproj.github.io/ annotations: artifacthub.io/changes: | - - kind: chore - description: Update chart icon + - kind: fixed + description: Use correct artifacthub kind and get latest chart version to artifacthub From 395abc5435724684db43e2c99f4ec8ed859c0b90 Mon Sep 17 00:00:00 2001 From: Jason Meridth Date: Mon, 8 May 2023 21:22:34 -0500 Subject: [PATCH 135/373] feat(github): add artifacthub linting (#2030) This will help us ensure we use correct notation in our artifacthub annotations Signed-off-by: jmeridth --- .github/workflows/lint-and-test.yml | 12 ++++++++++++ 1 file changed, 12 insertions(+) diff --git a/.github/workflows/lint-and-test.yml b/.github/workflows/lint-and-test.yml index 1f75294af..90106fc90 100644 --- a/.github/workflows/lint-and-test.yml +++ b/.github/workflows/lint-and-test.yml @@ -6,6 +6,18 @@ permissions: contents: read jobs: + linter-artifacthub: + runs-on: ubuntu-latest + container: + image: public.ecr.aws/artifacthub/ah:v1.14.0 + options: --user 1001 + steps: + - name: Checkout + uses: actions/checkout@8e5e7e5ab8b370d6c329ec480221332ada57f0ab # v3.5.2 + - name: Run ah lint + working-directory: ./charts + run: ah lint + chart-test: runs-on: ubuntu-latest steps: From c8b47cf060b2ba6da64d4eb9e1f081472d70a371 Mon Sep 17 00:00:00 2001 From: ryanpark0203 <108246291+ryanpark0203@users.noreply.github.com> Date: Tue, 9 May 2023 13:41:54 +1000 Subject: [PATCH 136/373] fix(argo-workflows): Fix Helm chart to correctly reference Kubernetes version in conditional check for HPA apiVersion (#2029) * add a fix for argo workflows hpa Signed-off-by: ryanpark0203 <108246291+ryanpark0203@users.noreply.github.com> * add description for the fix Signed-off-by: ryanpark0203 <108246291+ryanpark0203@users.noreply.github.com> * update readme Signed-off-by: ryanpark0203 <108246291+ryanpark0203@users.noreply.github.com> * remove apiVersionOverrides from readme Signed-off-by: ryanpark0203 <108246291+ryanpark0203@users.noreply.github.com> * fix linting Signed-off-by: ryanpark0203 <108246291+ryanpark0203@users.noreply.github.com> --------- Signed-off-by: ryanpark0203 <108246291+ryanpark0203@users.noreply.github.com> Co-authored-by: Aikawa Co-authored-by: Jason Meridth --- charts/argo-workflows/Chart.yaml | 4 ++-- charts/argo-workflows/README.md | 1 + charts/argo-workflows/templates/_helpers.tpl | 2 +- .../templates/server/server-deployment-hpa.yaml | 2 +- charts/argo-workflows/values.yaml | 5 +++++ 5 files changed, 10 insertions(+), 4 deletions(-) diff --git a/charts/argo-workflows/Chart.yaml b/charts/argo-workflows/Chart.yaml index 11bdb8edf..ae171a11f 100644 --- a/charts/argo-workflows/Chart.yaml +++ b/charts/argo-workflows/Chart.yaml @@ -3,7 +3,7 @@ appVersion: v3.4.7 name: argo-workflows description: A Helm chart for Argo Workflows type: application -version: 0.26.2 +version: 0.26.3 icon: https://argoproj.github.io/argo-workflows/assets/logo.png home: https://github.com/argoproj/argo-helm sources: @@ -14,4 +14,4 @@ maintainers: annotations: artifacthub.io/changes: | - kind: fixed - description: Use correct artifacthub kind and get latest chart version to artifacthub + description: Fix Helm chart to correctly reference Kubernetes version in conditional check for HPA apiVersion diff --git a/charts/argo-workflows/README.md b/charts/argo-workflows/README.md index dae6972b8..1dbfc155c 100644 --- a/charts/argo-workflows/README.md +++ b/charts/argo-workflows/README.md @@ -101,6 +101,7 @@ Fields to note: | Key | Type | Default | Description | |-----|------|---------|-------------| +| apiVersionOverrides.autoscaling | string | `""` | String to override apiVersion of autoscaling rendered by this helm chart | | crds.annotations | object | `{}` | Annotations to be added to all CRDs | | crds.install | bool | `true` | Install and upgrade CRDs | | crds.keep | bool | `true` | Keep CRDs on chart uninstall | diff --git a/charts/argo-workflows/templates/_helpers.tpl b/charts/argo-workflows/templates/_helpers.tpl index 2fbcc708b..f302f0da2 100644 --- a/charts/argo-workflows/templates/_helpers.tpl +++ b/charts/argo-workflows/templates/_helpers.tpl @@ -160,7 +160,7 @@ Return the appropriate apiVersion for autoscaling {{- define "argo-workflows.apiVersion.autoscaling" -}} {{- if .Values.apiVersionOverrides.autoscaling -}} {{- print .Values.apiVersionOverrides.autoscaling -}} -{{- else if semverCompare "<1.23-0" (include "argo-cd.kubeVersion" .) -}} +{{- else if semverCompare "<1.23-0" (include "argo-workflows.kubeVersion" .) -}} {{- print "autoscaling/v2beta1" -}} {{- else -}} {{- print "autoscaling/v2" -}} diff --git a/charts/argo-workflows/templates/server/server-deployment-hpa.yaml b/charts/argo-workflows/templates/server/server-deployment-hpa.yaml index ebc45925e..9194bbd9d 100644 --- a/charts/argo-workflows/templates/server/server-deployment-hpa.yaml +++ b/charts/argo-workflows/templates/server/server-deployment-hpa.yaml @@ -1,5 +1,5 @@ {{- if and .Values.server.enabled .Values.server.autoscaling.enabled }} -apiVersion: autoscaling/v2beta1 +apiVersion: {{ include "argo-workflows.apiVersion.autoscaling" . }} kind: HorizontalPodAutoscaler metadata: name: {{ template "argo-workflows.server.fullname" . }} diff --git a/charts/argo-workflows/values.yaml b/charts/argo-workflows/values.yaml index c1c0229e2..e7e268a07 100644 --- a/charts/argo-workflows/values.yaml +++ b/charts/argo-workflows/values.yaml @@ -29,6 +29,11 @@ fullnameOverride: # -- Override the Kubernetes version, which is used to evaluate certain manifests kubeVersionOverride: "" +# Override APIVersions +apiVersionOverrides: + # -- String to override apiVersion of autoscaling rendered by this helm chart + autoscaling: "" # autoscaling/v2 + # -- Restrict Argo to operate only in a single namespace (the namespace of the # Helm release) by apply Roles and RoleBindings instead of the Cluster # equivalents, and start workflow-controller with the --namespaced flag. Use it From cc64b0c9f51b85ec64f23582ee53167ff4abc4d1 Mon Sep 17 00:00:00 2001 From: PidgeyBE Date: Wed, 10 May 2023 12:16:14 +0200 Subject: [PATCH 137/373] fix(argo-workflows): fix clusterworkflowtemplates disabled flag (#2033) * fix clusterworkflowtemplates disabled flag Signed-off-by: Peejai * Bump chart version and add artifacthub changes Signed-off-by: Peejai --------- Signed-off-by: Peejai Co-authored-by: Jason Meridth --- charts/argo-workflows/Chart.yaml | 4 ++-- .../templates/crds/argoproj.io_clusterworkflowtemplates.yaml | 2 ++ 2 files changed, 4 insertions(+), 2 deletions(-) diff --git a/charts/argo-workflows/Chart.yaml b/charts/argo-workflows/Chart.yaml index ae171a11f..0933c3d50 100644 --- a/charts/argo-workflows/Chart.yaml +++ b/charts/argo-workflows/Chart.yaml @@ -3,7 +3,7 @@ appVersion: v3.4.7 name: argo-workflows description: A Helm chart for Argo Workflows type: application -version: 0.26.3 +version: 0.26.4 icon: https://argoproj.github.io/argo-workflows/assets/logo.png home: https://github.com/argoproj/argo-helm sources: @@ -14,4 +14,4 @@ maintainers: annotations: artifacthub.io/changes: | - kind: fixed - description: Fix Helm chart to correctly reference Kubernetes version in conditional check for HPA apiVersion + description: Create clusterWorkflowTemplates CRD only when enabled in Helm values. diff --git a/charts/argo-workflows/templates/crds/argoproj.io_clusterworkflowtemplates.yaml b/charts/argo-workflows/templates/crds/argoproj.io_clusterworkflowtemplates.yaml index 7f767b24d..9264eaba6 100644 --- a/charts/argo-workflows/templates/crds/argoproj.io_clusterworkflowtemplates.yaml +++ b/charts/argo-workflows/templates/crds/argoproj.io_clusterworkflowtemplates.yaml @@ -1,4 +1,5 @@ {{- if .Values.crds.install }} +{{- if or (.Values.server.clusterWorkflowTemplates.enabled) (.Values.controller.clusterWorkflowTemplates.enabled) }} apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: @@ -43,3 +44,4 @@ spec: served: true storage: true {{- end }} +{{- end }} From 07aa087a1942aac79dc04ec41a25a9c2b094ac4b Mon Sep 17 00:00:00 2001 From: Marco Kilchhofer Date: Wed, 10 May 2023 15:06:56 +0200 Subject: [PATCH 138/373] feat(github): Introduce chart signing (#2040) Signed-off-by: Marco Kilchhofer --- .github/configs/cr.yaml | 8 +++++++- .github/workflows/publish.yml | 16 ++++++++++++++++ 2 files changed, 23 insertions(+), 1 deletion(-) diff --git a/.github/configs/cr.yaml b/.github/configs/cr.yaml index 01fdbe0ce..a0d425dca 100644 --- a/.github/configs/cr.yaml +++ b/.github/configs/cr.yaml @@ -1,2 +1,8 @@ ## Reference: https://github.com/helm/chart-releaser -index-path: "./index.yaml" \ No newline at end of file +index-path: "./index.yaml" + +# PGP signing +sign: true +key: Argo Helm maintainers +# keyring: # Set via env variable CR_KEYRING +# passphrase-file: # Set via env variable CR_PASSPHRASE_FILE diff --git a/.github/workflows/publish.yml b/.github/workflows/publish.yml index e104fde25..58d7d22d5 100644 --- a/.github/workflows/publish.yml +++ b/.github/workflows/publish.yml @@ -38,6 +38,22 @@ jobs: run: | git checkout origin/gh-pages index.yaml + # The GitHub repository secret `PGP_PRIVATE_KEY` contains the private key + # in ASCII-armored format. To export a (new) key, run this command: + # `gpg --armor --export-secret-key ` + - name: Prepare PGP key + run: | + IFS="" + echo "$PGP_PRIVATE_KEY" | gpg --dearmor > $HOME/secring.gpg + echo "$PGP_PASSPHRASE" > $HOME/passphrase.txt + + # Tell chart-releaser-action where to find the key and its passphrase + echo "CR_KEYRING=$HOME/secring.gpg" >> "$GITHUB_ENV" + echo "CR_PASSPHRASE_FILE=$HOME/passphrase.txt" >> "$GITHUB_ENV" + env: + PGP_PRIVATE_KEY: "${{ secrets.PGP_PRIVATE_KEY }}" + PGP_PASSPHRASE: "${{ secrets.PGP_PASSPHRASE }}" + - name: Run chart-releaser uses: helm/chart-releaser-action@be16258da8010256c6e82849661221415f031968 # v1.5.0 with: From 8c295d3344dd4c09ef9c8f7b7d8e32b94250ef0b Mon Sep 17 00:00:00 2001 From: Marco Kilchhofer Date: Wed, 10 May 2023 15:49:32 +0200 Subject: [PATCH 139/373] feat(argo-cd): Introduce chart signing (#2042) Signed-off-by: Marco Kilchhofer --- charts/argo-cd/Chart.yaml | 7 +++++-- 1 file changed, 5 insertions(+), 2 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index dd40f29b9..12a1f5f07 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -3,7 +3,7 @@ appVersion: v2.7.1 kubeVersion: ">=1.22.0-0" description: A Helm chart for Argo CD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 5.32.1 +version: 5.32.2 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png sources: @@ -22,6 +22,9 @@ dependencies: repository: https://dandydeveloper.github.io/charts/ condition: redis-ha.enabled annotations: + artifacthub.io/signKey: | + fingerprint: 2B8F22F57260EFA67BE1C5824B11F800CD9D2252 + url: https://argoproj.github.io/argo-helm/pgp_keys.asc artifacthub.io/changes: | - kind: added - description: Enable to customize Service type of applicationset-controller + description: Introduce chart signing From 887f68adb1d8ab3f2a767c99a3f46618faee112b Mon Sep 17 00:00:00 2001 From: Marco Kilchhofer Date: Wed, 10 May 2023 16:20:51 +0200 Subject: [PATCH 140/373] feat(argo-workflows): Introduce chart signing (#2044) Signed-off-by: Marco Kilchhofer --- charts/argo-workflows/Chart.yaml | 9 ++++++--- 1 file changed, 6 insertions(+), 3 deletions(-) diff --git a/charts/argo-workflows/Chart.yaml b/charts/argo-workflows/Chart.yaml index 0933c3d50..066adfa0a 100644 --- a/charts/argo-workflows/Chart.yaml +++ b/charts/argo-workflows/Chart.yaml @@ -3,7 +3,7 @@ appVersion: v3.4.7 name: argo-workflows description: A Helm chart for Argo Workflows type: application -version: 0.26.4 +version: 0.26.5 icon: https://argoproj.github.io/argo-workflows/assets/logo.png home: https://github.com/argoproj/argo-helm sources: @@ -12,6 +12,9 @@ maintainers: - name: argoproj url: https://argoproj.github.io/ annotations: + artifacthub.io/signKey: | + fingerprint: 2B8F22F57260EFA67BE1C5824B11F800CD9D2252 + url: https://argoproj.github.io/argo-helm/pgp_keys.asc artifacthub.io/changes: | - - kind: fixed - description: Create clusterWorkflowTemplates CRD only when enabled in Helm values. + - kind: added + description: Introduce chart signing From 2bd14d38b014ad1d45029c0990605d38eca960df Mon Sep 17 00:00:00 2001 From: Tim Collins <45351296+tico24@users.noreply.github.com> Date: Wed, 10 May 2023 15:30:17 +0100 Subject: [PATCH 141/373] chore(github): Add tico24 to codeowners (#2047) Signed-off-by: Tim Collins Co-authored-by: Aikawa --- CODEOWNERS | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/CODEOWNERS b/CODEOWNERS index 9b0a95c5a..f7432a773 100644 --- a/CODEOWNERS +++ b/CODEOWNERS @@ -2,13 +2,13 @@ * @mkilchhofer @jmeridth # Argo Workflows -/charts/argo-workflows/ @vladlosev @jmeridth @yu-croco +/charts/argo-workflows/ @vladlosev @jmeridth @yu-croco @tico24 # Argo CD -/charts/argo-cd/ @mbevc1 @mkilchhofer @yu-croco @jmeridth @pdrastil +/charts/argo-cd/ @mbevc1 @mkilchhofer @yu-croco @jmeridth @pdrastil @tico24 # Argo Events -/charts/argo-events/ @pdrastil @jmeridth +/charts/argo-events/ @pdrastil @jmeridth @tico24 # Argo Rollouts /charts/argo-rollouts/ @jmeridth From 083f42cdd67ab03c4e45f98b8365ebd291b27318 Mon Sep 17 00:00:00 2001 From: Aikawa Date: Thu, 11 May 2023 00:30:57 +0900 Subject: [PATCH 142/373] feat(argo-rollouts): Upgrade Argo Rollouts to v1.5.0 (#2039) * feat(argo-rollouts): Upgrade Argo Rollouts to v1.5.0 Signed-off-by: yu-croco * feat(argo-rollouts): Add missing configmap for 3rd party metrics providers Signed-off-by: yu-croco * feat: Add signing information Signed-off-by: Marco Kilchhofer --------- Signed-off-by: Marco Kilchhofer Co-authored-by: Marco Kilchhofer Co-authored-by: Jason Meridth --- charts/argo-rollouts/Chart.yaml | 11 ++- charts/argo-rollouts/README.md | 1 + .../templates/controller/configmap.yaml | 12 +++ .../templates/crds/analysis-run-crd.yaml | 70 +++++++++++++++++ .../templates/crds/analysis-template-crd.yaml | 70 +++++++++++++++++ .../crds/cluster-analysis-template-crd.yaml | 70 +++++++++++++++++ .../templates/crds/experiment-crd.yaml | 14 ++++ .../templates/crds/rollout-crd.yaml | 78 ++++++++++++++++++- charts/argo-rollouts/values.yaml | 7 ++ 9 files changed, 328 insertions(+), 5 deletions(-) create mode 100644 charts/argo-rollouts/templates/controller/configmap.yaml diff --git a/charts/argo-rollouts/Chart.yaml b/charts/argo-rollouts/Chart.yaml index 46ca6ba73..ecdcbb391 100644 --- a/charts/argo-rollouts/Chart.yaml +++ b/charts/argo-rollouts/Chart.yaml @@ -1,8 +1,8 @@ apiVersion: v2 -appVersion: v1.4.1 +appVersion: v1.5.0 description: A Helm chart for Argo Rollouts name: argo-rollouts -version: 2.27.0 +version: 2.28.0 home: https://github.com/argoproj/argo-helm icon: https://argoproj.github.io/argo-rollouts/assets/logo.png keywords: @@ -14,6 +14,11 @@ maintainers: - name: argoproj url: https://argoproj.github.io/ annotations: + artifacthub.io/signKey: | + fingerprint: 2B8F22F57260EFA67BE1C5824B11F800CD9D2252 + url: https://argoproj.github.io/argo-helm/pgp_keys.asc artifacthub.io/changes: | + - kind: changed + description: Upgrade Argo Rollouts to v1.5.0 - kind: added - description: Allow extraObjects to contain string templates + description: Introduce chart signing diff --git a/charts/argo-rollouts/README.md b/charts/argo-rollouts/README.md index 58784cf03..aaed870fd 100644 --- a/charts/argo-rollouts/README.md +++ b/charts/argo-rollouts/README.md @@ -85,6 +85,7 @@ For full list of changes please check ArtifactHub [changelog]. | controller.image.tag | string | `""` | Overrides the image tag (default is the chart appVersion) | | controller.initContainers | list | `[]` | Init containers to add to the rollouts controller pod | | controller.livenessProbe | object | See [values.yaml] | Configure liveness [probe] for the controller | +| controller.metricProviderPlugins | object | `{}` | Configures 3rd party metric providers for controller | | controller.metrics.enabled | bool | `false` | Deploy metrics service | | controller.metrics.serviceMonitor.additionalAnnotations | object | `{}` | Annotations to be added to the ServiceMonitor | | controller.metrics.serviceMonitor.additionalLabels | object | `{}` | Labels to be added to the ServiceMonitor | diff --git a/charts/argo-rollouts/templates/controller/configmap.yaml b/charts/argo-rollouts/templates/controller/configmap.yaml new file mode 100644 index 000000000..8eb2bbe2a --- /dev/null +++ b/charts/argo-rollouts/templates/controller/configmap.yaml @@ -0,0 +1,12 @@ +apiVersion: v1 +kind: ConfigMap +metadata: + name: argo-rollouts-config + namespace: {{ .Release.Namespace | quote }} + labels: + app.kubernetes.io/component: {{ .Values.controller.component }} + {{- include "argo-rollouts.labels" . | nindent 4 }} +data: + {{- with .Values.controller.metricProviderPlugins }} + {{- toYaml . | nindent 2 }} + {{- end }} diff --git a/charts/argo-rollouts/templates/crds/analysis-run-crd.yaml b/charts/argo-rollouts/templates/crds/analysis-run-crd.yaml index 70187985c..bc2e61dbc 100644 --- a/charts/argo-rollouts/templates/crds/analysis-run-crd.yaml +++ b/charts/argo-rollouts/templates/crds/analysis-run-crd.yaml @@ -188,6 +188,8 @@ spec: type: object datadog: properties: + apiVersion: + type: string interval: type: string query: @@ -240,6 +242,51 @@ spec: parallelism: format: int32 type: integer + podFailurePolicy: + properties: + rules: + items: + properties: + action: + type: string + onExitCodes: + properties: + containerName: + type: string + operator: + type: string + values: + items: + format: int32 + type: integer + type: array + x-kubernetes-list-type: set + required: + - operator + - values + type: object + onPodConditions: + items: + properties: + status: + type: string + type: + type: string + required: + - status + - type + type: object + type: array + x-kubernetes-list-type: atomic + required: + - action + - onPodConditions + type: object + type: array + x-kubernetes-list-type: atomic + required: + - rules + type: object selector: properties: matchExpressions: @@ -1832,6 +1879,8 @@ spec: type: boolean hostPID: type: boolean + hostUsers: + type: boolean hostname: type: string imagePullSecrets: @@ -2579,12 +2628,21 @@ spec: type: string type: object type: object + matchLabelKeys: + items: + type: string + type: array + x-kubernetes-list-type: atomic maxSkew: format: int32 type: integer minDomains: format: int32 type: integer + nodeAffinityPolicy: + type: string + nodeTaintsPolicy: + type: string topologyKey: type: string whenUnsatisfiable: @@ -2710,6 +2768,9 @@ spec: required: - query type: object + plugin: + type: object + x-kubernetes-preserve-unknown-fields: true prometheus: properties: address: @@ -2717,6 +2778,15 @@ spec: query: type: string type: object + skywalking: + properties: + address: + type: string + interval: + type: string + query: + type: string + type: object wavefront: properties: address: diff --git a/charts/argo-rollouts/templates/crds/analysis-template-crd.yaml b/charts/argo-rollouts/templates/crds/analysis-template-crd.yaml index c28461860..2c73c5c96 100644 --- a/charts/argo-rollouts/templates/crds/analysis-template-crd.yaml +++ b/charts/argo-rollouts/templates/crds/analysis-template-crd.yaml @@ -184,6 +184,8 @@ spec: type: object datadog: properties: + apiVersion: + type: string interval: type: string query: @@ -236,6 +238,51 @@ spec: parallelism: format: int32 type: integer + podFailurePolicy: + properties: + rules: + items: + properties: + action: + type: string + onExitCodes: + properties: + containerName: + type: string + operator: + type: string + values: + items: + format: int32 + type: integer + type: array + x-kubernetes-list-type: set + required: + - operator + - values + type: object + onPodConditions: + items: + properties: + status: + type: string + type: + type: string + required: + - status + - type + type: object + type: array + x-kubernetes-list-type: atomic + required: + - action + - onPodConditions + type: object + type: array + x-kubernetes-list-type: atomic + required: + - rules + type: object selector: properties: matchExpressions: @@ -1828,6 +1875,8 @@ spec: type: boolean hostPID: type: boolean + hostUsers: + type: boolean hostname: type: string imagePullSecrets: @@ -2575,12 +2624,21 @@ spec: type: string type: object type: object + matchLabelKeys: + items: + type: string + type: array + x-kubernetes-list-type: atomic maxSkew: format: int32 type: integer minDomains: format: int32 type: integer + nodeAffinityPolicy: + type: string + nodeTaintsPolicy: + type: string topologyKey: type: string whenUnsatisfiable: @@ -2706,6 +2764,9 @@ spec: required: - query type: object + plugin: + type: object + x-kubernetes-preserve-unknown-fields: true prometheus: properties: address: @@ -2713,6 +2774,15 @@ spec: query: type: string type: object + skywalking: + properties: + address: + type: string + interval: + type: string + query: + type: string + type: object wavefront: properties: address: diff --git a/charts/argo-rollouts/templates/crds/cluster-analysis-template-crd.yaml b/charts/argo-rollouts/templates/crds/cluster-analysis-template-crd.yaml index a00f68fe0..612608de4 100644 --- a/charts/argo-rollouts/templates/crds/cluster-analysis-template-crd.yaml +++ b/charts/argo-rollouts/templates/crds/cluster-analysis-template-crd.yaml @@ -184,6 +184,8 @@ spec: type: object datadog: properties: + apiVersion: + type: string interval: type: string query: @@ -236,6 +238,51 @@ spec: parallelism: format: int32 type: integer + podFailurePolicy: + properties: + rules: + items: + properties: + action: + type: string + onExitCodes: + properties: + containerName: + type: string + operator: + type: string + values: + items: + format: int32 + type: integer + type: array + x-kubernetes-list-type: set + required: + - operator + - values + type: object + onPodConditions: + items: + properties: + status: + type: string + type: + type: string + required: + - status + - type + type: object + type: array + x-kubernetes-list-type: atomic + required: + - action + - onPodConditions + type: object + type: array + x-kubernetes-list-type: atomic + required: + - rules + type: object selector: properties: matchExpressions: @@ -1828,6 +1875,8 @@ spec: type: boolean hostPID: type: boolean + hostUsers: + type: boolean hostname: type: string imagePullSecrets: @@ -2575,12 +2624,21 @@ spec: type: string type: object type: object + matchLabelKeys: + items: + type: string + type: array + x-kubernetes-list-type: atomic maxSkew: format: int32 type: integer minDomains: format: int32 type: integer + nodeAffinityPolicy: + type: string + nodeTaintsPolicy: + type: string topologyKey: type: string whenUnsatisfiable: @@ -2706,6 +2764,9 @@ spec: required: - query type: object + plugin: + type: object + x-kubernetes-preserve-unknown-fields: true prometheus: properties: address: @@ -2713,6 +2774,15 @@ spec: query: type: string type: object + skywalking: + properties: + address: + type: string + interval: + type: string + query: + type: string + type: object wavefront: properties: address: diff --git a/charts/argo-rollouts/templates/crds/experiment-crd.yaml b/charts/argo-rollouts/templates/crds/experiment-crd.yaml index 86af19320..acf989351 100644 --- a/charts/argo-rollouts/templates/crds/experiment-crd.yaml +++ b/charts/argo-rollouts/templates/crds/experiment-crd.yaml @@ -159,6 +159,9 @@ spec: type: object type: object service: + properties: + name: + type: string type: object template: properties: @@ -1727,6 +1730,8 @@ spec: type: boolean hostPID: type: boolean + hostUsers: + type: boolean hostname: type: string imagePullSecrets: @@ -2474,12 +2479,21 @@ spec: type: string type: object type: object + matchLabelKeys: + items: + type: string + type: array + x-kubernetes-list-type: atomic maxSkew: format: int32 type: integer minDomains: format: int32 type: integer + nodeAffinityPolicy: + type: string + nodeTaintsPolicy: + type: string topologyKey: type: string whenUnsatisfiable: diff --git a/charts/argo-rollouts/templates/crds/rollout-crd.yaml b/charts/argo-rollouts/templates/crds/rollout-crd.yaml index 3f6ea7496..0fafbab35 100644 --- a/charts/argo-rollouts/templates/crds/rollout-crd.yaml +++ b/charts/argo-rollouts/templates/crds/rollout-crd.yaml @@ -163,6 +163,17 @@ spec: x-kubernetes-int-or-string: true postPromotionAnalysis: properties: + analysisRunMetadata: + properties: + annotations: + additionalProperties: + type: string + type: object + labels: + additionalProperties: + type: string + type: object + type: object args: items: properties: @@ -220,6 +231,17 @@ spec: type: object prePromotionAnalysis: properties: + analysisRunMetadata: + properties: + annotations: + additionalProperties: + type: string + type: object + labels: + additionalProperties: + type: string + type: object + type: object args: items: properties: @@ -307,6 +329,17 @@ spec: type: integer analysis: properties: + analysisRunMetadata: + properties: + annotations: + additionalProperties: + type: string + type: object + labels: + additionalProperties: + type: string + type: object + type: object args: items: properties: @@ -440,6 +473,17 @@ spec: properties: analysis: properties: + analysisRunMetadata: + properties: + annotations: + additionalProperties: + type: string + type: object + labels: + additionalProperties: + type: string + type: object + type: object args: items: properties: @@ -580,6 +624,11 @@ spec: type: string type: object type: object + service: + properties: + name: + type: string + type: object specRef: type: string weight: @@ -869,9 +918,14 @@ spec: type: string stableIngress: type: string - required: - - stableIngress + stableIngresses: + items: + type: string + type: array + type: object + plugins: type: object + x-kubernetes-preserve-unknown-fields: true smi: properties: rootService: @@ -2456,6 +2510,8 @@ spec: type: boolean hostPID: type: boolean + hostUsers: + type: boolean hostname: type: string imagePullSecrets: @@ -3203,12 +3259,21 @@ spec: type: string type: object type: object + matchLabelKeys: + items: + type: string + type: array + x-kubernetes-list-type: atomic maxSkew: format: int32 type: integer minDomains: format: int32 type: integer + nodeAffinityPolicy: + type: string + nodeTaintsPolicy: + type: string topologyKey: type: string whenUnsatisfiable: @@ -3257,30 +3322,39 @@ spec: properties: arn: type: string + fullName: + type: string name: type: string required: - arn + - fullName - name type: object loadBalancer: properties: arn: type: string + fullName: + type: string name: type: string required: - arn + - fullName - name type: object stableTargetGroup: properties: arn: type: string + fullName: + type: string name: type: string required: - arn + - fullName - name type: object type: object diff --git a/charts/argo-rollouts/values.yaml b/charts/argo-rollouts/values.yaml index 28a6f1f81..d1c91e30e 100644 --- a/charts/argo-rollouts/values.yaml +++ b/charts/argo-rollouts/values.yaml @@ -169,6 +169,13 @@ controller: # - mountPath: /etc/ssl/certs # name: my-certs + # -- Configures 3rd party metric providers for controller + ## Ref: https://argo-rollouts.readthedocs.io/en/stable/analysis/plugins/ + metricProviderPlugins: {} + # metricProviderPlugins: |- + # - name: "argoproj-labs/sample-prometheus" # name of the plugin, it must match the name required by the plugin so that it can find its configuration + # location: "file://./my-custom-plugin" # supports http(s):// urls and file:// + serviceAccount: # -- Specifies whether a service account should be created create: true From a487e177845c686f633b31b249e7dc7722aad8ad Mon Sep 17 00:00:00 2001 From: Marco Kilchhofer Date: Wed, 10 May 2023 17:45:46 +0200 Subject: [PATCH 143/373] feat(argo-events): Introduce chart signing (#2043) Signed-off-by: Marco Kilchhofer --- charts/argo-events/Chart.yaml | 9 ++++++--- 1 file changed, 6 insertions(+), 3 deletions(-) diff --git a/charts/argo-events/Chart.yaml b/charts/argo-events/Chart.yaml index d6ce3465a..c35d0f960 100644 --- a/charts/argo-events/Chart.yaml +++ b/charts/argo-events/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v2 appVersion: v1.7.6 description: A Helm chart for Argo Events, the event-driven workflow automation framework name: argo-events -version: 2.3.2 +version: 2.3.3 home: https://github.com/argoproj/argo-helm icon: https://avatars.githubusercontent.com/u/30269780?s=200&v=4 keywords: @@ -14,6 +14,9 @@ maintainers: - name: argoproj url: https://argoproj.github.io/ annotations: + artifacthub.io/signKey: | + fingerprint: 2B8F22F57260EFA67BE1C5824B11F800CD9D2252 + url: https://argoproj.github.io/argo-helm/pgp_keys.asc artifacthub.io/changes: | - - kind: fixed - description: Use correct artifacthub kind and get latest chart version to artifacthub + - kind: added + description: Introduce chart signing From fc47f9baa6613ff747fda14cca0847f9b3e8b716 Mon Sep 17 00:00:00 2001 From: Marco Kilchhofer Date: Wed, 10 May 2023 18:46:04 +0200 Subject: [PATCH 144/373] feat(argocd-image-updater): Introduce chart signing (#2046) Signed-off-by: Marco Kilchhofer --- charts/argocd-image-updater/Chart.yaml | 9 ++++++--- 1 file changed, 6 insertions(+), 3 deletions(-) diff --git a/charts/argocd-image-updater/Chart.yaml b/charts/argocd-image-updater/Chart.yaml index d6ec30ef3..665f4badc 100644 --- a/charts/argocd-image-updater/Chart.yaml +++ b/charts/argocd-image-updater/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v2 name: argocd-image-updater description: A Helm chart for Argo CD Image Updater, a tool to automatically update the container images of Kubernetes workloads which are managed by Argo CD type: application -version: 0.9.0 +version: 0.9.1 appVersion: v0.12.2 home: https://github.com/argoproj-labs/argocd-image-updater icon: https://argocd-image-updater.readthedocs.io/en/stable/assets/logo.png @@ -14,6 +14,9 @@ maintainers: - name: argoproj url: https://argoproj.github.io/ annotations: + artifacthub.io/signKey: | + fingerprint: 2B8F22F57260EFA67BE1C5824B11F800CD9D2252 + url: https://argoproj.github.io/argo-helm/pgp_keys.asc artifacthub.io/changes: | - - kind: fixed - description: add namespace field for namespace scoped resources + - kind: added + description: Introduce chart signing From b37a9e72a68d8fafe3cddd14cf2b3ed6722eff4a Mon Sep 17 00:00:00 2001 From: Marco Kilchhofer Date: Wed, 10 May 2023 18:57:43 +0200 Subject: [PATCH 145/373] feat(argocd-apps): Introduce chart signing (#2045) Signed-off-by: Marco Kilchhofer Co-authored-by: Aikawa --- charts/argocd-apps/Chart.yaml | 9 ++++++--- 1 file changed, 6 insertions(+), 3 deletions(-) diff --git a/charts/argocd-apps/Chart.yaml b/charts/argocd-apps/Chart.yaml index c8e37b3b9..0c55671d3 100644 --- a/charts/argocd-apps/Chart.yaml +++ b/charts/argocd-apps/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v2 name: argocd-apps description: A Helm chart for managing additional Argo CD Applications and Projects type: application -version: 1.0.0 +version: 1.0.1 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png keywords: @@ -13,6 +13,9 @@ maintainers: - name: argoproj url: https://argoproj.github.io/ annotations: + artifacthub.io/signKey: | + fingerprint: 2B8F22F57260EFA67BE1C5824B11F800CD9D2252 + url: https://argoproj.github.io/argo-helm/pgp_keys.asc artifacthub.io/changes: | - - kind: fixed - description: Changed the project field of the applicationset from a tpl function to a string. + - kind: added + description: Introduce chart signing From f6d44750b8ecf25e272b22dd78950e3ad43e0ffd Mon Sep 17 00:00:00 2001 From: PidgeyBE Date: Thu, 11 May 2023 02:09:33 +0200 Subject: [PATCH 146/373] fix(argo-workflows): Fix templating in several places (#2026) * Add artifacthub changes Signed-off-by: Peejai * fix templating list of yamls Signed-off-by: Peejai * Bump version and fix templating for gcs and azure as well Signed-off-by: Peejai --------- Signed-off-by: Peejai Co-authored-by: Aikawa --- charts/argo-workflows/Chart.yaml | 6 +++--- .../workflow-controller-config-map.yaml | 20 +++++++++---------- .../workflow-controller-deployment.yaml | 2 +- .../templates/server/server-deployment.yaml | 2 +- charts/argo-workflows/values.yaml | 4 ++-- 5 files changed, 17 insertions(+), 17 deletions(-) diff --git a/charts/argo-workflows/Chart.yaml b/charts/argo-workflows/Chart.yaml index 066adfa0a..3217d8e4b 100644 --- a/charts/argo-workflows/Chart.yaml +++ b/charts/argo-workflows/Chart.yaml @@ -3,7 +3,7 @@ appVersion: v3.4.7 name: argo-workflows description: A Helm chart for Argo Workflows type: application -version: 0.26.5 +version: 0.26.6 icon: https://argoproj.github.io/argo-workflows/assets/logo.png home: https://github.com/argoproj/argo-helm sources: @@ -16,5 +16,5 @@ annotations: fingerprint: 2B8F22F57260EFA67BE1C5824B11F800CD9D2252 url: https://argoproj.github.io/argo-helm/pgp_keys.asc artifacthub.io/changes: | - - kind: added - description: Introduce chart signing + - kind: fixed + description: Fix Helm templating in S3 config and extra init containers diff --git a/charts/argo-workflows/templates/controller/workflow-controller-config-map.yaml b/charts/argo-workflows/templates/controller/workflow-controller-config-map.yaml index 55720eb2c..d30db859c 100644 --- a/charts/argo-workflows/templates/controller/workflow-controller-config-map.yaml +++ b/charts/argo-workflows/templates/controller/workflow-controller-config-map.yaml @@ -60,29 +60,29 @@ data: archiveLogs: {{ .Values.artifactRepository.archiveLogs }} {{- end }} {{- with .Values.artifactRepository.gcs }} - gcs: {{- toYaml . | nindent 8 }} + gcs: {{- tpl (toYaml .) $ | nindent 8 }} {{- end }} {{- with .Values.artifactRepository.azure }} - azure: {{- toYaml . | nindent 8 }} + azure: {{- tpl (toYaml .) $ | nindent 8 }} {{- end }} {{- if and (not .Values.artifactRepository.gcs) (not .Values.artifactRepository.azure) }} s3: {{- if .Values.useStaticCredentials }} accessKeySecret: - key: {{ .Values.artifactRepository.s3.accessKeySecret.key }} - name: {{ .Values.artifactRepository.s3.accessKeySecret.name }} + key: {{ tpl .Values.artifactRepository.s3.accessKeySecret.key . }} + name: {{ tpl .Values.artifactRepository.s3.accessKeySecret.name . }} secretKeySecret: - key: {{ .Values.artifactRepository.s3.secretKeySecret.key }} - name: {{ .Values.artifactRepository.s3.secretKeySecret.name }} + key: {{ tpl .Values.artifactRepository.s3.secretKeySecret.key . }} + name: {{ tpl .Values.artifactRepository.s3.secretKeySecret.name . }} {{- end }} - bucket: {{ .Values.artifactRepository.s3.bucket }} - endpoint: {{ .Values.artifactRepository.s3.endpoint }} + bucket: {{ tpl (.Values.artifactRepository.s3.bucket | default "") . }} + endpoint: {{ tpl (.Values.artifactRepository.s3.endpoint | default "") . }} insecure: {{ .Values.artifactRepository.s3.insecure }} {{- if .Values.artifactRepository.s3.keyFormat }} keyFormat: {{ .Values.artifactRepository.s3.keyFormat | quote }} {{- end }} {{- if .Values.artifactRepository.s3.region }} - region: {{ .Values.artifactRepository.s3.region }} + region: {{ tpl .Values.artifactRepository.s3.region $ }} {{- end }} {{- if .Values.artifactRepository.s3.roleARN }} roleARN: {{ .Values.artifactRepository.s3.roleARN }} @@ -184,4 +184,4 @@ data: {{- end }} {{- with .Values.controller.podGCDeleteDelayDuration }} podGCDeleteDelayDuration: {{ . }} - {{- end }} + {{- end }} \ No newline at end of file diff --git a/charts/argo-workflows/templates/controller/workflow-controller-deployment.yaml b/charts/argo-workflows/templates/controller/workflow-controller-deployment.yaml index 4ee117b8b..c391bee80 100644 --- a/charts/argo-workflows/templates/controller/workflow-controller-deployment.yaml +++ b/charts/argo-workflows/templates/controller/workflow-controller-deployment.yaml @@ -35,7 +35,7 @@ spec: {{- end }} {{- with .Values.controller.extraInitContainers }} initContainers: - {{- toYaml . | nindent 8 }} + {{- tpl (toYaml .) $ | nindent 8 }} {{- end }} containers: - name: controller diff --git a/charts/argo-workflows/templates/server/server-deployment.yaml b/charts/argo-workflows/templates/server/server-deployment.yaml index d75933ac2..b2e509677 100644 --- a/charts/argo-workflows/templates/server/server-deployment.yaml +++ b/charts/argo-workflows/templates/server/server-deployment.yaml @@ -38,7 +38,7 @@ spec: {{- end }} {{- with .Values.server.extraInitContainers }} initContainers: - {{- toYaml . | nindent 8 }} + {{- tpl (toYaml .) $ | nindent 8 }} {{- end }} containers: - name: argo-server diff --git a/charts/argo-workflows/values.yaml b/charts/argo-workflows/values.yaml index e7e268a07..0e5af428f 100644 --- a/charts/argo-workflows/values.yaml +++ b/charts/argo-workflows/values.yaml @@ -655,10 +655,10 @@ artifactRepository: # Note the `key` attribute is not the actual secret, it's the PATH to # the contents in the associated secret, as defined by the `name` attribute. accessKeySecret: - # name: -minio + name: "{{ .Release.Name }}-minio" key: accesskey secretKeySecret: - # name: -minio + name: "{{ .Release.Name }}-minio" key: secretkey # insecure will disable TLS. Primarily used for minio installs not configured with TLS insecure: false From 8402303bf8fcbf2433a9b99714f89f232c0777db Mon Sep 17 00:00:00 2001 From: Marco Kilchhofer Date: Thu, 11 May 2023 02:39:56 +0200 Subject: [PATCH 147/373] feat(argo-cd): Add ability to add prometheus.io/scrape annotations (#2037) --- charts/argo-cd/Chart.yaml | 6 +++-- charts/argo-cd/README.md | 11 +++++++++ .../metrics.yaml | 12 ++++++++-- .../argocd-applicationset/metrics.yaml | 12 ++++++++-- .../argocd-notifications/metrics.yaml | 12 ++++++++-- .../templates/argocd-repo-server/metrics.yaml | 12 ++++++++-- .../templates/argocd-server/metrics.yaml | 12 ++++++++-- charts/argo-cd/templates/redis/metrics.yaml | 12 ++++++---- charts/argo-cd/values.yaml | 23 +++++++++++++++++++ 9 files changed, 96 insertions(+), 16 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index 12a1f5f07..a8d8e721e 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -3,7 +3,7 @@ appVersion: v2.7.1 kubeVersion: ">=1.22.0-0" description: A Helm chart for Argo CD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 5.32.2 +version: 5.33.0 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png sources: @@ -27,4 +27,6 @@ annotations: url: https://argoproj.github.io/argo-helm/pgp_keys.asc artifacthub.io/changes: | - kind: added - description: Introduce chart signing + description: Ability to add prometheus.io/scrape annotations to all metrics services + - kind: added + description: Ability to change metrics service type and clusterIP diff --git a/charts/argo-cd/README.md b/charts/argo-cd/README.md index 054dc2f9c..6f25e5ced 100644 --- a/charts/argo-cd/README.md +++ b/charts/argo-cd/README.md @@ -394,6 +394,7 @@ NAME: my-release | Key | Type | Default | Description | |-----|------|---------|-------------| +| global.addPrometheusAnnotations | bool | `false` | Add Prometheus scrape annotations to all metrics services. This can be used as an alternative to the ServiceMonitors. | | global.additionalLabels | object | `{}` | Common labels for the all resources | | global.affinity.nodeAffinity.matchExpressions | list | `[]` | Default match expressions for node affinity | | global.affinity.nodeAffinity.type | string | `"hard"` | Default node affinity rules. Either: `none`, `soft` or `hard` | @@ -513,9 +514,11 @@ NAME: my-release | controller.metrics.rules.selector | object | `{}` | PrometheusRule selector | | controller.metrics.rules.spec | list | `[]` | PrometheusRule.Spec for the application controller | | controller.metrics.service.annotations | object | `{}` | Metrics service annotations | +| controller.metrics.service.clusterIP | string | `""` | Metrics service clusterIP. `None` makes a "headless service" (no virtual IP) | | controller.metrics.service.labels | object | `{}` | Metrics service labels | | controller.metrics.service.portName | string | `"http-metrics"` | Metrics service port name | | controller.metrics.service.servicePort | int | `8082` | Metrics service port | +| controller.metrics.service.type | string | `"ClusterIP"` | Metrics service type | | controller.metrics.serviceMonitor.additionalLabels | object | `{}` | Prometheus ServiceMonitor labels | | controller.metrics.serviceMonitor.annotations | object | `{}` | Prometheus ServiceMonitor annotations | | controller.metrics.serviceMonitor.enabled | bool | `false` | Enable a prometheus ServiceMonitor | @@ -597,9 +600,11 @@ NAME: my-release | repoServer.livenessProbe.timeoutSeconds | int | `1` | Number of seconds after which the [probe] times out | | repoServer.metrics.enabled | bool | `false` | Deploy metrics service | | repoServer.metrics.service.annotations | object | `{}` | Metrics service annotations | +| repoServer.metrics.service.clusterIP | string | `""` | Metrics service clusterIP. `None` makes a "headless service" (no virtual IP) | | repoServer.metrics.service.labels | object | `{}` | Metrics service labels | | repoServer.metrics.service.portName | string | `"http-metrics"` | Metrics service port name | | repoServer.metrics.service.servicePort | int | `8084` | Metrics service port | +| repoServer.metrics.service.type | string | `"ClusterIP"` | Metrics service type | | repoServer.metrics.serviceMonitor.additionalLabels | object | `{}` | Prometheus ServiceMonitor labels | | repoServer.metrics.serviceMonitor.annotations | object | `{}` | Prometheus ServiceMonitor annotations | | repoServer.metrics.serviceMonitor.enabled | bool | `false` | Enable a prometheus ServiceMonitor | @@ -731,9 +736,11 @@ NAME: my-release | server.livenessProbe.timeoutSeconds | int | `1` | Number of seconds after which the [probe] times out | | server.metrics.enabled | bool | `false` | Deploy metrics service | | server.metrics.service.annotations | object | `{}` | Metrics service annotations | +| server.metrics.service.clusterIP | string | `""` | Metrics service clusterIP. `None` makes a "headless service" (no virtual IP) | | server.metrics.service.labels | object | `{}` | Metrics service labels | | server.metrics.service.portName | string | `"http-metrics"` | Metrics service port name | | server.metrics.service.servicePort | int | `8083` | Metrics service port | +| server.metrics.service.type | string | `"ClusterIP"` | Metrics service type | | server.metrics.serviceMonitor.additionalLabels | object | `{}` | Prometheus ServiceMonitor labels | | server.metrics.serviceMonitor.annotations | object | `{}` | Prometheus ServiceMonitor annotations | | server.metrics.serviceMonitor.enabled | bool | `false` | Enable a prometheus ServiceMonitor | @@ -1044,9 +1051,11 @@ If you want to use an existing Redis (eg. a managed service from a cloud provide | applicationSet.livenessProbe.timeoutSeconds | int | `1` | Number of seconds after which the [probe] times out | | applicationSet.metrics.enabled | bool | `false` | Deploy metrics service | | applicationSet.metrics.service.annotations | object | `{}` | Metrics service annotations | +| applicationSet.metrics.service.clusterIP | string | `""` | Metrics service clusterIP. `None` makes a "headless service" (no virtual IP) | | applicationSet.metrics.service.labels | object | `{}` | Metrics service labels | | applicationSet.metrics.service.portName | string | `"http-metrics"` | Metrics service port name | | applicationSet.metrics.service.servicePort | int | `8085` | Metrics service port | +| applicationSet.metrics.service.type | string | `"ClusterIP"` | Metrics service type | | applicationSet.metrics.serviceMonitor.additionalLabels | object | `{}` | Prometheus ServiceMonitor labels | | applicationSet.metrics.serviceMonitor.annotations | object | `{}` | Prometheus ServiceMonitor annotations | | applicationSet.metrics.serviceMonitor.enabled | bool | `false` | Enable a prometheus ServiceMonitor | @@ -1128,8 +1137,10 @@ If you want to use an existing Redis (eg. a managed service from a cloud provide | notifications.metrics.enabled | bool | `false` | Enables prometheus metrics server | | notifications.metrics.port | int | `9001` | Metrics port | | notifications.metrics.service.annotations | object | `{}` | Metrics service annotations | +| notifications.metrics.service.clusterIP | string | `""` | Metrics service clusterIP. `None` makes a "headless service" (no virtual IP) | | notifications.metrics.service.labels | object | `{}` | Metrics service labels | | notifications.metrics.service.portName | string | `"http-metrics"` | Metrics service port name | +| notifications.metrics.service.type | string | `"ClusterIP"` | Metrics service type | | notifications.metrics.serviceMonitor.additionalLabels | object | `{}` | Prometheus ServiceMonitor labels | | notifications.metrics.serviceMonitor.annotations | object | `{}` | Prometheus ServiceMonitor annotations | | notifications.metrics.serviceMonitor.enabled | bool | `false` | Enable a prometheus ServiceMonitor | diff --git a/charts/argo-cd/templates/argocd-application-controller/metrics.yaml b/charts/argo-cd/templates/argocd-application-controller/metrics.yaml index 754b8490a..01b7a779c 100644 --- a/charts/argo-cd/templates/argocd-application-controller/metrics.yaml +++ b/charts/argo-cd/templates/argocd-application-controller/metrics.yaml @@ -9,13 +9,21 @@ metadata: {{- with .Values.controller.metrics.service.labels }} {{- toYaml . | nindent 4 }} {{- end }} - {{- with .Values.controller.metrics.service.annotations }} + {{- if or .Values.controller.metrics.service.annotations .Values.global.addPrometheusAnnotations }} annotations: - {{- range $key, $value := . }} + {{- if .Values.global.addPrometheusAnnotations }} + prometheus.io/port: {{ .Values.controller.metrics.service.servicePort | quote }} + prometheus.io/scrape: "true" + {{- end }} + {{- range $key, $value := .Values.controller.metrics.service.annotations }} {{ $key }}: {{ $value | quote }} {{- end }} {{- end }} spec: + type: {{ .Values.controller.metrics.service.type }} + {{- if and .Values.controller.metrics.service.clusterIP (eq .Values.controller.metrics.service.type "ClusterIP") }} + clusterIP: {{ .Values.controller.metrics.service.clusterIP }} + {{- end }} ports: - name: {{ .Values.controller.metrics.service.portName }} protocol: TCP diff --git a/charts/argo-cd/templates/argocd-applicationset/metrics.yaml b/charts/argo-cd/templates/argocd-applicationset/metrics.yaml index fdac0bcf3..ad26d22d4 100644 --- a/charts/argo-cd/templates/argocd-applicationset/metrics.yaml +++ b/charts/argo-cd/templates/argocd-applicationset/metrics.yaml @@ -9,13 +9,21 @@ metadata: {{- with .Values.applicationSet.metrics.service.labels }} {{- toYaml . | nindent 4 }} {{- end }} - {{- with .Values.applicationSet.metrics.service.annotations }} + {{- if or .Values.applicationSet.metrics.service.annotations .Values.global.addPrometheusAnnotations }} annotations: - {{- range $key, $value := . }} + {{- if .Values.global.addPrometheusAnnotations }} + prometheus.io/port: {{ .Values.applicationSet.metrics.service.servicePort | quote }} + prometheus.io/scrape: "true" + {{- end }} + {{- range $key, $value := .Values.applicationSet.metrics.service.annotations }} {{ $key }}: {{ $value | quote }} {{- end }} {{- end }} spec: + type: {{ .Values.applicationSet.metrics.service.type }} + {{- if and .Values.applicationSet.metrics.service.clusterIP (eq .Values.applicationSet.metrics.service.type "ClusterIP") }} + clusterIP: {{ .Values.applicationSet.metrics.service.clusterIP }} + {{- end }} ports: - name: {{ .Values.applicationSet.metrics.service.portName }} protocol: TCP diff --git a/charts/argo-cd/templates/argocd-notifications/metrics.yaml b/charts/argo-cd/templates/argocd-notifications/metrics.yaml index 3c30a0853..b5ce611da 100644 --- a/charts/argo-cd/templates/argocd-notifications/metrics.yaml +++ b/charts/argo-cd/templates/argocd-notifications/metrics.yaml @@ -9,13 +9,21 @@ metadata: {{- with .Values.notifications.metrics.service.labels }} {{- toYaml . | nindent 4 }} {{- end }} - {{- with .Values.notifications.metrics.service.annotations }} + {{- if or .Values.notifications.metrics.service.annotations .Values.global.addPrometheusAnnotations }} annotations: - {{- range $key, $value := . }} + {{- if .Values.global.addPrometheusAnnotations }} + prometheus.io/port: {{ .Values.notifications.metrics.port | quote }} + prometheus.io/scrape: "true" + {{- end }} + {{- range $key, $value := .Values.notifications.metrics.service.annotations }} {{ $key }}: {{ $value | quote }} {{- end }} {{- end }} spec: + type: {{ .Values.notifications.metrics.service.type }} + {{- if and .Values.notifications.metrics.service.clusterIP (eq .Values.notifications.metrics.service.type "ClusterIP") }} + clusterIP: {{ .Values.notifications.metrics.service.clusterIP }} + {{- end }} selector: {{- include "argo-cd.selectorLabels" (dict "context" . "name" .Values.notifications.name) | nindent 6 }} ports: diff --git a/charts/argo-cd/templates/argocd-repo-server/metrics.yaml b/charts/argo-cd/templates/argocd-repo-server/metrics.yaml index b2be38eeb..514595a24 100644 --- a/charts/argo-cd/templates/argocd-repo-server/metrics.yaml +++ b/charts/argo-cd/templates/argocd-repo-server/metrics.yaml @@ -9,13 +9,21 @@ metadata: {{- with .Values.repoServer.metrics.service.labels }} {{- toYaml . | nindent 4 }} {{- end }} - {{- with .Values.repoServer.metrics.service.annotations }} + {{- if or .Values.repoServer.metrics.service.annotations .Values.global.addPrometheusAnnotations }} annotations: - {{- range $key, $value := . }} + {{- if .Values.global.addPrometheusAnnotations }} + prometheus.io/port: {{ .Values.repoServer.metrics.service.servicePort | quote }} + prometheus.io/scrape: "true" + {{- end }} + {{- range $key, $value := .Values.repoServer.metrics.service.annotations }} {{ $key }}: {{ $value | quote }} {{- end }} {{- end }} spec: + type: {{ .Values.repoServer.metrics.service.type }} + {{- if and .Values.repoServer.metrics.service.clusterIP (eq .Values.repoServer.metrics.service.type "ClusterIP") }} + clusterIP: {{ .Values.repoServer.metrics.service.clusterIP }} + {{- end }} ports: - name: {{ .Values.repoServer.metrics.service.portName }} protocol: TCP diff --git a/charts/argo-cd/templates/argocd-server/metrics.yaml b/charts/argo-cd/templates/argocd-server/metrics.yaml index 3a9f46f71..3844820e6 100644 --- a/charts/argo-cd/templates/argocd-server/metrics.yaml +++ b/charts/argo-cd/templates/argocd-server/metrics.yaml @@ -9,13 +9,21 @@ metadata: {{- with .Values.server.metrics.service.labels }} {{- toYaml . | nindent 4 }} {{- end }} - {{- with .Values.server.metrics.service.annotations }} + {{- if or .Values.server.metrics.service.annotations .Values.global.addPrometheusAnnotations }} annotations: - {{- range $key, $value := . }} + {{- if .Values.global.addPrometheusAnnotations }} + prometheus.io/port: {{ .Values.server.metrics.service.servicePort | quote }} + prometheus.io/scrape: "true" + {{- end }} + {{- range $key, $value := .Values.server.metrics.service.annotations }} {{ $key }}: {{ $value | quote }} {{- end }} {{- end }} spec: + type: {{ .Values.server.metrics.service.type }} + {{- if and .Values.server.metrics.service.clusterIP (eq .Values.server.metrics.service.type "ClusterIP") }} + clusterIP: {{ .Values.server.metrics.service.clusterIP }} + {{- end }} ports: - name: {{ .Values.server.metrics.service.portName }} protocol: TCP diff --git a/charts/argo-cd/templates/redis/metrics.yaml b/charts/argo-cd/templates/redis/metrics.yaml index db5262855..67b4c3ac4 100644 --- a/charts/argo-cd/templates/redis/metrics.yaml +++ b/charts/argo-cd/templates/redis/metrics.yaml @@ -10,16 +10,20 @@ metadata: {{- with .Values.redis.metrics.service.labels }} {{- toYaml . | nindent 4 }} {{- end }} - {{- with .Values.redis.metrics.service.annotations }} + {{- if or .Values.redis.metrics.service.annotations .Values.global.addPrometheusAnnotations }} annotations: - {{- range $key, $value := . }} + {{- if .Values.global.addPrometheusAnnotations }} + prometheus.io/port: {{ .Values.redis.metrics.service.servicePort | quote }} + prometheus.io/scrape: "true" + {{- end }} + {{- range $key, $value := .Values.redis.metrics.service.annotations }} {{ $key }}: {{ $value | quote }} {{- end }} {{- end }} spec: type: {{ .Values.redis.metrics.service.type }} - {{- with .Values.redis.metrics.service.clusterIP }} - clusterIP: {{ . }} + {{- if and .Values.redis.metrics.service.clusterIP (eq .Values.redis.metrics.service.type "ClusterIP") }} + clusterIP: {{ .Values.redis.metrics.service.clusterIP }} {{- end }} ports: - name: {{ .Values.redis.metrics.service.portName }} diff --git a/charts/argo-cd/values.yaml b/charts/argo-cd/values.yaml index 3f95a663d..9ee41698c 100644 --- a/charts/argo-cd/values.yaml +++ b/charts/argo-cd/values.yaml @@ -79,6 +79,9 @@ global: # -- Labels for the all deployed pods podLabels: {} + # -- Add Prometheus scrape annotations to all metrics services. This can be used as an alternative to the ServiceMonitors. + addPrometheusAnnotations: false + # -- Toggle and define pod-level security context. # @default -- `{}` (See [values.yaml]) securityContext: {} @@ -762,6 +765,10 @@ controller: # -- Additional labels labels: [] service: + # -- Metrics service type + type: ClusterIP + # -- Metrics service clusterIP. `None` makes a "headless service" (no virtual IP) + clusterIP: "" # -- Metrics service annotations annotations: {} # -- Metrics service labels @@ -1773,6 +1780,10 @@ server: # -- Deploy metrics service enabled: false service: + # -- Metrics service type + type: ClusterIP + # -- Metrics service clusterIP. `None` makes a "headless service" (no virtual IP) + clusterIP: "" # -- Metrics service annotations annotations: {} # -- Metrics service labels @@ -2241,6 +2252,10 @@ repoServer: # -- Deploy metrics service enabled: false service: + # -- Metrics service type + type: ClusterIP + # -- Metrics service clusterIP. `None` makes a "headless service" (no virtual IP) + clusterIP: "" # -- Metrics service annotations annotations: {} # -- Metrics service labels @@ -2394,6 +2409,10 @@ applicationSet: # -- Deploy metrics service enabled: false service: + # -- Metrics service type + type: ClusterIP + # -- Metrics service clusterIP. `None` makes a "headless service" (no virtual IP) + clusterIP: "" # -- Metrics service annotations annotations: {} # -- Metrics service labels @@ -2715,6 +2734,10 @@ notifications: # -- Metrics port port: 9001 service: + # -- Metrics service type + type: ClusterIP + # -- Metrics service clusterIP. `None` makes a "headless service" (no virtual IP) + clusterIP: "" # -- Metrics service annotations annotations: {} # -- Metrics service labels From 5873a1bc331e37c9500e4337d2ad2deca2fd8c80 Mon Sep 17 00:00:00 2001 From: Cyril Jouve Date: Thu, 11 May 2023 08:39:17 +0200 Subject: [PATCH 148/373] feat(argo-workflows): allow extraObjects to contain string template (#1995) [argo-workflows] allow extraObjects to contain string template Signed-off-by: Cyril Jouve Signed-off-by: Marco Kilchhofer Co-authored-by: Marco Kilchhofer --- charts/argo-workflows/Chart.yaml | 6 +++--- charts/argo-workflows/templates/extra-manifests.yaml | 6 +++++- 2 files changed, 8 insertions(+), 4 deletions(-) diff --git a/charts/argo-workflows/Chart.yaml b/charts/argo-workflows/Chart.yaml index 3217d8e4b..9b2324219 100644 --- a/charts/argo-workflows/Chart.yaml +++ b/charts/argo-workflows/Chart.yaml @@ -3,7 +3,7 @@ appVersion: v3.4.7 name: argo-workflows description: A Helm chart for Argo Workflows type: application -version: 0.26.6 +version: 0.27.0 icon: https://argoproj.github.io/argo-workflows/assets/logo.png home: https://github.com/argoproj/argo-helm sources: @@ -16,5 +16,5 @@ annotations: fingerprint: 2B8F22F57260EFA67BE1C5824B11F800CD9D2252 url: https://argoproj.github.io/argo-helm/pgp_keys.asc artifacthub.io/changes: | - - kind: fixed - description: Fix Helm templating in S3 config and extra init containers + - kind: added + description: Allow extraObjects to contain string templates diff --git a/charts/argo-workflows/templates/extra-manifests.yaml b/charts/argo-workflows/templates/extra-manifests.yaml index a9bb3b6ba..f17b1a93b 100644 --- a/charts/argo-workflows/templates/extra-manifests.yaml +++ b/charts/argo-workflows/templates/extra-manifests.yaml @@ -1,4 +1,8 @@ {{ range .Values.extraObjects }} --- -{{ tpl (toYaml .) $ }} +{{- if typeIs "string" . }} + {{- tpl . $ }} +{{- else }} + {{- tpl (toYaml .) $ }} +{{- end }} {{ end }} From 1492e23522339e07e281aed0c7e659ce6a9d2189 Mon Sep 17 00:00:00 2001 From: Jonas Eilers <133217951+jdvgh@users.noreply.github.com> Date: Thu, 11 May 2023 16:06:46 +0200 Subject: [PATCH 149/373] feat(argo-cd): Add ability to add additional labels to all CRDs (#2051) feat(argo-cd): Add ability to add additional labels to all CRDs via .Values.crds.additionalLabels Signed-off-by: jdvgh <133217951+jdvgh@users.noreply.github.com> --- charts/argo-cd/Chart.yaml | 6 ++---- charts/argo-cd/README.md | 1 + charts/argo-cd/templates/crds/crd-application.yaml | 3 +++ charts/argo-cd/templates/crds/crd-applicationset.yaml | 3 +++ charts/argo-cd/templates/crds/crd-extension.yaml | 3 +++ charts/argo-cd/templates/crds/crd-project.yaml | 3 +++ charts/argo-cd/values.yaml | 2 ++ 7 files changed, 17 insertions(+), 4 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index a8d8e721e..b199884ea 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -3,7 +3,7 @@ appVersion: v2.7.1 kubeVersion: ">=1.22.0-0" description: A Helm chart for Argo CD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 5.33.0 +version: 5.33.1 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png sources: @@ -27,6 +27,4 @@ annotations: url: https://argoproj.github.io/argo-helm/pgp_keys.asc artifacthub.io/changes: | - kind: added - description: Ability to add prometheus.io/scrape annotations to all metrics services - - kind: added - description: Ability to change metrics service type and clusterIP + description: Ability to add additional labels to all CRDs via .Values.crds.additionalLabels diff --git a/charts/argo-cd/README.md b/charts/argo-cd/README.md index 6f25e5ced..34879a2ab 100644 --- a/charts/argo-cd/README.md +++ b/charts/argo-cd/README.md @@ -379,6 +379,7 @@ NAME: my-release | apiVersionOverrides.autoscaling | string | `""` | String to override apiVersion of autoscaling rendered by this helm chart | | apiVersionOverrides.certmanager | string | `""` | String to override apiVersion of cert-manager resources rendered by this helm chart | | apiVersionOverrides.cloudgoogle | string | `""` | String to override apiVersion of GKE resources rendered by this helm chart | +| crds.additionalLabels | object | `{}` | Addtional labels to be added to all CRDs | | crds.annotations | object | `{}` | Annotations to be added to all CRDs | | crds.install | bool | `true` | Install and upgrade CRDs | | crds.keep | bool | `true` | Keep CRDs on chart uninstall | diff --git a/charts/argo-cd/templates/crds/crd-application.yaml b/charts/argo-cd/templates/crds/crd-application.yaml index 5bb7bfb3e..cbb480e65 100644 --- a/charts/argo-cd/templates/crds/crd-application.yaml +++ b/charts/argo-cd/templates/crds/crd-application.yaml @@ -12,6 +12,9 @@ metadata: labels: app.kubernetes.io/name: applications.argoproj.io app.kubernetes.io/part-of: argocd + {{- with .Values.crds.additionalLabels }} + {{- toYaml . | nindent 4}} + {{- end }} name: applications.argoproj.io spec: group: argoproj.io diff --git a/charts/argo-cd/templates/crds/crd-applicationset.yaml b/charts/argo-cd/templates/crds/crd-applicationset.yaml index f9bfde6c6..ad35b0628 100644 --- a/charts/argo-cd/templates/crds/crd-applicationset.yaml +++ b/charts/argo-cd/templates/crds/crd-applicationset.yaml @@ -12,6 +12,9 @@ metadata: labels: app.kubernetes.io/name: applicationsets.argoproj.io app.kubernetes.io/part-of: argocd + {{- with .Values.crds.additionalLabels }} + {{- toYaml . | nindent 4}} + {{- end }} name: applicationsets.argoproj.io spec: group: argoproj.io diff --git a/charts/argo-cd/templates/crds/crd-extension.yaml b/charts/argo-cd/templates/crds/crd-extension.yaml index 802f0e8cc..30fbce70b 100644 --- a/charts/argo-cd/templates/crds/crd-extension.yaml +++ b/charts/argo-cd/templates/crds/crd-extension.yaml @@ -13,6 +13,9 @@ metadata: labels: app.kubernetes.io/name: argocdextensions.argoproj.io app.kubernetes.io/part-of: argocd + {{- with .Values.crds.additionalLabels }} + {{- toYaml . | nindent 4}} + {{- end }} name: argocdextensions.argoproj.io spec: group: argoproj.io diff --git a/charts/argo-cd/templates/crds/crd-project.yaml b/charts/argo-cd/templates/crds/crd-project.yaml index 81e57d820..0a6da4f0f 100644 --- a/charts/argo-cd/templates/crds/crd-project.yaml +++ b/charts/argo-cd/templates/crds/crd-project.yaml @@ -12,6 +12,9 @@ metadata: labels: app.kubernetes.io/name: appprojects.argoproj.io app.kubernetes.io/part-of: argocd + {{- with .Values.crds.additionalLabels }} + {{- toYaml . | nindent 4}} + {{- end }} name: appprojects.argoproj.io spec: group: argoproj.io diff --git a/charts/argo-cd/values.yaml b/charts/argo-cd/values.yaml index 9ee41698c..78e3c518e 100644 --- a/charts/argo-cd/values.yaml +++ b/charts/argo-cd/values.yaml @@ -38,6 +38,8 @@ crds: keep: true # -- Annotations to be added to all CRDs annotations: {} + # -- Addtional labels to be added to all CRDs + additionalLabels: {} ## Globally shared configuration global: From 5dd7ae964d01eba826202107426fa3a6b3c62b57 Mon Sep 17 00:00:00 2001 From: Aikawa Date: Sat, 13 May 2023 00:19:03 +0900 Subject: [PATCH 150/373] chore(argo-cd): Upgrade Argo CD to v2.7.2 (#2054) Signed-off-by: yu-croco --- charts/argo-cd/Chart.yaml | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index b199884ea..8e6211ca2 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -1,9 +1,9 @@ apiVersion: v2 -appVersion: v2.7.1 +appVersion: v2.7.2 kubeVersion: ">=1.22.0-0" description: A Helm chart for Argo CD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 5.33.1 +version: 5.33.2 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png sources: @@ -26,5 +26,5 @@ annotations: fingerprint: 2B8F22F57260EFA67BE1C5824B11F800CD9D2252 url: https://argoproj.github.io/argo-helm/pgp_keys.asc artifacthub.io/changes: | - - kind: added - description: Ability to add additional labels to all CRDs via .Values.crds.additionalLabels + - kind: changed + description: Upgrade Argo CD to v2.7.2 From 6564b4453893d2a2498eed83ef5968cb65578368 Mon Sep 17 00:00:00 2001 From: Aikawa Date: Sat, 13 May 2023 20:01:19 +0900 Subject: [PATCH 151/373] feat(argo-cd): Enable to add certificate to ApplicationSet Controller (#2052) * feat(argo-cd): Add ability to add certificate to Argo CD Controller Signed-off-by: yu-croco * fix(argo-cd): Add Certificate to right component Signed-off-by: yu-croco --- charts/argo-cd/Chart.yaml | 6 +-- charts/argo-cd/README.md | 13 +++++++ .../argocd-applicationset/certificate.yaml | 33 ++++++++++++++++ charts/argo-cd/values.yaml | 39 +++++++++++++++++++ 4 files changed, 88 insertions(+), 3 deletions(-) create mode 100644 charts/argo-cd/templates/argocd-applicationset/certificate.yaml diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index 8e6211ca2..5eb9ac9ee 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -3,7 +3,7 @@ appVersion: v2.7.2 kubeVersion: ">=1.22.0-0" description: A Helm chart for Argo CD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 5.33.2 +version: 5.33.3 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png sources: @@ -26,5 +26,5 @@ annotations: fingerprint: 2B8F22F57260EFA67BE1C5824B11F800CD9D2252 url: https://argoproj.github.io/argo-helm/pgp_keys.asc artifacthub.io/changes: | - - kind: changed - description: Upgrade Argo CD to v2.7.2 + - kind: added + description: Enable to add certificate to ApplicationSet Controller diff --git a/charts/argo-cd/README.md b/charts/argo-cd/README.md index 34879a2ab..4519caec7 100644 --- a/charts/argo-cd/README.md +++ b/charts/argo-cd/README.md @@ -1024,6 +1024,19 @@ If you want to use an existing Redis (eg. a managed service from a cloud provide |-----|------|---------|-------------| | applicationSet.affinity | object | `{}` (defaults to global.affinity preset) | Assign custom [affinity] rules | | applicationSet.args | object | `{}` | DEPRECATED - ApplicationSet controller command line flags | +| applicationSet.certificate.additionalHosts | list | `[]` | Certificate Subject Alternate Names (SANs) | +| applicationSet.certificate.domain | string | `"argocd.example.com"` | Certificate primary domain (commonName) | +| applicationSet.certificate.duration | string | `""` (defaults to 2160h = 90d if not specified) | The requested 'duration' (i.e. lifetime) of the certificate. | +| applicationSet.certificate.enabled | bool | `false` | Deploy a Certificate resource (requires cert-manager) | +| applicationSet.certificate.issuer.group | string | `""` | Certificate issuer group. Set if using an external issuer. Eg. `cert-manager.io` | +| applicationSet.certificate.issuer.kind | string | `""` | Certificate issuer kind. Either `Issuer` or `ClusterIssuer` | +| applicationSet.certificate.issuer.name | string | `""` | Certificate issuer name. Eg. `letsencrypt` | +| applicationSet.certificate.privateKey.algorithm | string | `"RSA"` | Algorithm used to generate certificate private key. One of: `RSA`, `Ed25519` or `ECDSA` | +| applicationSet.certificate.privateKey.encoding | string | `"PKCS1"` | The private key cryptography standards (PKCS) encoding for private key. Either: `PCKS1` or `PKCS8` | +| applicationSet.certificate.privateKey.rotationPolicy | string | `"Never"` | Rotation policy of private key when certificate is re-issued. Either: `Never` or `Always` | +| applicationSet.certificate.privateKey.size | int | `2048` | Key bit size of the private key. If algorithm is set to `Ed25519`, size is ignored. | +| applicationSet.certificate.renewBefore | string | `""` (defaults to 360h = 15d if not specified) | How long before the expiry a certificate should be renewed. | +| applicationSet.certificate.secretName | string | `"argocd-application-controller-tls"` | The name of the Secret that will be automatically created and managed by this Certificate resource | | applicationSet.containerPorts.metrics | int | `8080` | Metrics container port | | applicationSet.containerPorts.probe | int | `8081` | Probe container port | | applicationSet.containerPorts.webhook | int | `7000` | Webhook container port | diff --git a/charts/argo-cd/templates/argocd-applicationset/certificate.yaml b/charts/argo-cd/templates/argocd-applicationset/certificate.yaml new file mode 100644 index 000000000..505a70fc8 --- /dev/null +++ b/charts/argo-cd/templates/argocd-applicationset/certificate.yaml @@ -0,0 +1,33 @@ +{{- if .Values.applicationSet.certificate.enabled -}} +apiVersion: {{ include "argo-cd.apiVersion.cert-manager" . }} +kind: Certificate +metadata: + name: {{ template "argo-cd.applicationSet.fullname" . }} + namespace: {{ .Release.Namespace | quote }} + labels: + {{- include "argo-cd.labels" (dict "context" . "component" .Values.applicationSet.name "name" .Values.applicationSet.name) | nindent 4 }} +spec: + secretName: {{ .Values.applicationSet.certificate.secretName }} + commonName: {{ .Values.applicationSet.certificate.domain | quote }} + dnsNames: + - {{ .Values.applicationSet.certificate.domain | quote }} + {{- range .Values.applicationSet.certificate.additionalHosts }} + - {{ . | quote }} + {{- end }} + {{- with .Values.applicationSet.certificate.duration }} + duration: {{ . | quote }} + {{- end }} + {{- with .Values.applicationSet.certificate.renewBefore }} + renewBefore: {{ . | quote }} + {{- end }} + issuerRef: + {{- with .Values.applicationSet.certificate.issuer.group }} + group: {{ . | quote }} + {{- end }} + kind: {{ .Values.applicationSet.certificate.issuer.kind | quote }} + name: {{ .Values.applicationSet.certificate.issuer.name | quote }} + {{- with .Values.applicationSet.certificate.privateKey }} + privateKey: + {{- toYaml . | nindent 4 }} + {{- end }} +{{- end }} diff --git a/charts/argo-cd/values.yaml b/charts/argo-cd/values.yaml index 78e3c518e..2ad1b9181 100644 --- a/charts/argo-cd/values.yaml +++ b/charts/argo-cd/values.yaml @@ -2623,6 +2623,45 @@ applicationSet: # hosts: # - argocd-applicationset.example.com + # TLS certificate configuration via cert-manager + ## Ref: https://argo-cd.readthedocs.io/en/stable/operator-manual/tls/#tls-configuration + certificate: + # -- Deploy a Certificate resource (requires cert-manager) + enabled: false + # -- The name of the Secret that will be automatically created and managed by this Certificate resource + secretName: argocd-application-controller-tls + # -- Certificate primary domain (commonName) + domain: argocd.example.com + # -- Certificate Subject Alternate Names (SANs) + additionalHosts: [] + # -- The requested 'duration' (i.e. lifetime) of the certificate. + # @default -- `""` (defaults to 2160h = 90d if not specified) + ## Ref: https://cert-manager.io/docs/usage/certificate/#renewal + duration: "" + # -- How long before the expiry a certificate should be renewed. + # @default -- `""` (defaults to 360h = 15d if not specified) + ## Ref: https://cert-manager.io/docs/usage/certificate/#renewal + renewBefore: "" + # Certificate issuer + ## Ref: https://cert-manager.io/docs/concepts/issuer + issuer: + # -- Certificate issuer group. Set if using an external issuer. Eg. `cert-manager.io` + group: "" + # -- Certificate issuer kind. Either `Issuer` or `ClusterIssuer` + kind: "" + # -- Certificate issuer name. Eg. `letsencrypt` + name: "" + # Private key of the certificate + privateKey: + # -- Rotation policy of private key when certificate is re-issued. Either: `Never` or `Always` + rotationPolicy: Never + # -- The private key cryptography standards (PKCS) encoding for private key. Either: `PCKS1` or `PKCS8` + encoding: PKCS1 + # -- Algorithm used to generate certificate private key. One of: `RSA`, `Ed25519` or `ECDSA` + algorithm: RSA + # -- Key bit size of the private key. If algorithm is set to `Ed25519`, size is ignored. + size: 2048 + ## Notifications controller notifications: # -- Enable notifications controller From 6b09ff82e05e808010f12ba277b268c3c21446c9 Mon Sep 17 00:00:00 2001 From: Marco Kilchhofer Date: Sat, 13 May 2023 13:25:33 +0200 Subject: [PATCH 152/373] fix(github): Don't run Scorecard analysis on forked repos (#2057) Signed-off-by: Marco Kilchhofer --- .github/workflows/scorecard.yml | 1 + 1 file changed, 1 insertion(+) diff --git a/.github/workflows/scorecard.yml b/.github/workflows/scorecard.yml index 66e1d5ee9..7059cc34d 100644 --- a/.github/workflows/scorecard.yml +++ b/.github/workflows/scorecard.yml @@ -19,6 +19,7 @@ permissions: read-all jobs: analysis: + if: github.repository_owner == 'argoproj' name: Scorecard analysis runs-on: ubuntu-latest permissions: From 5dfed33a5668f1a18dde26417b69806d5c3e7ac6 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Sat, 13 May 2023 20:32:52 +0900 Subject: [PATCH 153/373] chore(deps): bump actions/checkout from 3.1.0 to 3.5.2 (#2056) Bumps [actions/checkout](https://github.com/actions/checkout) from 3.1.0 to 3.5.2. - [Release notes](https://github.com/actions/checkout/releases) - [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md) - [Commits](https://github.com/actions/checkout/compare/v3.1.0...8e5e7e5ab8b370d6c329ec480221332ada57f0ab) --- updated-dependencies: - dependency-name: actions/checkout dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Marco Kilchhofer Co-authored-by: Tim Collins <45351296+tico24@users.noreply.github.com> Co-authored-by: Aikawa --- .github/workflows/scorecard.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/scorecard.yml b/.github/workflows/scorecard.yml index 7059cc34d..7f5cbfa57 100644 --- a/.github/workflows/scorecard.yml +++ b/.github/workflows/scorecard.yml @@ -33,7 +33,7 @@ jobs: steps: - name: "Checkout code" - uses: actions/checkout@93ea575cb5d8a053eaa0ac8fa3b40d7e05a33cc8 # v3.1.0 + uses: actions/checkout@8e5e7e5ab8b370d6c329ec480221332ada57f0ab # v3.5.2 with: persist-credentials: false From 1a5ee8eb352579bd81dfc3a14ef03f6604ad0b1b Mon Sep 17 00:00:00 2001 From: Aikawa Date: Tue, 16 May 2023 18:23:59 +0900 Subject: [PATCH 154/373] chore(argo-cd): Update redis-ha to v4.23.0 (#2058) Signed-off-by: yu-croco --- charts/argo-cd/Chart.lock | 6 +++--- charts/argo-cd/Chart.yaml | 8 ++++---- 2 files changed, 7 insertions(+), 7 deletions(-) diff --git a/charts/argo-cd/Chart.lock b/charts/argo-cd/Chart.lock index e21296c6c..edd5df2b9 100644 --- a/charts/argo-cd/Chart.lock +++ b/charts/argo-cd/Chart.lock @@ -1,6 +1,6 @@ dependencies: - name: redis-ha repository: https://dandydeveloper.github.io/charts/ - version: 4.22.5 -digest: sha256:d2e927511e515fb862f23dd413ee3a356c855d808f6f9ad1d345ee62b8c7ea16 -generated: "2023-03-30T08:25:32.738257836+02:00" + version: 4.23.0 +digest: sha256:589f9972fbdf36194d443c9d3be2a1747f43e03c435fc48004cc0cbe6b3c6e3c +generated: "2023-05-15T19:25:26.049618+09:00" diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index 5eb9ac9ee..6b8ec29da 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -3,7 +3,7 @@ appVersion: v2.7.2 kubeVersion: ">=1.22.0-0" description: A Helm chart for Argo CD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 5.33.3 +version: 5.33.4 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png sources: @@ -18,7 +18,7 @@ maintainers: url: https://argoproj.github.io/ dependencies: - name: redis-ha - version: 4.22.5 + version: 4.23.0 repository: https://dandydeveloper.github.io/charts/ condition: redis-ha.enabled annotations: @@ -26,5 +26,5 @@ annotations: fingerprint: 2B8F22F57260EFA67BE1C5824B11F800CD9D2252 url: https://argoproj.github.io/argo-helm/pgp_keys.asc artifacthub.io/changes: | - - kind: added - description: Enable to add certificate to ApplicationSet Controller + - kind: changed + description: Update redis-ha to v4.23.0 From 05bc6a236dfafa88bf2366d47709dd8b1748a13c Mon Sep 17 00:00:00 2001 From: GoshaDozoretz <106976988+gosharo@users.noreply.github.com> Date: Wed, 17 May 2023 16:40:18 +0300 Subject: [PATCH 155/373] feat(argo-cd): add lifecycle hooks to repo server (#1922) * add lifesycle webhook to repo server Signed-off-by: goshado * add lifesycle webhook to repo server Signed-off-by: goshado * add lifesycle webhook to repo server Signed-off-by: goshado --------- Signed-off-by: goshado Signed-off-by: GoshaDozoretz <106976988+gosharo@users.noreply.github.com> Co-authored-by: goshado --- charts/argo-cd/Chart.yaml | 6 +++--- charts/argo-cd/README.md | 1 + charts/argo-cd/templates/argocd-repo-server/deployment.yaml | 4 ++++ charts/argo-cd/values.yaml | 3 +++ 4 files changed, 11 insertions(+), 3 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index 6b8ec29da..32dcb776a 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -3,7 +3,7 @@ appVersion: v2.7.2 kubeVersion: ">=1.22.0-0" description: A Helm chart for Argo CD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 5.33.4 +version: 5.34.0 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png sources: @@ -26,5 +26,5 @@ annotations: fingerprint: 2B8F22F57260EFA67BE1C5824B11F800CD9D2252 url: https://argoproj.github.io/argo-helm/pgp_keys.asc artifacthub.io/changes: | - - kind: changed - description: Update redis-ha to v4.23.0 + - kind: added + description: Add lifecycle webhook to repo server. diff --git a/charts/argo-cd/README.md b/charts/argo-cd/README.md index 4519caec7..1fa388ed5 100644 --- a/charts/argo-cd/README.md +++ b/charts/argo-cd/README.md @@ -594,6 +594,7 @@ NAME: my-release | repoServer.image.tag | string | `""` (defaults to global.image.tag) | Tag to use for the repo server | | repoServer.imagePullSecrets | list | `[]` (defaults to global.imagePullSecrets) | Secrets with credentials to pull images from a private registry | | repoServer.initContainers | list | `[]` | Init containers to add to the repo server pods | +| repoServer.lifecycle | object | `{}` | Specify postStart and preStop lifecycle hooks for your argo-repo-server container | | repoServer.livenessProbe.failureThreshold | int | `3` | Minimum consecutive failures for the [probe] to be considered failed after having succeeded | | repoServer.livenessProbe.initialDelaySeconds | int | `10` | Number of seconds after the container has started before [probe] is initiated | | repoServer.livenessProbe.periodSeconds | int | `10` | How often (in seconds) to perform the [probe] | diff --git a/charts/argo-cd/templates/argocd-repo-server/deployment.yaml b/charts/argo-cd/templates/argocd-repo-server/deployment.yaml index 0226b48fc..4f2c45bdb 100755 --- a/charts/argo-cd/templates/argocd-repo-server/deployment.yaml +++ b/charts/argo-cd/templates/argocd-repo-server/deployment.yaml @@ -275,6 +275,10 @@ spec: {{- toYaml .Values.repoServer.resources | nindent 10 }} securityContext: {{- toYaml .Values.repoServer.containerSecurityContext | nindent 10 }} + {{- with .Values.repoServer.lifecycle }} + lifecycle: + {{- toYaml . | nindent 10 }} + {{- end }} {{- with .Values.repoServer.extraContainers }} {{- tpl (toYaml .) $ | nindent 6 }} {{- end }} diff --git a/charts/argo-cd/values.yaml b/charts/argo-cd/values.yaml index 2ad1b9181..c304de7ef 100644 --- a/charts/argo-cd/values.yaml +++ b/charts/argo-cd/values.yaml @@ -2059,6 +2059,9 @@ repoServer: # - secretRef: # name: secret-name + # -- Specify postStart and preStop lifecycle hooks for your argo-repo-server container + lifecycle: {} + # -- Additional containers to be added to the repo server pod ## Ref: https://argo-cd.readthedocs.io/en/stable/user-guide/config-management-plugins/ ## Note: Supports use of custom Helm templates From 7347a5d78162a4d7abf5efbb27bd0327905c2c91 Mon Sep 17 00:00:00 2001 From: Jonas Eilers <133217951+jdvgh@users.noreply.github.com> Date: Wed, 17 May 2023 16:24:43 +0200 Subject: [PATCH 156/373] feat(argo-cd): Add new BitbucketCloud ssh keys in values.yaml (#2062) feat: Add new BitbucketCloud ssh keys Update configs.ssh.kownHosts in charts/argo-cd/values.yaml to match new SSHKeys from https://bitbucket.org/site/ssh (as of May 17th, 2023) Signed-off-by: jdvgh <133217951+jdvgh@users.noreply.github.com> --- charts/argo-cd/Chart.yaml | 4 ++-- charts/argo-cd/values.yaml | 2 ++ 2 files changed, 4 insertions(+), 2 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index 32dcb776a..0c7a2d5cb 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -3,7 +3,7 @@ appVersion: v2.7.2 kubeVersion: ">=1.22.0-0" description: A Helm chart for Argo CD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 5.34.0 +version: 5.34.1 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png sources: @@ -27,4 +27,4 @@ annotations: url: https://argoproj.github.io/argo-helm/pgp_keys.asc artifacthub.io/changes: | - kind: added - description: Add lifecycle webhook to repo server. + description: Add new bitbucket cloud SSH key to configs.ssh.knownHosts diff --git a/charts/argo-cd/values.yaml b/charts/argo-cd/values.yaml index c304de7ef..2906eb82b 100644 --- a/charts/argo-cd/values.yaml +++ b/charts/argo-cd/values.yaml @@ -315,6 +315,8 @@ configs: # -- Known hosts to be added to the known host list by default. # @default -- See [values.yaml] knownHosts: | + bitbucket.org ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIIazEu89wgQZ4bqs3d63QSMzYVa0MuJ2e2gKTKqu+UUO + bitbucket.org ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBPIQmuzMBuKdWeF4+a2sjSSpBK0iqitSQ+5BM9KhpexuGt20JpTVM7u5BDZngncgrqDMbWdxMWWOGtZ9UgbqgZE= bitbucket.org ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAQEAubiN81eDcafrgMeLzaFPsw2kNvEcqTKl/VqLat/MaB33pZy0y3rJZtnqwR2qOOvbwKZYKiEO1O6VqNEBxKvJJelCq0dTXWT5pbO2gDXC6h6QDXCaHo6pOHGPUy+YBaGQRGuSusMEASYiWunYN0vCAI8QaXnWMXNMdFP3jHAJH0eDsoiGnLPBlBp4TNm6rYI74nMzgz3B9IikW4WVK+dc8KZJZWYjAuORU3jc1c/NPskD2ASinf8v3xnfXeukU0sJ5N6m5E8VLjObPEO+mN2t/FZTMZLiFqPWc/ALSqnMnnhwrNi2rbfg/rd/IpL8Le3pSBne8+seeFVBoGqzHM9yXw== github.com ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBEmKSENjQEezOmxkZMy7opKgwFB9nkt5YRrYMjNuG5N87uRgg6CLrbo5wAdT/y6v0mKV0U2w0WZ2YB/++Tpockg= github.com ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIOMqqnkVzrm0SdG6UOoqKLsabgH5C9okWi0dh2l9GKJl From c3cfd49e9679df03e37f963fcb64c6d5375572d5 Mon Sep 17 00:00:00 2001 From: Joe Lee Date: Fri, 19 May 2023 17:35:00 +0800 Subject: [PATCH 157/373] feat(argocd-apps): Generate application, applicationset, project with template (#2025) * add template for application Signed-off-by: Joe Lee * update version Signed-off-by: Joe Lee * fix issue Signed-off-by: Joe Lee * add example for applicationsetTemplates Signed-off-by: Joe Lee * fix issue Signed-off-by: Joe Lee * merge each of items into one Signed-off-by: Joe Lee * update readme Signed-off-by: Joe Lee * update doc Signed-off-by: Joe Lee * update version Signed-off-by: Joe Lee * add template for application Signed-off-by: Joe Lee * update version Signed-off-by: Joe Lee * fix issue Signed-off-by: Joe Lee * fix issue Signed-off-by: Joe Lee * merge each of items into one Signed-off-by: Joe Lee * move itemTemplates to new file Signed-off-by: Joe Lee * discard change for applications.yaml Signed-off-by: Joe Lee --------- Signed-off-by: Joe Lee --- charts/argocd-apps/Chart.yaml | 4 +- charts/argocd-apps/README.md | 1 + charts/argocd-apps/ci/item-templates.yaml | 61 +++++++++++++++++ .../argocd-apps/templates/item-templates.yaml | 15 +++++ charts/argocd-apps/values.yaml | 65 +++++++++++++++++++ 5 files changed, 144 insertions(+), 2 deletions(-) create mode 100644 charts/argocd-apps/ci/item-templates.yaml create mode 100644 charts/argocd-apps/templates/item-templates.yaml diff --git a/charts/argocd-apps/Chart.yaml b/charts/argocd-apps/Chart.yaml index 0c55671d3..6d0a194fe 100644 --- a/charts/argocd-apps/Chart.yaml +++ b/charts/argocd-apps/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v2 name: argocd-apps description: A Helm chart for managing additional Argo CD Applications and Projects type: application -version: 1.0.1 +version: 1.1.0 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png keywords: @@ -18,4 +18,4 @@ annotations: url: https://argoproj.github.io/argo-helm/pgp_keys.asc artifacthub.io/changes: | - kind: added - description: Introduce chart signing + description: Generate application, applicationset, project with template diff --git a/charts/argocd-apps/README.md b/charts/argocd-apps/README.md index bc0d0685d..0e5bbbe25 100644 --- a/charts/argocd-apps/README.md +++ b/charts/argocd-apps/README.md @@ -31,6 +31,7 @@ $ helm install my-release argo/argocd-apps | applications | list | `[]` (See [values.yaml]) | Deploy Argo CD Applications within this helm release | | applicationsets | list | `[]` (See [values.yaml]) | Deploy Argo CD ApplicationSets within this helm release | | extensions | list | `[]` (See [values.yaml]) | Deploy Argo UI Extensions within this helm release | +| itemTemplates | list | `[]` (See [values.yaml]) | Deploy Argo CD Applications/ApplicationSets/Projects within this helm release | | projects | list | `[]` (See [values.yaml]) | Deploy Argo CD Projects within this helm release | ---------------------------------------------- diff --git a/charts/argocd-apps/ci/item-templates.yaml b/charts/argocd-apps/ci/item-templates.yaml new file mode 100644 index 000000000..8a08c684e --- /dev/null +++ b/charts/argocd-apps/ci/item-templates.yaml @@ -0,0 +1,61 @@ +itemTemplates: + - items: + - name: my-appset + generators: &generators + - list: + elements: + - cluster: engineering-dev + url: https://1.2.3.4 + - cluster: engineering-prod + url: https://2.4.6.8 + - cluster: finance-preprod + url: https://9.8.7.6 + template: + apiVersion: argoproj.io/v1alpha1 + kind: ApplicationSet + metadata: + name: "{{ .name }}" + spec: + generators: *generators + template: + metadata: + name: "{{`{{cluster}}`}}-guestbook" + spec: + project: my-project + source: + repoURL: https://github.com/infra-team/cluster-deployments.git + targetRevision: HEAD + path: guestbook/{{`{{cluster}}`}} + destination: + server: "{{`{{cluster}}`}}" + namespace: guestbook + - items: + - name: my-appset + generators: + - list: + elements: + - cluster: engineering-dev + url: https://1.2.3.4 + - cluster: engineering-prod + url: https://2.4.6.8 + - cluster: finance-preprod + url: https://9.8.7.6 + template: |- + apiVersion: argoproj.io/v1alpha1 + kind: ApplicationSet + metadata: + name: {{ .name }} + spec: + generators: {{ toYaml .generators | nindent 4 }} + template: + metadata: + name: '{{`{{cluster}}`}}-guestbook' + spec: + project: my-project + source: + repoURL: https://github.com/infra-team/cluster-deployments.git + targetRevision: HEAD + path: guestbook/{{`{{cluster}}`}} + destination: + server: '{{`{{cluster}}`}}' + namespace: guestbook diff --git a/charts/argocd-apps/templates/item-templates.yaml b/charts/argocd-apps/templates/item-templates.yaml new file mode 100644 index 000000000..a209cc2ae --- /dev/null +++ b/charts/argocd-apps/templates/item-templates.yaml @@ -0,0 +1,15 @@ +{{- range .Values.itemTemplates }} +{{- if kindIs "string" .template }} +{{- $template := .template -}} +{{- range .items }} +--- +{{ tpl $template (set . "Template" $.Template) }} +{{- end }} +{{- else }} +{{- $template := .template | toYaml -}} +{{- range .items }} +--- +{{ tpl $template (set . "Template" $.Template) }} +{{- end }} +{{- end }} +{{- end }} \ No newline at end of file diff --git a/charts/argocd-apps/values.yaml b/charts/argocd-apps/values.yaml index eb0767b95..72301ace4 100644 --- a/charts/argocd-apps/values.yaml +++ b/charts/argocd-apps/values.yaml @@ -133,6 +133,71 @@ applicationsets: [] # # Set Application finalizer # preserveResourcesOnDeletion: false +# -- Deploy Argo CD Applications/ApplicationSets/Projects within this helm release +# @default -- `[]` (See [values.yaml]) +## Ref: https://argo-cd.readthedocs.io/en/stable/operator-manual/applicationset/ +itemTemplates: [] +# - items: +# - name: my-appset +# generators: &generators +# - list: +# elements: +# - cluster: engineering-dev +# url: https://1.2.3.4 +# - cluster: engineering-prod +# url: https://2.4.6.8 +# - cluster: finance-preprod +# url: https://9.8.7.6 +# template: +# apiVersion: argoproj.io/v1alpha1 +# kind: ApplicationSet +# metadata: +# name: "{{ .name }}" +# spec: +# generators: *generators +# template: +# metadata: +# name: "{{`{{cluster}}`}}-guestbook" +# spec: +# project: my-project +# source: +# repoURL: https://github.com/infra-team/cluster-deployments.git +# targetRevision: HEAD +# path: guestbook/{{`{{cluster}}`}} +# destination: +# server: "{{`{{cluster}}`}}" +# namespace: guestbook +# - items: +# - name: my-appset +# generators: +# - list: +# elements: +# - cluster: engineering-dev +# url: https://1.2.3.4 +# - cluster: engineering-prod +# url: https://2.4.6.8 +# - cluster: finance-preprod +# url: https://9.8.7.6 +# template: |- +# apiVersion: argoproj.io/v1alpha1 +# kind: ApplicationSet +# metadata: +# name: {{ .name }} +# spec: +# generators: {{ toYaml .generators | nindent 4 }} +# template: +# metadata: +# name: '{{`{{cluster}}`}}-guestbook' +# spec: +# project: my-project +# source: +# repoURL: https://github.com/infra-team/cluster-deployments.git +# targetRevision: HEAD +# path: guestbook/{{`{{cluster}}`}} +# destination: +# server: '{{`{{cluster}}`}}' +# namespace: guestbook + # -- Deploy Argo UI Extensions within this helm release # @default -- `[]` (See [values.yaml]) ## This function in tech preview stage, do expect unstability or breaking changes in newer versions. Bump image.tag if necessary. From 5766533626cadb5a29c46bd3a6c513da7ca30bea Mon Sep 17 00:00:00 2001 From: Julien Michaud <103417499+julien-michaud@users.noreply.github.com> Date: Fri, 19 May 2023 12:35:33 +0200 Subject: [PATCH 158/373] feat(argo-workflows): support google ManagedCertificate, FrontendConfig & BackendConfig for gce ingress (#2066) * feat: add gke stuff Signed-off-by: julien.michaud * update readme and chart.yaml file Signed-off-by: julien.michaud * fix readme Signed-off-by: julien.michaud * docs: Apply changes from code review Signed-off-by: Marco Kilchhofer --------- Signed-off-by: julien.michaud Signed-off-by: Marco Kilchhofer Co-authored-by: Marco Kilchhofer --- charts/argo-workflows/Chart.yaml | 8 +++-- charts/argo-workflows/README.md | 9 +++++ charts/argo-workflows/README.md.gotmpl | 2 ++ charts/argo-workflows/templates/_helpers.tpl | 13 +++++++ .../templates/server/gke/backendconfig.yaml | 11 ++++++ .../templates/server/gke/frontendconfig.yaml | 11 ++++++ .../server/gke/managedcertificate.yaml | 12 +++++++ charts/argo-workflows/values.yaml | 36 +++++++++++++++++++ 8 files changed, 100 insertions(+), 2 deletions(-) create mode 100644 charts/argo-workflows/templates/server/gke/backendconfig.yaml create mode 100644 charts/argo-workflows/templates/server/gke/frontendconfig.yaml create mode 100644 charts/argo-workflows/templates/server/gke/managedcertificate.yaml diff --git a/charts/argo-workflows/Chart.yaml b/charts/argo-workflows/Chart.yaml index 9b2324219..84e49d849 100644 --- a/charts/argo-workflows/Chart.yaml +++ b/charts/argo-workflows/Chart.yaml @@ -3,7 +3,7 @@ appVersion: v3.4.7 name: argo-workflows description: A Helm chart for Argo Workflows type: application -version: 0.27.0 +version: 0.28.0 icon: https://argoproj.github.io/argo-workflows/assets/logo.png home: https://github.com/argoproj/argo-helm sources: @@ -17,4 +17,8 @@ annotations: url: https://argoproj.github.io/argo-helm/pgp_keys.asc artifacthub.io/changes: | - kind: added - description: Allow extraObjects to contain string templates + description: Add support for Google ManagedCertificate on GKE + - kind: added + description: Add support for Google FrontendConfig on GKE + - kind: added + description: Add support for Google BackendConfig on GKE diff --git a/charts/argo-workflows/README.md b/charts/argo-workflows/README.md index 1dbfc155c..b5612a169 100644 --- a/charts/argo-workflows/README.md +++ b/charts/argo-workflows/README.md @@ -102,6 +102,7 @@ Fields to note: | Key | Type | Default | Description | |-----|------|---------|-------------| | apiVersionOverrides.autoscaling | string | `""` | String to override apiVersion of autoscaling rendered by this helm chart | +| apiVersionOverrides.cloudgoogle | string | `""` | String to override apiVersion of GKE resources rendered by this helm chart | | crds.annotations | object | `{}` | Annotations to be added to all CRDs | | crds.install | bool | `true` | Install and upgrade CRDs | | crds.keep | bool | `true` | Keep CRDs on chart uninstall | @@ -240,6 +241,12 @@ Fields to note: | Key | Type | Default | Description | |-----|------|---------|-------------| +| server.GKEbackendConfig.enabled | bool | `false` | Enable BackendConfig custom resource for Google Kubernetes Engine | +| server.GKEbackendConfig.spec | object | `{}` | [BackendConfigSpec] | +| server.GKEfrontendConfig.enabled | bool | `false` | Enable FrontConfig custom resource for Google Kubernetes Engine | +| server.GKEfrontendConfig.spec | object | `{}` | [FrontendConfigSpec] | +| server.GKEmanagedCertificate.domains | list | `["argoworkflows.example.com"]` | Domains for the Google Managed Certificate | +| server.GKEmanagedCertificate.enabled | bool | `false` | Enable ManagedCertificate custom resource for Google Kubernetes Engine. | | server.affinity | object | `{}` | Assign custom [affinity] rules | | server.autoscaling.behavior | object | `{}` | Configures the scaling behavior of the target in both Up and Down directions. This is only available on HPA apiVersion `autoscaling/v2beta2` and newer | | server.autoscaling.enabled | bool | `false` | Enable Horizontal Pod Autoscaler ([HPA]) for the Argo Server | @@ -333,6 +340,8 @@ Fields to note: 1. moved the field previously known as `telemetryServicePort` inside the `telemetryConfig` as `telemetryConfig.servicePort` - same for `metricsConfig` [affinity]: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/ +[BackendConfigSpec]: https://cloud.google.com/kubernetes-engine/docs/concepts/backendconfig#backendconfigspec_v1beta1_cloudgooglecom +[FrontendConfigSpec]: https://cloud.google.com/kubernetes-engine/docs/how-to/ingress-features#configuring_ingress_features_through_frontendconfig_parameters [links]: https://argoproj.github.io/argo-workflows/links/ [Node selector]: https://kubernetes.io/docs/user-guide/node-selection/ [Pod Disruption Budget]: https://kubernetes.io/docs/tasks/run-application/configure-pdb/ diff --git a/charts/argo-workflows/README.md.gotmpl b/charts/argo-workflows/README.md.gotmpl index 398a8788e..ab8554f51 100644 --- a/charts/argo-workflows/README.md.gotmpl +++ b/charts/argo-workflows/README.md.gotmpl @@ -188,6 +188,8 @@ Fields to note: 1. moved the field previously known as `telemetryServicePort` inside the `telemetryConfig` as `telemetryConfig.servicePort` - same for `metricsConfig` [affinity]: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/ +[BackendConfigSpec]: https://cloud.google.com/kubernetes-engine/docs/concepts/backendconfig#backendconfigspec_v1beta1_cloudgooglecom +[FrontendConfigSpec]: https://cloud.google.com/kubernetes-engine/docs/how-to/ingress-features#configuring_ingress_features_through_frontendconfig_parameters [links]: https://argoproj.github.io/argo-workflows/links/ [Node selector]: https://kubernetes.io/docs/user-guide/node-selection/ [Pod Disruption Budget]: https://kubernetes.io/docs/tasks/run-application/configure-pdb/ diff --git a/charts/argo-workflows/templates/_helpers.tpl b/charts/argo-workflows/templates/_helpers.tpl index f302f0da2..f81e6fc45 100644 --- a/charts/argo-workflows/templates/_helpers.tpl +++ b/charts/argo-workflows/templates/_helpers.tpl @@ -166,3 +166,16 @@ Return the appropriate apiVersion for autoscaling {{- print "autoscaling/v2" -}} {{- end -}} {{- end -}} + +{{/* +Return the appropriate apiVersion for GKE resources +*/}} +{{- define "argo-workflows.apiVersions.cloudgoogle" -}} +{{- if .Values.apiVersionOverrides.cloudgoogle -}} +{{- print .Values.apiVersionOverrides.cloudgoogle -}} +{{- else if .Capabilities.APIVersions.Has "cloud.google.com/v1" -}} +{{- print "cloud.google.com/v1" -}} +{{- else -}} +{{- print "cloud.google.com/v1beta1" -}} +{{- end -}} +{{- end -}} diff --git a/charts/argo-workflows/templates/server/gke/backendconfig.yaml b/charts/argo-workflows/templates/server/gke/backendconfig.yaml new file mode 100644 index 000000000..4597db3d0 --- /dev/null +++ b/charts/argo-workflows/templates/server/gke/backendconfig.yaml @@ -0,0 +1,11 @@ +{{- if .Values.server.GKEbackendConfig.enabled }} +apiVersion: {{ include "argo-workflows.apiVersions.cloudgoogle" . }} +kind: BackendConfig +metadata: + name: {{ template "argo-workflows.server.fullname" . }} + namespace: {{ .Release.Namespace | quote }} + labels: + {{- include "argo-workflows.labels" (dict "context" . "component" .Values.server.name "name" .Values.server.name) | nindent 4 }} +spec: + {{- toYaml .Values.server.GKEbackendConfig.spec | nindent 2 }} +{{- end }} diff --git a/charts/argo-workflows/templates/server/gke/frontendconfig.yaml b/charts/argo-workflows/templates/server/gke/frontendconfig.yaml new file mode 100644 index 000000000..6b81c9230 --- /dev/null +++ b/charts/argo-workflows/templates/server/gke/frontendconfig.yaml @@ -0,0 +1,11 @@ +{{- if .Values.server.GKEfrontendConfig.enabled }} +apiVersion: networking.gke.io/v1beta1 +kind: FrontendConfig +metadata: + name: {{ template "argo-workflows.server.fullname" . }} + namespace: {{ .Release.Namespace | quote }} + labels: + {{- include "argo-workflows.labels" (dict "context" . "component" .Values.server.name "name" .Values.server.name) | nindent 4 }} +spec: + {{- toYaml .Values.server.GKEfrontendConfig.spec | nindent 2 }} +{{- end }} diff --git a/charts/argo-workflows/templates/server/gke/managedcertificate.yaml b/charts/argo-workflows/templates/server/gke/managedcertificate.yaml new file mode 100644 index 000000000..b77c31311 --- /dev/null +++ b/charts/argo-workflows/templates/server/gke/managedcertificate.yaml @@ -0,0 +1,12 @@ +{{- if .Values.server.GKEmanagedCertificate.enabled }} +apiVersion: networking.gke.io/v1 +kind: ManagedCertificate +metadata: + name: {{ template "argo-workflows.server.fullname" . }} + namespace: {{ .Release.Namespace | quote }} +spec: + domains: + {{- with .Values.server.GKEmanagedCertificate.domains }} + {{- toYaml . | nindent 4 }} + {{- end }} +{{- end }} diff --git a/charts/argo-workflows/values.yaml b/charts/argo-workflows/values.yaml index 0e5af428f..b65fd4f87 100644 --- a/charts/argo-workflows/values.yaml +++ b/charts/argo-workflows/values.yaml @@ -33,6 +33,8 @@ kubeVersionOverride: "" apiVersionOverrides: # -- String to override apiVersion of autoscaling rendered by this helm chart autoscaling: "" # autoscaling/v2 + # -- String to override apiVersion of GKE resources rendered by this helm chart + cloudgoogle: "" # cloud.google.com/v1 # -- Restrict Argo to operate only in a single namespace (the namespace of the # Helm release) by apply Roles and RoleBindings instead of the Cluster @@ -576,6 +578,40 @@ server: # hosts: # - argoworkflows.example.com + ## Create a Google Backendconfig for use with the GKE Ingress Controller + ## https://cloud.google.com/kubernetes-engine/docs/how-to/ingress-configuration#configuring_ingress_features_through_backendconfig_parameters + GKEbackendConfig: + # -- Enable BackendConfig custom resource for Google Kubernetes Engine + enabled: false + # -- [BackendConfigSpec] + spec: {} + # spec: + # iap: + # enabled: true + # oauthclientCredentials: + # secretName: argoworkflows-secret + + ## Create a Google Managed Certificate for use with the GKE Ingress Controller + ## https://cloud.google.com/kubernetes-engine/docs/how-to/managed-certs + GKEmanagedCertificate: + # -- Enable ManagedCertificate custom resource for Google Kubernetes Engine. + enabled: false + # -- Domains for the Google Managed Certificate + domains: + - argoworkflows.example.com + + ## Create a Google FrontendConfig Custom Resource, for use with the GKE Ingress Controller + ## https://cloud.google.com/kubernetes-engine/docs/how-to/ingress-features#configuring_ingress_features_through_frontendconfig_parameters + GKEfrontendConfig: + # -- Enable FrontConfig custom resource for Google Kubernetes Engine + enabled: false + # -- [FrontendConfigSpec] + spec: {} + # spec: + # redirectToHttps: + # enabled: true + # responseCodeName: RESPONSE_CODE + clusterWorkflowTemplates: # -- Create a ClusterRole and CRB for the server to access ClusterWorkflowTemplates. enabled: true From b651465fb23e4c252ec0391f2edbaa41fe2742f2 Mon Sep 17 00:00:00 2001 From: Yevhen Tienkaiev Date: Sat, 20 May 2023 18:39:17 +0300 Subject: [PATCH 159/373] feat(argo-rollouts): Add possibility to configure healthz and metrics ports to be compatible with Istio (#1976) --- charts/argo-rollouts/Chart.yaml | 6 ++---- charts/argo-rollouts/README.md | 4 ++++ .../templates/controller/deployment.yaml | 6 ++++-- .../templates/controller/metrics-service.yaml | 6 +++--- .../templates/controller/servicemonitor.yaml | 2 +- charts/argo-rollouts/values.yaml | 12 ++++++++++++ 6 files changed, 26 insertions(+), 10 deletions(-) diff --git a/charts/argo-rollouts/Chart.yaml b/charts/argo-rollouts/Chart.yaml index ecdcbb391..756734d17 100644 --- a/charts/argo-rollouts/Chart.yaml +++ b/charts/argo-rollouts/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v2 appVersion: v1.5.0 description: A Helm chart for Argo Rollouts name: argo-rollouts -version: 2.28.0 +version: 2.29.0 home: https://github.com/argoproj/argo-helm icon: https://argoproj.github.io/argo-rollouts/assets/logo.png keywords: @@ -18,7 +18,5 @@ annotations: fingerprint: 2B8F22F57260EFA67BE1C5824B11F800CD9D2252 url: https://argoproj.github.io/argo-helm/pgp_keys.asc artifacthub.io/changes: | - - kind: changed - description: Upgrade Argo Rollouts to v1.5.0 - kind: added - description: Introduce chart signing + description: Ability to configure healthz and metrics ports to be compatible with Istio diff --git a/charts/argo-rollouts/README.md b/charts/argo-rollouts/README.md index aaed870fd..70a617458 100644 --- a/charts/argo-rollouts/README.md +++ b/charts/argo-rollouts/README.md @@ -75,6 +75,8 @@ For full list of changes please check ArtifactHub [changelog]. | containerSecurityContext | object | `{}` | Security Context to set on container level | | controller.affinity | object | `{}` | Assign custom [affinity] rules to the deployment | | controller.component | string | `"rollouts-controller"` | Value of label `app.kubernetes.io/component` | +| controller.containerPorts.healthz | int | `8080` | Healthz container port | +| controller.containerPorts.metrics | int | `8090` | Metrics container port | | controller.createClusterRole | bool | `true` | flag to enable creation of cluster controller role (requires cluster RBAC) | | controller.extraArgs | list | `[]` | Additional command line arguments to pass to rollouts-controller. A list of flags. | | controller.extraContainers | list | `[]` | Literal yaml for extra containers to be added to controller deployment. | @@ -87,6 +89,8 @@ For full list of changes please check ArtifactHub [changelog]. | controller.livenessProbe | object | See [values.yaml] | Configure liveness [probe] for the controller | | controller.metricProviderPlugins | object | `{}` | Configures 3rd party metric providers for controller | | controller.metrics.enabled | bool | `false` | Deploy metrics service | +| controller.metrics.service.port | int | `8090` | Metrics service port | +| controller.metrics.service.portName | string | `"metrics"` | Metrics service port name | | controller.metrics.serviceMonitor.additionalAnnotations | object | `{}` | Annotations to be added to the ServiceMonitor | | controller.metrics.serviceMonitor.additionalLabels | object | `{}` | Labels to be added to the ServiceMonitor | | controller.metrics.serviceMonitor.enabled | bool | `false` | Enable a prometheus ServiceMonitor | diff --git a/charts/argo-rollouts/templates/controller/deployment.yaml b/charts/argo-rollouts/templates/controller/deployment.yaml index 95ec845fc..a40dd9ed8 100644 --- a/charts/argo-rollouts/templates/controller/deployment.yaml +++ b/charts/argo-rollouts/templates/controller/deployment.yaml @@ -37,6 +37,8 @@ spec: containers: - image: "{{ .Values.controller.image.registry }}/{{ .Values.controller.image.repository }}:{{ default .Chart.AppVersion .Values.controller.image.tag }}" args: + - --healthzPort={{ .Values.controller.containerPorts.healthz }} + - --metricsport={{ .Values.controller.containerPorts.metrics }} {{- if not .Values.clusterInstall }} - --namespaced {{- end }} @@ -53,9 +55,9 @@ spec: imagePullPolicy: {{ .Values.controller.image.pullPolicy }} name: argo-rollouts ports: - - containerPort: 8090 + - containerPort: {{ .Values.controller.containerPorts.metrics }} name: metrics - - containerPort: 8080 + - containerPort: {{ .Values.controller.containerPorts.healthz }} name: healthz livenessProbe: {{- toYaml .Values.controller.livenessProbe | nindent 10 }} diff --git a/charts/argo-rollouts/templates/controller/metrics-service.yaml b/charts/argo-rollouts/templates/controller/metrics-service.yaml index 0effcc23b..e04d326a8 100644 --- a/charts/argo-rollouts/templates/controller/metrics-service.yaml +++ b/charts/argo-rollouts/templates/controller/metrics-service.yaml @@ -13,10 +13,10 @@ metadata: {{- end }} spec: ports: - - name: metrics + - name: {{ .Values.controller.metrics.service.portName }} protocol: TCP - port: 8090 - targetPort: 8090 + port: {{ .Values.controller.metrics.service.port }} + targetPort: metrics selector: app.kubernetes.io/component: {{ .Values.controller.component }} {{- include "argo-rollouts.selectorLabels" . | nindent 4 }} diff --git a/charts/argo-rollouts/templates/controller/servicemonitor.yaml b/charts/argo-rollouts/templates/controller/servicemonitor.yaml index cb489e3b9..62713764e 100644 --- a/charts/argo-rollouts/templates/controller/servicemonitor.yaml +++ b/charts/argo-rollouts/templates/controller/servicemonitor.yaml @@ -16,7 +16,7 @@ metadata: {{- end }} spec: endpoints: - - port: metrics + - port: {{ .Values.controller.metrics.service.portName }} {{- with .Values.controller.metrics.serviceMonitor.relabelings }} relabelings: {{- toYaml . | nindent 6 }} diff --git a/charts/argo-rollouts/values.yaml b/charts/argo-rollouts/values.yaml index d1c91e30e..2ea4fbb45 100644 --- a/charts/argo-rollouts/values.yaml +++ b/charts/argo-rollouts/values.yaml @@ -106,9 +106,21 @@ controller: # -- flag to enable creation of cluster controller role (requires cluster RBAC) createClusterRole: true + # Controller container ports + containerPorts: + # -- Metrics container port + metrics: 8090 + # -- Healthz container port + healthz: 8080 + metrics: # -- Deploy metrics service enabled: false + service: + # -- Metrics service port name + portName: metrics + # -- Metrics service port + port: 8090 serviceMonitor: # -- Enable a prometheus ServiceMonitor enabled: false From be8a4c97293de9a0e13040f7dadd57556157bd6d Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Sun, 21 May 2023 11:07:08 +0900 Subject: [PATCH 160/373] chore(deps): bump helm/kind-action from 1.5.0 to 1.7.0 (#2067) Bumps [helm/kind-action](https://github.com/helm/kind-action) from 1.5.0 to 1.7.0. - [Release notes](https://github.com/helm/kind-action/releases) - [Commits](https://github.com/helm/kind-action/compare/d8ccf8fb623ce1bb360ae2f45f323d9d5c5e9f00...fa81e57adff234b2908110485695db0f181f3c67) --- updated-dependencies: - dependency-name: helm/kind-action dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Marco Kilchhofer --- .github/workflows/lint-and-test.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/lint-and-test.yml b/.github/workflows/lint-and-test.yml index 90106fc90..e7e35f8a9 100644 --- a/.github/workflows/lint-and-test.yml +++ b/.github/workflows/lint-and-test.yml @@ -70,7 +70,7 @@ jobs: fi - name: Create kind cluster - uses: helm/kind-action@d8ccf8fb623ce1bb360ae2f45f323d9d5c5e9f00 # v1.5.0 + uses: helm/kind-action@fa81e57adff234b2908110485695db0f181f3c67 # v1.7.0 if: steps.list-changed.outputs.changed == 'true' with: config: .github/configs/kind-config.yaml From 650a9ec7effbc920043a623c8deaba89a110c199 Mon Sep 17 00:00:00 2001 From: Khue Doan Date: Sun, 21 May 2023 14:19:31 +0700 Subject: [PATCH 161/373] feat(argocd-apps): Add rollout strategy for ApplicationSet (#2063) feat(argocd-apps): add rollout strategy for ApplicationSet Signed-off-by: Khue Doan --- charts/argocd-apps/Chart.yaml | 4 +- ...licationsets-progressive-syncs-values.yaml | 41 +++++++++++++++++++ .../templates/applicationsets.yaml | 4 ++ charts/argocd-apps/values.yaml | 20 ++++++++- 4 files changed, 66 insertions(+), 3 deletions(-) create mode 100644 charts/argocd-apps/ci/applicationsets-progressive-syncs-values.yaml diff --git a/charts/argocd-apps/Chart.yaml b/charts/argocd-apps/Chart.yaml index 6d0a194fe..fc733b22f 100644 --- a/charts/argocd-apps/Chart.yaml +++ b/charts/argocd-apps/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v2 name: argocd-apps description: A Helm chart for managing additional Argo CD Applications and Projects type: application -version: 1.1.0 +version: 1.2.0 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png keywords: @@ -18,4 +18,4 @@ annotations: url: https://argoproj.github.io/argo-helm/pgp_keys.asc artifacthub.io/changes: | - kind: added - description: Generate application, applicationset, project with template + description: Rollout strategy for ApplicationSet diff --git a/charts/argocd-apps/ci/applicationsets-progressive-syncs-values.yaml b/charts/argocd-apps/ci/applicationsets-progressive-syncs-values.yaml new file mode 100644 index 000000000..2fa589788 --- /dev/null +++ b/charts/argocd-apps/ci/applicationsets-progressive-syncs-values.yaml @@ -0,0 +1,41 @@ +# Test applicationsets with Progressive Syncs + +applicationsets: +- name: applicationset-progressive-syncs + generators: + - list: + elements: + - cluster: engineering-dev + url: https://1.2.3.4 + env: env-dev + - cluster: engineering-prod + url: https://9.8.7.6/ + env: env-prod + strategy: + type: RollingSync + rollingSync: + steps: + - matchExpressions: + - key: envLabel + operator: In + values: + - env-dev + - matchExpressions: + - key: envLabel + operator: In + values: + - env-prod + template: + metadata: + name: '{{.cluster}}-guestbook' + labels: + envLabel: '{{.env}}' + spec: + project: my-project + source: + repoURL: https://github.com/argoproj/argocd-example-apps.git + targetRevision: HEAD + path: guestbook/{{.cluster}} + destination: + server: '{{.url}}' + namespace: guestbook diff --git a/charts/argocd-apps/templates/applicationsets.yaml b/charts/argocd-apps/templates/applicationsets.yaml index bb8b09d1c..0d3a47e92 100644 --- a/charts/argocd-apps/templates/applicationsets.yaml +++ b/charts/argocd-apps/templates/applicationsets.yaml @@ -26,6 +26,10 @@ spec: generators: {{- toYaml . | nindent 4 }} {{- end }} + {{- with .strategy }} + strategy: + {{- toYaml . | nindent 4 }} + {{- end }} {{- with .syncPolicy }} syncPolicy: {{- toYaml . | nindent 4 }} diff --git a/charts/argocd-apps/values.yaml b/charts/argocd-apps/values.yaml index 72301ace4..500849df7 100644 --- a/charts/argocd-apps/values.yaml +++ b/charts/argocd-apps/values.yaml @@ -103,10 +103,28 @@ applicationsets: [] # directories: # - path: guestbook # - path: kustomize-* +# # Progressive Syncs is an experimental feature and it must be explicitly enabled +# # Ref: https://argo-cd.readthedocs.io/en/stable/operator-manual/applicationset/Progressive-Syncs/#enabling-progressive-syncs +# strategy: +# type: RollingSync +# rollingSync: +# steps: +# - matchExpressions: +# - key: project +# operator: In +# values: +# - guestbook +# - matchExpressions: +# - key: project +# operator: In +# values: +# - kustomize-foo +# - kustomize-bar # template: # metadata: # name: '{{path.basename}}' -# labels: {} +# labels: +# project: '{{path.basename}}' # annotations: {} # spec: # project: default From 1d999e055266f05639cd81a3e1b4cb7859006794 Mon Sep 17 00:00:00 2001 From: Wim Fournier Date: Mon, 22 May 2023 19:07:09 +0200 Subject: [PATCH 162/373] fix(argo-cd): don't request applicationsets if its disabled (#2069) * don't request applicationsets if its disabled Signed-off-by: Wim Fournier * Update Chart.yaml Signed-off-by: Wim Fournier --------- Signed-off-by: Wim Fournier --- charts/argo-cd/Chart.yaml | 6 +++--- charts/argo-cd/templates/argocd-server/role.yaml | 2 ++ 2 files changed, 5 insertions(+), 3 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index 0c7a2d5cb..d5bdb82fd 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -3,7 +3,7 @@ appVersion: v2.7.2 kubeVersion: ">=1.22.0-0" description: A Helm chart for Argo CD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 5.34.1 +version: 5.34.2 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png sources: @@ -26,5 +26,5 @@ annotations: fingerprint: 2B8F22F57260EFA67BE1C5824B11F800CD9D2252 url: https://argoproj.github.io/argo-helm/pgp_keys.asc artifacthub.io/changes: | - - kind: added - description: Add new bitbucket cloud SSH key to configs.ssh.knownHosts + - kind: fixed + description: don't request applicationSets in the role, if applicationSets are disabled diff --git a/charts/argo-cd/templates/argocd-server/role.yaml b/charts/argo-cd/templates/argocd-server/role.yaml index f156bc187..6bfe32a49 100644 --- a/charts/argo-cd/templates/argocd-server/role.yaml +++ b/charts/argo-cd/templates/argocd-server/role.yaml @@ -23,7 +23,9 @@ rules: - argoproj.io resources: - applications + {{- if .Values.applicationSet.enabled }} - applicationsets + {{- end }} - appprojects {{- if .Values.server.extensions.enabled }} - argocdextensions From 6593901daf722c10f9b089a078cd9a7f88c1c2a5 Mon Sep 17 00:00:00 2001 From: Aikawa Date: Tue, 23 May 2023 11:46:53 +0900 Subject: [PATCH 163/373] fix(argo-cd): Align with upstream dex initContainers (#2070) --- charts/argo-cd/Chart.yaml | 4 ++-- charts/argo-cd/templates/dex/deployment.yaml | 2 +- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index d5bdb82fd..72042538c 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -3,7 +3,7 @@ appVersion: v2.7.2 kubeVersion: ">=1.22.0-0" description: A Helm chart for Argo CD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 5.34.2 +version: 5.34.3 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png sources: @@ -27,4 +27,4 @@ annotations: url: https://argoproj.github.io/argo-helm/pgp_keys.asc artifacthub.io/changes: | - kind: fixed - description: don't request applicationSets in the role, if applicationSets are disabled + description: Align with upstream dex initContainers diff --git a/charts/argo-cd/templates/dex/deployment.yaml b/charts/argo-cd/templates/dex/deployment.yaml index 6ae171706..2acf4242b 100755 --- a/charts/argo-cd/templates/dex/deployment.yaml +++ b/charts/argo-cd/templates/dex/deployment.yaml @@ -136,7 +136,7 @@ spec: - name: copyutil image: {{ default .Values.global.image.repository .Values.dex.initImage.repository }}:{{ default (include "argo-cd.defaultTag" .) .Values.dex.initImage.tag }} imagePullPolicy: {{ default .Values.global.image.imagePullPolicy .Values.dex.initImage.imagePullPolicy }} - args: + command: - /bin/cp - -n - /usr/local/bin/argocd From feb7fc0bb8b2a33f0b7fc5772d597eb67775f977 Mon Sep 17 00:00:00 2001 From: Michael Weber Date: Tue, 23 May 2023 02:07:34 -0500 Subject: [PATCH 164/373] feat(argo-rollouts): add deployment annotations for controller (#2048) * feat(argo-rollouts): deployment annotations for controller, dashboard Signed-off-by: Michael Weber * chore: Apply changes from code review Signed-off-by: Marco Kilchhofer --------- Signed-off-by: Michael Weber Signed-off-by: Marco Kilchhofer Co-authored-by: Marco Kilchhofer --- charts/argo-rollouts/Chart.yaml | 4 ++-- charts/argo-rollouts/README.md | 3 +++ charts/argo-rollouts/templates/controller/deployment.yaml | 6 ++++++ charts/argo-rollouts/templates/dashboard/deployment.yaml | 6 ++++++ charts/argo-rollouts/values.yaml | 8 ++++++++ 5 files changed, 25 insertions(+), 2 deletions(-) diff --git a/charts/argo-rollouts/Chart.yaml b/charts/argo-rollouts/Chart.yaml index 756734d17..8d87d142b 100644 --- a/charts/argo-rollouts/Chart.yaml +++ b/charts/argo-rollouts/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v2 appVersion: v1.5.0 description: A Helm chart for Argo Rollouts name: argo-rollouts -version: 2.29.0 +version: 2.30.0 home: https://github.com/argoproj/argo-helm icon: https://argoproj.github.io/argo-rollouts/assets/logo.png keywords: @@ -19,4 +19,4 @@ annotations: url: https://argoproj.github.io/argo-helm/pgp_keys.asc artifacthub.io/changes: | - kind: added - description: Ability to configure healthz and metrics ports to be compatible with Istio + description: ability to annotate controller Deployment diff --git a/charts/argo-rollouts/README.md b/charts/argo-rollouts/README.md index 70a617458..a7f8a0607 100644 --- a/charts/argo-rollouts/README.md +++ b/charts/argo-rollouts/README.md @@ -49,6 +49,7 @@ For full list of changes please check ArtifactHub [changelog]. | createClusterAggregateRoles | bool | `true` | flag to enable creation of cluster aggregate roles (requires cluster RBAC) | | extraObjects | list | `[]` | Additional manifests to deploy within the chart. A list of objects. | | fullnameOverride | string | `nil` | String to fully override "argo-rollouts.fullname" template | +| global.deploymentAnnotations | object | `{}` | Annotations for all deployed Deployments | | imagePullSecrets | list | `[]` | Secrets with credentials to pull images from a private registry. Registry secret names as an array. | | installCRDs | bool | `true` | Install and upgrade CRDs | | keepCRDs | bool | `true` | Keep CRD's on helm uninstall | @@ -78,6 +79,7 @@ For full list of changes please check ArtifactHub [changelog]. | controller.containerPorts.healthz | int | `8080` | Healthz container port | | controller.containerPorts.metrics | int | `8090` | Metrics container port | | controller.createClusterRole | bool | `true` | flag to enable creation of cluster controller role (requires cluster RBAC) | +| controller.deploymentAnnotations | object | `{}` | Annotations to be added to the controller deployment | | controller.extraArgs | list | `[]` | Additional command line arguments to pass to rollouts-controller. A list of flags. | | controller.extraContainers | list | `[]` | Literal yaml for extra containers to be added to controller deployment. | | controller.extraEnv | list | `[]` | Additional environment variables for rollouts-controller. A list of name/value maps. | @@ -127,6 +129,7 @@ For full list of changes please check ArtifactHub [changelog]. | dashboard.component | string | `"rollouts-dashboard"` | Value of label `app.kubernetes.io/component` | | dashboard.containerSecurityContext | object | `{}` | Security Context to set on container level | | dashboard.createClusterRole | bool | `true` | flag to enable creation of dashbord cluster role (requires cluster RBAC) | +| dashboard.deploymentAnnotations | object | `{}` | Annotations to be added to the dashboard deployment | | dashboard.enabled | bool | `false` | Deploy dashboard server | | dashboard.extraArgs | list | `[]` | Additional command line arguments to pass to rollouts-dashboard. A list of flags. | | dashboard.extraEnv | list | `[]` | Additional environment variables for rollouts-dashboard. A list of name/value maps. | diff --git a/charts/argo-rollouts/templates/controller/deployment.yaml b/charts/argo-rollouts/templates/controller/deployment.yaml index a40dd9ed8..966491c85 100644 --- a/charts/argo-rollouts/templates/controller/deployment.yaml +++ b/charts/argo-rollouts/templates/controller/deployment.yaml @@ -1,6 +1,12 @@ apiVersion: apps/v1 kind: Deployment metadata: + {{- with (mergeOverwrite (deepCopy .Values.global.deploymentAnnotations) .Values.controller.deploymentAnnotations) }} + annotations: + {{- range $key, $value := . }} + {{ $key }}: {{ $value | quote }} + {{- end }} + {{- end }} name: {{ include "argo-rollouts.fullname" . }} namespace: {{ .Release.Namespace | quote }} labels: diff --git a/charts/argo-rollouts/templates/dashboard/deployment.yaml b/charts/argo-rollouts/templates/dashboard/deployment.yaml index 342e19968..cae248881 100644 --- a/charts/argo-rollouts/templates/dashboard/deployment.yaml +++ b/charts/argo-rollouts/templates/dashboard/deployment.yaml @@ -2,6 +2,12 @@ apiVersion: apps/v1 kind: Deployment metadata: + {{- with (mergeOverwrite (deepCopy .Values.global.deploymentAnnotations) .Values.dashboard.deploymentAnnotations) }} + annotations: + {{- range $key, $value := . }} + {{ $key }}: {{ $value | quote }} + {{- end }} + {{- end }} name: {{ include "argo-rollouts.fullname" . }}-dashboard namespace: {{ .Release.Namespace | quote }} labels: diff --git a/charts/argo-rollouts/values.yaml b/charts/argo-rollouts/values.yaml index 2ea4fbb45..6a533eaf8 100644 --- a/charts/argo-rollouts/values.yaml +++ b/charts/argo-rollouts/values.yaml @@ -38,9 +38,15 @@ extraObjects: [] # api-key: # app-key: +global: + # -- Annotations for all deployed Deployments + deploymentAnnotations: {} + controller: # -- Value of label `app.kubernetes.io/component` component: rollouts-controller + # -- Annotations to be added to the controller deployment + deploymentAnnotations: {} # -- Annotations to be added to application controller pods podAnnotations: {} # -- [Node selector] @@ -253,6 +259,8 @@ dashboard: readonly: false # -- Value of label `app.kubernetes.io/component` component: rollouts-dashboard + # -- Annotations to be added to the dashboard deployment + deploymentAnnotations: {} # -- Annotations to be added to application dashboard pods podAnnotations: {} # -- [Node selector] From cd4c291e47f0e9c1184fb05e79d9f3b742195c5c Mon Sep 17 00:00:00 2001 From: Wim Fournier Date: Tue, 23 May 2023 22:29:26 +0200 Subject: [PATCH 165/373] fix(argo-cd): Allow to disable containerSecurityContext (#2072) * Allow to disable containerSecurityContext Add a `enabled` property to allow the whole containerSecurityContext to be disabled. Fixes https://github.com/argoproj/argo-helm/issues/2071 Signed-off-by: wim.fournier Signed-off-by: Wim Fournier * fix missing space Signed-off-by: Wim Fournier * remove enabled key Signed-off-by: Wim Fournier * fix typo Signed-off-by: Wim Fournier * missed one Signed-off-by: Wim Fournier * simplify using `with`, thx @pborn-ionos! Signed-off-by: wim.fournier * missed one Signed-off-by: wim.fournier --------- Signed-off-by: wim.fournier Signed-off-by: Wim Fournier Signed-off-by: wim.fournier Co-authored-by: wim.fournier --- charts/argo-cd/Chart.yaml | 4 ++-- .../argocd-application-controller/statefulset.yaml | 4 +++- .../templates/argocd-applicationset/deployment.yaml | 4 +++- .../templates/argocd-notifications/deployment.yaml | 4 +++- .../argo-cd/templates/argocd-repo-server/deployment.yaml | 4 +++- charts/argo-cd/templates/argocd-server/deployment.yaml | 8 ++++++-- charts/argo-cd/templates/dex/deployment.yaml | 8 ++++++-- charts/argo-cd/templates/redis/deployment.yaml | 8 ++++++-- 8 files changed, 32 insertions(+), 12 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index 72042538c..17f73eb4e 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -3,7 +3,7 @@ appVersion: v2.7.2 kubeVersion: ">=1.22.0-0" description: A Helm chart for Argo CD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 5.34.3 +version: 5.34.4 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png sources: @@ -27,4 +27,4 @@ annotations: url: https://argoproj.github.io/argo-helm/pgp_keys.asc artifacthub.io/changes: | - kind: fixed - description: Align with upstream dex initContainers + description: Allow to disable containerSecurityContext diff --git a/charts/argo-cd/templates/argocd-application-controller/statefulset.yaml b/charts/argo-cd/templates/argocd-application-controller/statefulset.yaml index c56bf0b33..26b9d2f59 100644 --- a/charts/argo-cd/templates/argocd-application-controller/statefulset.yaml +++ b/charts/argo-cd/templates/argocd-application-controller/statefulset.yaml @@ -255,8 +255,10 @@ spec: failureThreshold: {{ .Values.controller.readinessProbe.failureThreshold }} resources: {{- toYaml .Values.controller.resources | nindent 10 }} + {{- with .Values.controller.containerSecurityContext }} securityContext: - {{- toYaml .Values.controller.containerSecurityContext | nindent 10 }} + {{- toYaml . | nindent 10 }} + {{- end }} workingDir: /home/argocd volumeMounts: {{- with .Values.controller.volumeMounts }} diff --git a/charts/argo-cd/templates/argocd-applicationset/deployment.yaml b/charts/argo-cd/templates/argocd-applicationset/deployment.yaml index 9033f5b47..f3ce127a2 100644 --- a/charts/argo-cd/templates/argocd-applicationset/deployment.yaml +++ b/charts/argo-cd/templates/argocd-applicationset/deployment.yaml @@ -182,8 +182,10 @@ spec: {{- end }} resources: {{- toYaml .Values.applicationSet.resources | nindent 12 }} + {{- with .Values.applicationSet.containerSecurityContext }} securityContext: - {{- toYaml .Values.applicationSet.containerSecurityContext | nindent 12 }} + {{- toYaml . | nindent 12 }} + {{- end }} volumeMounts: {{- with .Values.applicationSet.extraVolumeMounts }} {{- toYaml . | nindent 12 }} diff --git a/charts/argo-cd/templates/argocd-notifications/deployment.yaml b/charts/argo-cd/templates/argocd-notifications/deployment.yaml index d49944fdc..d3f21b02a 100644 --- a/charts/argo-cd/templates/argocd-notifications/deployment.yaml +++ b/charts/argo-cd/templates/argocd-notifications/deployment.yaml @@ -80,8 +80,10 @@ spec: protocol: TCP resources: {{- toYaml .Values.notifications.resources | nindent 12 }} + {{- with .Values.notifications.containerSecurityContext }} securityContext: - {{- toYaml .Values.notifications.containerSecurityContext | nindent 12 }} + {{- toYaml . | nindent 12 }} + {{- end }} workingDir: /app volumeMounts: - name: tls-certs diff --git a/charts/argo-cd/templates/argocd-repo-server/deployment.yaml b/charts/argo-cd/templates/argocd-repo-server/deployment.yaml index 4f2c45bdb..759dc587b 100755 --- a/charts/argo-cd/templates/argocd-repo-server/deployment.yaml +++ b/charts/argo-cd/templates/argocd-repo-server/deployment.yaml @@ -273,8 +273,10 @@ spec: failureThreshold: {{ .Values.repoServer.readinessProbe.failureThreshold }} resources: {{- toYaml .Values.repoServer.resources | nindent 10 }} + {{- with .Values.repoServer.containerSecurityContext }} securityContext: - {{- toYaml .Values.repoServer.containerSecurityContext | nindent 10 }} + {{- toYaml . | nindent 10 }} + {{- end }} {{- with .Values.repoServer.lifecycle }} lifecycle: {{- toYaml . | nindent 10 }} diff --git a/charts/argo-cd/templates/argocd-server/deployment.yaml b/charts/argo-cd/templates/argocd-server/deployment.yaml index 7ce72e800..62436af7f 100755 --- a/charts/argo-cd/templates/argocd-server/deployment.yaml +++ b/charts/argo-cd/templates/argocd-server/deployment.yaml @@ -334,8 +334,10 @@ spec: failureThreshold: {{ .Values.server.readinessProbe.failureThreshold }} resources: {{- toYaml .Values.server.resources | nindent 10 }} + {{- with .Values.server.containerSecurityContext }} securityContext: - {{- toYaml .Values.server.containerSecurityContext | nindent 10 }} + {{- toYaml . | nindent 10 }} + {{- end }} {{- with .Values.server.lifecycle }} lifecycle: {{- toYaml . | nindent 10 }} @@ -346,8 +348,10 @@ spec: imagePullPolicy: {{ .Values.server.extensions.image.imagePullPolicy }} resources: {{- toYaml .Values.server.extensions.resources | nindent 10 }} + {{- with .Values.server.extensions.containerSecurityContext }} securityContext: - {{- toYaml .Values.server.extensions.containerSecurityContext | nindent 10 }} + {{- toYaml . | nindent 10 }} + {{- end }} volumeMounts: - name: extensions mountPath: /tmp/extensions/ diff --git a/charts/argo-cd/templates/dex/deployment.yaml b/charts/argo-cd/templates/dex/deployment.yaml index 2acf4242b..c623315f7 100755 --- a/charts/argo-cd/templates/dex/deployment.yaml +++ b/charts/argo-cd/templates/dex/deployment.yaml @@ -117,8 +117,10 @@ spec: {{- end }} resources: {{- toYaml .Values.dex.resources | nindent 10 }} + {{- with .Values.dex.containerSecurityContext }} securityContext: - {{- toYaml .Values.dex.containerSecurityContext | nindent 10 }} + {{- toYaml . | nindent 10 }} + {{- end }} volumeMounts: {{- with .Values.dex.volumeMounts }} {{- toYaml . | nindent 8 }} @@ -148,8 +150,10 @@ spec: name: dexconfig resources: {{- toYaml .Values.dex.resources | nindent 10 }} + {{- with .Values.dex.containerSecurityContext }} securityContext: - {{- toYaml .Values.dex.containerSecurityContext | nindent 10 }} + {{- toYaml . | nindent 10 }} + {{- end }} {{- with .Values.dex.initContainers }} {{- tpl (toYaml .) $ | nindent 6 }} {{- end }} diff --git a/charts/argo-cd/templates/redis/deployment.yaml b/charts/argo-cd/templates/redis/deployment.yaml index fc0bebbdc..bfe7c4807 100755 --- a/charts/argo-cd/templates/redis/deployment.yaml +++ b/charts/argo-cd/templates/redis/deployment.yaml @@ -75,8 +75,10 @@ spec: protocol: TCP resources: {{- toYaml .Values.redis.resources | nindent 10 }} + {{- with .Values.redis.containerSecurityContext }} securityContext: - {{- toYaml .Values.redis.containerSecurityContext | nindent 10 }} + {{- toYaml . | nindent 10 }} + {{- end }} {{- with .Values.redis.volumeMounts }} volumeMounts: {{- toYaml . | nindent 10 }} @@ -99,8 +101,10 @@ spec: protocol: TCP resources: {{- toYaml .Values.redis.exporter.resources | nindent 10 }} + {{- with .Values.redis.exporter.containerSecurityContext }} securityContext: - {{- toYaml .Values.redis.exporter.containerSecurityContext | nindent 10 }} + {{- toYaml . | nindent 10 }} + {{- end }} {{- end }} {{- with .Values.redis.extraContainers }} {{- tpl (toYaml .) $ | nindent 6 }} From a0d45ae19ab29cd4acb61841629b40f12cf83a68 Mon Sep 17 00:00:00 2001 From: Alex Street Date: Wed, 24 May 2023 18:23:12 -0500 Subject: [PATCH 166/373] chore(argo-cd): Upgrade Argo CD to v2.7.3 (#2075) Signed-off-by: leif013 --- charts/argo-cd/Chart.yaml | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index 17f73eb4e..423dbb441 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -1,9 +1,9 @@ apiVersion: v2 -appVersion: v2.7.2 +appVersion: v2.7.3 kubeVersion: ">=1.22.0-0" description: A Helm chart for Argo CD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 5.34.4 +version: 5.34.5 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png sources: @@ -26,5 +26,5 @@ annotations: fingerprint: 2B8F22F57260EFA67BE1C5824B11F800CD9D2252 url: https://argoproj.github.io/argo-helm/pgp_keys.asc artifacthub.io/changes: | - - kind: fixed - description: Allow to disable containerSecurityContext + - kind: changed + description: Upgrade Argo CD to v2.7.3 From 23b94151c6f3120834167e280016e6fff5949e74 Mon Sep 17 00:00:00 2001 From: Aikawa Date: Thu, 25 May 2023 21:30:48 +0900 Subject: [PATCH 167/373] chore(argo-workflows): Enable to configure Service Monitor port (#2076) --- charts/argo-workflows/Chart.yaml | 10 +++------- .../controller/workflow-controller-servicemonitor.yaml | 2 +- 2 files changed, 4 insertions(+), 8 deletions(-) diff --git a/charts/argo-workflows/Chart.yaml b/charts/argo-workflows/Chart.yaml index 84e49d849..0a0018c2a 100644 --- a/charts/argo-workflows/Chart.yaml +++ b/charts/argo-workflows/Chart.yaml @@ -3,7 +3,7 @@ appVersion: v3.4.7 name: argo-workflows description: A Helm chart for Argo Workflows type: application -version: 0.28.0 +version: 0.28.1 icon: https://argoproj.github.io/argo-workflows/assets/logo.png home: https://github.com/argoproj/argo-helm sources: @@ -16,9 +16,5 @@ annotations: fingerprint: 2B8F22F57260EFA67BE1C5824B11F800CD9D2252 url: https://argoproj.github.io/argo-helm/pgp_keys.asc artifacthub.io/changes: | - - kind: added - description: Add support for Google ManagedCertificate on GKE - - kind: added - description: Add support for Google FrontendConfig on GKE - - kind: added - description: Add support for Google BackendConfig on GKE + - kind: changed + description: Enable to configure Service Monitor port diff --git a/charts/argo-workflows/templates/controller/workflow-controller-servicemonitor.yaml b/charts/argo-workflows/templates/controller/workflow-controller-servicemonitor.yaml index e5e8307fa..6643d6342 100644 --- a/charts/argo-workflows/templates/controller/workflow-controller-servicemonitor.yaml +++ b/charts/argo-workflows/templates/controller/workflow-controller-servicemonitor.yaml @@ -12,7 +12,7 @@ metadata: spec: endpoints: {{- if .Values.controller.metricsConfig.enabled }} - - port: metrics + - port: {{ .Values.controller.metricsConfig.servicePortName }} path: {{ .Values.controller.metricsConfig.path }} interval: 30s {{- with .Values.controller.metricsConfig.relabelings }} From cf3a8eed84ac537f0377daf230a6e5e9a8682874 Mon Sep 17 00:00:00 2001 From: Jason Meridth Date: Thu, 25 May 2023 23:19:03 -0500 Subject: [PATCH 168/373] chore(argo-workflows): upgrade argo workflows to v3.4.8 (#2077) --- charts/argo-workflows/Chart.yaml | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/charts/argo-workflows/Chart.yaml b/charts/argo-workflows/Chart.yaml index 0a0018c2a..6ac0cf5c5 100644 --- a/charts/argo-workflows/Chart.yaml +++ b/charts/argo-workflows/Chart.yaml @@ -1,9 +1,9 @@ apiVersion: v2 -appVersion: v3.4.7 +appVersion: v3.4.8 name: argo-workflows description: A Helm chart for Argo Workflows type: application -version: 0.28.1 +version: 0.28.2 icon: https://argoproj.github.io/argo-workflows/assets/logo.png home: https://github.com/argoproj/argo-helm sources: @@ -17,4 +17,4 @@ annotations: url: https://argoproj.github.io/argo-helm/pgp_keys.asc artifacthub.io/changes: | - kind: changed - description: Enable to configure Service Monitor port + description: Upgrade to Argo Workflows v3.4.8 From 2fbc8566375194009ed491d015f3c78b5b094aba Mon Sep 17 00:00:00 2001 From: Tal Yitzhak Date: Sat, 27 May 2023 17:51:41 +0300 Subject: [PATCH 169/373] feat(argo-rollouts): Fix cluster role missing access in argo rollouts dashboard (#2081) * docs(github): comment out notational pieces of PR template (#1969) github: comment out notational pieces of PR template - the DCO and publishing sentences are not filled out during PRs and are purely notational - comment them out with HTML comments, as is common practice - example from a repo I maintain: https://github.com/ezolenko/rollup-plugin-typescript2/blob/f6db59613a66f58c48310aa8fa785951970b5d6d/.github/issue_template.md?plain=1#L2 - I copied that from other repos too - these comments are still visible to the PR author, just not visible when rendered, keeping the PR more concise Signed-off-by: Anton Gilgur Co-authored-by: Marco Kilchhofer Signed-off-by: Tal Yitzhak * Added missing permissions for argo rollouts dashboard cluster role - for config map, should be able to get Signed-off-by: Tal Yitzhak * Added missing permissions for argo rollouts dashboard cluster role - for config map, should be able to get Signed-off-by: Tal Yitzhak --------- Signed-off-by: Anton Gilgur Signed-off-by: Tal Yitzhak Signed-off-by: Tal Yitzhak Co-authored-by: Anton Gilgur <4970083+agilgur5@users.noreply.github.com> Co-authored-by: Marco Kilchhofer Co-authored-by: Tal Yitzhak --- charts/argo-rollouts/Chart.yaml | 4 ++-- charts/argo-rollouts/templates/dashboard/clusterrole.yaml | 6 ++++++ 2 files changed, 8 insertions(+), 2 deletions(-) diff --git a/charts/argo-rollouts/Chart.yaml b/charts/argo-rollouts/Chart.yaml index 8d87d142b..0acb2c64e 100644 --- a/charts/argo-rollouts/Chart.yaml +++ b/charts/argo-rollouts/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v2 appVersion: v1.5.0 description: A Helm chart for Argo Rollouts name: argo-rollouts -version: 2.30.0 +version: 2.30.1 home: https://github.com/argoproj/argo-helm icon: https://argoproj.github.io/argo-rollouts/assets/logo.png keywords: @@ -19,4 +19,4 @@ annotations: url: https://argoproj.github.io/argo-helm/pgp_keys.asc artifacthub.io/changes: | - kind: added - description: ability to annotate controller Deployment + description: Missing get access for configmaps in argo rollouts dashboard service account role diff --git a/charts/argo-rollouts/templates/dashboard/clusterrole.yaml b/charts/argo-rollouts/templates/dashboard/clusterrole.yaml index 0d69d67e4..cb3e457a5 100644 --- a/charts/argo-rollouts/templates/dashboard/clusterrole.yaml +++ b/charts/argo-rollouts/templates/dashboard/clusterrole.yaml @@ -71,6 +71,12 @@ rules: verbs: - list - watch + - apiGroups: + - "" + resources: + - configmaps + verbs: + - get - apiGroups: - coordination.k8s.io resources: From ec14ee0e7a9ea108b7b0e8830afc497b3025f7b5 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Sat, 27 May 2023 21:42:42 +0200 Subject: [PATCH 170/373] chore(deps): bump github/codeql-action from 2.3.3 to 2.3.5 (#2084) Bumps [github/codeql-action](https://github.com/github/codeql-action) from 2.3.3 to 2.3.5. - [Release notes](https://github.com/github/codeql-action/releases) - [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md) - [Commits](https://github.com/github/codeql-action/compare/29b1f65c5e92e24fe6b6647da1eaabe529cec70f...0225834cc549ee0ca93cb085b92954821a145866) --- updated-dependencies: - dependency-name: github/codeql-action dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Marco Kilchhofer --- .github/workflows/scorecard.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/scorecard.yml b/.github/workflows/scorecard.yml index 7f5cbfa57..02aea3a69 100644 --- a/.github/workflows/scorecard.yml +++ b/.github/workflows/scorecard.yml @@ -68,6 +68,6 @@ jobs: # Upload the results to GitHub's code scanning dashboard. - name: "Upload to code-scanning" - uses: github/codeql-action/upload-sarif@29b1f65c5e92e24fe6b6647da1eaabe529cec70f # v2.3.3 + uses: github/codeql-action/upload-sarif@0225834cc549ee0ca93cb085b92954821a145866 # v2.3.5 with: sarif_file: results.sarif From 32b86a7c31d989851b384afe9f76187ea480ea10 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Sat, 27 May 2023 14:58:10 -0500 Subject: [PATCH 171/373] chore(deps): bump actions/labeler from 4.0.3 to 4.0.4 (#2082) --- .github/workflows/pr-sizing.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/pr-sizing.yml b/.github/workflows/pr-sizing.yml index f75d7f82b..1078a9bb0 100644 --- a/.github/workflows/pr-sizing.yml +++ b/.github/workflows/pr-sizing.yml @@ -16,7 +16,7 @@ jobs: triage: runs-on: ubuntu-latest steps: - - uses: actions/labeler@ba790c862c380240c6d5e7427be5ace9a05c754b # v4.0.3 + - uses: actions/labeler@0776a679364a9a16110aac8d0f40f5e11009e327 # v4.0.4 with: configuration-path: ".github/configs/labeler.yaml" repo-token: "${{ secrets.GITHUB_TOKEN }}" From fb4a8949ec6222f0033562382b413a8b4fc65e73 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Sat, 27 May 2023 22:32:07 +0200 Subject: [PATCH 172/373] chore(deps): bump actions/setup-python from 4.6.0 to 4.6.1 (#2083) Bumps [actions/setup-python](https://github.com/actions/setup-python) from 4.6.0 to 4.6.1. - [Release notes](https://github.com/actions/setup-python/releases) - [Commits](https://github.com/actions/setup-python/compare/57ded4d7d5e986d7296eab16560982c6dd7c923b...bd6b4b6205c4dbad673328db7b31b7fab9e241c0) --- updated-dependencies: - dependency-name: actions/setup-python dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Marco Kilchhofer Co-authored-by: Jason Meridth --- .github/workflows/lint-and-test.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/lint-and-test.yml b/.github/workflows/lint-and-test.yml index e7e35f8a9..b750cc2cf 100644 --- a/.github/workflows/lint-and-test.yml +++ b/.github/workflows/lint-and-test.yml @@ -32,7 +32,7 @@ jobs: version: v3.10.1 # Also update in publish.yaml - name: Set up python - uses: actions/setup-python@57ded4d7d5e986d7296eab16560982c6dd7c923b # v4.6.0 + uses: actions/setup-python@bd6b4b6205c4dbad673328db7b31b7fab9e241c0 # v4.6.1 with: python-version: 3.9 From 438f7a26b7518ec1fc4133f12f58cb0b8d1a2765 Mon Sep 17 00:00:00 2001 From: Milos Hauser <16776599+hau21um@users.noreply.github.com> Date: Mon, 29 May 2023 06:29:30 +0200 Subject: [PATCH 173/373] feat(argo-cd): Adding "appProtocol: HTTPS" to HTTPS service port of argocd-server. (#1955) --- charts/argo-cd/Chart.yaml | 6 +++--- charts/argo-cd/templates/argocd-server/service.yaml | 3 +++ charts/argo-cd/values.yaml | 2 ++ 3 files changed, 8 insertions(+), 3 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index 423dbb441..0f570ca38 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -3,7 +3,7 @@ appVersion: v2.7.3 kubeVersion: ">=1.22.0-0" description: A Helm chart for Argo CD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 5.34.5 +version: 5.34.6 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png sources: @@ -26,5 +26,5 @@ annotations: fingerprint: 2B8F22F57260EFA67BE1C5824B11F800CD9D2252 url: https://argoproj.github.io/argo-helm/pgp_keys.asc artifacthub.io/changes: | - - kind: changed - description: Upgrade Argo CD to v2.7.3 + - kind: added + description: Option to set appProtocol for Argocd server https service port diff --git a/charts/argo-cd/templates/argocd-server/service.yaml b/charts/argo-cd/templates/argocd-server/service.yaml index 5a31f0b87..b9881f882 100644 --- a/charts/argo-cd/templates/argocd-server/service.yaml +++ b/charts/argo-cd/templates/argocd-server/service.yaml @@ -31,6 +31,9 @@ spec: {{- if eq .Values.server.service.type "NodePort" }} nodePort: {{ .Values.server.service.nodePortHttps }} {{- end }} + {{- with .Values.server.service.servicePortHttpsAppProtocol }} + appProtocol: {{ . }} + {{- end }} selector: {{- include "argo-cd.selectorLabels" (dict "context" . "name" .Values.server.name) | nindent 4 }} {{- if eq .Values.server.service.type "LoadBalancer" }} diff --git a/charts/argo-cd/values.yaml b/charts/argo-cd/values.yaml index 2906eb82b..cbe46d2e2 100644 --- a/charts/argo-cd/values.yaml +++ b/charts/argo-cd/values.yaml @@ -1768,6 +1768,8 @@ server: servicePortHttpName: http # -- Server service https port name, can be used to route traffic via istio servicePortHttpsName: https + # -- Server service https port appProtocol. (should be upper case - i.e. HTTPS) + # servicePortHttpsAppProtocol: HTTPS # -- LoadBalancer will get created with the IP specified in this field loadBalancerIP: "" # -- Source IP ranges to allow access to service from From 2f410bb794101e2afdb714c6540c8ef09d73d5e1 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Sat, 3 Jun 2023 09:09:01 -0500 Subject: [PATCH 174/373] chore(deps): bump pascalgn/size-label-action from 0.4.3 to 0.5.0 (#2092) --- .github/workflows/pr-sizing.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/pr-sizing.yml b/.github/workflows/pr-sizing.yml index 1078a9bb0..1b6d3699d 100644 --- a/.github/workflows/pr-sizing.yml +++ b/.github/workflows/pr-sizing.yml @@ -25,6 +25,6 @@ jobs: size-label: runs-on: ubuntu-latest steps: - - uses: pascalgn/size-label-action@1619680c5ac1ef360b944bb56a57587ba4aa2af8 # v0.4.3 + - uses: pascalgn/size-label-action@37a5ad4ae20ea8032abf169d953bcd661fd82cd3 # v0.5.0 env: GITHUB_TOKEN: "${{ secrets.GITHUB_TOKEN }}" From 17d1d046a8f855bb67e0903f7a0c280ea3150d9b Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Sat, 3 Jun 2023 09:10:22 -0500 Subject: [PATCH 175/373] chore(deps): bump github/codeql-action from 2.3.5 to 2.3.6 (#2091) --- .github/workflows/scorecard.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/scorecard.yml b/.github/workflows/scorecard.yml index 02aea3a69..4a2072698 100644 --- a/.github/workflows/scorecard.yml +++ b/.github/workflows/scorecard.yml @@ -68,6 +68,6 @@ jobs: # Upload the results to GitHub's code scanning dashboard. - name: "Upload to code-scanning" - uses: github/codeql-action/upload-sarif@0225834cc549ee0ca93cb085b92954821a145866 # v2.3.5 + uses: github/codeql-action/upload-sarif@83f0fe6c4988d98a455712a27f0255212bba9bd4 # v2.3.6 with: sarif_file: results.sarif From 5fb6688bcbeef2b7b1e1ed8a96d4eb7d172e5c1d Mon Sep 17 00:00:00 2001 From: Aikawa Date: Sat, 3 Jun 2023 23:40:50 +0900 Subject: [PATCH 176/373] chore(argo-workflows): Declare SSO configuration explicitly on values.yaml (#2089) Signed-off-by: yu-croco Co-authored-by: Jason Meridth --- charts/argo-workflows/Chart.yaml | 4 +- charts/argo-workflows/README.md | 16 ++++- .../workflow-controller-config-map.yaml | 44 ++++++------- .../server/server-cluster-roles.yaml | 10 ++- charts/argo-workflows/values.yaml | 65 ++++++++++++------- 5 files changed, 82 insertions(+), 57 deletions(-) diff --git a/charts/argo-workflows/Chart.yaml b/charts/argo-workflows/Chart.yaml index 6ac0cf5c5..8f899e6ca 100644 --- a/charts/argo-workflows/Chart.yaml +++ b/charts/argo-workflows/Chart.yaml @@ -3,7 +3,7 @@ appVersion: v3.4.8 name: argo-workflows description: A Helm chart for Argo Workflows type: application -version: 0.28.2 +version: 0.29.0 icon: https://argoproj.github.io/argo-workflows/assets/logo.png home: https://github.com/argoproj/argo-helm sources: @@ -17,4 +17,4 @@ annotations: url: https://argoproj.github.io/argo-helm/pgp_keys.asc artifacthub.io/changes: | - kind: changed - description: Upgrade to Argo Workflows v3.4.8 + description: Declare SSO configuration explicitly on values.yaml diff --git a/charts/argo-workflows/README.md b/charts/argo-workflows/README.md index b5612a169..f46d10e08 100644 --- a/charts/argo-workflows/README.md +++ b/charts/argo-workflows/README.md @@ -302,7 +302,21 @@ Fields to note: | server.servicePort | int | `2746` | Service port for server | | server.servicePortName | string | `""` | Service port name | | server.serviceType | string | `"ClusterIP"` | Service type for server pods | -| server.sso | object | `{}` | SSO configuration when SSO is specified as a server auth mode. | +| server.sso.clientId.key | string | `"client-id"` | Key of secret to retrieve the app OIDC client ID | +| server.sso.clientId.name | string | `"argo-server-sso"` | Name of secret to retrieve the app OIDC client ID | +| server.sso.clientSecret.key | string | `"client-secret"` | Key of a secret to retrieve the app OIDC client secret | +| server.sso.clientSecret.name | string | `"argo-server-sso"` | Name of a secret to retrieve the app OIDC client secret | +| server.sso.customGroupClaimName | string | `""` | Override claim name for OIDC groups | +| server.sso.enabled | bool | `false` | Create SSO configuration | +| server.sso.insecureSkipVerify | bool | `false` | Skip TLS verification for the HTTP client | +| server.sso.issuer | string | `"https://accounts.google.com"` | The root URL of the OIDC identity provider | +| server.sso.issuerAlias | string | `""` | Alternate root URLs that can be included for some OIDC providers | +| server.sso.rbac.enabled | bool | `true` | Adds ServiceAccount Policy to server (Cluster)Role. | +| server.sso.rbac.secretWhitelist | list | `[]` | Whitelist to allow server to fetch Secrets | +| server.sso.redirectUrl | string | `"https://argo/oauth2/callback"` | | +| server.sso.scopes | list | `[]` | Scopes requested from the SSO ID provider | +| server.sso.sessionExpiry | string | `""` | Define how long your login is valid for (in hours) | +| server.sso.userInfoPath | string | `""` | Specify the user info endpoint that contains the groups claim | | server.tolerations | list | `[]` | [Tolerations] for use with node taints | | server.topologySpreadConstraints | list | `[]` | Assign custom [TopologySpreadConstraints] rules to the argo server | | server.volumeMounts | list | `[]` | Additional volume mounts to the server main container. | diff --git a/charts/argo-workflows/templates/controller/workflow-controller-config-map.yaml b/charts/argo-workflows/templates/controller/workflow-controller-config-map.yaml index d30db859c..ef39ddc7d 100644 --- a/charts/argo-workflows/templates/controller/workflow-controller-config-map.yaml +++ b/charts/argo-workflows/templates/controller/workflow-controller-config-map.yaml @@ -126,37 +126,35 @@ data: {{- if .Values.controller.workflowDefaults }} workflowDefaults: {{ toYaml .Values.controller.workflowDefaults | indent 6 }}{{- end }} - {{- with .Values.server.sso }} + {{- if .Values.server.sso.enabled }} sso: - issuer: {{ .issuer }} + issuer: {{ .Values.server.sso.issuer }} clientId: - name: {{ .clientId.name }} - key: {{ .clientId.key }} + name: {{ .Values.server.sso.clientId.name }} + key: {{ .Values.server.sso.clientId.key }} clientSecret: - name: {{ .clientSecret.name }} - key: {{ .clientSecret.key }} - redirectUrl: {{ .redirectUrl }} - {{- with .rbac }} + name: {{ .Values.server.sso.clientSecret.name }} + key: {{ .Values.server.sso.clientSecret.key }} + redirectUrl: {{ .Values.server.sso.redirectUrl }} rbac: - enabled: {{ .enabled }} + enabled: {{ .Values.server.sso.rbac.enabled }} + {{- with .Values.server.sso.scopes }} + scopes: {{ toYaml . | nindent 8 }} {{- end }} - {{- if .scopes }} - scopes: {{ toYaml .scopes | nindent 8 }} + {{- with .Values.server.sso.issuerAlias }} + issuerAlias: {{ toYaml . }} {{- end }} - {{- if .issuerAlias }} - issuerAlias: {{ .issuerAlias }} + {{- with .Values.server.sso.sessionExpiry }} + sessionExpiry: {{ toYaml . }} {{- end }} - {{- if .sessionExpiry }} - sessionExpiry: {{ .sessionExpiry }} + {{- with .Values.server.sso.customGroupClaimName }} + customGroupClaimName: {{ toYaml . }} {{- end }} - {{- if .customGroupClaimName }} - customGroupClaimName: {{ .customGroupClaimName }} + {{- with .Values.server.sso.userInfoPath }} + userInfoPath: {{ toYaml . }} {{- end }} - {{- if .userInfoPath }} - userInfoPath: {{ .userInfoPath }} - {{- end }} - {{- if .insecureSkipVerify }} - insecureSkipVerify: {{ .insecureSkipVerify }} + {{- with .Values.server.sso.insecureSkipVerify }} + insecureSkipVerify: {{ toYaml . }} {{- end }} {{- end }} {{- with .Values.controller.workflowRestrictions }} @@ -184,4 +182,4 @@ data: {{- end }} {{- with .Values.controller.podGCDeleteDelayDuration }} podGCDeleteDelayDuration: {{ . }} - {{- end }} \ No newline at end of file + {{- end }} diff --git a/charts/argo-workflows/templates/server/server-cluster-roles.yaml b/charts/argo-workflows/templates/server/server-cluster-roles.yaml index 96f12bfa0..2a52d9567 100644 --- a/charts/argo-workflows/templates/server/server-cluster-roles.yaml +++ b/charts/argo-workflows/templates/server/server-cluster-roles.yaml @@ -38,7 +38,7 @@ rules: verbs: - get - list -{{- if .Values.server.sso }} +{{- if .Values.server.sso.enabled }} - apiGroups: - "" resources: @@ -54,7 +54,7 @@ rules: - secrets verbs: - create - {{- if .Values.server.sso.rbac }} + {{- if .Values.server.sso.rbac.enabled }} - apiGroups: - "" resources: @@ -73,11 +73,9 @@ rules: - get - list - watch -{{- if .Values.server.sso }} - {{- if .Values.server.sso.rbac }} - {{- with .Values.server.sso.rbac.secretWhitelist }} +{{- if and .Values.server.sso.enabled .Values.server.sso.rbac.enabled }} + {{- with .Values.server.sso.rbac.secretWhitelist }} resourceNames: {{- toYaml . | nindent 4 }} - {{- end }} {{- end }} {{- end }} - apiGroups: diff --git a/charts/argo-workflows/values.yaml b/charts/argo-workflows/values.yaml index b65fd4f87..64a81d927 100644 --- a/charts/argo-workflows/values.yaml +++ b/charts/argo-workflows/values.yaml @@ -618,35 +618,50 @@ server: # -- Give the server permissions to edit ClusterWorkflowTemplates. enableEditing: true - # -- SSO configuration when SSO is specified as a server auth mode. - sso: {} - ## All the values are required. SSO is activated by adding --auth-mode=sso - ## to the server command line. - # - ## The root URL of the OIDC identity provider. - # issuer: https://accounts.google.com - ## Name of a secret and a key in it to retrieve the app OIDC client ID from. - # clientId: - # name: argo-server-sso - # key: client-id - ## Name of a secret and a key in it to retrieve the app OIDC client secret from. - # clientSecret: - # name: argo-server-sso - # key: client-secret - ## The OIDC redirect URL. Should be in the form /oauth2/callback. - # redirectUrl: https://argo/oauth2/callback - # rbac: - # enabled: true + # SSO configuration when SSO is specified as a server auth mode. + sso: + # -- Create SSO configuration + ## SSO is activated by adding --auth-mode=sso to the server command line. + enabled: false + # -- The root URL of the OIDC identity provider + issuer: https://accounts.google.com + clientId: + # -- Name of secret to retrieve the app OIDC client ID + name: argo-server-sso + # -- Key of secret to retrieve the app OIDC client ID + key: client-id + clientSecret: + # -- Name of a secret to retrieve the app OIDC client secret + name: argo-server-sso + # -- Key of a secret to retrieve the app OIDC client secret + key: client-secret + # - The OIDC redirect URL. Should be in the form /oauth2/callback. + redirectUrl: https://argo/oauth2/callback + rbac: + # -- Adds ServiceAccount Policy to server (Cluster)Role. + enabled: true + # -- Whitelist to allow server to fetch Secrets ## When present, restricts secrets the server can read to a given list. ## You can use it to restrict the server to only be able to access the ## service account token secrets that are associated with service accounts ## used for authorization. - # secretWhitelist: [] - ## Scopes requested from the SSO ID provider. The 'groups' scope requests - ## group membership information, which is usually used for authorization - ## decisions. - # scopes: - # - groups + secretWhitelist: [] + # -- Scopes requested from the SSO ID provider + ## The 'groups' scope requests group membership information, which is usually used for authorization decisions. + scopes: [] + # - groups + # -- Define how long your login is valid for (in hours) + ## If omitted, defaults to 10h. + sessionExpiry: "" + # -- Alternate root URLs that can be included for some OIDC providers + issuerAlias: "" + # -- Override claim name for OIDC groups + customGroupClaimName: "" + # -- Specify the user info endpoint that contains the groups claim + ## Configure this if your OIDC provider provides groups information only using the user-info endpoint (e.g. Okta) + userInfoPath: "" + # -- Skip TLS verification for the HTTP client + insecureSkipVerify: false # -- Extra containers to be added to the server deployment extraContainers: [] From 3a7e4b1de7908a39cb979358d1562daa582cde2c Mon Sep 17 00:00:00 2001 From: Aikawa Date: Sun, 4 Jun 2023 20:07:40 +0900 Subject: [PATCH 177/373] feat(argo-rollouts): Support Traffic Router Plugins (#2090) Signed-off-by: yu-croco Co-authored-by: Jason Meridth --- charts/argo-rollouts/Chart.yaml | 4 ++-- charts/argo-rollouts/README.md | 1 + charts/argo-rollouts/templates/controller/configmap.yaml | 3 +++ charts/argo-rollouts/values.yaml | 7 +++++++ 4 files changed, 13 insertions(+), 2 deletions(-) diff --git a/charts/argo-rollouts/Chart.yaml b/charts/argo-rollouts/Chart.yaml index 0acb2c64e..671754697 100644 --- a/charts/argo-rollouts/Chart.yaml +++ b/charts/argo-rollouts/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v2 appVersion: v1.5.0 description: A Helm chart for Argo Rollouts name: argo-rollouts -version: 2.30.1 +version: 2.31.0 home: https://github.com/argoproj/argo-helm icon: https://argoproj.github.io/argo-rollouts/assets/logo.png keywords: @@ -19,4 +19,4 @@ annotations: url: https://argoproj.github.io/argo-helm/pgp_keys.asc artifacthub.io/changes: | - kind: added - description: Missing get access for configmaps in argo rollouts dashboard service account role + description: Support Traffic Router Plugins diff --git a/charts/argo-rollouts/README.md b/charts/argo-rollouts/README.md index a7f8a0607..5add40c3e 100644 --- a/charts/argo-rollouts/README.md +++ b/charts/argo-rollouts/README.md @@ -111,6 +111,7 @@ For full list of changes please check ArtifactHub [changelog]. | controller.resources | object | `{}` | Resource limits and requests for the controller pods. | | controller.tolerations | list | `[]` | [Tolerations] for use with node taints | | controller.topologySpreadConstraints | list | `[]` | Assign custom [TopologySpreadConstraints] rules to the controller | +| controller.trafficRouterPlugins | object | `{}` | Configures 3rd party traffic router plugins for controller | | controller.volumeMounts | list | `[]` | Additional volumeMounts to add to the controller container | | controller.volumes | list | `[]` | Additional volumes to add to the controller pod | | podAnnotations | object | `{}` | Annotations for the all deployed pods | diff --git a/charts/argo-rollouts/templates/controller/configmap.yaml b/charts/argo-rollouts/templates/controller/configmap.yaml index 8eb2bbe2a..1978b2b62 100644 --- a/charts/argo-rollouts/templates/controller/configmap.yaml +++ b/charts/argo-rollouts/templates/controller/configmap.yaml @@ -10,3 +10,6 @@ data: {{- with .Values.controller.metricProviderPlugins }} {{- toYaml . | nindent 2 }} {{- end }} + {{- with .Values.controller.trafficRouterPlugins }} + {{- toYaml . | nindent 2 }} + {{- end }} diff --git a/charts/argo-rollouts/values.yaml b/charts/argo-rollouts/values.yaml index 6a533eaf8..b81ee53a9 100644 --- a/charts/argo-rollouts/values.yaml +++ b/charts/argo-rollouts/values.yaml @@ -194,6 +194,13 @@ controller: # - name: "argoproj-labs/sample-prometheus" # name of the plugin, it must match the name required by the plugin so that it can find its configuration # location: "file://./my-custom-plugin" # supports http(s):// urls and file:// + # -- Configures 3rd party traffic router plugins for controller + ## Ref: https://argo-rollouts.readthedocs.io/en/stable/features/traffic-management/plugins/ + trafficRouterPlugins: {} + # trafficRouterPlugins: |- + # - name: "argoproj-labs/sample-nginx" # name of the plugin, it must match the name required by the plugin so it can find it's configuration + # location: "file://./my-custom-plugin" # supports http(s):// urls and file:// + serviceAccount: # -- Specifies whether a service account should be created create: true From 5771a0697794f592a10eae3215981205a3077e98 Mon Sep 17 00:00:00 2001 From: Alexandre Joris Date: Mon, 5 Jun 2023 16:15:07 +0200 Subject: [PATCH 178/373] fix(argo-workflows): Fixed gcs keyFormat template example in values.yaml (#2085) * fix(argo-workflows): #2073: Fixed gcs keyFormat template example in values.yaml Signed-off-by: Alexandre Joris * bumped chart version to v0.28.3 ; added artifacthub.io/changes changelog Signed-off-by: Alexandre Joris * fixed Chart.yaml trailing spaces Signed-off-by: Alexandre Joris * chore(deps): bump pascalgn/size-label-action from 0.4.3 to 0.5.0 (#2092) Signed-off-by: Alexandre Joris * chore(deps): bump github/codeql-action from 2.3.5 to 2.3.6 (#2091) Signed-off-by: Alexandre Joris * chore(argo-workflows): Declare SSO configuration explicitly on values.yaml (#2089) Signed-off-by: yu-croco Co-authored-by: Jason Meridth Signed-off-by: Alexandre Joris * feat(argo-rollouts): Support Traffic Router Plugins (#2090) Signed-off-by: yu-croco Co-authored-by: Jason Meridth Signed-off-by: Alexandre Joris --------- Signed-off-by: Alexandre Joris Signed-off-by: yu-croco Signed-off-by: Alexandre Joris Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Jason Meridth Co-authored-by: Aikawa --- charts/argo-workflows/Chart.yaml | 6 +++--- charts/argo-workflows/values.yaml | 2 +- 2 files changed, 4 insertions(+), 4 deletions(-) diff --git a/charts/argo-workflows/Chart.yaml b/charts/argo-workflows/Chart.yaml index 8f899e6ca..44ba18996 100644 --- a/charts/argo-workflows/Chart.yaml +++ b/charts/argo-workflows/Chart.yaml @@ -3,7 +3,7 @@ appVersion: v3.4.8 name: argo-workflows description: A Helm chart for Argo Workflows type: application -version: 0.29.0 +version: 0.29.1 icon: https://argoproj.github.io/argo-workflows/assets/logo.png home: https://github.com/argoproj/argo-helm sources: @@ -16,5 +16,5 @@ annotations: fingerprint: 2B8F22F57260EFA67BE1C5824B11F800CD9D2252 url: https://argoproj.github.io/argo-helm/pgp_keys.asc artifacthub.io/changes: | - - kind: changed - description: Declare SSO configuration explicitly on values.yaml + - kind: fixed + description: Fixed GCS keyFormat template example in values.yaml diff --git a/charts/argo-workflows/values.yaml b/charts/argo-workflows/values.yaml index 64a81d927..8c442d97f 100644 --- a/charts/argo-workflows/values.yaml +++ b/charts/argo-workflows/values.yaml @@ -724,7 +724,7 @@ artifactRepository: # @default -- `{}` (See [values.yaml]) gcs: {} # bucket: -argo - # keyFormat: "{{workflow.namespace}}/{{workflow.name}}/{{pod.name}}" + # keyFormat: "{{ \"{{workflow.namespace}}/{{workflow.name}}/{{pod.name}}\" }}" # serviceAccountKeySecret is a secret selector. # It references the k8s secret named 'my-gcs-credentials'. # This secret is expected to have have the key 'serviceAccountKey', From a6a7468973946d00533ecbb07db7e475382333e3 Mon Sep 17 00:00:00 2001 From: Aikawa Date: Mon, 5 Jun 2023 23:28:10 +0900 Subject: [PATCH 179/373] chore(argo-cd): Upgrade supported Kubernetes version to v1.23.0 (#2087) * chore(argo-cd): Upgrade supported Kubernetes version to 1.23.0 due to Amazon EKS EoL Signed-off-by: yu-croco * chore(argo-cd): modify changelog Signed-off-by: yu-croco * fix(argo-cd): simpler description Signed-off-by: yu-croco * fix(argo-cd): reflect review point Signed-off-by: yu-croco --------- Signed-off-by: yu-croco Co-authored-by: Jason Meridth --- charts/argo-cd/Chart.yaml | 8 ++++---- charts/argo-cd/README.md | 8 +++++++- charts/argo-cd/README.md.gotmpl | 7 +++++++ 3 files changed, 18 insertions(+), 5 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index 0f570ca38..5be3308fa 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -1,9 +1,9 @@ apiVersion: v2 appVersion: v2.7.3 -kubeVersion: ">=1.22.0-0" +kubeVersion: ">=1.23.0-0" description: A Helm chart for Argo CD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 5.34.6 +version: 5.35.0 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png sources: @@ -26,5 +26,5 @@ annotations: fingerprint: 2B8F22F57260EFA67BE1C5824B11F800CD9D2252 url: https://argoproj.github.io/argo-helm/pgp_keys.asc artifacthub.io/changes: | - - kind: added - description: Option to set appProtocol for Argocd server https service port + - kind: changed + description: Upgrade supported Kubernetes version to 1.23.0 due to Amazon EKS EoL diff --git a/charts/argo-cd/README.md b/charts/argo-cd/README.md index 1fa388ed5..bd3796fc4 100644 --- a/charts/argo-cd/README.md +++ b/charts/argo-cd/README.md @@ -105,6 +105,11 @@ For full list of changes please check ArtifactHub [changelog]. Highlighted versions provide information about additional steps that should be performed by user when upgrading to newer version. +### 5.35.0 +This version supports Kubernetes version `>=1.23.0-0`. The current supported version of Kubernetes is v1.24 or later and we align with Amazon EKS calendar, because many of AWS users and conservative approach. + +Please see more information about EoL: [Amazon EKS EoL][EKS EoL]. + ### 5.31.0 The manifests are now using [`tini` as entrypoint][tini], instead of `entrypoint.sh`. Until Argo CD v2.8, `entrypoint.sh` is retained for upgrade compatibility. This means that the deployment manifests have to be updated after upgrading to Argo CD v2.7, and before upgrading to Argo CD v2.8 later. @@ -356,7 +361,7 @@ server: ## Prerequisites -- Kubernetes: `>=1.22.0-0` +- Kubernetes: `>=1.23.0-0` - Helm v3.0.0+ ## Installing the Chart @@ -1215,3 +1220,4 @@ Autogenerated from chart metadata using [helm-docs](https://github.com/norwoodj/ [values.yaml]: values.yaml [v2.2 to 2.3 upgrade instructions]: https://github.com/argoproj/argo-cd/blob/v2.3.0/docs/operator-manual/upgrading/2.2-2.3.md [tini]: https://github.com/argoproj/argo-cd/pull/12707 +[EKS EoL]: https://endoflife.date/amazon-eks diff --git a/charts/argo-cd/README.md.gotmpl b/charts/argo-cd/README.md.gotmpl index 92d7f354a..6b5efffce 100644 --- a/charts/argo-cd/README.md.gotmpl +++ b/charts/argo-cd/README.md.gotmpl @@ -104,6 +104,12 @@ For full list of changes please check ArtifactHub [changelog]. Highlighted versions provide information about additional steps that should be performed by user when upgrading to newer version. +### 5.35.0 +This version supports Kubernetes version `>=1.23.0-0`. The current supported version of Kubernetes is v1.24 or later and we align with Amazon EKS calendar, because many of AWS users and conservative approach. + +Please see more information about EoL: [Amazon EKS EoL][EKS EoL]. + + ### 5.31.0 The manifests are now using [`tini` as entrypoint][tini], instead of `entrypoint.sh`. Until Argo CD v2.8, `entrypoint.sh` is retained for upgrade compatibility. This means that the deployment manifests have to be updated after upgrading to Argo CD v2.7, and before upgrading to Argo CD v2.8 later. @@ -552,3 +558,4 @@ Autogenerated from chart metadata using [helm-docs](https://github.com/norwoodj/ [values.yaml]: values.yaml [v2.2 to 2.3 upgrade instructions]: https://github.com/argoproj/argo-cd/blob/v2.3.0/docs/operator-manual/upgrading/2.2-2.3.md [tini]: https://github.com/argoproj/argo-cd/pull/12707 +[EKS EoL]: https://endoflife.date/amazon-eks From 2538371fecba8e3bc7a161f6484e3d752f71d1e1 Mon Sep 17 00:00:00 2001 From: Aikawa Date: Tue, 6 Jun 2023 13:34:59 +0900 Subject: [PATCH 180/373] chore(argo-cd): Upgrade Argo CD to v2.7.4 (#2095) --- charts/argo-cd/Chart.yaml | 8 +++++--- charts/argo-cd/values.yaml | 5 ++++- 2 files changed, 9 insertions(+), 4 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index 5be3308fa..b6dfe773a 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -1,9 +1,9 @@ apiVersion: v2 -appVersion: v2.7.3 +appVersion: v2.7.4 kubeVersion: ">=1.23.0-0" description: A Helm chart for Argo CD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 5.35.0 +version: 5.35.1 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png sources: @@ -27,4 +27,6 @@ annotations: url: https://argoproj.github.io/argo-helm/pgp_keys.asc artifacthub.io/changes: | - kind: changed - description: Upgrade supported Kubernetes version to 1.23.0 due to Amazon EKS EoL + description: Upgrade Argo CD to v2.7.4 + - kind: added + description: Update knownHosts diff --git a/charts/argo-cd/values.yaml b/charts/argo-cd/values.yaml index cbe46d2e2..531b2360c 100644 --- a/charts/argo-cd/values.yaml +++ b/charts/argo-cd/values.yaml @@ -315,8 +315,11 @@ configs: # -- Known hosts to be added to the known host list by default. # @default -- See [values.yaml] knownHosts: | - bitbucket.org ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIIazEu89wgQZ4bqs3d63QSMzYVa0MuJ2e2gKTKqu+UUO + [ssh.github.com]:443 ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBEmKSENjQEezOmxkZMy7opKgwFB9nkt5YRrYMjNuG5N87uRgg6CLrbo5wAdT/y6v0mKV0U2w0WZ2YB/++Tpockg= + [ssh.github.com]:443 ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIOMqqnkVzrm0SdG6UOoqKLsabgH5C9okWi0dh2l9GKJl + [ssh.github.com]:443 ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABgQCj7ndNxQowgcQnjshcLrqPEiiphnt+VTTvDP6mHBL9j1aNUkY4Ue1gvwnGLVlOhGeYrnZaMgRK6+PKCUXaDbC7qtbW8gIkhL7aGCsOr/C56SJMy/BCZfxd1nWzAOxSDPgVsmerOBYfNqltV9/hWCqBywINIR+5dIg6JTJ72pcEpEjcYgXkE2YEFXV1JHnsKgbLWNlhScqb2UmyRkQyytRLtL+38TGxkxCflmO+5Z8CSSNY7GidjMIZ7Q4zMjA2n1nGrlTDkzwDCsw+wqFPGQA179cnfGWOWRVruj16z6XyvxvjJwbz0wQZ75XK5tKSb7FNyeIEs4TT4jk+S4dhPeAUC5y+bDYirYgM4GC7uEnztnZyaVWQ7B381AK4Qdrwt51ZqExKbQpTUNn+EjqoTwvqNj4kqx5QUCI0ThS/YkOxJCXmPUWZbhjpCg56i+2aB6CmK2JGhn57K5mj0MNdBXA4/WnwH6XoPWJzK5Nyu2zB3nAZp+S5hpQs+p1vN1/wsjk= bitbucket.org ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBPIQmuzMBuKdWeF4+a2sjSSpBK0iqitSQ+5BM9KhpexuGt20JpTVM7u5BDZngncgrqDMbWdxMWWOGtZ9UgbqgZE= + bitbucket.org ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIIazEu89wgQZ4bqs3d63QSMzYVa0MuJ2e2gKTKqu+UUO bitbucket.org ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAQEAubiN81eDcafrgMeLzaFPsw2kNvEcqTKl/VqLat/MaB33pZy0y3rJZtnqwR2qOOvbwKZYKiEO1O6VqNEBxKvJJelCq0dTXWT5pbO2gDXC6h6QDXCaHo6pOHGPUy+YBaGQRGuSusMEASYiWunYN0vCAI8QaXnWMXNMdFP3jHAJH0eDsoiGnLPBlBp4TNm6rYI74nMzgz3B9IikW4WVK+dc8KZJZWYjAuORU3jc1c/NPskD2ASinf8v3xnfXeukU0sJ5N6m5E8VLjObPEO+mN2t/FZTMZLiFqPWc/ALSqnMnnhwrNi2rbfg/rd/IpL8Le3pSBne8+seeFVBoGqzHM9yXw== github.com ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBEmKSENjQEezOmxkZMy7opKgwFB9nkt5YRrYMjNuG5N87uRgg6CLrbo5wAdT/y6v0mKV0U2w0WZ2YB/++Tpockg= github.com ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIOMqqnkVzrm0SdG6UOoqKLsabgH5C9okWi0dh2l9GKJl From 49c2ca254826742217167ba2d0147a6eea562144 Mon Sep 17 00:00:00 2001 From: Joe Lee Date: Wed, 7 Jun 2023 16:52:02 +0800 Subject: [PATCH 181/373] feat(argo-cd): Add "global.env" for all deployed containers (#2096) * add global env for argo-cd Signed-off-by: Joe Lee * update readme Signed-off-by: Joe Lee * fix typo Signed-off-by: Joe Lee * feat(argo-cd): Add "global.env" for all deployed containers Signed-off-by: Joe Lee * update doc Signed-off-by: Joe Lee * remove note Signed-off-by: Joe Lee * update changes Signed-off-by: Joe Lee --------- Signed-off-by: Joe Lee --- charts/argo-cd/Chart.yaml | 6 ++---- charts/argo-cd/README.md | 1 + .../argocd-application-controller/statefulset.yaml | 2 +- .../argo-cd/templates/argocd-applicationset/deployment.yaml | 2 +- .../argo-cd/templates/argocd-notifications/deployment.yaml | 2 +- charts/argo-cd/templates/argocd-repo-server/deployment.yaml | 2 +- charts/argo-cd/templates/argocd-server/deployment.yaml | 2 +- charts/argo-cd/templates/dex/deployment.yaml | 2 +- charts/argo-cd/templates/redis/deployment.yaml | 4 ++-- charts/argo-cd/values.yaml | 3 +++ 10 files changed, 14 insertions(+), 12 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index b6dfe773a..1c26de8d9 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -3,7 +3,7 @@ appVersion: v2.7.4 kubeVersion: ">=1.23.0-0" description: A Helm chart for Argo CD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 5.35.1 +version: 5.36.0 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png sources: @@ -26,7 +26,5 @@ annotations: fingerprint: 2B8F22F57260EFA67BE1C5824B11F800CD9D2252 url: https://argoproj.github.io/argo-helm/pgp_keys.asc artifacthub.io/changes: | - - kind: changed - description: Upgrade Argo CD to v2.7.4 - kind: added - description: Update knownHosts + description: Add .Values.global.env for all deployed containers diff --git a/charts/argo-cd/README.md b/charts/argo-cd/README.md index bd3796fc4..f5a6a8865 100644 --- a/charts/argo-cd/README.md +++ b/charts/argo-cd/README.md @@ -407,6 +407,7 @@ NAME: my-release | global.affinity.podAntiAffinity | string | `"soft"` | Default pod anti-affinity rules. Either: `none`, `soft` or `hard` | | global.deploymentAnnotations | object | `{}` | Annotations for the all deployed Deployments | | global.deploymentStrategy | object | `{}` | Deployment strategy for the all deployed Deployments | +| global.env | list | `[]` | Environment variables to pass to all deployed Deployments | | global.hostAliases | list | `[]` | Mapping between IP and hostnames that will be injected as entries in the pod's hosts files | | global.image.imagePullPolicy | string | `"IfNotPresent"` | If defined, a imagePullPolicy applied to all Argo CD deployments | | global.image.repository | string | `"quay.io/argoproj/argocd"` | If defined, a repository applied to all Argo CD deployments | diff --git a/charts/argo-cd/templates/argocd-application-controller/statefulset.yaml b/charts/argo-cd/templates/argocd-application-controller/statefulset.yaml index 26b9d2f59..b671e245a 100644 --- a/charts/argo-cd/templates/argocd-application-controller/statefulset.yaml +++ b/charts/argo-cd/templates/argocd-application-controller/statefulset.yaml @@ -99,7 +99,7 @@ spec: imagePullPolicy: {{ default .Values.global.image.imagePullPolicy .Values.controller.image.imagePullPolicy }} name: {{ .Values.controller.name }} env: - {{- with .Values.controller.env }} + {{- with (concat .Values.global.env .Values.controller.env) }} {{- toYaml . | nindent 10 }} {{- end }} - name: ARGOCD_CONTROLLER_REPLICAS diff --git a/charts/argo-cd/templates/argocd-applicationset/deployment.yaml b/charts/argo-cd/templates/argocd-applicationset/deployment.yaml index f3ce127a2..3ae8410c9 100644 --- a/charts/argo-cd/templates/argocd-applicationset/deployment.yaml +++ b/charts/argo-cd/templates/argocd-applicationset/deployment.yaml @@ -79,7 +79,7 @@ spec: {{- toYaml . | nindent 12 }} {{- end }} env: - {{- with .Values.applicationSet.extraEnv }} + {{- with (concat .Values.global.env .Values.applicationSet.extraEnv) }} {{- toYaml . | nindent 12 }} {{- end }} - name: NAMESPACE diff --git a/charts/argo-cd/templates/argocd-notifications/deployment.yaml b/charts/argo-cd/templates/argocd-notifications/deployment.yaml index d3f21b02a..8df6c8bb1 100644 --- a/charts/argo-cd/templates/argocd-notifications/deployment.yaml +++ b/charts/argo-cd/templates/argocd-notifications/deployment.yaml @@ -66,7 +66,7 @@ spec: {{- range .Values.notifications.extraArgs }} - {{ . | squote }} {{- end }} - {{- with .Values.notifications.extraEnv }} + {{- with (concat .Values.global.env .Values.notifications.extraEnv) }} env: {{- toYaml . | nindent 12 }} {{- end }} diff --git a/charts/argo-cd/templates/argocd-repo-server/deployment.yaml b/charts/argo-cd/templates/argocd-repo-server/deployment.yaml index 759dc587b..f438c8b57 100755 --- a/charts/argo-cd/templates/argocd-repo-server/deployment.yaml +++ b/charts/argo-cd/templates/argocd-repo-server/deployment.yaml @@ -77,7 +77,7 @@ spec: {{- toYaml . | nindent 8 }} {{- end }} env: - {{- with .Values.repoServer.env }} + {{- with (concat .Values.global.env .Values.repoServer.env) }} {{- toYaml . | nindent 10 }} {{- end }} {{- if .Values.openshift.enabled }} diff --git a/charts/argo-cd/templates/argocd-server/deployment.yaml b/charts/argo-cd/templates/argocd-server/deployment.yaml index 62436af7f..cc9289812 100755 --- a/charts/argo-cd/templates/argocd-server/deployment.yaml +++ b/charts/argo-cd/templates/argocd-server/deployment.yaml @@ -74,7 +74,7 @@ spec: {{- toYaml . | nindent 8 }} {{- end }} env: - {{- with .Values.server.env }} + {{- with (concat .Values.global.env .Values.server.env) }} {{- toYaml . | nindent 10 }} {{- end }} - name: ARGOCD_SERVER_INSECURE diff --git a/charts/argo-cd/templates/dex/deployment.yaml b/charts/argo-cd/templates/dex/deployment.yaml index c623315f7..ce9741d2b 100755 --- a/charts/argo-cd/templates/dex/deployment.yaml +++ b/charts/argo-cd/templates/dex/deployment.yaml @@ -70,7 +70,7 @@ spec: {{- toYaml . | nindent 8 }} {{- end }} env: - {{- with .Values.dex.env }} + {{- with (concat .Values.global.env .Values.dex.env) }} {{- toYaml . | nindent 10 }} {{- end }} - name: ARGOCD_DEX_SERVER_DISABLE_TLS diff --git a/charts/argo-cd/templates/redis/deployment.yaml b/charts/argo-cd/templates/redis/deployment.yaml index bfe7c4807..ffdaed888 100755 --- a/charts/argo-cd/templates/redis/deployment.yaml +++ b/charts/argo-cd/templates/redis/deployment.yaml @@ -61,7 +61,7 @@ spec: {{- with .Values.redis.extraArgs }} {{- toYaml . | nindent 8 }} {{- end }} - {{- with .Values.redis.env }} + {{- with (concat .Values.global.env .Values.redis.env) }} env: {{- toYaml . | nindent 8 }} {{- end }} @@ -92,7 +92,7 @@ spec: value: {{ printf "redis://localhost:%v" .Values.redis.containerPorts.redis }} - name: REDIS_EXPORTER_WEB_LISTEN_ADDRESS value: {{ printf "0.0.0.0:%v" .Values.redis.containerPorts.metrics }} - {{- with .Values.redis.exporter.env }} + {{- with (concat .Values.global.env .Values.redis.exporter.env) }} {{- toYaml . | nindent 8 }} {{- end }} ports: diff --git a/charts/argo-cd/values.yaml b/charts/argo-cd/values.yaml index 531b2360c..c2dd9b525 100644 --- a/charts/argo-cd/values.yaml +++ b/charts/argo-cd/values.yaml @@ -144,6 +144,9 @@ global: # maxSurge: 25% # maxUnavailable: 25% + # -- Environment variables to pass to all deployed Deployments + env: [] + ## Argo Configs configs: # General Argo CD configuration From e7c3090cbfee94128f42568b749a36a38296a6ab Mon Sep 17 00:00:00 2001 From: Simon Hewitt Date: Wed, 7 Jun 2023 20:48:05 -0700 Subject: [PATCH 182/373] feat(argo-workflows): Add support for UI columns configuration (#2098) --- charts/argo-workflows/Chart.yaml | 6 +++--- charts/argo-workflows/README.md | 2 ++ charts/argo-workflows/README.md.gotmpl | 1 + .../controller/workflow-controller-config-map.yaml | 3 +++ charts/argo-workflows/values.yaml | 3 +++ 5 files changed, 12 insertions(+), 3 deletions(-) diff --git a/charts/argo-workflows/Chart.yaml b/charts/argo-workflows/Chart.yaml index 44ba18996..5cfc70f72 100644 --- a/charts/argo-workflows/Chart.yaml +++ b/charts/argo-workflows/Chart.yaml @@ -3,7 +3,7 @@ appVersion: v3.4.8 name: argo-workflows description: A Helm chart for Argo Workflows type: application -version: 0.29.1 +version: 0.29.2 icon: https://argoproj.github.io/argo-workflows/assets/logo.png home: https://github.com/argoproj/argo-helm sources: @@ -16,5 +16,5 @@ annotations: fingerprint: 2B8F22F57260EFA67BE1C5824B11F800CD9D2252 url: https://argoproj.github.io/argo-helm/pgp_keys.asc artifacthub.io/changes: | - - kind: fixed - description: Fixed GCS keyFormat template example in values.yaml + - kind: added + description: Add support for UI columns configuration diff --git a/charts/argo-workflows/README.md b/charts/argo-workflows/README.md index f46d10e08..6a19bba09 100644 --- a/charts/argo-workflows/README.md +++ b/charts/argo-workflows/README.md @@ -134,6 +134,7 @@ Fields to note: |-----|------|---------|-------------| | controller.affinity | object | `{}` | Assign custom [affinity] rules | | controller.clusterWorkflowTemplates.enabled | bool | `true` | Create a ClusterRole and CRB for the controller to access ClusterWorkflowTemplates. | +| controller.columns | list | `[]` | Configure Argo Server to show custom [columns] | | controller.deploymentAnnotations | object | `{}` | deploymentAnnotations is an optional map of annotations to be applied to the controller Deployment | | controller.extraArgs | list | `[]` | Extra arguments to be added to the controller | | controller.extraContainers | list | `[]` | Extra containers to be added to the controller deployment | @@ -357,6 +358,7 @@ Fields to note: [BackendConfigSpec]: https://cloud.google.com/kubernetes-engine/docs/concepts/backendconfig#backendconfigspec_v1beta1_cloudgooglecom [FrontendConfigSpec]: https://cloud.google.com/kubernetes-engine/docs/how-to/ingress-features#configuring_ingress_features_through_frontendconfig_parameters [links]: https://argoproj.github.io/argo-workflows/links/ +[columns]: https://github.com/argoproj/argo-workflows/pull/10693 [Node selector]: https://kubernetes.io/docs/user-guide/node-selection/ [Pod Disruption Budget]: https://kubernetes.io/docs/tasks/run-application/configure-pdb/ [probe]: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle/#container-probes diff --git a/charts/argo-workflows/README.md.gotmpl b/charts/argo-workflows/README.md.gotmpl index ab8554f51..8316e9a0a 100644 --- a/charts/argo-workflows/README.md.gotmpl +++ b/charts/argo-workflows/README.md.gotmpl @@ -191,6 +191,7 @@ Fields to note: [BackendConfigSpec]: https://cloud.google.com/kubernetes-engine/docs/concepts/backendconfig#backendconfigspec_v1beta1_cloudgooglecom [FrontendConfigSpec]: https://cloud.google.com/kubernetes-engine/docs/how-to/ingress-features#configuring_ingress_features_through_frontendconfig_parameters [links]: https://argoproj.github.io/argo-workflows/links/ +[columns]: https://github.com/argoproj/argo-workflows/pull/10693 [Node selector]: https://kubernetes.io/docs/user-guide/node-selection/ [Pod Disruption Budget]: https://kubernetes.io/docs/tasks/run-application/configure-pdb/ [probe]: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle/#container-probes diff --git a/charts/argo-workflows/templates/controller/workflow-controller-config-map.yaml b/charts/argo-workflows/templates/controller/workflow-controller-config-map.yaml index ef39ddc7d..22033e4cd 100644 --- a/charts/argo-workflows/templates/controller/workflow-controller-config-map.yaml +++ b/charts/argo-workflows/templates/controller/workflow-controller-config-map.yaml @@ -163,6 +163,9 @@ data: {{- with .Values.controller.links }} links: {{- toYaml . | nindent 6 }} {{- end }} + {{- with .Values.controller.columns }} + columns: {{- toYaml . | nindent 6 }} + {{- end }} {{- with .Values.controller.navColor }} navColor: {{ . }} {{- end }} diff --git a/charts/argo-workflows/values.yaml b/charts/argo-workflows/values.yaml index 8c442d97f..410ce958d 100644 --- a/charts/argo-workflows/values.yaml +++ b/charts/argo-workflows/values.yaml @@ -305,6 +305,9 @@ controller: # -- Configure Argo Server to show custom [links] ## Ref: https://argoproj.github.io/argo-workflows/links/ links: [] + # -- Configure Argo Server to show custom [columns] + ## Ref: https://github.com/argoproj/argo-workflows/pull/10693 + columns: [] # -- Set ui navigation bar background color navColor: "" clusterWorkflowTemplates: From 9a79f32cd488a97ee0f95d55da05eba397d4a2ad Mon Sep 17 00:00:00 2001 From: ausias-armesto Date: Fri, 9 Jun 2023 00:52:13 +0200 Subject: [PATCH 183/373] fix(argo-cd): Allow specify redis config file (#2100) * fix(argo-cd): Allow specify redis config file Signed-off-by: ausias-armesto * fix(argo-cd): Bump version Signed-off-by: ausias-armesto --- charts/argo-cd/Chart.yaml | 6 +++--- charts/argo-cd/templates/redis/deployment.yaml | 6 +++--- 2 files changed, 6 insertions(+), 6 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index 1c26de8d9..aaf5fab26 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -3,7 +3,7 @@ appVersion: v2.7.4 kubeVersion: ">=1.23.0-0" description: A Helm chart for Argo CD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 5.36.0 +version: 5.36.1 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png sources: @@ -26,5 +26,5 @@ annotations: fingerprint: 2B8F22F57260EFA67BE1C5824B11F800CD9D2252 url: https://argoproj.github.io/argo-helm/pgp_keys.asc artifacthub.io/changes: | - - kind: added - description: Add .Values.global.env for all deployed containers + - kind: fixed + description: Allow to specify redis.conf file diff --git a/charts/argo-cd/templates/redis/deployment.yaml b/charts/argo-cd/templates/redis/deployment.yaml index ffdaed888..419e5f316 100755 --- a/charts/argo-cd/templates/redis/deployment.yaml +++ b/charts/argo-cd/templates/redis/deployment.yaml @@ -54,13 +54,13 @@ spec: image: {{ .Values.redis.image.repository }}:{{ .Values.redis.image.tag }} imagePullPolicy: {{ default .Values.global.image.imagePullPolicy .Values.redis.image.imagePullPolicy }} args: + {{- with .Values.redis.extraArgs }} + {{- toYaml . | nindent 8 }} + {{- end }} - --save - "" - --appendonly - "no" - {{- with .Values.redis.extraArgs }} - {{- toYaml . | nindent 8 }} - {{- end }} {{- with (concat .Values.global.env .Values.redis.env) }} env: {{- toYaml . | nindent 8 }} From f8f282266cf91b6e38c8ad42b837925234ff41cb Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Sat, 10 Jun 2023 22:41:04 +0900 Subject: [PATCH 184/373] chore(deps): bump actions/checkout from 3.5.2 to 3.5.3 (#2104) Bumps [actions/checkout](https://github.com/actions/checkout) from 3.5.2 to 3.5.3. - [Release notes](https://github.com/actions/checkout/releases) - [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md) - [Commits](https://github.com/actions/checkout/compare/8e5e7e5ab8b370d6c329ec480221332ada57f0ab...c85c95e3d7251135ab7dc9ce3241c5835cc595a9) --- updated-dependencies: - dependency-name: actions/checkout dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> --- .github/workflows/lint-and-test.yml | 4 ++-- .github/workflows/publish.yml | 2 +- .github/workflows/scorecard.yml | 2 +- 3 files changed, 4 insertions(+), 4 deletions(-) diff --git a/.github/workflows/lint-and-test.yml b/.github/workflows/lint-and-test.yml index b750cc2cf..c96b4b85f 100644 --- a/.github/workflows/lint-and-test.yml +++ b/.github/workflows/lint-and-test.yml @@ -13,7 +13,7 @@ jobs: options: --user 1001 steps: - name: Checkout - uses: actions/checkout@8e5e7e5ab8b370d6c329ec480221332ada57f0ab # v3.5.2 + uses: actions/checkout@c85c95e3d7251135ab7dc9ce3241c5835cc595a9 # v3.5.3 - name: Run ah lint working-directory: ./charts run: ah lint @@ -22,7 +22,7 @@ jobs: runs-on: ubuntu-latest steps: - name: Checkout - uses: actions/checkout@8e5e7e5ab8b370d6c329ec480221332ada57f0ab # v3.5.2 + uses: actions/checkout@c85c95e3d7251135ab7dc9ce3241c5835cc595a9 # v3.5.3 with: fetch-depth: 0 diff --git a/.github/workflows/publish.yml b/.github/workflows/publish.yml index 58d7d22d5..c1d940259 100644 --- a/.github/workflows/publish.yml +++ b/.github/workflows/publish.yml @@ -15,7 +15,7 @@ jobs: runs-on: ubuntu-latest steps: - name: Checkout - uses: actions/checkout@8e5e7e5ab8b370d6c329ec480221332ada57f0ab # v3.5.2 + uses: actions/checkout@c85c95e3d7251135ab7dc9ce3241c5835cc595a9 # v3.5.3 with: fetch-depth: 0 diff --git a/.github/workflows/scorecard.yml b/.github/workflows/scorecard.yml index 4a2072698..f78b94664 100644 --- a/.github/workflows/scorecard.yml +++ b/.github/workflows/scorecard.yml @@ -33,7 +33,7 @@ jobs: steps: - name: "Checkout code" - uses: actions/checkout@8e5e7e5ab8b370d6c329ec480221332ada57f0ab # v3.5.2 + uses: actions/checkout@c85c95e3d7251135ab7dc9ce3241c5835cc595a9 # v3.5.3 with: persist-credentials: false From 04d88b65b633724646303b5a3562b74e85700c9c Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Sat, 10 Jun 2023 23:24:11 +0900 Subject: [PATCH 185/373] chore(deps): bump actions/labeler from 4.0.4 to 4.1.0 (#2103) Bumps [actions/labeler](https://github.com/actions/labeler) from 4.0.4 to 4.1.0. - [Release notes](https://github.com/actions/labeler/releases) - [Commits](https://github.com/actions/labeler/compare/0776a679364a9a16110aac8d0f40f5e11009e327...9fcb2c2f5584144ca754f8bfe8c6f81e77753375) --- updated-dependencies: - dependency-name: actions/labeler dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> --- .github/workflows/pr-sizing.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/pr-sizing.yml b/.github/workflows/pr-sizing.yml index 1b6d3699d..93cc6b018 100644 --- a/.github/workflows/pr-sizing.yml +++ b/.github/workflows/pr-sizing.yml @@ -16,7 +16,7 @@ jobs: triage: runs-on: ubuntu-latest steps: - - uses: actions/labeler@0776a679364a9a16110aac8d0f40f5e11009e327 # v4.0.4 + - uses: actions/labeler@9fcb2c2f5584144ca754f8bfe8c6f81e77753375 # v4.1.0 with: configuration-path: ".github/configs/labeler.yaml" repo-token: "${{ secrets.GITHUB_TOKEN }}" From 783439b71482bdf68ecefa92a349f337e6f2491f Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Sat, 10 Jun 2023 23:27:52 +0900 Subject: [PATCH 186/373] chore(deps): bump github/codeql-action from 2.3.6 to 2.13.4 (#2102) Bumps [github/codeql-action](https://github.com/github/codeql-action) from 2.3.6 to 2.13.4. - [Release notes](https://github.com/github/codeql-action/releases) - [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md) - [Commits](https://github.com/github/codeql-action/compare/83f0fe6c4988d98a455712a27f0255212bba9bd4...cdcdbb579706841c47f7063dda365e292e5cad7a) --- updated-dependencies: - dependency-name: github/codeql-action dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> --- .github/workflows/scorecard.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/scorecard.yml b/.github/workflows/scorecard.yml index f78b94664..6cdcfd552 100644 --- a/.github/workflows/scorecard.yml +++ b/.github/workflows/scorecard.yml @@ -68,6 +68,6 @@ jobs: # Upload the results to GitHub's code scanning dashboard. - name: "Upload to code-scanning" - uses: github/codeql-action/upload-sarif@83f0fe6c4988d98a455712a27f0255212bba9bd4 # v2.3.6 + uses: github/codeql-action/upload-sarif@cdcdbb579706841c47f7063dda365e292e5cad7a # v2.13.4 with: sarif_file: results.sarif From aec5d9d7230a53d1b1cb7651dfe6ff13feb2e2ee Mon Sep 17 00:00:00 2001 From: Jason Meridth Date: Fri, 16 Jun 2023 23:55:17 -0500 Subject: [PATCH 187/373] chore(argo-cd): upgrade argo-cd to v2.7.5 (#2108) --- charts/argo-cd/Chart.yaml | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index aaf5fab26..4746db47b 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -1,9 +1,9 @@ apiVersion: v2 -appVersion: v2.7.4 +appVersion: v2.7.5 kubeVersion: ">=1.23.0-0" description: A Helm chart for Argo CD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 5.36.1 +version: 5.36.2 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png sources: @@ -26,5 +26,5 @@ annotations: fingerprint: 2B8F22F57260EFA67BE1C5824B11F800CD9D2252 url: https://argoproj.github.io/argo-helm/pgp_keys.asc artifacthub.io/changes: | - - kind: fixed - description: Allow to specify redis.conf file + - kind: changed + description: Upgrade Argo CD to v2.7.5 From 68f24d146c3c08e64117d98e3d58a6f073ec27a5 Mon Sep 17 00:00:00 2001 From: Lukas Jost Date: Mon, 19 Jun 2023 05:31:38 +0200 Subject: [PATCH 188/373] chore(github): Generate release notes (#2115) chore: Generate release notes Signed-off-by: Lukas Jost --- .github/configs/cr.yaml | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/.github/configs/cr.yaml b/.github/configs/cr.yaml index a0d425dca..154dbfbfb 100644 --- a/.github/configs/cr.yaml +++ b/.github/configs/cr.yaml @@ -6,3 +6,7 @@ sign: true key: Argo Helm maintainers # keyring: # Set via env variable CR_KEYRING # passphrase-file: # Set via env variable CR_PASSPHRASE_FILE + +# Enable automatic generation of release notes using GitHubs release notes generator. +# see: https://docs.github.com/en/repositories/releasing-projects-on-github/automatically-generated-release-notes +generate-release-notes: true From eb968668f84c7fbffeeaf67e84f59e283338b0d8 Mon Sep 17 00:00:00 2001 From: patrickli-foxtel <123523506+patrickli-foxtel@users.noreply.github.com> Date: Tue, 20 Jun 2023 10:05:25 +1000 Subject: [PATCH 189/373] fix(argo-cd): helm lint error when `extraObjects` is defined (#2116) Fix helm lint error when `extraObjects` is defined Signed-off-by: Patrick Li --- charts/argo-cd/Chart.yaml | 6 +++--- charts/argo-cd/templates/extra-manifests.yaml | 2 +- 2 files changed, 4 insertions(+), 4 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index 4746db47b..36e500d4b 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -3,7 +3,7 @@ appVersion: v2.7.5 kubeVersion: ">=1.23.0-0" description: A Helm chart for Argo CD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 5.36.2 +version: 5.36.3 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png sources: @@ -26,5 +26,5 @@ annotations: fingerprint: 2B8F22F57260EFA67BE1C5824B11F800CD9D2252 url: https://argoproj.github.io/argo-helm/pgp_keys.asc artifacthub.io/changes: | - - kind: changed - description: Upgrade Argo CD to v2.7.5 + - kind: fixed + description: Fix helm lint error when `extraObjects` is defined diff --git a/charts/argo-cd/templates/extra-manifests.yaml b/charts/argo-cd/templates/extra-manifests.yaml index f17b1a93b..fc9a76b88 100644 --- a/charts/argo-cd/templates/extra-manifests.yaml +++ b/charts/argo-cd/templates/extra-manifests.yaml @@ -1,6 +1,6 @@ {{ range .Values.extraObjects }} --- -{{- if typeIs "string" . }} +{{ if typeIs "string" . }} {{- tpl . $ }} {{- else }} {{- tpl (toYaml .) $ }} From 7959fee689ec3a72df5c1d966044c3d93e8f414a Mon Sep 17 00:00:00 2001 From: Aikawa Date: Tue, 20 Jun 2023 22:07:27 +0900 Subject: [PATCH 190/373] chore(argo-cd): Add `app.kubernetes.io/version` label (#2122) --- charts/argo-cd/Chart.yaml | 6 +++--- charts/argo-cd/templates/_common.tpl | 3 ++- 2 files changed, 5 insertions(+), 4 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index 36e500d4b..3afd19488 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -3,7 +3,7 @@ appVersion: v2.7.5 kubeVersion: ">=1.23.0-0" description: A Helm chart for Argo CD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 5.36.3 +version: 5.36.4 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png sources: @@ -26,5 +26,5 @@ annotations: fingerprint: 2B8F22F57260EFA67BE1C5824B11F800CD9D2252 url: https://argoproj.github.io/argo-helm/pgp_keys.asc artifacthub.io/changes: | - - kind: fixed - description: Fix helm lint error when `extraObjects` is defined + - kind: added + description: Add `app.kubernetes.io/version` label diff --git a/charts/argo-cd/templates/_common.tpl b/charts/argo-cd/templates/_common.tpl index bf0c1e842..54423f999 100644 --- a/charts/argo-cd/templates/_common.tpl +++ b/charts/argo-cd/templates/_common.tpl @@ -46,6 +46,7 @@ helm.sh/chart: {{ include "argo-cd.chart" .context }} {{ include "argo-cd.selectorLabels" (dict "context" .context "component" .component "name" .name) }} app.kubernetes.io/managed-by: {{ .context.Release.Service }} app.kubernetes.io/part-of: argocd +app.kubernetes.io/version: {{ include "argo-cd.defaultTag" .context }} {{- with .context.Values.global.additionalLabels }} {{ toYaml . }} {{- end }} @@ -123,7 +124,7 @@ nodeAffinity: {{/* Common deployment strategy definition -- Recreate don't have additional fields, we need to remove them if added by the mergeOverwrite +- Recreate don't have additional fields, we need to remove them if added by the mergeOverwrite */}} {{- define "argo-cd.strategy" -}} {{- $preset := . -}} From db0484fe5182d81a91624eb5d3306d137f93433b Mon Sep 17 00:00:00 2001 From: Aikawa Date: Wed, 21 Jun 2023 13:27:33 +0900 Subject: [PATCH 191/373] chore(argo-cd): Upgrade Argo CD to v2.7.6 (#2123) --- charts/argo-cd/Chart.yaml | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index 3afd19488..35494d4dd 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -1,9 +1,9 @@ apiVersion: v2 -appVersion: v2.7.5 +appVersion: v2.7.6 kubeVersion: ">=1.23.0-0" description: A Helm chart for Argo CD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 5.36.4 +version: 5.36.5 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png sources: @@ -26,5 +26,5 @@ annotations: fingerprint: 2B8F22F57260EFA67BE1C5824B11F800CD9D2252 url: https://argoproj.github.io/argo-helm/pgp_keys.asc artifacthub.io/changes: | - - kind: added - description: Add `app.kubernetes.io/version` label + - kind: changed + description: Upgrade Argo CD to v2.7.6 From c44f10eb379a620dcbdec8bf62d88bb1d62e4919 Mon Sep 17 00:00:00 2001 From: ceguimaraes <36728438+ceguimaraes@users.noreply.github.com> Date: Wed, 21 Jun 2023 22:41:34 +1000 Subject: [PATCH 192/373] fix(argo-events): add managed namespace configuration (#2121) --- charts/argo-events/Chart.yaml | 8 +++++--- charts/argo-events/README.md | 1 + .../templates/argo-events-controller/deployment.yaml | 4 ++++ charts/argo-events/values.yaml | 2 ++ 4 files changed, 12 insertions(+), 3 deletions(-) diff --git a/charts/argo-events/Chart.yaml b/charts/argo-events/Chart.yaml index c35d0f960..bfb82ea11 100644 --- a/charts/argo-events/Chart.yaml +++ b/charts/argo-events/Chart.yaml @@ -1,8 +1,8 @@ apiVersion: v2 -appVersion: v1.7.6 +appVersion: v1.8.0 description: A Helm chart for Argo Events, the event-driven workflow automation framework name: argo-events -version: 2.3.3 +version: 2.4.0 home: https://github.com/argoproj/argo-helm icon: https://avatars.githubusercontent.com/u/30269780?s=200&v=4 keywords: @@ -18,5 +18,7 @@ annotations: fingerprint: 2B8F22F57260EFA67BE1C5824B11F800CD9D2252 url: https://argoproj.github.io/argo-helm/pgp_keys.asc artifacthub.io/changes: | + - kind: changed + description: Upgrade Argo Events to v1.8.0 - kind: added - description: Introduce chart signing + description: Add managed namespace configuration diff --git a/charts/argo-events/README.md b/charts/argo-events/README.md index f06f9d3ac..0abf2c31c 100644 --- a/charts/argo-events/README.md +++ b/charts/argo-events/README.md @@ -127,6 +127,7 @@ done | controller.podLabels | object | `{}` | Labels to be added to events controller pods | | controller.priorityClassName | string | `""` | Priority class for the events controller pods | | controller.rbac.enabled | bool | `true` | Create events controller RBAC | +| controller.rbac.managedNamespace | string | `""` | Additional namespace to be monitored by the controller | | controller.rbac.namespaced | bool | `false` | Restrict events controller to operate only in a single namespace instead of cluster-wide scope. | | controller.rbac.rules | list | `[]` | Additional user rules for event controller's rbac | | controller.readinessProbe.failureThreshold | int | `3` | Minimum consecutive failures for the [probe] to be considered failed after having succeeded | diff --git a/charts/argo-events/templates/argo-events-controller/deployment.yaml b/charts/argo-events/templates/argo-events-controller/deployment.yaml index 9b7ace1b9..a3614c732 100644 --- a/charts/argo-events/templates/argo-events-controller/deployment.yaml +++ b/charts/argo-events/templates/argo-events-controller/deployment.yaml @@ -48,6 +48,10 @@ spec: {{- if .Values.controller.rbac.namespaced }} - --namespaced {{- end }} + {{- if .Values.controller.rbac.managedNamespace }} + - --managed-namespace + - {{ .Values.controller.rbac.managedNamespace }} + {{- end }} {{- with .Values.controller.containerSecurityContext }} securityContext: {{- toYaml . | nindent 10 }} diff --git a/charts/argo-events/values.yaml b/charts/argo-events/values.yaml index 89a7323d7..faba6939b 100644 --- a/charts/argo-events/values.yaml +++ b/charts/argo-events/values.yaml @@ -138,6 +138,8 @@ controller: enabled: true # -- Restrict events controller to operate only in a single namespace instead of cluster-wide scope. namespaced: false + # -- Additional namespace to be monitored by the controller + managedNamespace: "" # -- Additional user rules for event controller's rbac rules: [] From b8c29f7db6ba38126551c1789a78763e702cde62 Mon Sep 17 00:00:00 2001 From: Tero Ahonen <85343093+teroahonen-vungle@users.noreply.github.com> Date: Wed, 21 Jun 2023 17:54:04 +0300 Subject: [PATCH 193/373] fix(argo-cd): Default applicationSet metrics port to 8085 (#2125) Change applicationSet controller metrics port to 8085 Signed-off-by: Tero Ahonen Co-authored-by: Tero Ahonen --- charts/argo-cd/Chart.yaml | 4 +++- charts/argo-cd/README.md | 2 +- charts/argo-cd/values.yaml | 2 +- 3 files changed, 5 insertions(+), 3 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index 35494d4dd..7c5c20e77 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -3,7 +3,7 @@ appVersion: v2.7.6 kubeVersion: ">=1.23.0-0" description: A Helm chart for Argo CD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 5.36.5 +version: 5.36.6 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png sources: @@ -28,3 +28,5 @@ annotations: artifacthub.io/changes: | - kind: changed description: Upgrade Argo CD to v2.7.6 + - kind: changed + description: applicationSet.containerPorts.metrics to 8085 diff --git a/charts/argo-cd/README.md b/charts/argo-cd/README.md index f5a6a8865..6d2e0b89d 100644 --- a/charts/argo-cd/README.md +++ b/charts/argo-cd/README.md @@ -1044,7 +1044,7 @@ If you want to use an existing Redis (eg. a managed service from a cloud provide | applicationSet.certificate.privateKey.size | int | `2048` | Key bit size of the private key. If algorithm is set to `Ed25519`, size is ignored. | | applicationSet.certificate.renewBefore | string | `""` (defaults to 360h = 15d if not specified) | How long before the expiry a certificate should be renewed. | | applicationSet.certificate.secretName | string | `"argocd-application-controller-tls"` | The name of the Secret that will be automatically created and managed by this Certificate resource | -| applicationSet.containerPorts.metrics | int | `8080` | Metrics container port | +| applicationSet.containerPorts.metrics | int | `8085` | Metrics container port | | applicationSet.containerPorts.probe | int | `8081` | Probe container port | | applicationSet.containerPorts.webhook | int | `7000` | Webhook container port | | applicationSet.containerSecurityContext | object | See [values.yaml] | ApplicationSet controller container-level security context | diff --git a/charts/argo-cd/values.yaml b/charts/argo-cd/values.yaml index c2dd9b525..2c3fe694e 100644 --- a/charts/argo-cd/values.yaml +++ b/charts/argo-cd/values.yaml @@ -2506,7 +2506,7 @@ applicationSet: # ApplicationSet controller container ports containerPorts: # -- Metrics container port - metrics: 8080 + metrics: 8085 # -- Probe container port probe: 8081 # -- Webhook container port From 172ce600a1d686d3de1ba4967a07a8bbe7c121f1 Mon Sep 17 00:00:00 2001 From: Marco Kilchhofer Date: Fri, 23 Jun 2023 15:59:14 +0200 Subject: [PATCH 194/373] fix(argo-cd): Revert "Default applicationSet metrics port to 8085" (#2130) Signed-off-by: Marco Kilchhofer --- charts/argo-cd/Chart.yaml | 6 +++--- charts/argo-cd/README.md | 4 ++-- charts/argo-cd/values.yaml | 4 ++-- 3 files changed, 7 insertions(+), 7 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index 7c5c20e77..edb176c78 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -3,7 +3,7 @@ appVersion: v2.7.6 kubeVersion: ">=1.23.0-0" description: A Helm chart for Argo CD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 5.36.6 +version: 5.36.7 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png sources: @@ -27,6 +27,6 @@ annotations: url: https://argoproj.github.io/argo-helm/pgp_keys.asc artifacthub.io/changes: | - kind: changed - description: Upgrade Argo CD to v2.7.6 + description: Adapt `applicationSet.containerPorts.metrics` to 8080 (revert previous release) - kind: changed - description: applicationSet.containerPorts.metrics to 8085 + description: Adapt `applicationSet.metrics.service.servicePort` to 8080 diff --git a/charts/argo-cd/README.md b/charts/argo-cd/README.md index 6d2e0b89d..cde67925b 100644 --- a/charts/argo-cd/README.md +++ b/charts/argo-cd/README.md @@ -1044,7 +1044,7 @@ If you want to use an existing Redis (eg. a managed service from a cloud provide | applicationSet.certificate.privateKey.size | int | `2048` | Key bit size of the private key. If algorithm is set to `Ed25519`, size is ignored. | | applicationSet.certificate.renewBefore | string | `""` (defaults to 360h = 15d if not specified) | How long before the expiry a certificate should be renewed. | | applicationSet.certificate.secretName | string | `"argocd-application-controller-tls"` | The name of the Secret that will be automatically created and managed by this Certificate resource | -| applicationSet.containerPorts.metrics | int | `8085` | Metrics container port | +| applicationSet.containerPorts.metrics | int | `8080` | Metrics container port | | applicationSet.containerPorts.probe | int | `8081` | Probe container port | | applicationSet.containerPorts.webhook | int | `7000` | Webhook container port | | applicationSet.containerSecurityContext | object | See [values.yaml] | ApplicationSet controller container-level security context | @@ -1075,7 +1075,7 @@ If you want to use an existing Redis (eg. a managed service from a cloud provide | applicationSet.metrics.service.clusterIP | string | `""` | Metrics service clusterIP. `None` makes a "headless service" (no virtual IP) | | applicationSet.metrics.service.labels | object | `{}` | Metrics service labels | | applicationSet.metrics.service.portName | string | `"http-metrics"` | Metrics service port name | -| applicationSet.metrics.service.servicePort | int | `8085` | Metrics service port | +| applicationSet.metrics.service.servicePort | int | `8080` | Metrics service port | | applicationSet.metrics.service.type | string | `"ClusterIP"` | Metrics service type | | applicationSet.metrics.serviceMonitor.additionalLabels | object | `{}` | Prometheus ServiceMonitor labels | | applicationSet.metrics.serviceMonitor.annotations | object | `{}` | Prometheus ServiceMonitor annotations | diff --git a/charts/argo-cd/values.yaml b/charts/argo-cd/values.yaml index 2c3fe694e..d1687b539 100644 --- a/charts/argo-cd/values.yaml +++ b/charts/argo-cd/values.yaml @@ -2433,7 +2433,7 @@ applicationSet: # -- Metrics service labels labels: {} # -- Metrics service port - servicePort: 8085 + servicePort: 8080 # -- Metrics service port name portName: http-metrics serviceMonitor: @@ -2506,7 +2506,7 @@ applicationSet: # ApplicationSet controller container ports containerPorts: # -- Metrics container port - metrics: 8085 + metrics: 8080 # -- Probe container port probe: 8081 # -- Webhook container port From 490ffa574c0917def580efafa94e810e28ce02cb Mon Sep 17 00:00:00 2001 From: frauniki Date: Sat, 24 Jun 2023 01:35:01 +0900 Subject: [PATCH 195/373] fix(argo-workflows): Change argo-workflows-server crb creation conditions (#2124) Change server's crb creation conditions Signed-off-by: frauniki Co-authored-by: Jason Meridth Co-authored-by: Aikawa --- charts/argo-workflows/Chart.yaml | 6 +++--- charts/argo-workflows/templates/server/server-crb.yaml | 2 +- 2 files changed, 4 insertions(+), 4 deletions(-) diff --git a/charts/argo-workflows/Chart.yaml b/charts/argo-workflows/Chart.yaml index 5cfc70f72..331998be1 100644 --- a/charts/argo-workflows/Chart.yaml +++ b/charts/argo-workflows/Chart.yaml @@ -3,7 +3,7 @@ appVersion: v3.4.8 name: argo-workflows description: A Helm chart for Argo Workflows type: application -version: 0.29.2 +version: 0.29.3 icon: https://argoproj.github.io/argo-workflows/assets/logo.png home: https://github.com/argoproj/argo-helm sources: @@ -16,5 +16,5 @@ annotations: fingerprint: 2B8F22F57260EFA67BE1C5824B11F800CD9D2252 url: https://argoproj.github.io/argo-helm/pgp_keys.asc artifacthub.io/changes: | - - kind: added - description: Add support for UI columns configuration + - kind: fixed + description: Modify to allow ClusterRoleBinding to be created even if the server's ServiceAccount is not created diff --git a/charts/argo-workflows/templates/server/server-crb.yaml b/charts/argo-workflows/templates/server/server-crb.yaml index ec4f6435a..e8d6511de 100644 --- a/charts/argo-workflows/templates/server/server-crb.yaml +++ b/charts/argo-workflows/templates/server/server-crb.yaml @@ -1,4 +1,4 @@ -{{- if and .Values.server.enabled .Values.server.serviceAccount.create .Values.server.rbac.create -}} +{{- if and .Values.server.enabled .Values.server.rbac.create -}} apiVersion: rbac.authorization.k8s.io/v1 {{- if .Values.singleNamespace }} kind: RoleBinding From 4ff88759c9acc9b0b77ffae239c9b6c88a552432 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Sat, 24 Jun 2023 08:18:56 -0500 Subject: [PATCH 196/373] chore(deps): bump ossf/scorecard-action from 2.1.3 to 2.2.0 (#2131) --- .github/workflows/scorecard.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/scorecard.yml b/.github/workflows/scorecard.yml index 6cdcfd552..066d3c57e 100644 --- a/.github/workflows/scorecard.yml +++ b/.github/workflows/scorecard.yml @@ -38,7 +38,7 @@ jobs: persist-credentials: false - name: "Run analysis" - uses: ossf/scorecard-action@80e868c13c90f172d68d1f4501dee99e2479f7af # v2.1.3 + uses: ossf/scorecard-action@08b4669551908b1024bb425080c797723083c031 # v2.2.0 with: results_file: results.sarif results_format: sarif From f1526ec558709387080e5967d1475f8e7d64eef7 Mon Sep 17 00:00:00 2001 From: toyamagu <83329336+toyamagu-2021@users.noreply.github.com> Date: Sun, 25 Jun 2023 07:28:46 +0900 Subject: [PATCH 197/373] fix(argo-workflows): artifactRepository will not be configured by default (#2132) (#2134) --- charts/argo-workflows/Chart.yaml | 4 +- .../ci/enable-artifact-repo-values.yaml | 46 +++++++++++++++++++ .../workflow-controller-config-map.yaml | 8 ++-- charts/argo-workflows/values.yaml | 22 ++++----- 4 files changed, 64 insertions(+), 16 deletions(-) create mode 100644 charts/argo-workflows/ci/enable-artifact-repo-values.yaml diff --git a/charts/argo-workflows/Chart.yaml b/charts/argo-workflows/Chart.yaml index 331998be1..b12335a50 100644 --- a/charts/argo-workflows/Chart.yaml +++ b/charts/argo-workflows/Chart.yaml @@ -3,7 +3,7 @@ appVersion: v3.4.8 name: argo-workflows description: A Helm chart for Argo Workflows type: application -version: 0.29.3 +version: 0.30.0 icon: https://argoproj.github.io/argo-workflows/assets/logo.png home: https://github.com/argoproj/argo-helm sources: @@ -17,4 +17,4 @@ annotations: url: https://argoproj.github.io/argo-helm/pgp_keys.asc artifacthub.io/changes: | - kind: fixed - description: Modify to allow ClusterRoleBinding to be created even if the server's ServiceAccount is not created + description: artifactRepository will not be configured by default diff --git a/charts/argo-workflows/ci/enable-artifact-repo-values.yaml b/charts/argo-workflows/ci/enable-artifact-repo-values.yaml new file mode 100644 index 000000000..c20a57751 --- /dev/null +++ b/charts/argo-workflows/ci/enable-artifact-repo-values.yaml @@ -0,0 +1,46 @@ +# Test with artifact repository +crds: + keep: false + +useStaticCredentials: true +artifactRepository: + archiveLogs: false + s3: + accessKeySecret: + name: "{{ .Release.Name }}-minio" + key: accesskey + secretKeySecret: + name: "{{ .Release.Name }}-minio" + key: secretkey + insecure: false + bucket: + endpoint: + region: + roleARN: + useSDKCreds: true + encryptionOptions: + enableEncryption: true + gcs: + bucket: project-argo + keyFormat: "{{ `{{workflow.namespace}}/{{workflow.name}}/{{pod.name}}` }}" + serviceAccountKeySecret: + name: my-gcs-credentials + key: serviceAccountKey + azure: + endpoint: https://mystorageaccountname.blob.core.windows.net + container: my-container-name + blobNameFormat: path/in/container + useSDKCreds: true + accountKeySecret: + name: my-azure-storage-credentials + key: account-access-key + +customArtifactRepository: + artifactory: + repoUrl: https://artifactory.example.com/raw + usernameSecret: + name: artifactory-creds + key: username + passwordSecret: + name: artifactory-creds + key: password diff --git a/charts/argo-workflows/templates/controller/workflow-controller-config-map.yaml b/charts/argo-workflows/templates/controller/workflow-controller-config-map.yaml index 22033e4cd..680b436fc 100644 --- a/charts/argo-workflows/templates/controller/workflow-controller-config-map.yaml +++ b/charts/argo-workflows/templates/controller/workflow-controller-config-map.yaml @@ -55,6 +55,7 @@ data: securityContext: {{- toYaml . | nindent 8 }} {{- end }} {{- end }} + {{- if or .Values.artifactRepository.s3 .Values.artifactRepository.gcs .Values.artifactRepository.azure .Values.customArtifactRepository }} artifactRepository: {{- if .Values.artifactRepository.archiveLogs }} archiveLogs: {{ .Values.artifactRepository.archiveLogs }} @@ -65,7 +66,7 @@ data: {{- with .Values.artifactRepository.azure }} azure: {{- tpl (toYaml .) $ | nindent 8 }} {{- end }} - {{- if and (not .Values.artifactRepository.gcs) (not .Values.artifactRepository.azure) }} + {{- if .Values.artifactRepository.s3 }} s3: {{- if .Values.useStaticCredentials }} accessKeySecret: @@ -95,8 +96,9 @@ data: {{- toYaml . | nindent 10 }} {{- end }} {{- end }} - {{- if .Values.customArtifactRepository }} - {{- toYaml .Values.customArtifactRepository | nindent 6 }} + {{- if .Values.customArtifactRepository }} + {{- toYaml .Values.customArtifactRepository | nindent 6 }} + {{- end }} {{- end }} {{- if .Values.controller.metricsConfig.enabled }} metricsConfig: diff --git a/charts/argo-workflows/values.yaml b/charts/argo-workflows/values.yaml index 410ce958d..21970f438 100644 --- a/charts/argo-workflows/values.yaml +++ b/charts/argo-workflows/values.yaml @@ -705,17 +705,17 @@ artifactRepository: archiveLogs: false # -- Store artifact in a S3-compliant object store # @default -- See [values.yaml] - s3: - # Note the `key` attribute is not the actual secret, it's the PATH to - # the contents in the associated secret, as defined by the `name` attribute. - accessKeySecret: - name: "{{ .Release.Name }}-minio" - key: accesskey - secretKeySecret: - name: "{{ .Release.Name }}-minio" - key: secretkey - # insecure will disable TLS. Primarily used for minio installs not configured with TLS - insecure: false + s3: {} + # # Note the `key` attribute is not the actual secret, it's the PATH to + # # the contents in the associated secret, as defined by the `name` attribute. + # accessKeySecret: + # name: "{{ .Release.Name }}-minio" + # key: accesskey + # secretKeySecret: + # name: "{{ .Release.Name }}-minio" + # key: secretkey + # # insecure will disable TLS. Primarily used for minio installs not configured with TLS + # insecure: false # bucket: # endpoint: # region: From 4d0ae17c2f8e40c60e7775c5d21ddaabdc03380e Mon Sep 17 00:00:00 2001 From: Josh Baird Date: Mon, 26 Jun 2023 10:31:20 -0400 Subject: [PATCH 198/373] feat(argo-cd): Conditionally create the argocd-cmd-params-cm ConfigMap (#2129) * Add conditional for params cm. Signed-off-by: Josh Baird * Add value for create. Signed-off-by: Josh Baird * Update CHANGELOG. Signed-off-by: Josh Baird * Extra space. Signed-off-by: Josh Baird * Update docs. Signed-off-by: Josh Baird * Extra space. Signed-off-by: Josh Baird * Bump to 5.36.9 Signed-off-by: Josh Baird --------- Signed-off-by: Josh Baird --- charts/argo-cd/Chart.yaml | 8 +++----- charts/argo-cd/README.md | 1 + .../templates/argocd-configs/argocd-cmd-params-cm.yaml | 2 ++ charts/argo-cd/values.yaml | 4 ++++ 4 files changed, 10 insertions(+), 5 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index edb176c78..ee6d023c2 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -3,7 +3,7 @@ appVersion: v2.7.6 kubeVersion: ">=1.23.0-0" description: A Helm chart for Argo CD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 5.36.7 +version: 5.36.9 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png sources: @@ -26,7 +26,5 @@ annotations: fingerprint: 2B8F22F57260EFA67BE1C5824B11F800CD9D2252 url: https://argoproj.github.io/argo-helm/pgp_keys.asc artifacthub.io/changes: | - - kind: changed - description: Adapt `applicationSet.containerPorts.metrics` to 8080 (revert previous release) - - kind: changed - description: Adapt `applicationSet.metrics.service.servicePort` to 8080 + - kind: added + description: Added `configs.params.create` value to the argo-cd chart diff --git a/charts/argo-cd/README.md b/charts/argo-cd/README.md index cde67925b..dbf3f0121 100644 --- a/charts/argo-cd/README.md +++ b/charts/argo-cd/README.md @@ -464,6 +464,7 @@ NAME: my-release | configs.params."server.staticassets" | string | `"/shared/app"` | Directory path that contains additional static assets | | configs.params."server.x.frame.options" | string | `"sameorigin"` | Set X-Frame-Options header in HTTP responses to value. To disable, set to "". | | configs.params.annotations | object | `{}` | Annotations to be added to the argocd-cmd-params-cm ConfigMap | +| configs.params.create | bool | `true` | Create the argocd-cmd-params-cm configmap If false, it is expected the configmap will be created by something else. | | configs.rbac."policy.csv" | string | `''` (See [values.yaml]) | File containing user-defined policies and role definitions. | | configs.rbac."policy.default" | string | `""` | The name of the default role which Argo CD will falls back to, when authorizing API requests (optional). If omitted or empty, users may be still be able to login, but will see no apps, projects, etc... | | configs.rbac.annotations | object | `{}` | Annotations to be added to argocd-rbac-cm configmap | diff --git a/charts/argo-cd/templates/argocd-configs/argocd-cmd-params-cm.yaml b/charts/argo-cd/templates/argocd-configs/argocd-cmd-params-cm.yaml index 18fead9bb..9d60d932f 100644 --- a/charts/argo-cd/templates/argocd-configs/argocd-cmd-params-cm.yaml +++ b/charts/argo-cd/templates/argocd-configs/argocd-cmd-params-cm.yaml @@ -1,3 +1,4 @@ +{{- if .Values.configs.params.create }} apiVersion: v1 kind: ConfigMap metadata: @@ -13,3 +14,4 @@ metadata: {{- end }} data: {{- include "argo-cd.config.params" . | trim | nindent 2 }} +{{- end }} diff --git a/charts/argo-cd/values.yaml b/charts/argo-cd/values.yaml index d1687b539..c7129babf 100644 --- a/charts/argo-cd/values.yaml +++ b/charts/argo-cd/values.yaml @@ -217,6 +217,10 @@ configs: # Argo CD configuration parameters ## Ref: https://github.com/argoproj/argo-cd/blob/master/docs/operator-manual/argocd-cmd-params-cm.yaml params: + # -- Create the argocd-cmd-params-cm configmap + # If false, it is expected the configmap will be created by something else. + create: true + # -- Annotations to be added to the argocd-cmd-params-cm ConfigMap annotations: {} From 78e99e991119b5e982a0de6eea8c3609409033a5 Mon Sep 17 00:00:00 2001 From: Josh Baird Date: Mon, 26 Jun 2023 10:53:40 -0400 Subject: [PATCH 199/373] feat(argo-cd): Add support for configuring argo-notifications log level and format (#2127) * Add env vars for notification logging. Signed-off-by: Josh Baird * Indent. Signed-off-by: Josh Baird * Update CHANGELOG. Signed-off-by: Josh Baird * Bump chart version. Signed-off-by: Josh Baird * Remove extra line. Signed-off-by: Josh Baird * Bump to 5.6.38. Signed-off-by: Josh Baird --------- Signed-off-by: Josh Baird --- charts/argo-cd/Chart.yaml | 4 ++-- .../argocd-notifications/deployment.yaml | 18 +++++++++++++++--- 2 files changed, 17 insertions(+), 5 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index ee6d023c2..484611006 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -3,7 +3,7 @@ appVersion: v2.7.6 kubeVersion: ">=1.23.0-0" description: A Helm chart for Argo CD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 5.36.9 +version: 5.36.10 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png sources: @@ -27,4 +27,4 @@ annotations: url: https://argoproj.github.io/argo-helm/pgp_keys.asc artifacthub.io/changes: | - kind: added - description: Added `configs.params.create` value to the argo-cd chart + description: Add `ARGOCD_NOTIFICATIONS_CONTROLLER_LOGLEVEL` and `ARGOCD_NOTIFICATIONS_CONTROLLER_LOGFORMAT` env vars to argo-notifications Deployment diff --git a/charts/argo-cd/templates/argocd-notifications/deployment.yaml b/charts/argo-cd/templates/argocd-notifications/deployment.yaml index 8df6c8bb1..d2eca77f4 100644 --- a/charts/argo-cd/templates/argocd-notifications/deployment.yaml +++ b/charts/argo-cd/templates/argocd-notifications/deployment.yaml @@ -66,10 +66,22 @@ spec: {{- range .Values.notifications.extraArgs }} - {{ . | squote }} {{- end }} - {{- with (concat .Values.global.env .Values.notifications.extraEnv) }} env: - {{- toYaml . | nindent 12 }} - {{- end }} + {{- with (concat .Values.global.env .Values.notifications.extraEnv) }} + {{- toYaml . | nindent 12 }} + {{- end }} + - name: ARGOCD_NOTIFICATIONS_CONTROLLER_LOGLEVEL + valueFrom: + configMapKeyRef: + key: notificationscontroller.log.level + name: argocd-cmd-params-cm + optional: true + - name: ARGOCD_NOTIFICATIONS_CONTROLLER_LOGFORMAT + valueFrom: + configMapKeyRef: + key: notificationscontroller.log.format + name: argocd-cmd-params-cm + optional: true {{- with .Values.notifications.extraEnvFrom }} envFrom: {{- toYaml . | nindent 12 }} From 675803c02dc5390440b9b13a089b4ad45e7645bb Mon Sep 17 00:00:00 2001 From: dchien234 Date: Fri, 30 Jun 2023 00:02:15 +0800 Subject: [PATCH 200/373] fix(argo-cd): fix gRPC service target port (#2138) * fix(argo-cd): update grpc service to use proper targetPort Signed-off-by: d.chien * fix(argo-cd): update Chart changelog Signed-off-by: d.chien --------- Signed-off-by: d.chien --- charts/argo-cd/Chart.yaml | 6 +++--- charts/argo-cd/templates/argocd-server/aws/service.yaml | 4 ++-- 2 files changed, 5 insertions(+), 5 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index 484611006..d000da107 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -3,7 +3,7 @@ appVersion: v2.7.6 kubeVersion: ">=1.23.0-0" description: A Helm chart for Argo CD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 5.36.10 +version: 5.36.11 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png sources: @@ -26,5 +26,5 @@ annotations: fingerprint: 2B8F22F57260EFA67BE1C5824B11F800CD9D2252 url: https://argoproj.github.io/argo-helm/pgp_keys.asc artifacthub.io/changes: | - - kind: added - description: Add `ARGOCD_NOTIFICATIONS_CONTROLLER_LOGLEVEL` and `ARGOCD_NOTIFICATIONS_CONTROLLER_LOGFORMAT` env vars to argo-notifications Deployment + - kind: changed + description: Change `targetPort` to use proper `.Values.server.containerPorts.server` value in argo-cd/argo-server for grpc Service so that AWS ALB will not fail the health check for this extra Service. diff --git a/charts/argo-cd/templates/argocd-server/aws/service.yaml b/charts/argo-cd/templates/argocd-server/aws/service.yaml index 02c543d52..e9032f92b 100644 --- a/charts/argo-cd/templates/argocd-server/aws/service.yaml +++ b/charts/argo-cd/templates/argocd-server/aws/service.yaml @@ -13,11 +13,11 @@ spec: - name: {{ .Values.server.service.servicePortHttpName }} protocol: TCP port: {{ .Values.server.service.servicePortHttp }} - targetPort: server + targetPort: {{ .Values.server.containerPorts.server }} - name: {{ .Values.server.service.servicePortHttpsName }} protocol: TCP port: {{ .Values.server.service.servicePortHttps }} - targetPort: server + targetPort: {{ .Values.server.containerPorts.server }} selector: {{- include "argo-cd.selectorLabels" (dict "context" . "name" .Values.server.name) | nindent 4 }} sessionAffinity: None From 8213fc37c0a98a0479637d52d9730c4c4a62f7e5 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Sat, 1 Jul 2023 08:39:17 -0500 Subject: [PATCH 201/373] chore(deps): bump actions/labeler from 4.1.0 to 4.2.0 (#2140) --- .github/workflows/pr-sizing.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/pr-sizing.yml b/.github/workflows/pr-sizing.yml index 93cc6b018..18a87c50e 100644 --- a/.github/workflows/pr-sizing.yml +++ b/.github/workflows/pr-sizing.yml @@ -16,7 +16,7 @@ jobs: triage: runs-on: ubuntu-latest steps: - - uses: actions/labeler@9fcb2c2f5584144ca754f8bfe8c6f81e77753375 # v4.1.0 + - uses: actions/labeler@0967ca812e7fdc8f5f71402a1b486d5bd061fe20 # v4.2.0 with: configuration-path: ".github/configs/labeler.yaml" repo-token: "${{ secrets.GITHUB_TOKEN }}" From 7c3553de9d973594369389c5256235af455e79f2 Mon Sep 17 00:00:00 2001 From: Aikawa Date: Sun, 2 Jul 2023 12:16:30 +0900 Subject: [PATCH 202/373] chore(argo-cd): Added note about Kubernetes Compatibility Matrix (#2141) --- charts/argo-cd/Chart.yaml | 6 +++--- charts/argo-cd/README.md | 3 +++ charts/argo-cd/README.md.gotmpl | 3 +++ 3 files changed, 9 insertions(+), 3 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index d000da107..eacaef396 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -3,7 +3,7 @@ appVersion: v2.7.6 kubeVersion: ">=1.23.0-0" description: A Helm chart for Argo CD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 5.36.11 +version: 5.36.12 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png sources: @@ -26,5 +26,5 @@ annotations: fingerprint: 2B8F22F57260EFA67BE1C5824B11F800CD9D2252 url: https://argoproj.github.io/argo-helm/pgp_keys.asc artifacthub.io/changes: | - - kind: changed - description: Change `targetPort` to use proper `.Values.server.containerPorts.server` value in argo-cd/argo-server for grpc Service so that AWS ALB will not fail the health check for this extra Service. + - kind: added + description: Added note about Kubernetes Compatibility Matrix diff --git a/charts/argo-cd/README.md b/charts/argo-cd/README.md index dbf3f0121..9c2d3c4a1 100644 --- a/charts/argo-cd/README.md +++ b/charts/argo-cd/README.md @@ -362,6 +362,8 @@ server: ## Prerequisites - Kubernetes: `>=1.23.0-0` + - We align with [Amazon EKS calendar][EKS EoL] because there are many AWS users and it's a conservative approach. + - Please check [Support Matrix of Argo CD][Kubernetes Compatibility Matrix] for official info. - Helm v3.0.0+ ## Installing the Chart @@ -1223,3 +1225,4 @@ Autogenerated from chart metadata using [helm-docs](https://github.com/norwoodj/ [v2.2 to 2.3 upgrade instructions]: https://github.com/argoproj/argo-cd/blob/v2.3.0/docs/operator-manual/upgrading/2.2-2.3.md [tini]: https://github.com/argoproj/argo-cd/pull/12707 [EKS EoL]: https://endoflife.date/amazon-eks +[Kubernetes Compatibility Matrix]: https://argo-cd.readthedocs.io/en/stable/operator-manual/installation/#supported-versions diff --git a/charts/argo-cd/README.md.gotmpl b/charts/argo-cd/README.md.gotmpl index 6b5efffce..f1dea7f2d 100644 --- a/charts/argo-cd/README.md.gotmpl +++ b/charts/argo-cd/README.md.gotmpl @@ -363,6 +363,8 @@ server: ## Prerequisites - {{ template "chart.kubeVersionLine" . }} + - We align with [Amazon EKS calendar][EKS EoL] because there are many AWS users and it's a conservative approach. + - Please check [Support Matrix of Argo CD][Kubernetes Compatibility Matrix] for official info. - Helm v3.0.0+ ## Installing the Chart @@ -559,3 +561,4 @@ Autogenerated from chart metadata using [helm-docs](https://github.com/norwoodj/ [v2.2 to 2.3 upgrade instructions]: https://github.com/argoproj/argo-cd/blob/v2.3.0/docs/operator-manual/upgrading/2.2-2.3.md [tini]: https://github.com/argoproj/argo-cd/pull/12707 [EKS EoL]: https://endoflife.date/amazon-eks +[Kubernetes Compatibility Matrix]: https://argo-cd.readthedocs.io/en/stable/operator-manual/installation/#supported-versions From 167c112bcbbebfd4b0c18d38c9bbb063fab7f78b Mon Sep 17 00:00:00 2001 From: Elad Shmitanka Date: Sun, 2 Jul 2023 11:07:17 +0300 Subject: [PATCH 203/373] fix(argo-cd): Add usages to ArgoCD server certificate (#2143) --- charts/argo-cd/Chart.yaml | 4 ++-- charts/argo-cd/README.md | 1 + charts/argo-cd/templates/argocd-server/certificate.yaml | 4 ++++ charts/argo-cd/values.yaml | 3 +++ 4 files changed, 10 insertions(+), 2 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index eacaef396..bec859df0 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -3,7 +3,7 @@ appVersion: v2.7.6 kubeVersion: ">=1.23.0-0" description: A Helm chart for Argo CD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 5.36.12 +version: 5.36.13 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png sources: @@ -27,4 +27,4 @@ annotations: url: https://argoproj.github.io/argo-helm/pgp_keys.asc artifacthub.io/changes: | - kind: added - description: Added note about Kubernetes Compatibility Matrix + description: Support for setting server certificate usages diff --git a/charts/argo-cd/README.md b/charts/argo-cd/README.md index 9c2d3c4a1..907cd0fe2 100644 --- a/charts/argo-cd/README.md +++ b/charts/argo-cd/README.md @@ -688,6 +688,7 @@ NAME: my-release | server.certificate.privateKey.size | int | `2048` | Key bit size of the private key. If algorithm is set to `Ed25519`, size is ignored. | | server.certificate.renewBefore | string | `""` (defaults to 360h = 15d if not specified) | How long before the expiry a certificate should be renewed. | | server.certificate.secretName | string | `"argocd-server-tls"` | The name of the Secret that will be automatically created and managed by this Certificate resource | +| server.certificate.usages | list | `[]` | Usages for the certificate | | server.certificateSecret.annotations | object | `{}` | Annotations to be added to argocd-server-tls secret | | server.certificateSecret.crt | string | `""` | Certificate data | | server.certificateSecret.enabled | bool | `false` | Create argocd-server-tls secret | diff --git a/charts/argo-cd/templates/argocd-server/certificate.yaml b/charts/argo-cd/templates/argocd-server/certificate.yaml index eec82ae6a..1ec9bb028 100644 --- a/charts/argo-cd/templates/argocd-server/certificate.yaml +++ b/charts/argo-cd/templates/argocd-server/certificate.yaml @@ -30,4 +30,8 @@ spec: privateKey: {{- toYaml . | nindent 4 }} {{- end }} + {{- with .Values.server.certificate.usages }} + usages: + {{- toYaml . | nindent 4 }} + {{- end }} {{- end }} diff --git a/charts/argo-cd/values.yaml b/charts/argo-cd/values.yaml index c7129babf..63588ea9b 100644 --- a/charts/argo-cd/values.yaml +++ b/charts/argo-cd/values.yaml @@ -1743,6 +1743,9 @@ server: algorithm: RSA # -- Key bit size of the private key. If algorithm is set to `Ed25519`, size is ignored. size: 2048 + # -- Usages for the certificate + ### Ref: https://cert-manager.io/docs/reference/api-docs/#cert-manager.io/v1.KeyUsage + usages: [] # TLS certificate configuration via Secret ## Ref: https://argo-cd.readthedocs.io/en/stable/operator-manual/tls/#tls-certificates-used-by-argocd-server From b9f610e319ee725ac602303714b774c4cc7c1be8 Mon Sep 17 00:00:00 2001 From: Laurent Lavaud Date: Mon, 3 Jul 2023 19:55:01 +0200 Subject: [PATCH 204/373] fix(argo-cd): Update `argo-cd.strategy` template (#2144) - Convert `$preset.type` to string to prevent an "incompatible types for comparison" when no strategy are defined Signed-off-by: Laurent Lavaud --- charts/argo-cd/Chart.yaml | 6 +++--- charts/argo-cd/templates/_common.tpl | 4 ++-- 2 files changed, 5 insertions(+), 5 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index bec859df0..91e3285e4 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -3,7 +3,7 @@ appVersion: v2.7.6 kubeVersion: ">=1.23.0-0" description: A Helm chart for Argo CD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 5.36.13 +version: 5.36.14 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png sources: @@ -26,5 +26,5 @@ annotations: fingerprint: 2B8F22F57260EFA67BE1C5824B11F800CD9D2252 url: https://argoproj.github.io/argo-helm/pgp_keys.asc artifacthub.io/changes: | - - kind: added - description: Support for setting server certificate usages + - kind: fixed + description: Update argo-cd.strategy template diff --git a/charts/argo-cd/templates/_common.tpl b/charts/argo-cd/templates/_common.tpl index 54423f999..f8c84c9c2 100644 --- a/charts/argo-cd/templates/_common.tpl +++ b/charts/argo-cd/templates/_common.tpl @@ -128,9 +128,9 @@ Common deployment strategy definition */}} {{- define "argo-cd.strategy" -}} {{- $preset := . -}} -{{- if (eq $preset.type "Recreate") }} +{{- if (eq (toString $preset.type) "Recreate") }} type: Recreate -{{- else if (eq $preset.type "RollingUpdate") }} +{{- else if (eq (toString $preset.type) "RollingUpdate") }} type: RollingUpdate {{- with $preset.rollingUpdate }} rollingUpdate: From 5c4506b4810eda6583cd89443903956d9c4df6ab Mon Sep 17 00:00:00 2001 From: Atkins Date: Tue, 4 Jul 2023 17:22:19 +0800 Subject: [PATCH 205/373] feat(argo-cd): remove necessary create entry in `argocd-cmd-params-cm` ConfigMap (#2146) fix(argo-cd): remove necessary `create` entry in `argocd-cmd-params-cm` ConfigMap Signed-off-by: Atkins Chang --- charts/argo-cd/Chart.yaml | 4 ++-- charts/argo-cd/templates/_helpers.tpl | 2 +- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index 91e3285e4..c84c0f907 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -3,7 +3,7 @@ appVersion: v2.7.6 kubeVersion: ">=1.23.0-0" description: A Helm chart for Argo CD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 5.36.14 +version: 5.36.15 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png sources: @@ -27,4 +27,4 @@ annotations: url: https://argoproj.github.io/argo-helm/pgp_keys.asc artifacthub.io/changes: | - kind: fixed - description: Update argo-cd.strategy template + description: Remove necessary `create` entry in `argocd-cmd-params-cm` ConfigMap diff --git a/charts/argo-cd/templates/_helpers.tpl b/charts/argo-cd/templates/_helpers.tpl index 2338d1c03..2786d6ede 100644 --- a/charts/argo-cd/templates/_helpers.tpl +++ b/charts/argo-cd/templates/_helpers.tpl @@ -207,7 +207,7 @@ applicationsetcontroller.enable.leader.election: {{ gt (.Values.applicationSet.r Merge Argo Params Configuration with Preset Configuration */}} {{- define "argo-cd.config.params" -}} -{{- $config := omit .Values.configs.params "annotations" }} +{{- $config := omit .Values.configs.params "create" "annotations" }} {{- $preset := include "argo-cd.config.params.presets" . | fromYaml | default dict -}} {{- range $key, $value := mergeOverwrite $preset $config }} {{ $key }}: {{ toString $value | toYaml }} From 5f55ef2c4cc16d4c91faaf1bdb7e0c1d7385435a Mon Sep 17 00:00:00 2001 From: Laurent Lavaud Date: Tue, 4 Jul 2023 16:07:03 +0200 Subject: [PATCH 206/373] feat(argo-cd): Update appset deployment template (#2145) - add cmd-params checksum annotation to the applicationSet deployment to trigger an automated rollout when changed. Signed-off-by: Laurent Lavaud Signed-off-by: Laurent Lavaud --- charts/argo-cd/Chart.yaml | 6 +++--- .../argo-cd/templates/argocd-applicationset/deployment.yaml | 5 +++-- 2 files changed, 6 insertions(+), 5 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index c84c0f907..513438a5c 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -3,7 +3,7 @@ appVersion: v2.7.6 kubeVersion: ">=1.23.0-0" description: A Helm chart for Argo CD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 5.36.15 +version: 5.37.0 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png sources: @@ -26,5 +26,5 @@ annotations: fingerprint: 2B8F22F57260EFA67BE1C5824B11F800CD9D2252 url: https://argoproj.github.io/argo-helm/pgp_keys.asc artifacthub.io/changes: | - - kind: fixed - description: Remove necessary `create` entry in `argocd-cmd-params-cm` ConfigMap + - kind: added + description: add applicationSet deployment cmd-params checksum diff --git a/charts/argo-cd/templates/argocd-applicationset/deployment.yaml b/charts/argo-cd/templates/argocd-applicationset/deployment.yaml index 3ae8410c9..0e00e28d4 100644 --- a/charts/argo-cd/templates/argocd-applicationset/deployment.yaml +++ b/charts/argo-cd/templates/argocd-applicationset/deployment.yaml @@ -24,12 +24,13 @@ spec: {{- include "argo-cd.selectorLabels" (dict "context" . "name" .Values.applicationSet.name) | nindent 6 }} template: metadata: - {{- with (mergeOverwrite (deepCopy .Values.global.podAnnotations) .Values.applicationSet.podAnnotations) }} annotations: + checksum/cmd-params: {{ include (print $.Template.BasePath "/argocd-configs/argocd-cmd-params-cm.yaml") . | sha256sum }} + {{- with (mergeOverwrite (deepCopy .Values.global.podAnnotations) .Values.applicationSet.podAnnotations) }} {{- range $key, $value := . }} {{ $key }}: {{ $value | quote }} {{- end }} - {{- end }} + {{- end }} labels: {{- include "argo-cd.labels" (dict "context" . "component" .Values.applicationSet.name "name" .Values.applicationSet.name) | nindent 8 }} {{- with (mergeOverwrite (deepCopy .Values.global.podLabels) .Values.applicationSet.podLabels) }} From 5e5bad5262ecad870b70d73df2465182b1e86f3d Mon Sep 17 00:00:00 2001 From: Andre Krueger <32708635+1337andre@users.noreply.github.com> Date: Thu, 6 Jul 2023 10:25:47 +0200 Subject: [PATCH 207/373] chore(argo-cd): Upgrade Argo CD to v2.7.7 (#2147) Signed-off-by: Andre Krueger <32708635+1337andre@users.noreply.github.com> --- charts/argo-cd/Chart.yaml | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index 513438a5c..cbc97da17 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -1,9 +1,9 @@ apiVersion: v2 -appVersion: v2.7.6 +appVersion: v2.7.7 kubeVersion: ">=1.23.0-0" description: A Helm chart for Argo CD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 5.37.0 +version: 5.37.1 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png sources: @@ -26,5 +26,5 @@ annotations: fingerprint: 2B8F22F57260EFA67BE1C5824B11F800CD9D2252 url: https://argoproj.github.io/argo-helm/pgp_keys.asc artifacthub.io/changes: | - - kind: added - description: add applicationSet deployment cmd-params checksum + - kind: changed + description: Upgrade Argo CD to v2.7.7 From 4f6f25198e9ebb8085c3c2a561d6750205dcb0bd Mon Sep 17 00:00:00 2001 From: Venkata Mutyala Date: Mon, 10 Jul 2023 01:14:16 -0700 Subject: [PATCH 208/373] feat(argo-cd): upgrade dexIDP from 2.36.0 -> 2.37.0 (#2155) feat: upgrade dexIDP from 2.36.0 -> 2.37.0 Signed-off-by: Venkata Mutyala --- charts/argo-cd/Chart.yaml | 4 ++-- charts/argo-cd/README.md | 2 +- charts/argo-cd/values.yaml | 2 +- 3 files changed, 4 insertions(+), 4 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index cbc97da17..32e6dfa66 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -3,7 +3,7 @@ appVersion: v2.7.7 kubeVersion: ">=1.23.0-0" description: A Helm chart for Argo CD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 5.37.1 +version: 5.38.0 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png sources: @@ -27,4 +27,4 @@ annotations: url: https://argoproj.github.io/argo-helm/pgp_keys.asc artifacthub.io/changes: | - kind: changed - description: Upgrade Argo CD to v2.7.7 + description: Upgrade dexidp from v2.36.0 to v2.37.0 diff --git a/charts/argo-cd/README.md b/charts/argo-cd/README.md index 907cd0fe2..51db48705 100644 --- a/charts/argo-cd/README.md +++ b/charts/argo-cd/README.md @@ -857,7 +857,7 @@ server: | dex.extraContainers | list | `[]` | Additional containers to be added to the dex pod | | dex.image.imagePullPolicy | string | `""` (defaults to global.image.imagePullPolicy) | Dex imagePullPolicy | | dex.image.repository | string | `"ghcr.io/dexidp/dex"` | Dex image repository | -| dex.image.tag | string | `"v2.36.0"` | Dex image tag | +| dex.image.tag | string | `"v2.37.0"` | Dex image tag | | dex.imagePullSecrets | list | `[]` (defaults to global.imagePullSecrets) | Secrets with credentials to pull images from a private registry | | dex.initContainers | list | `[]` | Init containers to add to the dex pod | | dex.initImage.imagePullPolicy | string | `""` (defaults to global.image.imagePullPolicy) | Argo CD init image imagePullPolicy | diff --git a/charts/argo-cd/values.yaml b/charts/argo-cd/values.yaml index 63588ea9b..08f3404a0 100644 --- a/charts/argo-cd/values.yaml +++ b/charts/argo-cd/values.yaml @@ -928,7 +928,7 @@ dex: # -- Dex image repository repository: ghcr.io/dexidp/dex # -- Dex image tag - tag: v2.36.0 + tag: v2.37.0 # -- Dex imagePullPolicy # @default -- `""` (defaults to global.image.imagePullPolicy) imagePullPolicy: "" From 5ec59e90fa8f03229b8c49fe6cf50fb79572b1bf Mon Sep 17 00:00:00 2001 From: gussan <83329336+toyamagu-2021@users.noreply.github.com> Date: Tue, 11 Jul 2023 21:07:08 +0900 Subject: [PATCH 209/373] feat(argo-workflows): Add support for artifactRepositoryRef (#2135) Signed-off-by: tomoki-yamaguchi Co-authored-by: Aikawa Co-authored-by: Tim Collins <45351296+tico24@users.noreply.github.com> --- charts/argo-workflows/Chart.yaml | 6 +- charts/argo-workflows/README.md | 1 + .../ci/enable-artifact-repo-ref.yaml | 41 ++++++++++++ .../artifact-repository-ref-cm.yaml | 19 ++++++ charts/argo-workflows/values.yaml | 63 ++++++++++++++++++- 5 files changed, 124 insertions(+), 6 deletions(-) create mode 100644 charts/argo-workflows/ci/enable-artifact-repo-ref.yaml create mode 100644 charts/argo-workflows/templates/controller/artifact-repository-ref-cm.yaml diff --git a/charts/argo-workflows/Chart.yaml b/charts/argo-workflows/Chart.yaml index b12335a50..ade0d8b5d 100644 --- a/charts/argo-workflows/Chart.yaml +++ b/charts/argo-workflows/Chart.yaml @@ -3,7 +3,7 @@ appVersion: v3.4.8 name: argo-workflows description: A Helm chart for Argo Workflows type: application -version: 0.30.0 +version: 0.31.0 icon: https://argoproj.github.io/argo-workflows/assets/logo.png home: https://github.com/argoproj/argo-helm sources: @@ -16,5 +16,5 @@ annotations: fingerprint: 2B8F22F57260EFA67BE1C5824B11F800CD9D2252 url: https://argoproj.github.io/argo-helm/pgp_keys.asc artifacthub.io/changes: | - - kind: fixed - description: artifactRepository will not be configured by default + - kind: added + description: Add support for artifactRepositoryRef diff --git a/charts/argo-workflows/README.md b/charts/argo-workflows/README.md index 6a19bba09..b445df25a 100644 --- a/charts/argo-workflows/README.md +++ b/charts/argo-workflows/README.md @@ -331,6 +331,7 @@ Fields to note: | artifactRepository.azure | object | `{}` (See [values.yaml]) | Store artifact in Azure Blob Storage | | artifactRepository.gcs | object | `{}` (See [values.yaml]) | Store artifact in a GCS object store | | artifactRepository.s3 | object | See [values.yaml] | Store artifact in a S3-compliant object store | +| artifactRepositoryRef | object | `{}` (See [values.yaml]) | The section of [artifact repository ref](https://argoproj.github.io/argo-workflows/artifact-repository-ref/). Each map key is the name of configmap | | customArtifactRepository | object | `{}` | The section of custom artifact repository. Utilize a custom artifact repository that is not one of the current base ones (s3, gcs, azure) | | useStaticCredentials | bool | `true` | Use static credentials for S3 (eg. when not using AWS IRSA) | diff --git a/charts/argo-workflows/ci/enable-artifact-repo-ref.yaml b/charts/argo-workflows/ci/enable-artifact-repo-ref.yaml new file mode 100644 index 000000000..54c6c5236 --- /dev/null +++ b/charts/argo-workflows/ci/enable-artifact-repo-ref.yaml @@ -0,0 +1,41 @@ +artifactRepositoryRef: + # 1st ConfigMap + artifact-repositories: + annotations: + workflows.argoproj.io/default-artifact-repository: default-v1-s3-artifact-repository + # 1st data + default-v1-s3-artifact-repository: + archiveLogs: true + s3: + bucket: my-bucket + endpoint: minio:9000 + insecure: true + accessKeySecret: + name: my-minio-cred + key: accesskey + secretKeySecret: + name: my-minio-cred + key: secretkey + # 2nd data + oss-artifact-repository: + archiveLogs: false + oss: + endpoint: http://oss-cn-zhangjiakou-internal.aliyuncs.com + bucket: $mybucket + accessKeySecret: + name: $mybucket-credentials + key: accessKey + secretKeySecret: + name: $mybucket-credentials + key: secretKey + # 2nd ConfigMap + another-artifact-repositories: + annotations: + workflows.argoproj.io/default-artifact-repository: gcs + gcs: + archiveLogs: false + bucket: my-bucket + keyFormat: prefix/in/bucket/{{workflow.name}}/{{pod.name}} + serviceAccountKeySecret: + name: my-gcs-credentials + key: serviceAccountKey diff --git a/charts/argo-workflows/templates/controller/artifact-repository-ref-cm.yaml b/charts/argo-workflows/templates/controller/artifact-repository-ref-cm.yaml new file mode 100644 index 000000000..ce7cd55b4 --- /dev/null +++ b/charts/argo-workflows/templates/controller/artifact-repository-ref-cm.yaml @@ -0,0 +1,19 @@ +{{- range $cm_name, $cm_val := .Values.artifactRepositoryRef }} +--- +apiVersion: v1 +kind: ConfigMap +metadata: + name: {{ $cm_name }} + namespace: {{ $.Release.Namespace | quote }} + labels: + {{- include "argo-workflows.labels" (dict "context" $ "component" $.Values.controller.name "name" $cm_name) | nindent 4 }} + {{- with $cm_val.annotations }} + annotations: + {{- toYaml . | nindent 4 }} + {{- end }} +data: + {{- range $data_key, $data_val := (omit $cm_val "annotations") }} + {{- $data_key | nindent 2 }}: | + {{- toYaml $data_val | nindent 4 }} + {{- end }} +{{- end }} diff --git a/charts/argo-workflows/values.yaml b/charts/argo-workflows/values.yaml index 21970f438..cd992c100 100644 --- a/charts/argo-workflows/values.yaml +++ b/charts/argo-workflows/values.yaml @@ -161,9 +161,13 @@ controller: # Only valid for 2.7+ ## See more: https://argoproj.github.io/argo-workflows/default-workflow-specs/ workflowDefaults: {} - # spec: - # ttlStrategy: - # secondsAfterCompletion: 84600 + # spec: + # ttlStrategy: + # secondsAfterCompletion: 84600 + # # Ref: https://argoproj.github.io/argo-workflows/artifact-repository-ref/ + # artifactRepositoryRef: + # configMap: my-artifact-repository # default is "artifact-repositories" + # key: v2-s3-artifact-repository # default can be set by the `workflows.argoproj.io/default-artifact-repository` annotation in config map. # -- Number of workflow workers workflowWorkers: # 32 @@ -770,6 +774,59 @@ customArtifactRepository: {} # name: artifactory-creds # key: password +# -- The section of [artifact repository ref](https://argoproj.github.io/argo-workflows/artifact-repository-ref/). +# Each map key is the name of configmap +# @default -- `{}` (See [values.yaml]) +artifactRepositoryRef: {} + # # -- 1st ConfigMap + # # If you want to use this config map by default, name it "artifact-repositories". + # # Otherwise, you can provide a reference to a + # # different config map in `artifactRepositoryRef.configMap`. + # artifact-repositories: + # # -- v3.0 and after - if you want to use a specific key, put that key into this annotation. + # annotations: + # workflows.argoproj.io/default-artifact-repository: default-v1-s3-artifact-repository + # # 1st data of configmap. See above artifactRepository or customArtifactRepository. + # default-v1-s3-artifact-repository: + # archiveLogs: false + # s3: + # bucket: my-bucket + # endpoint: minio:9000 + # insecure: true + # accessKeySecret: + # name: my-minio-cred + # key: accesskey + # secretKeySecret: + # name: my-minio-cred + # key: secretkey + # # 2nd data + # oss-artifact-repository: + # archiveLogs: false + # oss: + # endpoint: http://oss-cn-zhangjiakou-internal.aliyuncs.com + # bucket: $mybucket + # # accessKeySecret and secretKeySecret are secret selectors. + # # It references the k8s secret named 'bucket-workflow-artifect-credentials'. + # # This secret is expected to have have the keys 'accessKey' + # # and 'secretKey', containing the base64 encoded credentials + # # to the bucket. + # accessKeySecret: + # name: $mybucket-credentials + # key: accessKey + # secretKeySecret: + # name: $mybucket-credentials + # key: secretKey + # # 2nd ConfigMap + # another-artifact-repositories: + # annotations: + # workflows.argoproj.io/default-artifact-repository: gcs + # gcs: + # bucket: my-bucket + # keyFormat: prefix/in/bucket/{{workflow.name}}/{{pod.name}} + # serviceAccountKeySecret: + # name: my-gcs-credentials + # key: serviceAccountKey + emissary: # -- The command/args for each image on workflow, needed when the command is not specified and the emissary executor is used. ## See more: https://argoproj.github.io/argo-workflows/workflow-executors/#emissary-emissary From 2fb60497519698eda8f217bf9fd3534b85c1704e Mon Sep 17 00:00:00 2001 From: Amit Ben Ami Date: Tue, 11 Jul 2023 16:01:02 +0300 Subject: [PATCH 210/373] feat(argo-cd): adding annotations option for `Certificate` (#2156) * feat(certificate): adding annotations options for the `Certificate` resources Signed-off-by: Amit Ben Ami * feat: bumping the chart version Signed-off-by: Amit Ben Ami --------- Signed-off-by: Amit Ben Ami Co-authored-by: Marco Kilchhofer --- charts/argo-cd/Chart.yaml | 6 +++--- charts/argo-cd/README.md | 3 +++ .../templates/argocd-applicationset/certificate.yaml | 6 ++++++ charts/argo-cd/templates/argocd-server/certificate.yaml | 6 ++++++ charts/argo-cd/values.yaml | 7 +++++++ 5 files changed, 25 insertions(+), 3 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index 32e6dfa66..d0fcc0450 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -3,7 +3,7 @@ appVersion: v2.7.7 kubeVersion: ">=1.23.0-0" description: A Helm chart for Argo CD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 5.38.0 +version: 5.38.1 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png sources: @@ -26,5 +26,5 @@ annotations: fingerprint: 2B8F22F57260EFA67BE1C5824B11F800CD9D2252 url: https://argoproj.github.io/argo-helm/pgp_keys.asc artifacthub.io/changes: | - - kind: changed - description: Upgrade dexidp from v2.36.0 to v2.37.0 + - kind: added + description: Adding the option to set `annotations` for `Certificate` resources diff --git a/charts/argo-cd/README.md b/charts/argo-cd/README.md index 51db48705..048a62e9d 100644 --- a/charts/argo-cd/README.md +++ b/charts/argo-cd/README.md @@ -407,6 +407,7 @@ NAME: my-release | global.affinity.nodeAffinity.matchExpressions | list | `[]` | Default match expressions for node affinity | | global.affinity.nodeAffinity.type | string | `"hard"` | Default node affinity rules. Either: `none`, `soft` or `hard` | | global.affinity.podAntiAffinity | string | `"soft"` | Default pod anti-affinity rules. Either: `none`, `soft` or `hard` | +| global.certificateAnnotations | object | `{}` | Annotations for the all deployed Certificates | | global.deploymentAnnotations | object | `{}` | Annotations for the all deployed Deployments | | global.deploymentStrategy | object | `{}` | Deployment strategy for the all deployed Deployments | | global.env | list | `[]` | Environment variables to pass to all deployed Deployments | @@ -676,6 +677,7 @@ NAME: my-release | server.autoscaling.targetCPUUtilizationPercentage | int | `50` | Average CPU utilization percentage for the Argo CD server [HPA] | | server.autoscaling.targetMemoryUtilizationPercentage | int | `50` | Average memory utilization percentage for the Argo CD server [HPA] | | server.certificate.additionalHosts | list | `[]` | Certificate Subject Alternate Names (SANs) | +| server.certificate.annotations | object | `{}` | Annotations to be applied to the Server Certificate | | server.certificate.domain | string | `"argocd.example.com"` | Certificate primary domain (commonName) | | server.certificate.duration | string | `""` (defaults to 2160h = 90d if not specified) | The requested 'duration' (i.e. lifetime) of the certificate. | | server.certificate.enabled | bool | `false` | Deploy a Certificate resource (requires cert-manager) | @@ -1036,6 +1038,7 @@ If you want to use an existing Redis (eg. a managed service from a cloud provide | applicationSet.affinity | object | `{}` (defaults to global.affinity preset) | Assign custom [affinity] rules | | applicationSet.args | object | `{}` | DEPRECATED - ApplicationSet controller command line flags | | applicationSet.certificate.additionalHosts | list | `[]` | Certificate Subject Alternate Names (SANs) | +| applicationSet.certificate.annotations | object | `{}` | Annotations to be applied to the ApplicationSet Certificate | | applicationSet.certificate.domain | string | `"argocd.example.com"` | Certificate primary domain (commonName) | | applicationSet.certificate.duration | string | `""` (defaults to 2160h = 90d if not specified) | The requested 'duration' (i.e. lifetime) of the certificate. | | applicationSet.certificate.enabled | bool | `false` | Deploy a Certificate resource (requires cert-manager) | diff --git a/charts/argo-cd/templates/argocd-applicationset/certificate.yaml b/charts/argo-cd/templates/argocd-applicationset/certificate.yaml index 505a70fc8..f3b7d5d15 100644 --- a/charts/argo-cd/templates/argocd-applicationset/certificate.yaml +++ b/charts/argo-cd/templates/argocd-applicationset/certificate.yaml @@ -2,6 +2,12 @@ apiVersion: {{ include "argo-cd.apiVersion.cert-manager" . }} kind: Certificate metadata: + {{- with (mergeOverwrite (deepCopy .Values.global.certificateAnnotations) .Values.applicationSet.certificate.annotations) }} + annotations: + {{- range $key, $value := . }} + {{ $key }}: {{ $value | quote }} + {{- end }} + {{- end }} name: {{ template "argo-cd.applicationSet.fullname" . }} namespace: {{ .Release.Namespace | quote }} labels: diff --git a/charts/argo-cd/templates/argocd-server/certificate.yaml b/charts/argo-cd/templates/argocd-server/certificate.yaml index 1ec9bb028..716c38ea1 100644 --- a/charts/argo-cd/templates/argocd-server/certificate.yaml +++ b/charts/argo-cd/templates/argocd-server/certificate.yaml @@ -2,6 +2,12 @@ apiVersion: {{ include "argo-cd.apiVersion.cert-manager" . }} kind: Certificate metadata: + {{- with (mergeOverwrite (deepCopy .Values.global.certificateAnnotations) .Values.server.certificate.annotations) }} + annotations: + {{- range $key, $value := . }} + {{ $key }}: {{ $value | quote }} + {{- end }} + {{- end }} name: {{ include "argo-cd.server.fullname" . }} namespace: {{ .Release.Namespace | quote }} labels: diff --git a/charts/argo-cd/values.yaml b/charts/argo-cd/values.yaml index 08f3404a0..b6216977e 100644 --- a/charts/argo-cd/values.yaml +++ b/charts/argo-cd/values.yaml @@ -147,6 +147,9 @@ global: # -- Environment variables to pass to all deployed Deployments env: [] + # -- Annotations for the all deployed Certificates + certificateAnnotations: {} + ## Argo Configs configs: # General Argo CD configuration @@ -1743,6 +1746,8 @@ server: algorithm: RSA # -- Key bit size of the private key. If algorithm is set to `Ed25519`, size is ignored. size: 2048 + # -- Annotations to be applied to the Server Certificate + annotations: {} # -- Usages for the certificate ### Ref: https://cert-manager.io/docs/reference/api-docs/#cert-manager.io/v1.KeyUsage usages: [] @@ -2681,6 +2686,8 @@ applicationSet: algorithm: RSA # -- Key bit size of the private key. If algorithm is set to `Ed25519`, size is ignored. size: 2048 + # -- Annotations to be applied to the ApplicationSet Certificate + annotations: {} ## Notifications controller notifications: From 047ba6b24df9977ec773ca5cf0f00a70565e5c06 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Fabi=C3=A1n=20Sell=C3=A9s=20Rosa?= <1088313+Fsero@users.noreply.github.com> Date: Tue, 11 Jul 2023 17:39:35 +0200 Subject: [PATCH 211/373] feat(argocd-apps): add permitOnlyProjectScopedClusters flag (#2149) MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: Fabián Sellés Rosa <1088313+Fsero@users.noreply.github.com> --- charts/argocd-apps/Chart.yaml | 4 ++-- charts/argocd-apps/templates/projects.yaml | 3 +++ charts/argocd-apps/values.yaml | 1 + 3 files changed, 6 insertions(+), 2 deletions(-) diff --git a/charts/argocd-apps/Chart.yaml b/charts/argocd-apps/Chart.yaml index fc733b22f..8eeb0888c 100644 --- a/charts/argocd-apps/Chart.yaml +++ b/charts/argocd-apps/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v2 name: argocd-apps description: A Helm chart for managing additional Argo CD Applications and Projects type: application -version: 1.2.0 +version: 1.3.0 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png keywords: @@ -18,4 +18,4 @@ annotations: url: https://argoproj.github.io/argo-helm/pgp_keys.asc artifacthub.io/changes: | - kind: added - description: Rollout strategy for ApplicationSet + description: add permitOnlyProjectScopedClusters flag to Projects defaulting to false diff --git a/charts/argocd-apps/templates/projects.yaml b/charts/argocd-apps/templates/projects.yaml index f747d1b61..f4c273e8a 100644 --- a/charts/argocd-apps/templates/projects.yaml +++ b/charts/argocd-apps/templates/projects.yaml @@ -22,6 +22,9 @@ metadata: {{- toYaml . | nindent 4 }} {{- end }} spec: + {{- with .permitOnlyProjectScopedClusters }} + permitOnlyProjectScopedClusters: {{ . }} + {{- end }} description: {{ .description }} {{- with .sourceRepos }} sourceRepos: diff --git a/charts/argocd-apps/values.yaml b/charts/argocd-apps/values.yaml index 500849df7..0c329dfe3 100644 --- a/charts/argocd-apps/values.yaml +++ b/charts/argocd-apps/values.yaml @@ -48,6 +48,7 @@ projects: [] # namespace: argocd # additionalLabels: {} # additionalAnnotations: {} +# permitOnlyProjectScopedClusters: false # finalizers: # - resources-finalizer.argocd.argoproj.io # description: Example Project From e15b7b70185f56ae98b372eca367b437d6feb271 Mon Sep 17 00:00:00 2001 From: Angelo Ross Date: Thu, 13 Jul 2023 11:05:13 -0300 Subject: [PATCH 212/373] feat(argo-cd): Allow configuring Dex's init image resources separately (#2161) Allow configuring Dex's init image resources separately Signed-off-by: Angelo Ross --- charts/argo-cd/Chart.yaml | 4 ++-- charts/argo-cd/README.md | 1 + charts/argo-cd/templates/dex/deployment.yaml | 2 +- charts/argo-cd/values.yaml | 9 +++++++++ 4 files changed, 13 insertions(+), 3 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index d0fcc0450..bd9a8de46 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -3,7 +3,7 @@ appVersion: v2.7.7 kubeVersion: ">=1.23.0-0" description: A Helm chart for Argo CD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 5.38.1 +version: 5.39.0 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png sources: @@ -27,4 +27,4 @@ annotations: url: https://argoproj.github.io/argo-helm/pgp_keys.asc artifacthub.io/changes: | - kind: added - description: Adding the option to set `annotations` for `Certificate` resources + description: Allow configuring Dex's init image resources separately diff --git a/charts/argo-cd/README.md b/charts/argo-cd/README.md index 048a62e9d..deaad2ba2 100644 --- a/charts/argo-cd/README.md +++ b/charts/argo-cd/README.md @@ -864,6 +864,7 @@ server: | dex.initContainers | list | `[]` | Init containers to add to the dex pod | | dex.initImage.imagePullPolicy | string | `""` (defaults to global.image.imagePullPolicy) | Argo CD init image imagePullPolicy | | dex.initImage.repository | string | `""` (defaults to global.image.repository) | Argo CD init image repository | +| dex.initImage.resources | object | `{}` (defaults to dex.resources) | Argo CD init image resources | | dex.initImage.tag | string | `""` (defaults to global.image.tag) | Argo CD init image tag | | dex.livenessProbe.enabled | bool | `false` | Enable Kubernetes liveness probe for Dex >= 2.28.0 | | dex.livenessProbe.failureThreshold | int | `3` | Minimum consecutive failures for the [probe] to be considered failed after having succeeded | diff --git a/charts/argo-cd/templates/dex/deployment.yaml b/charts/argo-cd/templates/dex/deployment.yaml index ce9741d2b..abca6e142 100755 --- a/charts/argo-cd/templates/dex/deployment.yaml +++ b/charts/argo-cd/templates/dex/deployment.yaml @@ -149,7 +149,7 @@ spec: - mountPath: /tmp name: dexconfig resources: - {{- toYaml .Values.dex.resources | nindent 10 }} + {{- toYaml (default .Values.dex.resources .Values.dex.initImage.resources) | nindent 10 }} {{- with .Values.dex.containerSecurityContext }} securityContext: {{- toYaml . | nindent 10 }} diff --git a/charts/argo-cd/values.yaml b/charts/argo-cd/values.yaml index b6216977e..83ecff3eb 100644 --- a/charts/argo-cd/values.yaml +++ b/charts/argo-cd/values.yaml @@ -951,6 +951,15 @@ dex: # -- Argo CD init image imagePullPolicy # @default -- `""` (defaults to global.image.imagePullPolicy) imagePullPolicy: "" + # -- Argo CD init image resources + # @default -- `{}` (defaults to dex.resources) + resources: {} + # requests: + # cpu: 5m + # memory: 96Mi + # limits: + # cpu: 10m + # memory: 144Mi # -- Environment variables to pass to the Dex server env: [] From a7b65a37f999dc4c647611f1311c55eee16318e8 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Mon, 17 Jul 2023 15:37:43 +0900 Subject: [PATCH 213/373] chore(deps): bump helm/kind-action from 1.7.0 to 1.8.0 (#2163) Bumps [helm/kind-action](https://github.com/helm/kind-action) from 1.7.0 to 1.8.0. - [Release notes](https://github.com/helm/kind-action/releases) - [Commits](https://github.com/helm/kind-action/compare/fa81e57adff234b2908110485695db0f181f3c67...dda0770415bac9fc20092cacbc54aa298604d140) --- updated-dependencies: - dependency-name: helm/kind-action dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> --- .github/workflows/lint-and-test.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/lint-and-test.yml b/.github/workflows/lint-and-test.yml index c96b4b85f..c7c22af1a 100644 --- a/.github/workflows/lint-and-test.yml +++ b/.github/workflows/lint-and-test.yml @@ -70,7 +70,7 @@ jobs: fi - name: Create kind cluster - uses: helm/kind-action@fa81e57adff234b2908110485695db0f181f3c67 # v1.7.0 + uses: helm/kind-action@dda0770415bac9fc20092cacbc54aa298604d140 # v1.8.0 if: steps.list-changed.outputs.changed == 'true' with: config: .github/configs/kind-config.yaml From 3821d6309fb480143b833f2a68034a51630ead9e Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Mon, 17 Jul 2023 15:39:22 +0900 Subject: [PATCH 214/373] chore(deps): bump actions/labeler from 4.2.0 to 4.3.0 (#2164) Bumps [actions/labeler](https://github.com/actions/labeler) from 4.2.0 to 4.3.0. - [Release notes](https://github.com/actions/labeler/releases) - [Commits](https://github.com/actions/labeler/compare/0967ca812e7fdc8f5f71402a1b486d5bd061fe20...ac9175f8a1f3625fd0d4fb234536d26811351594) --- updated-dependencies: - dependency-name: actions/labeler dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Aikawa --- .github/workflows/pr-sizing.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/pr-sizing.yml b/.github/workflows/pr-sizing.yml index 18a87c50e..d22ac7503 100644 --- a/.github/workflows/pr-sizing.yml +++ b/.github/workflows/pr-sizing.yml @@ -16,7 +16,7 @@ jobs: triage: runs-on: ubuntu-latest steps: - - uses: actions/labeler@0967ca812e7fdc8f5f71402a1b486d5bd061fe20 # v4.2.0 + - uses: actions/labeler@ac9175f8a1f3625fd0d4fb234536d26811351594 # v4.3.0 with: configuration-path: ".github/configs/labeler.yaml" repo-token: "${{ secrets.GITHUB_TOKEN }}" From 6dab4fa326a1beb1a468ac5d4eb69aabd0942587 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Mon, 17 Jul 2023 15:53:14 +0900 Subject: [PATCH 215/373] chore(deps): bump actions/setup-python from 4.6.1 to 4.7.0 (#2165) Bumps [actions/setup-python](https://github.com/actions/setup-python) from 4.6.1 to 4.7.0. - [Release notes](https://github.com/actions/setup-python/releases) - [Commits](https://github.com/actions/setup-python/compare/bd6b4b6205c4dbad673328db7b31b7fab9e241c0...61a6322f88396a6271a6ee3565807d608ecaddd1) --- updated-dependencies: - dependency-name: actions/setup-python dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Aikawa --- .github/workflows/lint-and-test.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/lint-and-test.yml b/.github/workflows/lint-and-test.yml index c7c22af1a..bd8d22554 100644 --- a/.github/workflows/lint-and-test.yml +++ b/.github/workflows/lint-and-test.yml @@ -32,7 +32,7 @@ jobs: version: v3.10.1 # Also update in publish.yaml - name: Set up python - uses: actions/setup-python@bd6b4b6205c4dbad673328db7b31b7fab9e241c0 # v4.6.1 + uses: actions/setup-python@61a6322f88396a6271a6ee3565807d608ecaddd1 # v4.7.0 with: python-version: 3.9 From e053486fab0d0363e631d0742779d0af79a97b15 Mon Sep 17 00:00:00 2001 From: Mathieu Parent Date: Mon, 17 Jul 2023 11:56:13 +0200 Subject: [PATCH 216/373] fix(argo-cd): Ensure `app.kubernetes.io/version` label is valid (#2148) Signed-off-by: Mathieu Parent --- charts/argo-cd/Chart.yaml | 6 +++--- charts/argo-cd/templates/_common.tpl | 9 ++++++++- 2 files changed, 11 insertions(+), 4 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index bd9a8de46..b87afdd3a 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -3,7 +3,7 @@ appVersion: v2.7.7 kubeVersion: ">=1.23.0-0" description: A Helm chart for Argo CD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 5.39.0 +version: 5.39.1 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png sources: @@ -26,5 +26,5 @@ annotations: fingerprint: 2B8F22F57260EFA67BE1C5824B11F800CD9D2252 url: https://argoproj.github.io/argo-helm/pgp_keys.asc artifacthub.io/changes: | - - kind: added - description: Allow configuring Dex's init image resources separately + - kind: fixed + description: Ensure `app.kubernetes.io/version` label is valid diff --git a/charts/argo-cd/templates/_common.tpl b/charts/argo-cd/templates/_common.tpl index f8c84c9c2..4173876c6 100644 --- a/charts/argo-cd/templates/_common.tpl +++ b/charts/argo-cd/templates/_common.tpl @@ -38,6 +38,13 @@ Create Argo CD app version {{- default .Chart.AppVersion .Values.global.image.tag }} {{- end -}} +{{/* +Return valid version label +*/}} +{{- define "argo-cd.versionLabelValue" -}} +{{ regexReplaceAll "[^-A-Za-z0-9_.]" (include "argo-cd.defaultTag" .) "-" | trunc 63 | trimAll "-" | trimAll "_" | trimAll "." | quote }} +{{- end -}} + {{/* Common labels */}} @@ -46,7 +53,7 @@ helm.sh/chart: {{ include "argo-cd.chart" .context }} {{ include "argo-cd.selectorLabels" (dict "context" .context "component" .component "name" .name) }} app.kubernetes.io/managed-by: {{ .context.Release.Service }} app.kubernetes.io/part-of: argocd -app.kubernetes.io/version: {{ include "argo-cd.defaultTag" .context }} +app.kubernetes.io/version: {{ include "argo-cd.versionLabelValue" .context }} {{- with .context.Values.global.additionalLabels }} {{ toYaml . }} {{- end }} From afccb2e5d469c61b327d6f47001297b5ba079422 Mon Sep 17 00:00:00 2001 From: Zach Swanson <1272954+zswanson@users.noreply.github.com> Date: Mon, 17 Jul 2023 08:20:47 -0400 Subject: [PATCH 217/373] feat(argo-cd): allow configurable hpa metrics (#2166) * allow configurable HPA metrics Signed-off-by: Zach Swanson * update docs Signed-off-by: Zach Swanson * Update chart version and changelog Signed-off-by: Zach Swanson Signed-off-by: Zach Swanson * Fix values/readme reference to repo server Signed-off-by: Zach Swanson --------- Signed-off-by: Zach Swanson Signed-off-by: Zach Swanson Signed-off-by: Zach Swanson <1272954+zswanson@users.noreply.github.com> --- charts/argo-cd/Chart.yaml | 6 +++--- charts/argo-cd/README.md | 2 ++ charts/argo-cd/templates/argocd-repo-server/hpa.yaml | 4 ++++ charts/argo-cd/templates/argocd-server/hpa.yaml | 4 ++++ charts/argo-cd/values.yaml | 6 ++++++ 5 files changed, 19 insertions(+), 3 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index b87afdd3a..3736bba15 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -3,7 +3,7 @@ appVersion: v2.7.7 kubeVersion: ">=1.23.0-0" description: A Helm chart for Argo CD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 5.39.1 +version: 5.40.0 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png sources: @@ -26,5 +26,5 @@ annotations: fingerprint: 2B8F22F57260EFA67BE1C5824B11F800CD9D2252 url: https://argoproj.github.io/argo-helm/pgp_keys.asc artifacthub.io/changes: | - - kind: fixed - description: Ensure `app.kubernetes.io/version` label is valid + - kind: changed + description: Allow configurable metrics in server and repoServer HPAs diff --git a/charts/argo-cd/README.md b/charts/argo-cd/README.md index deaad2ba2..863ae8bbe 100644 --- a/charts/argo-cd/README.md +++ b/charts/argo-cd/README.md @@ -576,6 +576,7 @@ NAME: my-release | repoServer.autoscaling.behavior | object | `{}` | Configures the scaling behavior of the target in both Up and Down directions. This is only available on HPA apiVersion `autoscaling/v2beta2` and newer | | repoServer.autoscaling.enabled | bool | `false` | Enable Horizontal Pod Autoscaler ([HPA]) for the repo server | | repoServer.autoscaling.maxReplicas | int | `5` | Maximum number of replicas for the repo server [HPA] | +| repoServer.autoscaling.metrics | list | `[]` | Configures custom HPA metrics for the Argo CD repo server Ref: https://kubernetes.io/docs/tasks/run-application/horizontal-pod-autoscale/ | | repoServer.autoscaling.minReplicas | int | `1` | Minimum number of replicas for the repo server [HPA] | | repoServer.autoscaling.targetCPUUtilizationPercentage | int | `50` | Average CPU utilization percentage for the repo server [HPA] | | repoServer.autoscaling.targetMemoryUtilizationPercentage | int | `50` | Average memory utilization percentage for the repo server [HPA] | @@ -673,6 +674,7 @@ NAME: my-release | server.autoscaling.behavior | object | `{}` | Configures the scaling behavior of the target in both Up and Down directions. This is only available on HPA apiVersion `autoscaling/v2beta2` and newer | | server.autoscaling.enabled | bool | `false` | Enable Horizontal Pod Autoscaler ([HPA]) for the Argo CD server | | server.autoscaling.maxReplicas | int | `5` | Maximum number of replicas for the Argo CD server [HPA] | +| server.autoscaling.metrics | list | `[]` | Configures custom HPA metrics for the Argo CD server Ref: https://kubernetes.io/docs/tasks/run-application/horizontal-pod-autoscale/ | | server.autoscaling.minReplicas | int | `1` | Minimum number of replicas for the Argo CD server [HPA] | | server.autoscaling.targetCPUUtilizationPercentage | int | `50` | Average CPU utilization percentage for the Argo CD server [HPA] | | server.autoscaling.targetMemoryUtilizationPercentage | int | `50` | Average memory utilization percentage for the Argo CD server [HPA] | diff --git a/charts/argo-cd/templates/argocd-repo-server/hpa.yaml b/charts/argo-cd/templates/argocd-repo-server/hpa.yaml index 2cba83248..ef3d5e80b 100644 --- a/charts/argo-cd/templates/argocd-repo-server/hpa.yaml +++ b/charts/argo-cd/templates/argocd-repo-server/hpa.yaml @@ -14,6 +14,9 @@ spec: minReplicas: {{ .Values.repoServer.autoscaling.minReplicas }} maxReplicas: {{ .Values.repoServer.autoscaling.maxReplicas }} metrics: + {{- if .Values.repoServer.autoscaling.metrics }} + {{- toYaml .Values.repoServer.autoscaling.metrics | nindent 4 }} + {{- else }} {{- with .Values.repoServer.autoscaling.targetMemoryUtilizationPercentage }} - type: Resource resource: @@ -38,6 +41,7 @@ spec: type: Utilization {{- end }} {{- end }} + {{- end }} {{- with .Values.repoServer.autoscaling.behavior }} behavior: {{- toYaml . | nindent 4 }} diff --git a/charts/argo-cd/templates/argocd-server/hpa.yaml b/charts/argo-cd/templates/argocd-server/hpa.yaml index cbc17c319..c19b89433 100644 --- a/charts/argo-cd/templates/argocd-server/hpa.yaml +++ b/charts/argo-cd/templates/argocd-server/hpa.yaml @@ -14,6 +14,9 @@ spec: minReplicas: {{ .Values.server.autoscaling.minReplicas }} maxReplicas: {{ .Values.server.autoscaling.maxReplicas }} metrics: + {{- if .Values.server.autoscaling.metrics }} + {{ toYaml .Values.server.autoscaling.metrics | nindent 4 }} + {{- else }} {{- with .Values.server.autoscaling.targetMemoryUtilizationPercentage }} - type: Resource resource: @@ -38,6 +41,7 @@ spec: type: Utilization {{- end }} {{- end }} + {{- end}} {{- with .Values.server.autoscaling.behavior }} behavior: {{- toYaml . | nindent 4 }} diff --git a/charts/argo-cd/values.yaml b/charts/argo-cd/values.yaml index 83ecff3eb..38f9b2d7f 100644 --- a/charts/argo-cd/values.yaml +++ b/charts/argo-cd/values.yaml @@ -1476,6 +1476,9 @@ server: # - type: Pods # value: 2 # periodSeconds: 60 + # -- Configures custom HPA metrics for the Argo CD server + # Ref: https://kubernetes.io/docs/tasks/run-application/horizontal-pod-autoscale/ + metrics: [] ## Argo CD server Pod Disruption Budget ## Ref: https://kubernetes.io/docs/tasks/run-application/configure-pdb/ @@ -2043,6 +2046,9 @@ repoServer: # - type: Pods # value: 2 # periodSeconds: 60 + # -- Configures custom HPA metrics for the Argo CD repo server + # Ref: https://kubernetes.io/docs/tasks/run-application/horizontal-pod-autoscale/ + metrics: [] ## Repo server Pod Disruption Budget ## Ref: https://kubernetes.io/docs/tasks/run-application/configure-pdb/ From c2f813ec6241b016a6907238c87eadf8a9feb505 Mon Sep 17 00:00:00 2001 From: Alex Souslik Date: Tue, 18 Jul 2023 09:51:14 +0300 Subject: [PATCH 218/373] feat(argo-cd): make ServiceMonitor deployment conditional on CRD existence (#2154) * made ServiceMonitor deployment conditional on CRD existence Signed-off-by: alex-souslik-hs * remove non ArgoCD changes Signed-off-by: alex-souslik-hs * add newline Signed-off-by: Alex Souslik * Change chage description Signed-off-by: Alex Souslik * Update charts/argo-cd/Chart.yaml Co-authored-by: Marco Kilchhofer Signed-off-by: Alex Souslik --------- Signed-off-by: alex-souslik-hs Signed-off-by: Alex Souslik Co-authored-by: Marco Kilchhofer --- charts/argo-cd/Chart.yaml | 4 ++-- .../argocd-application-controller/servicemonitor.yaml | 2 +- .../templates/argocd-applicationset/servicemonitor.yaml | 2 +- .../templates/argocd-notifications/servicemonitor.yaml | 2 +- .../argo-cd/templates/argocd-repo-server/servicemonitor.yaml | 2 +- charts/argo-cd/templates/argocd-server/servicemonitor.yaml | 2 +- charts/argo-cd/templates/dex/servicemonitor.yaml | 2 +- charts/argo-cd/templates/redis/servicemonitor.yaml | 2 +- 8 files changed, 9 insertions(+), 9 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index 3736bba15..1b8a0ae18 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -3,7 +3,7 @@ appVersion: v2.7.7 kubeVersion: ">=1.23.0-0" description: A Helm chart for Argo CD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 5.40.0 +version: 5.41.0 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png sources: @@ -27,4 +27,4 @@ annotations: url: https://argoproj.github.io/argo-helm/pgp_keys.asc artifacthub.io/changes: | - kind: changed - description: Allow configurable metrics in server and repoServer HPAs + description: Make ServiceMonitor deployment conditional on CRD existence diff --git a/charts/argo-cd/templates/argocd-application-controller/servicemonitor.yaml b/charts/argo-cd/templates/argocd-application-controller/servicemonitor.yaml index 10ba77678..3ce0c10da 100644 --- a/charts/argo-cd/templates/argocd-application-controller/servicemonitor.yaml +++ b/charts/argo-cd/templates/argocd-application-controller/servicemonitor.yaml @@ -1,4 +1,4 @@ -{{- if and .Values.controller.metrics.enabled .Values.controller.metrics.serviceMonitor.enabled }} +{{- if and (.Capabilities.APIVersions.Has "monitoring.coreos.com/v1") .Values.controller.metrics.enabled .Values.controller.metrics.serviceMonitor.enabled }} apiVersion: monitoring.coreos.com/v1 kind: ServiceMonitor metadata: diff --git a/charts/argo-cd/templates/argocd-applicationset/servicemonitor.yaml b/charts/argo-cd/templates/argocd-applicationset/servicemonitor.yaml index bb814a254..b3554675a 100644 --- a/charts/argo-cd/templates/argocd-applicationset/servicemonitor.yaml +++ b/charts/argo-cd/templates/argocd-applicationset/servicemonitor.yaml @@ -1,5 +1,5 @@ {{- if .Values.applicationSet.enabled }} -{{- if and .Values.applicationSet.metrics.enabled .Values.applicationSet.metrics.serviceMonitor.enabled }} +{{- if and (.Capabilities.APIVersions.Has "monitoring.coreos.com/v1") .Values.applicationSet.metrics.enabled .Values.applicationSet.metrics.serviceMonitor.enabled }} apiVersion: monitoring.coreos.com/v1 kind: ServiceMonitor metadata: diff --git a/charts/argo-cd/templates/argocd-notifications/servicemonitor.yaml b/charts/argo-cd/templates/argocd-notifications/servicemonitor.yaml index de3cc5a35..18849886b 100644 --- a/charts/argo-cd/templates/argocd-notifications/servicemonitor.yaml +++ b/charts/argo-cd/templates/argocd-notifications/servicemonitor.yaml @@ -1,4 +1,4 @@ -{{- if and .Values.notifications.enabled .Values.notifications.metrics.enabled .Values.notifications.metrics.serviceMonitor.enabled }} +{{- if and (.Capabilities.APIVersions.Has "monitoring.coreos.com/v1") .Values.notifications.enabled .Values.notifications.metrics.enabled .Values.notifications.metrics.serviceMonitor.enabled }} apiVersion: monitoring.coreos.com/v1 kind: ServiceMonitor metadata: diff --git a/charts/argo-cd/templates/argocd-repo-server/servicemonitor.yaml b/charts/argo-cd/templates/argocd-repo-server/servicemonitor.yaml index aec96461c..c41520b72 100644 --- a/charts/argo-cd/templates/argocd-repo-server/servicemonitor.yaml +++ b/charts/argo-cd/templates/argocd-repo-server/servicemonitor.yaml @@ -1,4 +1,4 @@ -{{- if and .Values.repoServer.metrics.enabled .Values.repoServer.metrics.serviceMonitor.enabled }} +{{- if and (.Capabilities.APIVersions.Has "monitoring.coreos.com/v1") .Values.repoServer.metrics.enabled .Values.repoServer.metrics.serviceMonitor.enabled }} apiVersion: monitoring.coreos.com/v1 kind: ServiceMonitor metadata: diff --git a/charts/argo-cd/templates/argocd-server/servicemonitor.yaml b/charts/argo-cd/templates/argocd-server/servicemonitor.yaml index 65d102e3b..f876a1a18 100644 --- a/charts/argo-cd/templates/argocd-server/servicemonitor.yaml +++ b/charts/argo-cd/templates/argocd-server/servicemonitor.yaml @@ -1,4 +1,4 @@ -{{- if and .Values.server.metrics.enabled .Values.server.metrics.serviceMonitor.enabled }} +{{- if and (.Capabilities.APIVersions.Has "monitoring.coreos.com/v1") .Values.server.metrics.enabled .Values.server.metrics.serviceMonitor.enabled }} apiVersion: monitoring.coreos.com/v1 kind: ServiceMonitor metadata: diff --git a/charts/argo-cd/templates/dex/servicemonitor.yaml b/charts/argo-cd/templates/dex/servicemonitor.yaml index 21d12be25..00f2a238d 100644 --- a/charts/argo-cd/templates/dex/servicemonitor.yaml +++ b/charts/argo-cd/templates/dex/servicemonitor.yaml @@ -1,4 +1,4 @@ -{{- if and .Values.dex.metrics.enabled .Values.dex.metrics.serviceMonitor.enabled }} +{{- if and (.Capabilities.APIVersions.Has "monitoring.coreos.com/v1") .Values.dex.metrics.enabled .Values.dex.metrics.serviceMonitor.enabled }} apiVersion: monitoring.coreos.com/v1 kind: ServiceMonitor metadata: diff --git a/charts/argo-cd/templates/redis/servicemonitor.yaml b/charts/argo-cd/templates/redis/servicemonitor.yaml index 46a7e32ca..6f036a804 100644 --- a/charts/argo-cd/templates/redis/servicemonitor.yaml +++ b/charts/argo-cd/templates/redis/servicemonitor.yaml @@ -1,5 +1,5 @@ {{- $redisHa := (index .Values "redis-ha") -}} -{{- if and .Values.redis.enabled (not $redisHa.enabled) .Values.redis.metrics.enabled .Values.redis.metrics.serviceMonitor.enabled -}} +{{- if and (.Capabilities.APIVersions.Has "monitoring.coreos.com/v1") .Values.redis.enabled (not $redisHa.enabled) .Values.redis.metrics.enabled .Values.redis.metrics.serviceMonitor.enabled -}} apiVersion: monitoring.coreos.com/v1 kind: ServiceMonitor metadata: From 5f46ee820fd19e0b24c50f71aa9169be59192eac Mon Sep 17 00:00:00 2001 From: smcavallo Date: Wed, 19 Jul 2023 18:26:08 -0400 Subject: [PATCH 219/373] feat(argo-cd): Upgrade argocd to v2.7.8 (#2173) Signed-off-by: smcavallo --- charts/argo-cd/Chart.yaml | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index 1b8a0ae18..72c178b1b 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -1,9 +1,9 @@ apiVersion: v2 -appVersion: v2.7.7 +appVersion: v2.7.8 kubeVersion: ">=1.23.0-0" description: A Helm chart for Argo CD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 5.41.0 +version: 5.41.1 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png sources: @@ -27,4 +27,4 @@ annotations: url: https://argoproj.github.io/argo-helm/pgp_keys.asc artifacthub.io/changes: | - kind: changed - description: Make ServiceMonitor deployment conditional on CRD existence + description: Update to app version 2.7.8 From 000d8c71285f60c7fccc8e40bfab805da7dddebb Mon Sep 17 00:00:00 2001 From: Takuma Kume Date: Fri, 21 Jul 2023 02:26:23 +0900 Subject: [PATCH 220/373] feat(argo-rollouts): Upgrade Argo Rollouts to v1.5.1 (#2174) --- charts/argo-rollouts/Chart.yaml | 8 ++++---- charts/argo-rollouts/templates/crds/rollout-crd.yaml | 3 --- 2 files changed, 4 insertions(+), 7 deletions(-) diff --git a/charts/argo-rollouts/Chart.yaml b/charts/argo-rollouts/Chart.yaml index 671754697..62ab9f05c 100644 --- a/charts/argo-rollouts/Chart.yaml +++ b/charts/argo-rollouts/Chart.yaml @@ -1,8 +1,8 @@ apiVersion: v2 -appVersion: v1.5.0 +appVersion: v1.5.1 description: A Helm chart for Argo Rollouts name: argo-rollouts -version: 2.31.0 +version: 2.31.1 home: https://github.com/argoproj/argo-helm icon: https://argoproj.github.io/argo-rollouts/assets/logo.png keywords: @@ -18,5 +18,5 @@ annotations: fingerprint: 2B8F22F57260EFA67BE1C5824B11F800CD9D2252 url: https://argoproj.github.io/argo-helm/pgp_keys.asc artifacthub.io/changes: | - - kind: added - description: Support Traffic Router Plugins + - kind: changed + description: Update to app version 1.5.1 diff --git a/charts/argo-rollouts/templates/crds/rollout-crd.yaml b/charts/argo-rollouts/templates/crds/rollout-crd.yaml index 0fafbab35..45f59ee0c 100644 --- a/charts/argo-rollouts/templates/crds/rollout-crd.yaml +++ b/charts/argo-rollouts/templates/crds/rollout-crd.yaml @@ -3328,7 +3328,6 @@ spec: type: string required: - arn - - fullName - name type: object loadBalancer: @@ -3341,7 +3340,6 @@ spec: type: string required: - arn - - fullName - name type: object stableTargetGroup: @@ -3354,7 +3352,6 @@ spec: type: string required: - arn - - fullName - name type: object type: object From 137bb9e177f85f63a8c1214c17ec82830f069760 Mon Sep 17 00:00:00 2001 From: Jason Meridth Date: Thu, 20 Jul 2023 18:19:59 -0500 Subject: [PATCH 221/373] chore(argo-workflows): Upgrade to 3.4.9 (#2175) chore(argo-workflow): Upgrade to 3.4.9 - [ ] update CRD changes Signed-off-by: jmeridth --- charts/argo-workflows/Chart.yaml | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/charts/argo-workflows/Chart.yaml b/charts/argo-workflows/Chart.yaml index ade0d8b5d..96912cf20 100644 --- a/charts/argo-workflows/Chart.yaml +++ b/charts/argo-workflows/Chart.yaml @@ -1,9 +1,9 @@ apiVersion: v2 -appVersion: v3.4.8 +appVersion: v3.4.9 name: argo-workflows description: A Helm chart for Argo Workflows type: application -version: 0.31.0 +version: 0.32.0 icon: https://argoproj.github.io/argo-workflows/assets/logo.png home: https://github.com/argoproj/argo-helm sources: @@ -16,5 +16,5 @@ annotations: fingerprint: 2B8F22F57260EFA67BE1C5824B11F800CD9D2252 url: https://argoproj.github.io/argo-helm/pgp_keys.asc artifacthub.io/changes: | - - kind: added - description: Add support for artifactRepositoryRef + - kind: changed + description: Upgrade to Argo Workflows v3.4.9 From 83e5d83492f18c301fe62eebb56e6db98757cabb Mon Sep 17 00:00:00 2001 From: Mathieu Parent Date: Sat, 22 Jul 2023 15:46:38 +0200 Subject: [PATCH 222/373] feat(argocd-apps): syncOptions for applications (#2176) Signed-off-by: Mathieu Parent Co-authored-by: Aikawa --- charts/argocd-apps/Chart.yaml | 4 ++-- charts/argocd-apps/templates/applications.yaml | 4 ++++ charts/argocd-apps/values.yaml | 2 ++ 3 files changed, 8 insertions(+), 2 deletions(-) diff --git a/charts/argocd-apps/Chart.yaml b/charts/argocd-apps/Chart.yaml index 8eeb0888c..cc690f7f2 100644 --- a/charts/argocd-apps/Chart.yaml +++ b/charts/argocd-apps/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v2 name: argocd-apps description: A Helm chart for managing additional Argo CD Applications and Projects type: application -version: 1.3.0 +version: 1.4.0 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png keywords: @@ -18,4 +18,4 @@ annotations: url: https://argoproj.github.io/argo-helm/pgp_keys.asc artifacthub.io/changes: | - kind: added - description: add permitOnlyProjectScopedClusters flag to Projects defaulting to false + description: syncOptions for applications diff --git a/charts/argocd-apps/templates/applications.yaml b/charts/argocd-apps/templates/applications.yaml index df0ea5eb8..0cf3420bd 100644 --- a/charts/argocd-apps/templates/applications.yaml +++ b/charts/argocd-apps/templates/applications.yaml @@ -37,6 +37,10 @@ spec: syncPolicy: {{- toYaml . | nindent 4 }} {{- end }} + {{- with .syncOptions }} + syncOptions: + {{- toYaml . | nindent 4 }} + {{- end }} {{- with .revisionHistoryLimit }} revisionHistoryLimit: {{ . }} {{- end }} diff --git a/charts/argocd-apps/values.yaml b/charts/argocd-apps/values.yaml index 0c329dfe3..9311a44c6 100644 --- a/charts/argocd-apps/values.yaml +++ b/charts/argocd-apps/values.yaml @@ -30,6 +30,8 @@ applications: [] # automated: # prune: false # selfHeal: false +# syncOptions: +# - CreateNamespace=true # revisionHistoryLimit: null # ignoreDifferences: # - group: apps From 0453552b320712d20be65d9ba3f56644842dd84c Mon Sep 17 00:00:00 2001 From: Aikawa Date: Sun, 23 Jul 2023 13:25:51 +0900 Subject: [PATCH 223/373] fix(argocd-apps): fix indent of syncOptions (#2181) --- charts/argocd-apps/Chart.yaml | 4 ++-- charts/argocd-apps/ci/applications-values.yaml | 2 ++ charts/argocd-apps/templates/applications.yaml | 4 ---- charts/argocd-apps/values.yaml | 4 ++-- 4 files changed, 6 insertions(+), 8 deletions(-) diff --git a/charts/argocd-apps/Chart.yaml b/charts/argocd-apps/Chart.yaml index cc690f7f2..5494db993 100644 --- a/charts/argocd-apps/Chart.yaml +++ b/charts/argocd-apps/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v2 name: argocd-apps description: A Helm chart for managing additional Argo CD Applications and Projects type: application -version: 1.4.0 +version: 1.4.1 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png keywords: @@ -17,5 +17,5 @@ annotations: fingerprint: 2B8F22F57260EFA67BE1C5824B11F800CD9D2252 url: https://argoproj.github.io/argo-helm/pgp_keys.asc artifacthub.io/changes: | - - kind: added + - kind: fixed description: syncOptions for applications diff --git a/charts/argocd-apps/ci/applications-values.yaml b/charts/argocd-apps/ci/applications-values.yaml index 9d8b21bfb..28a627ff0 100644 --- a/charts/argocd-apps/ci/applications-values.yaml +++ b/charts/argocd-apps/ci/applications-values.yaml @@ -20,6 +20,8 @@ applications: automated: prune: false selfHeal: false + syncOptions: + - ApplyOutOfSyncOnly=true revisionHistoryLimit: null ignoreDifferences: - group: apps diff --git a/charts/argocd-apps/templates/applications.yaml b/charts/argocd-apps/templates/applications.yaml index 0cf3420bd..df0ea5eb8 100644 --- a/charts/argocd-apps/templates/applications.yaml +++ b/charts/argocd-apps/templates/applications.yaml @@ -37,10 +37,6 @@ spec: syncPolicy: {{- toYaml . | nindent 4 }} {{- end }} - {{- with .syncOptions }} - syncOptions: - {{- toYaml . | nindent 4 }} - {{- end }} {{- with .revisionHistoryLimit }} revisionHistoryLimit: {{ . }} {{- end }} diff --git a/charts/argocd-apps/values.yaml b/charts/argocd-apps/values.yaml index 9311a44c6..a79963692 100644 --- a/charts/argocd-apps/values.yaml +++ b/charts/argocd-apps/values.yaml @@ -30,8 +30,8 @@ applications: [] # automated: # prune: false # selfHeal: false -# syncOptions: -# - CreateNamespace=true +# syncOptions: +# - CreateNamespace=true # revisionHistoryLimit: null # ignoreDifferences: # - group: apps From f2da20bb753a7d9f28157f0ba39d6db62922431e Mon Sep 17 00:00:00 2001 From: Anton Gilgur <4970083+agilgur5@users.noreply.github.com> Date: Sun, 23 Jul 2023 19:48:47 -0400 Subject: [PATCH 224/373] chore(github): use table for Emeritus (#2182) - to matches how `argoproj` lists Alumni (https://github.com/argoproj/argoproj/blob/6011d3e17300d4b642a1ab5bdb3551c5f6da9021/MAINTAINERS.md?plain=1#L11) - though it has more details including role and affiliation. could do that here too, but I don't know what all those are, so left those columns out - fortunately everyone's name was listed on their profile, so just copy+paste those! - confirmed that all links work Signed-off-by: Anton Gilgur --- EMERITUS.md | 14 ++++++++------ 1 file changed, 8 insertions(+), 6 deletions(-) diff --git a/EMERITUS.md b/EMERITUS.md index 2c2996902..c0ff96740 100644 --- a/EMERITUS.md +++ b/EMERITUS.md @@ -4,9 +4,11 @@ These are the people who have been approvers in the past, and have since retired We thank them for their service to the project. -* @oliverbaehler -* @stefansedich -* @paguos -* @yann-soubeyrand -* @davidkarlsen -* @jbehling +| Emeritus | GitHub ID | +| -------- | --------- | +| Oliver Bähler | [oliverbaehler](https://github.com/oliverbaehler) | +| Stefan Sedich | [stefansedich](https://github.com/stefansedich) | +| Pablo Osinaga | [paguos](https://github.com/paguos) | +| Yann Soubeyrand | [yann-soubeyrand](https://github.com/yann-soubeyrand) | +| David J. M. Karlsen | [davidkarlsen](https://github.com/davidkarlsen) | +| John Behling | [jbehling](https://github.com/jbehling) | From 5f1d08de0b0f10a650d09609abf17b22816430d5 Mon Sep 17 00:00:00 2001 From: Artur Date: Tue, 25 Jul 2023 03:22:46 +0300 Subject: [PATCH 225/373] fix(argo-rollouts): Use annotation cont metrics (#2184) * fix(argo-rollouts): Use annotation cont metrics Signed-off-by: Artur Mudrykh * fix(argo-rollouts): add changes and bump version Signed-off-by: Artur Mudrykh * fix chart.yaml Signed-off-by: Artur Mudrykh --------- Signed-off-by: Artur Mudrykh Co-authored-by: Artur Mudrykh --- charts/argo-rollouts/Chart.yaml | 6 +++--- charts/argo-rollouts/README.md | 1 + .../argo-rollouts/templates/controller/metrics-service.yaml | 5 ++++- charts/argo-rollouts/values.yaml | 2 ++ 4 files changed, 10 insertions(+), 4 deletions(-) diff --git a/charts/argo-rollouts/Chart.yaml b/charts/argo-rollouts/Chart.yaml index 62ab9f05c..c073adcb6 100644 --- a/charts/argo-rollouts/Chart.yaml +++ b/charts/argo-rollouts/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v2 appVersion: v1.5.1 description: A Helm chart for Argo Rollouts name: argo-rollouts -version: 2.31.1 +version: 2.31.2 home: https://github.com/argoproj/argo-helm icon: https://argoproj.github.io/argo-rollouts/assets/logo.png keywords: @@ -18,5 +18,5 @@ annotations: fingerprint: 2B8F22F57260EFA67BE1C5824B11F800CD9D2252 url: https://argoproj.github.io/argo-helm/pgp_keys.asc artifacthub.io/changes: | - - kind: changed - description: Update to app version 1.5.1 + - kind: fixed + description: Fix use prometheus metrics service diff --git a/charts/argo-rollouts/README.md b/charts/argo-rollouts/README.md index 5add40c3e..4e0287795 100644 --- a/charts/argo-rollouts/README.md +++ b/charts/argo-rollouts/README.md @@ -91,6 +91,7 @@ For full list of changes please check ArtifactHub [changelog]. | controller.livenessProbe | object | See [values.yaml] | Configure liveness [probe] for the controller | | controller.metricProviderPlugins | object | `{}` | Configures 3rd party metric providers for controller | | controller.metrics.enabled | bool | `false` | Deploy metrics service | +| controller.metrics.service.annotations | object | `{}` | Service annotations | | controller.metrics.service.port | int | `8090` | Metrics service port | | controller.metrics.service.portName | string | `"metrics"` | Metrics service port name | | controller.metrics.serviceMonitor.additionalAnnotations | object | `{}` | Annotations to be added to the ServiceMonitor | diff --git a/charts/argo-rollouts/templates/controller/metrics-service.yaml b/charts/argo-rollouts/templates/controller/metrics-service.yaml index e04d326a8..671a08374 100644 --- a/charts/argo-rollouts/templates/controller/metrics-service.yaml +++ b/charts/argo-rollouts/templates/controller/metrics-service.yaml @@ -7,8 +7,11 @@ metadata: labels: app.kubernetes.io/component: {{ .Values.controller.component }} {{- include "argo-rollouts.labels" . | nindent 4 }} - {{- with .Values.serviceAnnotations }} annotations: + {{- with .Values.serviceAnnotations }} + {{- toYaml . | nindent 4 }} + {{- end }} + {{- with .Values.controller.metrics.service.annotations }} {{- toYaml . | nindent 4 }} {{- end }} spec: diff --git a/charts/argo-rollouts/values.yaml b/charts/argo-rollouts/values.yaml index b81ee53a9..f9d8e1cfe 100644 --- a/charts/argo-rollouts/values.yaml +++ b/charts/argo-rollouts/values.yaml @@ -127,6 +127,8 @@ controller: portName: metrics # -- Metrics service port port: 8090 + # -- Service annotations + annotations: {} serviceMonitor: # -- Enable a prometheus ServiceMonitor enabled: false From 278a32671bebe8ea503b7d73619b3cdf389105a2 Mon Sep 17 00:00:00 2001 From: Venkata Mutyala Date: Mon, 24 Jul 2023 19:09:41 -0700 Subject: [PATCH 226/373] chore(argo-cd): Upgrade Argo CD to v2.7.9 (#2186) feat(argo-cd): Upgrade argocd to v2.7.9 Signed-off-by: Venkata Mutyala --- charts/argo-cd/Chart.yaml | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index 72c178b1b..79b9fb030 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -1,9 +1,9 @@ apiVersion: v2 -appVersion: v2.7.8 +appVersion: v2.7.9 kubeVersion: ">=1.23.0-0" description: A Helm chart for Argo CD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 5.41.1 +version: 5.41.2 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png sources: @@ -27,4 +27,4 @@ annotations: url: https://argoproj.github.io/argo-helm/pgp_keys.asc artifacthub.io/changes: | - kind: changed - description: Update to app version 2.7.8 + description: Update to app version v2.7.9 From 98da71eb87def0ea9cb57dfe86e17c6256407cd0 Mon Sep 17 00:00:00 2001 From: Andy Cobaugh Date: Thu, 27 Jul 2023 09:57:46 -0400 Subject: [PATCH 227/373] feat(argo-workflows): allow setting executor args (#2177) --- charts/argo-workflows/Chart.yaml | 6 +++--- charts/argo-workflows/README.md | 1 + .../controller/workflow-controller-config-map.yaml | 5 ++++- charts/argo-workflows/values.yaml | 2 ++ 4 files changed, 10 insertions(+), 4 deletions(-) diff --git a/charts/argo-workflows/Chart.yaml b/charts/argo-workflows/Chart.yaml index 96912cf20..681b73b9f 100644 --- a/charts/argo-workflows/Chart.yaml +++ b/charts/argo-workflows/Chart.yaml @@ -3,7 +3,7 @@ appVersion: v3.4.9 name: argo-workflows description: A Helm chart for Argo Workflows type: application -version: 0.32.0 +version: 0.32.1 icon: https://argoproj.github.io/argo-workflows/assets/logo.png home: https://github.com/argoproj/argo-helm sources: @@ -16,5 +16,5 @@ annotations: fingerprint: 2B8F22F57260EFA67BE1C5824B11F800CD9D2252 url: https://argoproj.github.io/argo-helm/pgp_keys.asc artifacthub.io/changes: | - - kind: changed - description: Upgrade to Argo Workflows v3.4.9 + - kind: added + description: Add support for executor args diff --git a/charts/argo-workflows/README.md b/charts/argo-workflows/README.md index b445df25a..eb57fe448 100644 --- a/charts/argo-workflows/README.md +++ b/charts/argo-workflows/README.md @@ -230,6 +230,7 @@ Fields to note: | Key | Type | Default | Description | |-----|------|---------|-------------| +| executor.args | list | `[]` | Passes arguments to the executor processes | | executor.env | list | `[]` | Adds environment variables for the executor. | | executor.image.pullPolicy | string | `""` | Image PullPolicy to use for the Workflow Executors. Defaults to `.Values.images.pullPolicy`. | | executor.image.registry | string | `"quay.io"` | Registry to use for the Workflow Executors | diff --git a/charts/argo-workflows/templates/controller/workflow-controller-config-map.yaml b/charts/argo-workflows/templates/controller/workflow-controller-config-map.yaml index 680b436fc..d4728a30f 100644 --- a/charts/argo-workflows/templates/controller/workflow-controller-config-map.yaml +++ b/charts/argo-workflows/templates/controller/workflow-controller-config-map.yaml @@ -42,12 +42,15 @@ data: securityContext: {{- toYaml . | nindent 8 }} {{- end }} {{- end }} - {{- if or .Values.executor.resources .Values.executor.env .Values.executor.securityContext}} + {{- if or .Values.executor.resources .Values.executor.env .Values.executor.args .Values.executor.securityContext}} executor: imagePullPolicy: {{ default (.Values.images.pullPolicy) .Values.executor.image.pullPolicy }} {{- with .Values.executor.resources }} resources: {{- toYaml . | nindent 8 }} {{- end }} + {{- with .Values.executor.args }} + args: {{- toYaml . | nindent 8 }} + {{- end }} {{- with .Values.executor.env }} env: {{- toYaml . | nindent 8 }} {{- end }} diff --git a/charts/argo-workflows/values.yaml b/charts/argo-workflows/values.yaml index cd992c100..bfc3ce3f5 100644 --- a/charts/argo-workflows/values.yaml +++ b/charts/argo-workflows/values.yaml @@ -382,6 +382,8 @@ executor: pullPolicy: "" # -- Resource limits and requests for the Workflow Executors resources: {} + # -- Passes arguments to the executor processes + args: [] # -- Adds environment variables for the executor. env: [] # -- sets security context for the executor container From c358b5e71f8a9259d937c9bb1a6a34c9f1f478d8 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?carlos=20gonz=C3=A1lez?= Date: Thu, 27 Jul 2023 23:44:15 +0200 Subject: [PATCH 228/373] feat(argo-cd): add labels to notifications secret (#2191) (#2192) MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: carlos gonzález --- charts/argo-cd/Chart.yaml | 6 +++--- charts/argo-cd/README.md | 1 + .../argocd-configs/argocd-notifications-secret.yaml | 3 +++ charts/argo-cd/values.yaml | 3 +++ 4 files changed, 10 insertions(+), 3 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index 79b9fb030..bb9181780 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -3,7 +3,7 @@ appVersion: v2.7.9 kubeVersion: ">=1.23.0-0" description: A Helm chart for Argo CD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 5.41.2 +version: 5.42.0 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png sources: @@ -26,5 +26,5 @@ annotations: fingerprint: 2B8F22F57260EFA67BE1C5824B11F800CD9D2252 url: https://argoproj.github.io/argo-helm/pgp_keys.asc artifacthub.io/changes: | - - kind: changed - description: Update to app version v2.7.9 + - kind: added + description: Extra secret labels with .Values.notifications.secret.labels diff --git a/charts/argo-cd/README.md b/charts/argo-cd/README.md index 863ae8bbe..79d134b66 100644 --- a/charts/argo-cd/README.md +++ b/charts/argo-cd/README.md @@ -1195,6 +1195,7 @@ If you want to use an existing Redis (eg. a managed service from a cloud provide | notifications.secret.annotations | object | `{}` | key:value pairs of annotations to be added to the secret | | notifications.secret.create | bool | `true` | Whether helm chart creates notifications controller secret | | notifications.secret.items | object | `{}` | Generic key:value pairs to be inserted into the secret | +| notifications.secret.labels | object | `{}` | key:value pairs of labels to be added to the secret | | notifications.serviceAccount.annotations | object | `{}` | Annotations applied to created service account | | notifications.serviceAccount.automountServiceAccountToken | bool | `true` | Automount API credentials for the Service Account | | notifications.serviceAccount.create | bool | `true` | Create notifications controller service account | diff --git a/charts/argo-cd/templates/argocd-configs/argocd-notifications-secret.yaml b/charts/argo-cd/templates/argocd-configs/argocd-notifications-secret.yaml index cde4d555b..75027ed5a 100644 --- a/charts/argo-cd/templates/argocd-configs/argocd-notifications-secret.yaml +++ b/charts/argo-cd/templates/argocd-configs/argocd-notifications-secret.yaml @@ -6,6 +6,9 @@ metadata: namespace: {{ .Release.Namespace | quote }} labels: {{- include "argo-cd.labels" (dict "context" . "component" .Values.notifications.name "name" .Values.notifications.name) | nindent 4 }} + {{- with .Values.notifications.secret.labels }} + {{- toYaml . | nindent 4 }} + {{- end }} {{- with .Values.notifications.secret.annotations }} annotations: {{- range $key, $value := . }} diff --git a/charts/argo-cd/values.yaml b/charts/argo-cd/values.yaml index 38f9b2d7f..aa0716441 100644 --- a/charts/argo-cd/values.yaml +++ b/charts/argo-cd/values.yaml @@ -2795,6 +2795,9 @@ notifications: # -- key:value pairs of annotations to be added to the secret annotations: {} + # -- key:value pairs of labels to be added to the secret + labels: {} + # -- Generic key:value pairs to be inserted into the secret ## Can be used for templates, notification services etc. Some examples given below. ## For more information: https://argocd-notifications.readthedocs.io/en/stable/services/overview/ From 4ebeac0d8c89582f81cd9ab2daee1b158ad01cbf Mon Sep 17 00:00:00 2001 From: Aikawa Date: Tue, 1 Aug 2023 14:57:18 +0900 Subject: [PATCH 229/373] chore(argo-cd): Upgrade Argo CD to v2.7.10 (#2197) Signed-off-by: yu-croco --- charts/argo-cd/Chart.yaml | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index bb9181780..a78601a5e 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -1,9 +1,9 @@ apiVersion: v2 -appVersion: v2.7.9 +appVersion: v2.7.10 kubeVersion: ">=1.23.0-0" description: A Helm chart for Argo CD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 5.42.0 +version: 5.42.1 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png sources: @@ -26,5 +26,5 @@ annotations: fingerprint: 2B8F22F57260EFA67BE1C5824B11F800CD9D2252 url: https://argoproj.github.io/argo-helm/pgp_keys.asc artifacthub.io/changes: | - - kind: added - description: Extra secret labels with .Values.notifications.secret.labels + - kind: changed + description: Upgrade Argo CD to v2.7.10 From 962342fe2acef6022ac5c1a3eb352b336308b3eb Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Gr=C3=A9gory=20SANCHEZ?= Date: Tue, 1 Aug 2023 11:07:17 +0200 Subject: [PATCH 230/373] fix(argo-rollouts): fix helm lint error when extraObjects is defined (#2196) MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit fix(extra-manifests): fix helm lint error when extraObjecrts is defined Signed-off-by: Grégory SANCHEZ Co-authored-by: Jason Meridth --- charts/argo-rollouts/Chart.yaml | 4 ++-- charts/argo-rollouts/templates/extra-manifests.yaml | 2 +- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/charts/argo-rollouts/Chart.yaml b/charts/argo-rollouts/Chart.yaml index c073adcb6..1846575db 100644 --- a/charts/argo-rollouts/Chart.yaml +++ b/charts/argo-rollouts/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v2 appVersion: v1.5.1 description: A Helm chart for Argo Rollouts name: argo-rollouts -version: 2.31.2 +version: 2.31.3 home: https://github.com/argoproj/argo-helm icon: https://argoproj.github.io/argo-rollouts/assets/logo.png keywords: @@ -19,4 +19,4 @@ annotations: url: https://argoproj.github.io/argo-helm/pgp_keys.asc artifacthub.io/changes: | - kind: fixed - description: Fix use prometheus metrics service + description: Fix helm lint error when `extraObjects` is defined diff --git a/charts/argo-rollouts/templates/extra-manifests.yaml b/charts/argo-rollouts/templates/extra-manifests.yaml index f17b1a93b..fc9a76b88 100644 --- a/charts/argo-rollouts/templates/extra-manifests.yaml +++ b/charts/argo-rollouts/templates/extra-manifests.yaml @@ -1,6 +1,6 @@ {{ range .Values.extraObjects }} --- -{{- if typeIs "string" . }} +{{ if typeIs "string" . }} {{- tpl . $ }} {{- else }} {{- tpl (toYaml .) $ }} From f0ac0b7cf400f9f00005e9436de41881a584547d Mon Sep 17 00:00:00 2001 From: Petr Drastil Date: Sat, 5 Aug 2023 12:16:40 +0200 Subject: [PATCH 231/373] fix(argo-cd): Template configuration keys as a string instead of map (#2205) --- charts/argo-cd/Chart.yaml | 6 ++--- charts/argo-cd/templates/_helpers.tpl | 37 +++++++++++++++------------ 2 files changed, 23 insertions(+), 20 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index a78601a5e..8a4769acc 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -3,7 +3,7 @@ appVersion: v2.7.10 kubeVersion: ">=1.23.0-0" description: A Helm chart for Argo CD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 5.42.1 +version: 5.42.2 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png sources: @@ -26,5 +26,5 @@ annotations: fingerprint: 2B8F22F57260EFA67BE1C5824B11F800CD9D2252 url: https://argoproj.github.io/argo-helm/pgp_keys.asc artifacthub.io/changes: | - - kind: changed - description: Upgrade Argo CD to v2.7.10 + - kind: fixed + description: Templates for global presets properly renders keys as a string instead of map diff --git a/charts/argo-cd/templates/_helpers.tpl b/charts/argo-cd/templates/_helpers.tpl index 2786d6ede..c4c814daf 100644 --- a/charts/argo-cd/templates/_helpers.tpl +++ b/charts/argo-cd/templates/_helpers.tpl @@ -162,9 +162,11 @@ Create the name of the notifications service account to use Argo Configuration Preset Values (Incluenced by Values configuration) */}} {{- define "argo-cd.config.cm.presets" -}} +{{- $presets := dict -}} {{- if .Values.configs.styles -}} -ui.cssurl: "./custom/custom.styles.css" +{{- $_ := set $presets "ui.cssurl" "./custom/custom.styles.css" -}} {{- end -}} +{{- toYaml $presets }} {{- end -}} {{/* @@ -183,24 +185,25 @@ Merge Argo Configuration with Preset Configuration {{/* Argo Params Default Configuration Presets +NOTE: Configuration keys must be stored as dict because YAML treats dot as separator */}} {{- define "argo-cd.config.params.presets" -}} -repo.server: "{{ include "argo-cd.repoServer.fullname" . }}:{{ .Values.repoServer.service.port }}" -server.repo.server.strict.tls: {{ .Values.repoServer.certificateSecret.enabled | toString }} -{{- with include "argo-cd.redis.server" . }} -redis.server: {{ . | quote }} -{{- end }} -{{- if .Values.dex.enabled }} -server.dex.server: {{ include "argo-cd.dex.server" . | quote }} -server.dex.server.strict.tls: {{ .Values.dex.certificateSecret.enabled | toString }} -{{- end }} -{{- range $component := tuple "applicationsetcontroller" "controller" "server" "reposerver" }} -{{ $component }}.log.format: {{ $.Values.global.logging.format | quote }} -{{ $component }}.log.level: {{ $.Values.global.logging.level | quote }} -{{- end }} -{{- if .Values.applicationSet.enabled }} -applicationsetcontroller.enable.leader.election: {{ gt (.Values.applicationSet.replicaCount | int64) 1 }} -{{- end }} +{{- $presets := dict -}} +{{- $_ := set $presets "repo.server" (printf "%s:%s" (include "argo-cd.repoServer.fullname" .) (.Values.repoServer.service.port | toString)) -}} +{{- $_ := set $presets "server.repo.server.strict.tls" (.Values.repoServer.certificateSecret.enabled | toString ) -}} +{{- $_ := set $presets "redis.server" (include "argo-cd.redis.server" .) -}} +{{- if .Values.dex.enabled -}} +{{- $_ := set $presets "server.dex.server" (include "argo-cd.dex.server" .) -}} +{{- $_ := set $presets "server.dex.server.strict.tls" .Values.dex.certificateSecret.enabled -}} +{{- end -}} +{{- range $component := tuple "applicationsetcontroller" "controller" "server" "reposerver" -}} +{{- $_ := set $presets (printf "%s.log.format" $component) $.Values.global.logging.format -}} +{{- $_ := set $presets (printf "%s.log.format" $component) $.Values.global.logging.format -}} +{{- end -}} +{{- if .Values.applicationSet.enabled -}} +{{- $_ := set $presets "applicationsetcontroller.enable.leader.election" (gt (.Values.applicationSet.replicaCount | int64) 1) -}} +{{- end -}} +{{- toYaml $presets }} {{- end -}} {{/* From eae0bdd87117c2eb5e4f666196b6886f13b3f999 Mon Sep 17 00:00:00 2001 From: Aikawa Date: Sat, 5 Aug 2023 19:26:24 +0900 Subject: [PATCH 232/373] fix(argo-rollouts): Add required ingress permission (#2207) --- charts/argo-rollouts/Chart.yaml | 4 ++-- charts/argo-rollouts/templates/controller/clusterrole.yaml | 1 + charts/argo-rollouts/templates/controller/role.yaml | 1 + 3 files changed, 4 insertions(+), 2 deletions(-) diff --git a/charts/argo-rollouts/Chart.yaml b/charts/argo-rollouts/Chart.yaml index 1846575db..8cc669fb6 100644 --- a/charts/argo-rollouts/Chart.yaml +++ b/charts/argo-rollouts/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v2 appVersion: v1.5.1 description: A Helm chart for Argo Rollouts name: argo-rollouts -version: 2.31.3 +version: 2.31.4 home: https://github.com/argoproj/argo-helm icon: https://argoproj.github.io/argo-rollouts/assets/logo.png keywords: @@ -19,4 +19,4 @@ annotations: url: https://argoproj.github.io/argo-helm/pgp_keys.asc artifacthub.io/changes: | - kind: fixed - description: Fix helm lint error when `extraObjects` is defined + description: Add required ingress permission diff --git a/charts/argo-rollouts/templates/controller/clusterrole.yaml b/charts/argo-rollouts/templates/controller/clusterrole.yaml index 964daed3d..ab0f7ee15 100644 --- a/charts/argo-rollouts/templates/controller/clusterrole.yaml +++ b/charts/argo-rollouts/templates/controller/clusterrole.yaml @@ -135,6 +135,7 @@ rules: - get - list - watch + - update - patch # job access needed for analysis template job metrics - apiGroups: diff --git a/charts/argo-rollouts/templates/controller/role.yaml b/charts/argo-rollouts/templates/controller/role.yaml index e3b80672b..eb69db628 100644 --- a/charts/argo-rollouts/templates/controller/role.yaml +++ b/charts/argo-rollouts/templates/controller/role.yaml @@ -136,6 +136,7 @@ rules: - get - list - watch + - update - patch # job access needed for analysis template job metrics - apiGroups: From ebd1ad5103d3f352a4317fab935b305c91a1b9f3 Mon Sep 17 00:00:00 2001 From: Aikawa Date: Tue, 8 Aug 2023 15:11:34 +0900 Subject: [PATCH 233/373] chore(argo-cd): Upgrade Argo CD to v2.7.11 (#2210) Signed-off-by: yu-croco --- charts/argo-cd/Chart.yaml | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index 8a4769acc..1e77b9dbd 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -1,9 +1,9 @@ apiVersion: v2 -appVersion: v2.7.10 +appVersion: v2.7.11 kubeVersion: ">=1.23.0-0" description: A Helm chart for Argo CD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 5.42.2 +version: 5.42.3 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png sources: @@ -26,5 +26,5 @@ annotations: fingerprint: 2B8F22F57260EFA67BE1C5824B11F800CD9D2252 url: https://argoproj.github.io/argo-helm/pgp_keys.asc artifacthub.io/changes: | - - kind: fixed - description: Templates for global presets properly renders keys as a string instead of map + - kind: changed + description: Upgrade Argo CD to v2.7.11 From 4eae23b5806a97a5e081b0f3f877b9e3b5bf9cf1 Mon Sep 17 00:00:00 2001 From: Engin Diri Date: Tue, 8 Aug 2023 16:08:58 +0200 Subject: [PATCH 234/373] feat(github): add Helm OCI support (#2209) Signed-off-by: Engin Diri --- .github/workflows/publish.yml | 20 ++++++++++++++++++++ 1 file changed, 20 insertions(+) diff --git a/.github/workflows/publish.yml b/.github/workflows/publish.yml index c1d940259..c2d1dc24e 100644 --- a/.github/workflows/publish.yml +++ b/.github/workflows/publish.yml @@ -4,6 +4,8 @@ on: push: branches: - main + paths: + - "charts/**" permissions: contents: read @@ -12,6 +14,7 @@ jobs: publish: permissions: contents: write # for helm/chart-releaser-action to push chart release and create a release + packages: write # to push OCI chart package to GitHub Registry runs-on: ubuntu-latest steps: - name: Checkout @@ -60,3 +63,20 @@ jobs: config: "./.github/configs/cr.yaml" env: CR_TOKEN: "${{ secrets.GITHUB_TOKEN }}" + + - name: Login to GHCR + uses: docker/login-action@465a07811f14bebb1938fbed4728c6a1ff8901fc # v2.2.0 + with: + registry: ghcr.io + username: ${{ github.actor }} + password: ${{ secrets.GITHUB_TOKEN }} + + - name: Push chart to GHCR + run: | + shopt -s nullglob + for pkg in .cr-release-packages/*.tgz; do + if [ -z "${pkg:-}" ]; then + break + fi + helm push "${pkg}" oci://ghcr.io/${{ github.repository }} + done From 3e35b0c7f7d758d553b17f369cc5940484ef5d89 Mon Sep 17 00:00:00 2001 From: Petr Drastil Date: Tue, 8 Aug 2023 16:35:41 +0200 Subject: [PATCH 235/373] feat(argo-cd): Upgrade Argo CD to 2.8.0 (#2170) Signed-off-by: Petr Drastil Co-authored-by: Aikawa --- charts/argo-cd/Chart.yaml | 6 +- charts/argo-cd/README.md | 2 +- .../statefulset.yaml | 12 + .../argocd-applicationset/deployment.yaml | 73 +- .../argocd-repo-server/deployment.yaml | 12 + .../templates/argocd-server/deployment.yaml | 12 + .../templates/crds/crd-application.yaml | 168 +- .../templates/crds/crd-applicationset.yaml | 5794 +++++++++++------ charts/argo-cd/values.yaml | 2 +- 9 files changed, 4160 insertions(+), 1921 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index 1e77b9dbd..f85b8bb3b 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -1,9 +1,9 @@ apiVersion: v2 -appVersion: v2.7.11 +appVersion: v2.8.0 kubeVersion: ">=1.23.0-0" description: A Helm chart for Argo CD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 5.42.3 +version: 5.43.0 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png sources: @@ -27,4 +27,4 @@ annotations: url: https://argoproj.github.io/argo-helm/pgp_keys.asc artifacthub.io/changes: | - kind: changed - description: Upgrade Argo CD to v2.7.11 + description: Upgrade Argo CD to 2.8.0 diff --git a/charts/argo-cd/README.md b/charts/argo-cd/README.md index 79d134b66..305f09232 100644 --- a/charts/argo-cd/README.md +++ b/charts/argo-cd/README.md @@ -461,7 +461,7 @@ NAME: my-release | configs.params."reposerver.parallelism.limit" | int | `0` | Limit on number of concurrent manifests generate requests. Any value less the 1 means no limit. | | configs.params."server.basehref" | string | `"/"` | Value for base href in index.html. Used if Argo CD is running behind reverse proxy under subpath different from / | | configs.params."server.disable.auth" | bool | `false` | Disable Argo CD RBAC for user authentication | -| configs.params."server.enable.gzip" | bool | `false` | Enable GZIP compression | +| configs.params."server.enable.gzip" | bool | `true` | Enable GZIP compression | | configs.params."server.insecure" | bool | `false` | Run server without TLS | | configs.params."server.rootpath" | string | `""` | Used if Argo CD is running behind reverse proxy under subpath different from / | | configs.params."server.staticassets" | string | `"/shared/app"` | Directory path that contains additional static assets | diff --git a/charts/argo-cd/templates/argocd-application-controller/statefulset.yaml b/charts/argo-cd/templates/argocd-application-controller/statefulset.yaml index b671e245a..8faac38da 100644 --- a/charts/argo-cd/templates/argocd-application-controller/statefulset.yaml +++ b/charts/argo-cd/templates/argocd-application-controller/statefulset.yaml @@ -236,6 +236,18 @@ spec: name: argocd-cmd-params-cm key: application.namespaces optional: true + - name: ARGOCD_CONTROLLER_SHARDING_ALGORITHM + valueFrom: + configMapKeyRef: + name: argocd-cmd-params-cm + key: controller.sharding.algorithm + optional: true + - name: ARGOCD_APPLICATION_CONTROLLER_KUBECTL_PARALLELISM_LIMIT + valueFrom: + configMapKeyRef: + name: argocd-cmd-params-cm + key: controller.kubectl.parallelism.limit + optional: true {{- with .Values.controller.envFrom }} envFrom: {{- toYaml . | nindent 10 }} diff --git a/charts/argo-cd/templates/argocd-applicationset/deployment.yaml b/charts/argo-cd/templates/argocd-applicationset/deployment.yaml index 0e00e28d4..4da1597c2 100644 --- a/charts/argo-cd/templates/argocd-applicationset/deployment.yaml +++ b/charts/argo-cd/templates/argocd-applicationset/deployment.yaml @@ -93,12 +93,6 @@ spec: key: applicationsetcontroller.enable.leader.election name: argocd-cmd-params-cm optional: true - - name: ARGOCD_APPLICATIONSET_CONTROLLER_NAMESPACE - valueFrom: - configMapKeyRef: - key: applicationsetcontroller.namespace - name: argocd-cmd-params-cm - optional: true - name: ARGOCD_APPLICATIONSET_CONTROLLER_REPO_SERVER valueFrom: configMapKeyRef: @@ -111,6 +105,12 @@ spec: key: applicationsetcontroller.policy name: argocd-cmd-params-cm optional: true + - name: ARGOCD_APPLICATIONSET_CONTROLLER_ENABLE_POLICY_OVERRIDE + valueFrom: + configMapKeyRef: + key: applicationsetcontroller.enable.policy.override + name: argocd-cmd-params-cm + optional: true - name: ARGOCD_APPLICATIONSET_CONTROLLER_DEBUG valueFrom: configMapKeyRef: @@ -147,6 +147,54 @@ spec: key: applicationsetcontroller.enable.progressive.syncs name: argocd-cmd-params-cm optional: true + - name: ARGOCD_APPLICATIONSET_CONTROLLER_ENABLE_NEW_GIT_FILE_GLOBBING + valueFrom: + configMapKeyRef: + key: applicationsetcontroller.enable.new.git.file.globbing + name: argocd-cmd-params-cm + optional: true + - name: ARGOCD_APPLICATIONSET_CONTROLLER_REPO_SERVER_PLAINTEXT + valueFrom: + configMapKeyRef: + name: argocd-cmd-params-cm + key: applicationsetcontroller.repo.server.plaintext + optional: true + - name: ARGOCD_APPLICATIONSET_CONTROLLER_REPO_SERVER_STRICT_TLS + valueFrom: + configMapKeyRef: + name: argocd-cmd-params-cm + key: applicationsetcontroller.repo.server.strict.tls + optional: true + - name: ARGOCD_APPLICATIONSET_CONTROLLER_REPO_SERVER_TIMEOUT_SECONDS + valueFrom: + configMapKeyRef: + name: argocd-cmd-params-cm + key: applicationsetcontroller.repo.server.timeout.seconds + optional: true + - name: ARGOCD_APPLICATIONSET_CONTROLLER_CONCURRENT_RECONCILIATIONS + valueFrom: + configMapKeyRef: + name: argocd-cmd-params-cm + key: applicationsetcontroller.concurrent.reconciliations.max + optional: true + - name: ARGOCD_APPLICATIONSET_CONTROLLER_NAMESPACES + valueFrom: + configMapKeyRef: + key: applicationsetcontroller.namespaces + name: argocd-cmd-params-cm + optional: true + - name: ARGOCD_APPLICATIONSET_CONTROLLER_SCM_ROOT_CA_PATH + valueFrom: + configMapKeyRef: + key: applicationsetcontroller.scm.root.ca.path + name: argocd-cmd-params-cm + optional: true + - name: ARGOCD_APPLICATIONSET_CONTROLLER_ALLOWED_SCM_PROVIDERS + valueFrom: + configMapKeyRef: + name: argocd-cmd-params-cm + key: applicationsetcontroller.allowed.scm.providers + optional: true {{- with .Values.applicationSet.extraEnvFrom }} envFrom: {{- toYaml . | nindent 12 }} @@ -199,6 +247,8 @@ spec: name: gpg-keys - mountPath: /app/config/gpg/keys name: gpg-keyring + - mountPath: /app/config/reposerver/tls + name: argocd-repo-server-tls - mountPath: /tmp name: tmp {{- with .Values.applicationSet.extraContainers }} @@ -248,6 +298,17 @@ spec: emptyDir: {} - name: tmp emptyDir: {} + - name: argocd-repo-server-tls + secret: + secretName: argocd-repo-server-tls + optional: true + items: + - key: tls.crt + path: tls.crt + - key: tls.key + path: tls.key + - key: ca.crt + path: ca.crt {{- with .Values.applicationSet.dnsConfig }} dnsConfig: {{- toYaml . | nindent 8 }} diff --git a/charts/argo-cd/templates/argocd-repo-server/deployment.yaml b/charts/argo-cd/templates/argocd-repo-server/deployment.yaml index f438c8b57..b9959018e 100755 --- a/charts/argo-cd/templates/argocd-repo-server/deployment.yaml +++ b/charts/argo-cd/templates/argocd-repo-server/deployment.yaml @@ -108,6 +108,18 @@ spec: name: argocd-cmd-params-cm key: reposerver.parallelism.limit optional: true + - name: ARGOCD_REPO_SERVER_LISTEN_ADDRESS + valueFrom: + configMapKeyRef: + name: argocd-cmd-params-cm + key: reposerver.listen.address + optional: true + - name: ARGOCD_REPO_SERVER_LISTEN_METRICS_ADDRESS + valueFrom: + configMapKeyRef: + name: argocd-cmd-params-cm + key: reposerver.metrics.listen.address + optional: true - name: ARGOCD_REPO_SERVER_DISABLE_TLS valueFrom: configMapKeyRef: diff --git a/charts/argo-cd/templates/argocd-server/deployment.yaml b/charts/argo-cd/templates/argocd-server/deployment.yaml index cc9289812..e3f322cb2 100755 --- a/charts/argo-cd/templates/argocd-server/deployment.yaml +++ b/charts/argo-cd/templates/argocd-server/deployment.yaml @@ -263,6 +263,18 @@ spec: name: argocd-cmd-params-cm key: server.http.cookie.maxnumber optional: true + - name: ARGOCD_SERVER_LISTEN_ADDRESS + valueFrom: + configMapKeyRef: + name: argocd-cmd-params-cm + key: server.listen.address + optional: true + - name: ARGOCD_SERVER_METRICS_LISTEN_ADDRESS + valueFrom: + configMapKeyRef: + name: argocd-cmd-params-cm + key: server.metrics.listen.address + optional: true - name: ARGOCD_SERVER_OTLP_ADDRESS valueFrom: configMapKeyRef: diff --git a/charts/argo-cd/templates/crds/crd-application.yaml b/charts/argo-cd/templates/crds/crd-application.yaml index cbb480e65..b4d13a15e 100644 --- a/charts/argo-cd/templates/crds/crd-application.yaml +++ b/charts/argo-cd/templates/crds/crd-application.yaml @@ -297,8 +297,15 @@ spec: type: array values: description: Values specifies Helm values to be passed - to helm template, typically defined as a block + to helm template, typically defined as a block. ValuesObject + takes precedence over Values, so use one or the other. type: string + valuesObject: + description: ValuesObject specifies Helm values to be + passed to helm template, defined as a map. This takes + precedence over Values. + type: object + x-kubernetes-preserve-unknown-fields: true version: description: Version is the Helm version to use for templating ("3") @@ -586,8 +593,15 @@ spec: type: array values: description: Values specifies Helm values to be passed - to helm template, typically defined as a block + to helm template, typically defined as a block. ValuesObject + takes precedence over Values, so use one or the other. type: string + valuesObject: + description: ValuesObject specifies Helm values to be + passed to helm template, defined as a map. This takes + precedence over Values. + type: object + x-kubernetes-preserve-unknown-fields: true version: description: Version is the Helm version to use for templating ("3") @@ -992,8 +1006,15 @@ spec: type: array values: description: Values specifies Helm values to be passed to - helm template, typically defined as a block + helm template, typically defined as a block. ValuesObject + takes precedence over Values, so use one or the other. type: string + valuesObject: + description: ValuesObject specifies Helm values to be passed + to helm template, defined as a map. This takes precedence + over Values. + type: object + x-kubernetes-preserve-unknown-fields: true version: description: Version is the Helm version to use for templating ("3") @@ -1272,8 +1293,15 @@ spec: type: array values: description: Values specifies Helm values to be passed to - helm template, typically defined as a block + helm template, typically defined as a block. ValuesObject + takes precedence over Values, so use one or the other. type: string + valuesObject: + description: ValuesObject specifies Helm values to be passed + to helm template, defined as a map. This takes precedence + over Values. + type: object + x-kubernetes-preserve-unknown-fields: true version: description: Version is the Helm version to use for templating ("3") @@ -1438,7 +1466,7 @@ spec: as part of automated sync (default: false)' type: boolean selfHeal: - description: 'SelfHeal specifes whether to revert resources + description: 'SelfHeal specifies whether to revert resources back to their desired state upon modification in the cluster (default: false)' type: boolean @@ -1502,7 +1530,7 @@ spec: conditions items: description: ApplicationCondition contains details about an application - condition, which is usally an error or warning + condition, which is usually an error or warning properties: lastTransitionTime: description: LastTransitionTime is the time the condition was @@ -1521,6 +1549,10 @@ spec: - type type: object type: array + controllerNamespace: + description: ControllerNamespace indicates the namespace in which + the application controller is located + type: string health: description: Health contains information about the application's current health status @@ -1700,8 +1732,15 @@ spec: type: array values: description: Values specifies Helm values to be passed - to helm template, typically defined as a block + to helm template, typically defined as a block. ValuesObject + takes precedence over Values, so use one or the other. type: string + valuesObject: + description: ValuesObject specifies Helm values to be + passed to helm template, defined as a map. This takes + precedence over Values. + type: object + x-kubernetes-preserve-unknown-fields: true version: description: Version is the Helm version to use for templating ("3") @@ -1993,8 +2032,16 @@ spec: type: array values: description: Values specifies Helm values to be passed - to helm template, typically defined as a block + to helm template, typically defined as a block. + ValuesObject takes precedence over Values, so use + one or the other. type: string + valuesObject: + description: ValuesObject specifies Helm values to + be passed to helm template, defined as a map. This + takes precedence over Values. + type: object + x-kubernetes-preserve-unknown-fields: true version: description: Version is the Helm version to use for templating ("3") @@ -2431,8 +2478,15 @@ spec: values: description: Values specifies Helm values to be passed to helm template, typically defined as - a block + a block. ValuesObject takes precedence over + Values, so use one or the other. type: string + valuesObject: + description: ValuesObject specifies Helm values + to be passed to helm template, defined as a + map. This takes precedence over Values. + type: object + x-kubernetes-preserve-unknown-fields: true version: description: Version is the Helm version to use for templating ("3") @@ -2740,8 +2794,15 @@ spec: values: description: Values specifies Helm values to be passed to helm template, typically defined - as a block + as a block. ValuesObject takes precedence + over Values, so use one or the other. type: string + valuesObject: + description: ValuesObject specifies Helm values + to be passed to helm template, defined as + a map. This takes precedence over Values. + type: object + x-kubernetes-preserve-unknown-fields: true version: description: Version is the Helm version to use for templating ("3") @@ -2951,6 +3012,19 @@ spec: syncResult: description: SyncResult is the result of a Sync operation properties: + managedNamespaceMetadata: + description: ManagedNamespaceMetadata contains the current + sync state of managed namespace metadata + properties: + annotations: + additionalProperties: + type: string + type: object + labels: + additionalProperties: + type: string + type: object + type: object resources: description: Resources contains a list of sync result items for each individual resource in a sync operation @@ -3153,8 +3227,16 @@ spec: type: array values: description: Values specifies Helm values to be passed - to helm template, typically defined as a block + to helm template, typically defined as a block. + ValuesObject takes precedence over Values, so use + one or the other. type: string + valuesObject: + description: ValuesObject specifies Helm values to + be passed to helm template, defined as a map. This + takes precedence over Values. + type: object + x-kubernetes-preserve-unknown-fields: true version: description: Version is the Helm version to use for templating ("3") @@ -3457,8 +3539,15 @@ spec: values: description: Values specifies Helm values to be passed to helm template, typically defined as - a block + a block. ValuesObject takes precedence over Values, + so use one or the other. type: string + valuesObject: + description: ValuesObject specifies Helm values + to be passed to helm template, defined as a map. + This takes precedence over Values. + type: object + x-kubernetes-preserve-unknown-fields: true version: description: Version is the Helm version to use for templating ("3") @@ -3728,6 +3817,42 @@ spec: and must be set to the Kubernetes control plane API type: string type: object + ignoreDifferences: + description: IgnoreDifferences is a reference to the application's + ignored differences used for comparison + items: + description: ResourceIgnoreDifferences contains resource + filter and list of json paths which should be ignored + during comparison with live state. + properties: + group: + type: string + jqPathExpressions: + items: + type: string + type: array + jsonPointers: + items: + type: string + type: array + kind: + type: string + managedFieldsManagers: + description: ManagedFieldsManagers is a list of trusted + managers. Fields mutated by those managers will take + precedence over the desired state defined in the SCM + and won't be displayed in diffs + items: + type: string + type: array + name: + type: string + namespace: + type: string + required: + - kind + type: object + type: array source: description: Source is a reference to the application's source used for comparison @@ -3866,8 +3991,16 @@ spec: type: array values: description: Values specifies Helm values to be passed - to helm template, typically defined as a block + to helm template, typically defined as a block. + ValuesObject takes precedence over Values, so use + one or the other. type: string + valuesObject: + description: ValuesObject specifies Helm values to + be passed to helm template, defined as a map. This + takes precedence over Values. + type: object + x-kubernetes-preserve-unknown-fields: true version: description: Version is the Helm version to use for templating ("3") @@ -4170,8 +4303,15 @@ spec: values: description: Values specifies Helm values to be passed to helm template, typically defined as - a block + a block. ValuesObject takes precedence over Values, + so use one or the other. type: string + valuesObject: + description: ValuesObject specifies Helm values + to be passed to helm template, defined as a map. + This takes precedence over Values. + type: object + x-kubernetes-preserve-unknown-fields: true version: description: Version is the Helm version to use for templating ("3") diff --git a/charts/argo-cd/templates/crds/crd-applicationset.yaml b/charts/argo-cd/templates/crds/crd-applicationset.yaml index ad35b0628..fa0d926a7 100644 --- a/charts/argo-cd/templates/crds/crd-applicationset.yaml +++ b/charts/argo-cd/templates/crds/crd-applicationset.yaml @@ -40,6 +40,8 @@ spec: type: object spec: properties: + applyNestedSelectors: + type: boolean generators: items: properties: @@ -235,6 +237,9 @@ spec: type: array values: type: string + valuesObject: + type: object + x-kubernetes-preserve-unknown-fields: true version: type: string type: object @@ -412,6 +417,9 @@ spec: type: array values: type: string + valuesObject: + type: object + x-kubernetes-preserve-unknown-fields: true version: type: string type: object @@ -748,6 +756,9 @@ spec: type: array values: type: string + valuesObject: + type: object + x-kubernetes-preserve-unknown-fields: true version: type: string type: object @@ -925,6 +936,9 @@ spec: type: array values: type: string + valuesObject: + type: object + x-kubernetes-preserve-unknown-fields: true version: type: string type: object @@ -1265,6 +1279,9 @@ spec: type: array values: type: string + valuesObject: + type: object + x-kubernetes-preserve-unknown-fields: true version: type: string type: object @@ -1442,6 +1459,9 @@ spec: type: array values: type: string + valuesObject: + type: object + x-kubernetes-preserve-unknown-fields: true version: type: string type: object @@ -1586,6 +1606,10 @@ spec: - metadata - spec type: object + values: + additionalProperties: + type: string + type: object required: - repoURL - revision @@ -1758,6 +1782,9 @@ spec: type: array values: type: string + valuesObject: + type: object + x-kubernetes-preserve-unknown-fields: true version: type: string type: object @@ -1935,6 +1962,9 @@ spec: type: array values: type: string + valuesObject: + type: object + x-kubernetes-preserve-unknown-fields: true version: type: string type: object @@ -2279,6 +2309,9 @@ spec: type: array values: type: string + valuesObject: + type: object + x-kubernetes-preserve-unknown-fields: true version: type: string type: object @@ -2456,6 +2489,9 @@ spec: type: array values: type: string + valuesObject: + type: object + x-kubernetes-preserve-unknown-fields: true version: type: string type: object @@ -2792,6 +2828,9 @@ spec: type: array values: type: string + valuesObject: + type: object + x-kubernetes-preserve-unknown-fields: true version: type: string type: object @@ -2969,6 +3008,9 @@ spec: type: array values: type: string + valuesObject: + type: object + x-kubernetes-preserve-unknown-fields: true version: type: string type: object @@ -3309,6 +3351,9 @@ spec: type: array values: type: string + valuesObject: + type: object + x-kubernetes-preserve-unknown-fields: true version: type: string type: object @@ -3486,6 +3531,9 @@ spec: type: array values: type: string + valuesObject: + type: object + x-kubernetes-preserve-unknown-fields: true version: type: string type: object @@ -3630,6 +3678,10 @@ spec: - metadata - spec type: object + values: + additionalProperties: + type: string + type: object required: - repoURL - revision @@ -3802,6 +3854,9 @@ spec: type: array values: type: string + valuesObject: + type: object + x-kubernetes-preserve-unknown-fields: true version: type: string type: object @@ -3979,6 +4034,9 @@ spec: type: array values: type: string + valuesObject: + type: object + x-kubernetes-preserve-unknown-fields: true version: type: string type: object @@ -4130,123 +4188,21 @@ spec: x-kubernetes-preserve-unknown-fields: true merge: x-kubernetes-preserve-unknown-fields: true - pullRequest: + plugin: properties: - bitbucketServer: - properties: - api: - type: string - basicAuth: - properties: - passwordRef: - properties: - key: - type: string - secretName: - type: string - required: - - key - - secretName - type: object - username: - type: string - required: - - passwordRef - - username - type: object - project: - type: string - repo: - type: string - required: - - api - - project - - repo - type: object - filters: - items: - properties: - branchMatch: - type: string - type: object - type: array - gitea: - properties: - api: - type: string - insecure: - type: boolean - owner: - type: string - repo: - type: string - tokenRef: - properties: - key: - type: string - secretName: - type: string - required: - - key - - secretName - type: object - required: - - api - - owner - - repo - type: object - github: + configMapRef: properties: - api: - type: string - appSecretName: - type: string - labels: - items: - type: string - type: array - owner: - type: string - repo: + name: type: string - tokenRef: - properties: - key: - type: string - secretName: - type: string - required: - - key - - secretName - type: object required: - - owner - - repo + - name type: object - gitlab: + input: properties: - api: - type: string - labels: - items: - type: string - type: array - project: - type: string - pullRequestState: - type: string - tokenRef: - properties: - key: - type: string - secretName: - type: string - required: - - key - - secretName + parameters: + additionalProperties: + x-kubernetes-preserve-unknown-fields: true type: object - required: - - project type: object requeueAfterSeconds: format: int64 @@ -4411,6 +4367,9 @@ spec: type: array values: type: string + valuesObject: + type: object + x-kubernetes-preserve-unknown-fields: true version: type: string type: object @@ -4588,6 +4547,9 @@ spec: type: array values: type: string + valuesObject: + type: object + x-kubernetes-preserve-unknown-fields: true version: type: string type: object @@ -4732,12 +4694,30 @@ spec: - metadata - spec type: object + values: + additionalProperties: + type: string + type: object + required: + - configMapRef type: object - scmProvider: + pullRequest: properties: - azureDevOps: + azuredevops: properties: - accessTokenRef: + api: + type: string + labels: + items: + type: string + type: array + organization: + type: string + project: + type: string + repo: + type: string + tokenRef: properties: key: type: string @@ -4747,46 +4727,58 @@ spec: - key - secretName type: object - allBranches: - type: boolean - api: - type: string - organization: - type: string - teamProject: - type: string required: - - accessTokenRef - organization - - teamProject + - project + - repo type: object bitbucket: properties: - allBranches: - type: boolean - appPasswordRef: + api: + type: string + basicAuth: properties: - key: - type: string - secretName: + passwordRef: + properties: + key: + type: string + secretName: + type: string + required: + - key + - secretName + type: object + username: type: string required: - - key - - secretName + - passwordRef + - username + type: object + bearerToken: + properties: + tokenRef: + properties: + key: + type: string + secretName: + type: string + required: + - key + - secretName + type: object + required: + - tokenRef type: object owner: type: string - user: + repo: type: string required: - - appPasswordRef - owner - - user + - repo type: object bitbucketServer: properties: - allBranches: - type: boolean api: type: string basicAuth: @@ -4809,41 +4801,32 @@ spec: type: object project: type: string + repo: + type: string required: - api - project + - repo type: object - cloneProtocol: - type: string filters: items: properties: branchMatch: type: string - labelMatch: - type: string - pathsDoNotExist: - items: - type: string - type: array - pathsExist: - items: - type: string - type: array - repositoryMatch: + targetBranchMatch: type: string type: object type: array gitea: properties: - allBranches: - type: boolean api: type: string insecure: type: boolean owner: type: string + repo: + type: string tokenRef: properties: key: @@ -4857,16 +4840,21 @@ spec: required: - api - owner + - repo type: object github: properties: - allBranches: - type: boolean api: type: string appSecretName: type: string - organization: + labels: + items: + type: string + type: array + owner: + type: string + repo: type: string tokenRef: properties: @@ -4879,18 +4867,23 @@ spec: - secretName type: object required: - - organization + - owner + - repo type: object gitlab: properties: - allBranches: - type: boolean api: type: string - group: - type: string - includeSubgroups: + insecure: type: boolean + labels: + items: + type: string + type: array + project: + type: string + pullRequestState: + type: string tokenRef: properties: key: @@ -4902,7 +4895,7 @@ spec: - secretName type: object required: - - group + - project type: object requeueAfterSeconds: format: int64 @@ -5067,6 +5060,9 @@ spec: type: array values: type: string + valuesObject: + type: object + x-kubernetes-preserve-unknown-fields: true version: type: string type: object @@ -5244,6 +5240,9 @@ spec: type: array values: type: string + valuesObject: + type: object + x-kubernetes-preserve-unknown-fields: true version: type: string type: object @@ -5389,562 +5388,212 @@ spec: - spec type: object type: object - selector: + scmProvider: properties: - matchExpressions: - items: - properties: - key: - type: string - operator: - type: string - values: - items: - type: string - type: array - required: - - key - - operator - type: object - type: array - matchLabels: - additionalProperties: - type: string - type: object - type: object - type: object - type: array - template: - properties: - metadata: - properties: - annotations: - additionalProperties: - type: string - type: object - finalizers: - items: - type: string - type: array - labels: - additionalProperties: - type: string - type: object - name: - type: string - namespace: - type: string - type: object - spec: - properties: - destination: - properties: - name: - type: string - namespace: - type: string - server: - type: string - type: object - ignoreDifferences: - items: + awsCodeCommit: properties: - group: + allBranches: + type: boolean + region: type: string - jqPathExpressions: - items: - type: string - type: array - jsonPointers: - items: - type: string - type: array - kind: + role: type: string - managedFieldsManagers: + tagFilters: items: - type: string + properties: + key: + type: string + value: + type: string + required: + - key + type: object type: array - name: + type: object + azureDevOps: + properties: + accessTokenRef: + properties: + key: + type: string + secretName: + type: string + required: + - key + - secretName + type: object + allBranches: + type: boolean + api: type: string - namespace: + organization: + type: string + teamProject: type: string required: - - kind + - accessTokenRef + - organization + - teamProject type: object - type: array - info: - items: + bitbucket: properties: - name: + allBranches: + type: boolean + appPasswordRef: + properties: + key: + type: string + secretName: + type: string + required: + - key + - secretName + type: object + owner: type: string - value: + user: type: string required: - - name - - value + - appPasswordRef + - owner + - user type: object - type: array - project: - type: string - revisionHistoryLimit: - format: int64 - type: integer - source: - properties: - chart: - type: string - directory: - properties: - exclude: - type: string - include: - type: string - jsonnet: - properties: - extVars: - items: - properties: - code: - type: boolean - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - libs: - items: - type: string - type: array - tlas: - items: - properties: - code: - type: boolean - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - type: object - recurse: - type: boolean - type: object - helm: - properties: - fileParameters: - items: + bitbucketServer: + properties: + allBranches: + type: boolean + api: + type: string + basicAuth: + properties: + passwordRef: properties: - name: + key: type: string - path: + secretName: type: string + required: + - key + - secretName type: object + username: + type: string + required: + - passwordRef + - username + type: object + project: + type: string + required: + - api + - project + type: object + cloneProtocol: + type: string + filters: + items: + properties: + branchMatch: + type: string + labelMatch: + type: string + pathsDoNotExist: + items: + type: string type: array - ignoreMissingValueFiles: - type: boolean - parameters: + pathsExist: items: - properties: - forceString: - type: boolean - name: - type: string - value: - type: string - type: object + type: string type: array - passCredentials: - type: boolean - releaseName: - type: string - skipCrds: - type: boolean - valueFiles: - items: - type: string - type: array - values: - type: string - version: + repositoryMatch: type: string type: object - kustomize: - properties: - commonAnnotations: - additionalProperties: - type: string - type: object - commonAnnotationsEnvsubst: - type: boolean - commonLabels: - additionalProperties: + type: array + gitea: + properties: + allBranches: + type: boolean + api: + type: string + insecure: + type: boolean + owner: + type: string + tokenRef: + properties: + key: type: string - type: object - forceCommonAnnotations: - type: boolean - forceCommonLabels: - type: boolean - images: - items: + secretName: type: string - type: array - namePrefix: - type: string - nameSuffix: - type: string - namespace: - type: string - replicas: - items: - properties: - count: - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - name: - type: string - required: - - count - - name - type: object - type: array - version: - type: string - type: object - path: - type: string - plugin: - properties: - env: - items: - properties: - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - name: - type: string - parameters: - items: - properties: - array: - items: - type: string - type: array - map: - additionalProperties: - type: string - type: object - name: - type: string - string: - type: string - type: object - type: array - type: object - ref: - type: string - repoURL: - type: string - targetRevision: - type: string - required: - - repoURL - type: object - sources: - items: + required: + - key + - secretName + type: object + required: + - api + - owner + type: object + github: properties: - chart: + allBranches: + type: boolean + api: type: string - directory: + appSecretName: + type: string + organization: + type: string + tokenRef: properties: - exclude: + key: type: string - include: + secretName: type: string - jsonnet: - properties: - extVars: - items: - properties: - code: - type: boolean - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - libs: - items: - type: string - type: array - tlas: - items: - properties: - code: - type: boolean - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - type: object - recurse: - type: boolean + required: + - key + - secretName type: object - helm: + required: + - organization + type: object + gitlab: + properties: + allBranches: + type: boolean + api: + type: string + group: + type: string + includeSubgroups: + type: boolean + insecure: + type: boolean + tokenRef: properties: - fileParameters: - items: - properties: - name: - type: string - path: - type: string - type: object - type: array - ignoreMissingValueFiles: - type: boolean - parameters: - items: - properties: - forceString: - type: boolean - name: - type: string - value: - type: string - type: object - type: array - passCredentials: - type: boolean - releaseName: - type: string - skipCrds: - type: boolean - valueFiles: - items: - type: string - type: array - values: + key: type: string - version: + secretName: type: string + required: + - key + - secretName type: object - kustomize: + required: + - group + type: object + requeueAfterSeconds: + format: int64 + type: integer + template: + properties: + metadata: properties: - commonAnnotations: + annotations: additionalProperties: type: string type: object - commonAnnotationsEnvsubst: - type: boolean - commonLabels: - additionalProperties: - type: string - type: object - forceCommonAnnotations: - type: boolean - forceCommonLabels: - type: boolean - images: - items: - type: string - type: array - namePrefix: - type: string - nameSuffix: - type: string - namespace: - type: string - replicas: - items: - properties: - count: - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - name: - type: string - required: - - count - - name - type: object - type: array - version: - type: string - type: object - path: - type: string - plugin: - properties: - env: - items: - properties: - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - name: - type: string - parameters: - items: - properties: - array: - items: - type: string - type: array - map: - additionalProperties: - type: string - type: object - name: - type: string - string: - type: string - type: object - type: array - type: object - ref: - type: string - repoURL: - type: string - targetRevision: - type: string - required: - - repoURL - type: object - type: array - syncPolicy: - properties: - automated: - properties: - allowEmpty: - type: boolean - prune: - type: boolean - selfHeal: - type: boolean - type: object - managedNamespaceMetadata: - properties: - annotations: - additionalProperties: - type: string - type: object - labels: - additionalProperties: - type: string - type: object - type: object - retry: - properties: - backoff: - properties: - duration: - type: string - factor: - format: int64 - type: integer - maxDuration: - type: string - type: object - limit: - format: int64 - type: integer - type: object - syncOptions: - items: - type: string - type: array - type: object - required: - - destination - - project - type: object - required: - - metadata - - spec - type: object - required: - - generators - type: object - merge: - properties: - generators: - items: - properties: - clusterDecisionResource: - properties: - configMapRef: - type: string - labelSelector: - properties: - matchExpressions: - items: - properties: - key: - type: string - operator: - type: string - values: - items: - type: string - type: array - required: - - key - - operator - type: object - type: array - matchLabels: - additionalProperties: - type: string - type: object - type: object - name: - type: string - requeueAfterSeconds: - format: int64 - type: integer - template: - properties: - metadata: - properties: - annotations: - additionalProperties: - type: string - type: object - finalizers: - items: + finalizers: + items: type: string type: array labels: @@ -6095,6 +5744,9 @@ spec: type: array values: type: string + valuesObject: + type: object + x-kubernetes-preserve-unknown-fields: true version: type: string type: object @@ -6272,6 +5924,9 @@ spec: type: array values: type: string + valuesObject: + type: object + x-kubernetes-preserve-unknown-fields: true version: type: string type: object @@ -6420,560 +6075,568 @@ spec: additionalProperties: type: string type: object - required: - - configMapRef type: object - clusters: + selector: properties: - selector: - properties: - matchExpressions: - items: - properties: - key: - type: string - operator: - type: string - values: - items: - type: string - type: array - required: - - key - - operator - type: object - type: array - matchLabels: - additionalProperties: + matchExpressions: + items: + properties: + key: type: string - type: object - type: object - template: - properties: - metadata: - properties: - annotations: - additionalProperties: - type: string - type: object - finalizers: - items: - type: string - type: array - labels: - additionalProperties: - type: string - type: object - name: - type: string - namespace: + operator: + type: string + values: + items: type: string - type: object - spec: - properties: - destination: - properties: - name: - type: string - namespace: - type: string - server: - type: string - type: object - ignoreDifferences: - items: - properties: - group: - type: string - jqPathExpressions: - items: - type: string - type: array - jsonPointers: - items: - type: string - type: array - kind: - type: string - managedFieldsManagers: - items: - type: string - type: array - name: - type: string - namespace: - type: string - required: - - kind - type: object - type: array - info: - items: - properties: - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - project: - type: string - revisionHistoryLimit: - format: int64 - type: integer - source: - properties: - chart: - type: string - directory: - properties: - exclude: - type: string - include: - type: string - jsonnet: - properties: - extVars: - items: - properties: - code: - type: boolean - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - libs: - items: - type: string - type: array - tlas: - items: - properties: - code: - type: boolean - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - type: object - recurse: - type: boolean - type: object - helm: + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + type: object + type: object + type: object + type: array + template: + properties: + metadata: + properties: + annotations: + additionalProperties: + type: string + type: object + finalizers: + items: + type: string + type: array + labels: + additionalProperties: + type: string + type: object + name: + type: string + namespace: + type: string + type: object + spec: + properties: + destination: + properties: + name: + type: string + namespace: + type: string + server: + type: string + type: object + ignoreDifferences: + items: + properties: + group: + type: string + jqPathExpressions: + items: + type: string + type: array + jsonPointers: + items: + type: string + type: array + kind: + type: string + managedFieldsManagers: + items: + type: string + type: array + name: + type: string + namespace: + type: string + required: + - kind + type: object + type: array + info: + items: + properties: + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + project: + type: string + revisionHistoryLimit: + format: int64 + type: integer + source: + properties: + chart: + type: string + directory: + properties: + exclude: + type: string + include: + type: string + jsonnet: + properties: + extVars: + items: properties: - fileParameters: - items: - properties: - name: - type: string - path: - type: string - type: object - type: array - ignoreMissingValueFiles: - type: boolean - parameters: - items: - properties: - forceString: - type: boolean - name: - type: string - value: - type: string - type: object - type: array - passCredentials: - type: boolean - releaseName: - type: string - skipCrds: + code: type: boolean - valueFiles: - items: - type: string - type: array - values: + name: type: string - version: + value: type: string + required: + - name + - value type: object - kustomize: + type: array + libs: + items: + type: string + type: array + tlas: + items: properties: - commonAnnotations: - additionalProperties: - type: string - type: object - commonAnnotationsEnvsubst: - type: boolean - commonLabels: - additionalProperties: - type: string - type: object - forceCommonAnnotations: - type: boolean - forceCommonLabels: + code: type: boolean - images: - items: - type: string - type: array - namePrefix: + name: type: string - nameSuffix: - type: string - namespace: - type: string - replicas: - items: - properties: - count: - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - name: - type: string - required: - - count - - name - type: object - type: array - version: + value: type: string + required: + - name + - value type: object + type: array + type: object + recurse: + type: boolean + type: object + helm: + properties: + fileParameters: + items: + properties: + name: + type: string path: type: string - plugin: - properties: - env: - items: - properties: - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - name: - type: string - parameters: - items: - properties: - array: - items: - type: string - type: array - map: - additionalProperties: - type: string - type: object - name: - type: string - string: - type: string - type: object - type: array - type: object - ref: + type: object + type: array + ignoreMissingValueFiles: + type: boolean + parameters: + items: + properties: + forceString: + type: boolean + name: type: string - repoURL: + value: type: string - targetRevision: + type: object + type: array + passCredentials: + type: boolean + releaseName: + type: string + skipCrds: + type: boolean + valueFiles: + items: + type: string + type: array + values: + type: string + valuesObject: + type: object + x-kubernetes-preserve-unknown-fields: true + version: + type: string + type: object + kustomize: + properties: + commonAnnotations: + additionalProperties: + type: string + type: object + commonAnnotationsEnvsubst: + type: boolean + commonLabels: + additionalProperties: + type: string + type: object + forceCommonAnnotations: + type: boolean + forceCommonLabels: + type: boolean + images: + items: + type: string + type: array + namePrefix: + type: string + nameSuffix: + type: string + namespace: + type: string + replicas: + items: + properties: + count: + anyOf: + - type: integer + - type: string + x-kubernetes-int-or-string: true + name: type: string required: - - repoURL + - count + - name type: object - sources: - items: - properties: - chart: + type: array + version: + type: string + type: object + path: + type: string + plugin: + properties: + env: + items: + properties: + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + name: + type: string + parameters: + items: + properties: + array: + items: type: string - directory: + type: array + map: + additionalProperties: + type: string + type: object + name: + type: string + string: + type: string + type: object + type: array + type: object + ref: + type: string + repoURL: + type: string + targetRevision: + type: string + required: + - repoURL + type: object + sources: + items: + properties: + chart: + type: string + directory: + properties: + exclude: + type: string + include: + type: string + jsonnet: + properties: + extVars: + items: properties: - exclude: + code: + type: boolean + name: type: string - include: + value: type: string - jsonnet: - properties: - extVars: - items: - properties: - code: - type: boolean - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - libs: - items: - type: string - type: array - tlas: - items: - properties: - code: - type: boolean - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - type: object - recurse: - type: boolean + required: + - name + - value type: object - helm: - properties: - fileParameters: - items: - properties: - name: - type: string - path: - type: string - type: object - type: array - ignoreMissingValueFiles: - type: boolean - parameters: - items: - properties: - forceString: - type: boolean - name: - type: string - value: - type: string - type: object - type: array - passCredentials: - type: boolean - releaseName: - type: string - skipCrds: - type: boolean - valueFiles: - items: - type: string - type: array - values: - type: string - version: - type: string - type: object - kustomize: + type: array + libs: + items: + type: string + type: array + tlas: + items: properties: - commonAnnotations: - additionalProperties: - type: string - type: object - commonAnnotationsEnvsubst: - type: boolean - commonLabels: - additionalProperties: - type: string - type: object - forceCommonAnnotations: - type: boolean - forceCommonLabels: + code: type: boolean - images: - items: - type: string - type: array - namePrefix: - type: string - nameSuffix: - type: string - namespace: + name: type: string - replicas: - items: - properties: - count: - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - name: - type: string - required: - - count - - name - type: object - type: array - version: + value: type: string + required: + - name + - value type: object - path: + type: array + type: object + recurse: + type: boolean + type: object + helm: + properties: + fileParameters: + items: + properties: + name: type: string - plugin: - properties: - env: - items: - properties: - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - name: - type: string - parameters: - items: - properties: - array: - items: - type: string - type: array - map: - additionalProperties: - type: string - type: object - name: - type: string - string: - type: string - type: object - type: array - type: object - ref: + path: type: string - repoURL: + type: object + type: array + ignoreMissingValueFiles: + type: boolean + parameters: + items: + properties: + forceString: + type: boolean + name: type: string - targetRevision: + value: type: string - required: - - repoURL type: object type: array - syncPolicy: - properties: - automated: - properties: - allowEmpty: - type: boolean - prune: - type: boolean - selfHeal: - type: boolean - type: object - managedNamespaceMetadata: - properties: - annotations: - additionalProperties: - type: string - type: object - labels: - additionalProperties: - type: string - type: object - type: object - retry: - properties: - backoff: - properties: - duration: - type: string - factor: - format: int64 - type: integer - maxDuration: - type: string - type: object - limit: - format: int64 - type: integer - type: object - syncOptions: - items: - type: string - type: array + passCredentials: + type: boolean + releaseName: + type: string + skipCrds: + type: boolean + valueFiles: + items: + type: string + type: array + values: + type: string + valuesObject: type: object - required: - - destination - - project + x-kubernetes-preserve-unknown-fields: true + version: + type: string type: object - required: - - metadata - - spec - type: object - values: - additionalProperties: - type: string - type: object - type: object - git: - properties: - directories: - items: - properties: - exclude: - type: boolean - path: - type: string - required: - - path - type: object - type: array - files: - items: - properties: - path: - type: string - required: - - path - type: object - type: array - pathParamPrefix: - type: string - repoURL: - type: string - requeueAfterSeconds: - format: int64 - type: integer - revision: - type: string - template: - properties: - metadata: + kustomize: properties: - annotations: + commonAnnotations: additionalProperties: type: string type: object - finalizers: + commonAnnotationsEnvsubst: + type: boolean + commonLabels: + additionalProperties: + type: string + type: object + forceCommonAnnotations: + type: boolean + forceCommonLabels: + type: boolean + images: + items: + type: string + type: array + namePrefix: + type: string + nameSuffix: + type: string + namespace: + type: string + replicas: + items: + properties: + count: + anyOf: + - type: integer + - type: string + x-kubernetes-int-or-string: true + name: + type: string + required: + - count + - name + type: object + type: array + version: + type: string + type: object + path: + type: string + plugin: + properties: + env: + items: + properties: + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + name: + type: string + parameters: + items: + properties: + array: + items: + type: string + type: array + map: + additionalProperties: + type: string + type: object + name: + type: string + string: + type: string + type: object + type: array + type: object + ref: + type: string + repoURL: + type: string + targetRevision: + type: string + required: + - repoURL + type: object + type: array + syncPolicy: + properties: + automated: + properties: + allowEmpty: + type: boolean + prune: + type: boolean + selfHeal: + type: boolean + type: object + managedNamespaceMetadata: + properties: + annotations: + additionalProperties: + type: string + type: object + labels: + additionalProperties: + type: string + type: object + type: object + retry: + properties: + backoff: + properties: + duration: + type: string + factor: + format: int64 + type: integer + maxDuration: + type: string + type: object + limit: + format: int64 + type: integer + type: object + syncOptions: + items: + type: string + type: array + type: object + required: + - destination + - project + type: object + required: + - metadata + - spec + type: object + required: + - generators + type: object + merge: + properties: + generators: + items: + properties: + clusterDecisionResource: + properties: + configMapRef: + type: string + labelSelector: + properties: + matchExpressions: + items: + properties: + key: + type: string + operator: + type: string + values: + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + type: object + type: object + name: + type: string + requeueAfterSeconds: + format: int64 + type: integer + template: + properties: + metadata: + properties: + annotations: + additionalProperties: + type: string + type: object + finalizers: items: type: string type: array @@ -7125,6 +6788,9 @@ spec: type: array values: type: string + valuesObject: + type: object + x-kubernetes-preserve-unknown-fields: true version: type: string type: object @@ -7302,6 +6968,9 @@ spec: type: array values: type: string + valuesObject: + type: object + x-kubernetes-preserve-unknown-fields: true version: type: string type: object @@ -7446,18 +7115,38 @@ spec: - metadata - spec type: object + values: + additionalProperties: + type: string + type: object required: - - repoURL - - revision + - configMapRef type: object - list: + clusters: properties: - elements: - items: - x-kubernetes-preserve-unknown-fields: true - type: array - elementsYaml: - type: string + selector: + properties: + matchExpressions: + items: + properties: + key: + type: string + operator: + type: string + values: + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + type: object + type: object template: properties: metadata: @@ -7618,6 +7307,9 @@ spec: type: array values: type: string + valuesObject: + type: object + x-kubernetes-preserve-unknown-fields: true version: type: string type: object @@ -7795,6 +7487,9 @@ spec: type: array values: type: string + valuesObject: + type: object + x-kubernetes-preserve-unknown-fields: true version: type: string type: object @@ -7939,134 +7634,42 @@ spec: - metadata - spec type: object - required: - - elements + values: + additionalProperties: + type: string + type: object type: object - matrix: - x-kubernetes-preserve-unknown-fields: true - merge: - x-kubernetes-preserve-unknown-fields: true - pullRequest: + git: properties: - bitbucketServer: - properties: - api: - type: string - basicAuth: - properties: - passwordRef: - properties: - key: - type: string - secretName: - type: string - required: - - key - - secretName - type: object - username: - type: string - required: - - passwordRef - - username - type: object - project: - type: string - repo: - type: string - required: - - api - - project - - repo - type: object - filters: + directories: items: properties: - branchMatch: + exclude: + type: boolean + path: type: string + required: + - path type: object type: array - gitea: - properties: - api: - type: string - insecure: - type: boolean - owner: - type: string - repo: - type: string - tokenRef: - properties: - key: - type: string - secretName: - type: string - required: - - key - - secretName - type: object - required: - - api - - owner - - repo - type: object - github: - properties: - api: - type: string - appSecretName: - type: string - labels: - items: - type: string - type: array - owner: - type: string - repo: - type: string - tokenRef: - properties: - key: - type: string - secretName: - type: string - required: - - key - - secretName - type: object - required: - - owner - - repo - type: object - gitlab: - properties: - api: - type: string - labels: - items: + files: + items: + properties: + path: type: string - type: array - project: - type: string - pullRequestState: - type: string - tokenRef: - properties: - key: - type: string - secretName: - type: string - required: - - key - - secretName - type: object - required: - - project - type: object + required: + - path + type: object + type: array + pathParamPrefix: + type: string + repoURL: + type: string requeueAfterSeconds: format: int64 type: integer + revision: + type: string template: properties: metadata: @@ -8227,6 +7830,9 @@ spec: type: array values: type: string + valuesObject: + type: object + x-kubernetes-preserve-unknown-fields: true version: type: string type: object @@ -8404,6 +8010,9 @@ spec: type: array values: type: string + valuesObject: + type: object + x-kubernetes-preserve-unknown-fields: true version: type: string type: object @@ -8548,253 +8157,94 @@ spec: - metadata - spec type: object + values: + additionalProperties: + type: string + type: object + required: + - repoURL + - revision type: object - scmProvider: + list: properties: - azureDevOps: - properties: - accessTokenRef: - properties: - key: - type: string - secretName: - type: string - required: - - key - - secretName - type: object - allBranches: - type: boolean - api: - type: string - organization: - type: string - teamProject: - type: string - required: - - accessTokenRef - - organization - - teamProject - type: object - bitbucket: + elements: + items: + x-kubernetes-preserve-unknown-fields: true + type: array + elementsYaml: + type: string + template: properties: - allBranches: - type: boolean - appPasswordRef: + metadata: properties: - key: + annotations: + additionalProperties: + type: string + type: object + finalizers: + items: + type: string + type: array + labels: + additionalProperties: + type: string + type: object + name: type: string - secretName: + namespace: type: string - required: - - key - - secretName type: object - owner: - type: string - user: - type: string - required: - - appPasswordRef - - owner - - user - type: object - bitbucketServer: - properties: - allBranches: - type: boolean - api: - type: string - basicAuth: + spec: properties: - passwordRef: + destination: properties: - key: + name: type: string - secretName: + namespace: + type: string + server: type: string - required: - - key - - secretName type: object - username: - type: string - required: - - passwordRef - - username - type: object - project: - type: string - required: - - api - - project - type: object - cloneProtocol: - type: string - filters: - items: - properties: - branchMatch: - type: string - labelMatch: - type: string - pathsDoNotExist: - items: - type: string - type: array - pathsExist: - items: - type: string - type: array - repositoryMatch: - type: string - type: object - type: array - gitea: - properties: - allBranches: - type: boolean - api: - type: string - insecure: - type: boolean - owner: - type: string - tokenRef: - properties: - key: - type: string - secretName: - type: string - required: - - key - - secretName - type: object - required: - - api - - owner - type: object - github: - properties: - allBranches: - type: boolean - api: - type: string - appSecretName: - type: string - organization: - type: string - tokenRef: - properties: - key: - type: string - secretName: - type: string - required: - - key - - secretName - type: object - required: - - organization - type: object - gitlab: - properties: - allBranches: - type: boolean - api: - type: string - group: - type: string - includeSubgroups: - type: boolean - tokenRef: - properties: - key: - type: string - secretName: - type: string - required: - - key - - secretName - type: object - required: - - group - type: object - requeueAfterSeconds: - format: int64 - type: integer - template: - properties: - metadata: - properties: - annotations: - additionalProperties: - type: string - type: object - finalizers: - items: - type: string - type: array - labels: - additionalProperties: - type: string - type: object - name: - type: string - namespace: - type: string - type: object - spec: - properties: - destination: - properties: - name: - type: string - namespace: - type: string - server: - type: string - type: object - ignoreDifferences: - items: - properties: - group: - type: string - jqPathExpressions: - items: - type: string - type: array - jsonPointers: - items: - type: string - type: array - kind: - type: string - managedFieldsManagers: - items: - type: string - type: array - name: - type: string - namespace: - type: string - required: - - kind - type: object - type: array - info: - items: - properties: - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - project: + ignoreDifferences: + items: + properties: + group: + type: string + jqPathExpressions: + items: + type: string + type: array + jsonPointers: + items: + type: string + type: array + kind: + type: string + managedFieldsManagers: + items: + type: string + type: array + name: + type: string + namespace: + type: string + required: + - kind + type: object + type: array + info: + items: + properties: + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + project: type: string revisionHistoryLimit: format: int64 @@ -8836,404 +8286,2814 @@ spec: type: boolean name: type: string - value: + value: + type: string + required: + - name + - value + type: object + type: array + type: object + recurse: + type: boolean + type: object + helm: + properties: + fileParameters: + items: + properties: + name: + type: string + path: + type: string + type: object + type: array + ignoreMissingValueFiles: + type: boolean + parameters: + items: + properties: + forceString: + type: boolean + name: + type: string + value: + type: string + type: object + type: array + passCredentials: + type: boolean + releaseName: + type: string + skipCrds: + type: boolean + valueFiles: + items: + type: string + type: array + values: + type: string + valuesObject: + type: object + x-kubernetes-preserve-unknown-fields: true + version: + type: string + type: object + kustomize: + properties: + commonAnnotations: + additionalProperties: + type: string + type: object + commonAnnotationsEnvsubst: + type: boolean + commonLabels: + additionalProperties: + type: string + type: object + forceCommonAnnotations: + type: boolean + forceCommonLabels: + type: boolean + images: + items: + type: string + type: array + namePrefix: + type: string + nameSuffix: + type: string + namespace: + type: string + replicas: + items: + properties: + count: + anyOf: + - type: integer + - type: string + x-kubernetes-int-or-string: true + name: + type: string + required: + - count + - name + type: object + type: array + version: + type: string + type: object + path: + type: string + plugin: + properties: + env: + items: + properties: + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + name: + type: string + parameters: + items: + properties: + array: + items: + type: string + type: array + map: + additionalProperties: + type: string + type: object + name: + type: string + string: + type: string + type: object + type: array + type: object + ref: + type: string + repoURL: + type: string + targetRevision: + type: string + required: + - repoURL + type: object + sources: + items: + properties: + chart: + type: string + directory: + properties: + exclude: + type: string + include: + type: string + jsonnet: + properties: + extVars: + items: + properties: + code: + type: boolean + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + libs: + items: + type: string + type: array + tlas: + items: + properties: + code: + type: boolean + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + type: object + recurse: + type: boolean + type: object + helm: + properties: + fileParameters: + items: + properties: + name: + type: string + path: + type: string + type: object + type: array + ignoreMissingValueFiles: + type: boolean + parameters: + items: + properties: + forceString: + type: boolean + name: + type: string + value: + type: string + type: object + type: array + passCredentials: + type: boolean + releaseName: + type: string + skipCrds: + type: boolean + valueFiles: + items: + type: string + type: array + values: + type: string + valuesObject: + type: object + x-kubernetes-preserve-unknown-fields: true + version: + type: string + type: object + kustomize: + properties: + commonAnnotations: + additionalProperties: + type: string + type: object + commonAnnotationsEnvsubst: + type: boolean + commonLabels: + additionalProperties: + type: string + type: object + forceCommonAnnotations: + type: boolean + forceCommonLabels: + type: boolean + images: + items: + type: string + type: array + namePrefix: + type: string + nameSuffix: + type: string + namespace: + type: string + replicas: + items: + properties: + count: + anyOf: + - type: integer + - type: string + x-kubernetes-int-or-string: true + name: + type: string + required: + - count + - name + type: object + type: array + version: + type: string + type: object + path: + type: string + plugin: + properties: + env: + items: + properties: + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + name: + type: string + parameters: + items: + properties: + array: + items: + type: string + type: array + map: + additionalProperties: + type: string + type: object + name: + type: string + string: + type: string + type: object + type: array + type: object + ref: + type: string + repoURL: + type: string + targetRevision: + type: string + required: + - repoURL + type: object + type: array + syncPolicy: + properties: + automated: + properties: + allowEmpty: + type: boolean + prune: + type: boolean + selfHeal: + type: boolean + type: object + managedNamespaceMetadata: + properties: + annotations: + additionalProperties: + type: string + type: object + labels: + additionalProperties: + type: string + type: object + type: object + retry: + properties: + backoff: + properties: + duration: + type: string + factor: + format: int64 + type: integer + maxDuration: + type: string + type: object + limit: + format: int64 + type: integer + type: object + syncOptions: + items: + type: string + type: array + type: object + required: + - destination + - project + type: object + required: + - metadata + - spec + type: object + required: + - elements + type: object + matrix: + x-kubernetes-preserve-unknown-fields: true + merge: + x-kubernetes-preserve-unknown-fields: true + plugin: + properties: + configMapRef: + properties: + name: + type: string + required: + - name + type: object + input: + properties: + parameters: + additionalProperties: + x-kubernetes-preserve-unknown-fields: true + type: object + type: object + requeueAfterSeconds: + format: int64 + type: integer + template: + properties: + metadata: + properties: + annotations: + additionalProperties: + type: string + type: object + finalizers: + items: + type: string + type: array + labels: + additionalProperties: + type: string + type: object + name: + type: string + namespace: + type: string + type: object + spec: + properties: + destination: + properties: + name: + type: string + namespace: + type: string + server: + type: string + type: object + ignoreDifferences: + items: + properties: + group: + type: string + jqPathExpressions: + items: + type: string + type: array + jsonPointers: + items: + type: string + type: array + kind: + type: string + managedFieldsManagers: + items: + type: string + type: array + name: + type: string + namespace: + type: string + required: + - kind + type: object + type: array + info: + items: + properties: + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + project: + type: string + revisionHistoryLimit: + format: int64 + type: integer + source: + properties: + chart: + type: string + directory: + properties: + exclude: + type: string + include: + type: string + jsonnet: + properties: + extVars: + items: + properties: + code: + type: boolean + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + libs: + items: + type: string + type: array + tlas: + items: + properties: + code: + type: boolean + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + type: object + recurse: + type: boolean + type: object + helm: + properties: + fileParameters: + items: + properties: + name: + type: string + path: + type: string + type: object + type: array + ignoreMissingValueFiles: + type: boolean + parameters: + items: + properties: + forceString: + type: boolean + name: + type: string + value: + type: string + type: object + type: array + passCredentials: + type: boolean + releaseName: + type: string + skipCrds: + type: boolean + valueFiles: + items: + type: string + type: array + values: + type: string + valuesObject: + type: object + x-kubernetes-preserve-unknown-fields: true + version: + type: string + type: object + kustomize: + properties: + commonAnnotations: + additionalProperties: + type: string + type: object + commonAnnotationsEnvsubst: + type: boolean + commonLabels: + additionalProperties: + type: string + type: object + forceCommonAnnotations: + type: boolean + forceCommonLabels: + type: boolean + images: + items: + type: string + type: array + namePrefix: + type: string + nameSuffix: + type: string + namespace: + type: string + replicas: + items: + properties: + count: + anyOf: + - type: integer + - type: string + x-kubernetes-int-or-string: true + name: + type: string + required: + - count + - name + type: object + type: array + version: + type: string + type: object + path: + type: string + plugin: + properties: + env: + items: + properties: + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + name: + type: string + parameters: + items: + properties: + array: + items: + type: string + type: array + map: + additionalProperties: + type: string + type: object + name: + type: string + string: + type: string + type: object + type: array + type: object + ref: + type: string + repoURL: + type: string + targetRevision: + type: string + required: + - repoURL + type: object + sources: + items: + properties: + chart: + type: string + directory: + properties: + exclude: + type: string + include: + type: string + jsonnet: + properties: + extVars: + items: + properties: + code: + type: boolean + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + libs: + items: + type: string + type: array + tlas: + items: + properties: + code: + type: boolean + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + type: object + recurse: + type: boolean + type: object + helm: + properties: + fileParameters: + items: + properties: + name: + type: string + path: + type: string + type: object + type: array + ignoreMissingValueFiles: + type: boolean + parameters: + items: + properties: + forceString: + type: boolean + name: + type: string + value: + type: string + type: object + type: array + passCredentials: + type: boolean + releaseName: + type: string + skipCrds: + type: boolean + valueFiles: + items: + type: string + type: array + values: + type: string + valuesObject: + type: object + x-kubernetes-preserve-unknown-fields: true + version: + type: string + type: object + kustomize: + properties: + commonAnnotations: + additionalProperties: + type: string + type: object + commonAnnotationsEnvsubst: + type: boolean + commonLabels: + additionalProperties: + type: string + type: object + forceCommonAnnotations: + type: boolean + forceCommonLabels: + type: boolean + images: + items: + type: string + type: array + namePrefix: + type: string + nameSuffix: + type: string + namespace: + type: string + replicas: + items: + properties: + count: + anyOf: + - type: integer + - type: string + x-kubernetes-int-or-string: true + name: + type: string + required: + - count + - name + type: object + type: array + version: + type: string + type: object + path: + type: string + plugin: + properties: + env: + items: + properties: + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + name: + type: string + parameters: + items: + properties: + array: + items: + type: string + type: array + map: + additionalProperties: + type: string + type: object + name: + type: string + string: + type: string + type: object + type: array + type: object + ref: + type: string + repoURL: + type: string + targetRevision: + type: string + required: + - repoURL + type: object + type: array + syncPolicy: + properties: + automated: + properties: + allowEmpty: + type: boolean + prune: + type: boolean + selfHeal: + type: boolean + type: object + managedNamespaceMetadata: + properties: + annotations: + additionalProperties: + type: string + type: object + labels: + additionalProperties: + type: string + type: object + type: object + retry: + properties: + backoff: + properties: + duration: + type: string + factor: + format: int64 + type: integer + maxDuration: + type: string + type: object + limit: + format: int64 + type: integer + type: object + syncOptions: + items: + type: string + type: array + type: object + required: + - destination + - project + type: object + required: + - metadata + - spec + type: object + values: + additionalProperties: + type: string + type: object + required: + - configMapRef + type: object + pullRequest: + properties: + azuredevops: + properties: + api: + type: string + labels: + items: + type: string + type: array + organization: + type: string + project: + type: string + repo: + type: string + tokenRef: + properties: + key: + type: string + secretName: + type: string + required: + - key + - secretName + type: object + required: + - organization + - project + - repo + type: object + bitbucket: + properties: + api: + type: string + basicAuth: + properties: + passwordRef: + properties: + key: + type: string + secretName: + type: string + required: + - key + - secretName + type: object + username: + type: string + required: + - passwordRef + - username + type: object + bearerToken: + properties: + tokenRef: + properties: + key: + type: string + secretName: + type: string + required: + - key + - secretName + type: object + required: + - tokenRef + type: object + owner: + type: string + repo: + type: string + required: + - owner + - repo + type: object + bitbucketServer: + properties: + api: + type: string + basicAuth: + properties: + passwordRef: + properties: + key: + type: string + secretName: + type: string + required: + - key + - secretName + type: object + username: + type: string + required: + - passwordRef + - username + type: object + project: + type: string + repo: + type: string + required: + - api + - project + - repo + type: object + filters: + items: + properties: + branchMatch: + type: string + targetBranchMatch: + type: string + type: object + type: array + gitea: + properties: + api: + type: string + insecure: + type: boolean + owner: + type: string + repo: + type: string + tokenRef: + properties: + key: + type: string + secretName: + type: string + required: + - key + - secretName + type: object + required: + - api + - owner + - repo + type: object + github: + properties: + api: + type: string + appSecretName: + type: string + labels: + items: + type: string + type: array + owner: + type: string + repo: + type: string + tokenRef: + properties: + key: + type: string + secretName: + type: string + required: + - key + - secretName + type: object + required: + - owner + - repo + type: object + gitlab: + properties: + api: + type: string + insecure: + type: boolean + labels: + items: + type: string + type: array + project: + type: string + pullRequestState: + type: string + tokenRef: + properties: + key: + type: string + secretName: + type: string + required: + - key + - secretName + type: object + required: + - project + type: object + requeueAfterSeconds: + format: int64 + type: integer + template: + properties: + metadata: + properties: + annotations: + additionalProperties: + type: string + type: object + finalizers: + items: + type: string + type: array + labels: + additionalProperties: + type: string + type: object + name: + type: string + namespace: + type: string + type: object + spec: + properties: + destination: + properties: + name: + type: string + namespace: + type: string + server: + type: string + type: object + ignoreDifferences: + items: + properties: + group: + type: string + jqPathExpressions: + items: + type: string + type: array + jsonPointers: + items: + type: string + type: array + kind: + type: string + managedFieldsManagers: + items: + type: string + type: array + name: + type: string + namespace: + type: string + required: + - kind + type: object + type: array + info: + items: + properties: + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + project: + type: string + revisionHistoryLimit: + format: int64 + type: integer + source: + properties: + chart: + type: string + directory: + properties: + exclude: + type: string + include: + type: string + jsonnet: + properties: + extVars: + items: + properties: + code: + type: boolean + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + libs: + items: + type: string + type: array + tlas: + items: + properties: + code: + type: boolean + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + type: object + recurse: + type: boolean + type: object + helm: + properties: + fileParameters: + items: + properties: + name: + type: string + path: + type: string + type: object + type: array + ignoreMissingValueFiles: + type: boolean + parameters: + items: + properties: + forceString: + type: boolean + name: + type: string + value: + type: string + type: object + type: array + passCredentials: + type: boolean + releaseName: + type: string + skipCrds: + type: boolean + valueFiles: + items: + type: string + type: array + values: + type: string + valuesObject: + type: object + x-kubernetes-preserve-unknown-fields: true + version: + type: string + type: object + kustomize: + properties: + commonAnnotations: + additionalProperties: + type: string + type: object + commonAnnotationsEnvsubst: + type: boolean + commonLabels: + additionalProperties: + type: string + type: object + forceCommonAnnotations: + type: boolean + forceCommonLabels: + type: boolean + images: + items: + type: string + type: array + namePrefix: + type: string + nameSuffix: + type: string + namespace: + type: string + replicas: + items: + properties: + count: + anyOf: + - type: integer + - type: string + x-kubernetes-int-or-string: true + name: + type: string + required: + - count + - name + type: object + type: array + version: + type: string + type: object + path: + type: string + plugin: + properties: + env: + items: + properties: + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + name: + type: string + parameters: + items: + properties: + array: + items: + type: string + type: array + map: + additionalProperties: + type: string + type: object + name: + type: string + string: + type: string + type: object + type: array + type: object + ref: + type: string + repoURL: + type: string + targetRevision: + type: string + required: + - repoURL + type: object + sources: + items: + properties: + chart: + type: string + directory: + properties: + exclude: + type: string + include: + type: string + jsonnet: + properties: + extVars: + items: + properties: + code: + type: boolean + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + libs: + items: + type: string + type: array + tlas: + items: + properties: + code: + type: boolean + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + type: object + recurse: + type: boolean + type: object + helm: + properties: + fileParameters: + items: + properties: + name: + type: string + path: + type: string + type: object + type: array + ignoreMissingValueFiles: + type: boolean + parameters: + items: + properties: + forceString: + type: boolean + name: + type: string + value: + type: string + type: object + type: array + passCredentials: + type: boolean + releaseName: + type: string + skipCrds: + type: boolean + valueFiles: + items: + type: string + type: array + values: + type: string + valuesObject: + type: object + x-kubernetes-preserve-unknown-fields: true + version: + type: string + type: object + kustomize: + properties: + commonAnnotations: + additionalProperties: + type: string + type: object + commonAnnotationsEnvsubst: + type: boolean + commonLabels: + additionalProperties: + type: string + type: object + forceCommonAnnotations: + type: boolean + forceCommonLabels: + type: boolean + images: + items: + type: string + type: array + namePrefix: + type: string + nameSuffix: + type: string + namespace: + type: string + replicas: + items: + properties: + count: + anyOf: + - type: integer + - type: string + x-kubernetes-int-or-string: true + name: + type: string + required: + - count + - name + type: object + type: array + version: + type: string + type: object + path: + type: string + plugin: + properties: + env: + items: + properties: + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + name: + type: string + parameters: + items: + properties: + array: + items: + type: string + type: array + map: + additionalProperties: + type: string + type: object + name: + type: string + string: + type: string + type: object + type: array + type: object + ref: + type: string + repoURL: + type: string + targetRevision: + type: string + required: + - repoURL + type: object + type: array + syncPolicy: + properties: + automated: + properties: + allowEmpty: + type: boolean + prune: + type: boolean + selfHeal: + type: boolean + type: object + managedNamespaceMetadata: + properties: + annotations: + additionalProperties: + type: string + type: object + labels: + additionalProperties: + type: string + type: object + type: object + retry: + properties: + backoff: + properties: + duration: + type: string + factor: + format: int64 + type: integer + maxDuration: + type: string + type: object + limit: + format: int64 + type: integer + type: object + syncOptions: + items: + type: string + type: array + type: object + required: + - destination + - project + type: object + required: + - metadata + - spec + type: object + type: object + scmProvider: + properties: + awsCodeCommit: + properties: + allBranches: + type: boolean + region: + type: string + role: + type: string + tagFilters: + items: + properties: + key: + type: string + value: + type: string + required: + - key + type: object + type: array + type: object + azureDevOps: + properties: + accessTokenRef: + properties: + key: + type: string + secretName: + type: string + required: + - key + - secretName + type: object + allBranches: + type: boolean + api: + type: string + organization: + type: string + teamProject: + type: string + required: + - accessTokenRef + - organization + - teamProject + type: object + bitbucket: + properties: + allBranches: + type: boolean + appPasswordRef: + properties: + key: + type: string + secretName: + type: string + required: + - key + - secretName + type: object + owner: + type: string + user: + type: string + required: + - appPasswordRef + - owner + - user + type: object + bitbucketServer: + properties: + allBranches: + type: boolean + api: + type: string + basicAuth: + properties: + passwordRef: + properties: + key: + type: string + secretName: + type: string + required: + - key + - secretName + type: object + username: + type: string + required: + - passwordRef + - username + type: object + project: + type: string + required: + - api + - project + type: object + cloneProtocol: + type: string + filters: + items: + properties: + branchMatch: + type: string + labelMatch: + type: string + pathsDoNotExist: + items: + type: string + type: array + pathsExist: + items: + type: string + type: array + repositoryMatch: + type: string + type: object + type: array + gitea: + properties: + allBranches: + type: boolean + api: + type: string + insecure: + type: boolean + owner: + type: string + tokenRef: + properties: + key: + type: string + secretName: + type: string + required: + - key + - secretName + type: object + required: + - api + - owner + type: object + github: + properties: + allBranches: + type: boolean + api: + type: string + appSecretName: + type: string + organization: + type: string + tokenRef: + properties: + key: + type: string + secretName: + type: string + required: + - key + - secretName + type: object + required: + - organization + type: object + gitlab: + properties: + allBranches: + type: boolean + api: + type: string + group: + type: string + includeSubgroups: + type: boolean + insecure: + type: boolean + tokenRef: + properties: + key: + type: string + secretName: + type: string + required: + - key + - secretName + type: object + required: + - group + type: object + requeueAfterSeconds: + format: int64 + type: integer + template: + properties: + metadata: + properties: + annotations: + additionalProperties: + type: string + type: object + finalizers: + items: + type: string + type: array + labels: + additionalProperties: + type: string + type: object + name: + type: string + namespace: + type: string + type: object + spec: + properties: + destination: + properties: + name: + type: string + namespace: + type: string + server: + type: string + type: object + ignoreDifferences: + items: + properties: + group: + type: string + jqPathExpressions: + items: + type: string + type: array + jsonPointers: + items: + type: string + type: array + kind: + type: string + managedFieldsManagers: + items: + type: string + type: array + name: + type: string + namespace: + type: string + required: + - kind + type: object + type: array + info: + items: + properties: + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + project: + type: string + revisionHistoryLimit: + format: int64 + type: integer + source: + properties: + chart: + type: string + directory: + properties: + exclude: + type: string + include: + type: string + jsonnet: + properties: + extVars: + items: + properties: + code: + type: boolean + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + libs: + items: + type: string + type: array + tlas: + items: + properties: + code: + type: boolean + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + type: object + recurse: + type: boolean + type: object + helm: + properties: + fileParameters: + items: + properties: + name: + type: string + path: + type: string + type: object + type: array + ignoreMissingValueFiles: + type: boolean + parameters: + items: + properties: + forceString: + type: boolean + name: + type: string + value: + type: string + type: object + type: array + passCredentials: + type: boolean + releaseName: + type: string + skipCrds: + type: boolean + valueFiles: + items: + type: string + type: array + values: + type: string + valuesObject: + type: object + x-kubernetes-preserve-unknown-fields: true + version: + type: string + type: object + kustomize: + properties: + commonAnnotations: + additionalProperties: + type: string + type: object + commonAnnotationsEnvsubst: + type: boolean + commonLabels: + additionalProperties: + type: string + type: object + forceCommonAnnotations: + type: boolean + forceCommonLabels: + type: boolean + images: + items: + type: string + type: array + namePrefix: + type: string + nameSuffix: + type: string + namespace: + type: string + replicas: + items: + properties: + count: + anyOf: + - type: integer + - type: string + x-kubernetes-int-or-string: true + name: + type: string + required: + - count + - name + type: object + type: array + version: + type: string + type: object + path: + type: string + plugin: + properties: + env: + items: + properties: + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + name: + type: string + parameters: + items: + properties: + array: + items: + type: string + type: array + map: + additionalProperties: + type: string + type: object + name: + type: string + string: + type: string + type: object + type: array + type: object + ref: + type: string + repoURL: + type: string + targetRevision: + type: string + required: + - repoURL + type: object + sources: + items: + properties: + chart: + type: string + directory: + properties: + exclude: + type: string + include: + type: string + jsonnet: + properties: + extVars: + items: + properties: + code: + type: boolean + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + libs: + items: + type: string + type: array + tlas: + items: + properties: + code: + type: boolean + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + type: object + recurse: + type: boolean + type: object + helm: + properties: + fileParameters: + items: + properties: + name: + type: string + path: + type: string + type: object + type: array + ignoreMissingValueFiles: + type: boolean + parameters: + items: + properties: + forceString: + type: boolean + name: + type: string + value: + type: string + type: object + type: array + passCredentials: + type: boolean + releaseName: + type: string + skipCrds: + type: boolean + valueFiles: + items: + type: string + type: array + values: + type: string + valuesObject: + type: object + x-kubernetes-preserve-unknown-fields: true + version: + type: string + type: object + kustomize: + properties: + commonAnnotations: + additionalProperties: + type: string + type: object + commonAnnotationsEnvsubst: + type: boolean + commonLabels: + additionalProperties: + type: string + type: object + forceCommonAnnotations: + type: boolean + forceCommonLabels: + type: boolean + images: + items: + type: string + type: array + namePrefix: + type: string + nameSuffix: + type: string + namespace: + type: string + replicas: + items: + properties: + count: + anyOf: + - type: integer + - type: string + x-kubernetes-int-or-string: true + name: + type: string + required: + - count + - name + type: object + type: array + version: + type: string + type: object + path: + type: string + plugin: + properties: + env: + items: + properties: + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + name: + type: string + parameters: + items: + properties: + array: + items: + type: string + type: array + map: + additionalProperties: type: string - required: - - name - - value - type: object - type: array - type: object - recurse: - type: boolean - type: object - helm: + type: object + name: + type: string + string: + type: string + type: object + type: array + type: object + ref: + type: string + repoURL: + type: string + targetRevision: + type: string + required: + - repoURL + type: object + type: array + syncPolicy: + properties: + automated: properties: - fileParameters: - items: - properties: - name: - type: string - path: - type: string - type: object - type: array - ignoreMissingValueFiles: + allowEmpty: type: boolean - parameters: - items: - properties: - forceString: - type: boolean - name: - type: string - value: - type: string - type: object - type: array - passCredentials: + prune: type: boolean - releaseName: - type: string - skipCrds: + selfHeal: type: boolean - valueFiles: - items: - type: string - type: array - values: - type: string - version: - type: string type: object - kustomize: + managedNamespaceMetadata: properties: - commonAnnotations: + annotations: additionalProperties: type: string type: object - commonAnnotationsEnvsubst: - type: boolean - commonLabels: + labels: additionalProperties: type: string type: object - forceCommonAnnotations: - type: boolean - forceCommonLabels: + type: object + retry: + properties: + backoff: + properties: + duration: + type: string + factor: + format: int64 + type: integer + maxDuration: + type: string + type: object + limit: + format: int64 + type: integer + type: object + syncOptions: + items: + type: string + type: array + type: object + required: + - destination + - project + type: object + required: + - metadata + - spec + type: object + values: + additionalProperties: + type: string + type: object + type: object + selector: + properties: + matchExpressions: + items: + properties: + key: + type: string + operator: + type: string + values: + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + type: object + type: object + type: object + type: array + mergeKeys: + items: + type: string + type: array + template: + properties: + metadata: + properties: + annotations: + additionalProperties: + type: string + type: object + finalizers: + items: + type: string + type: array + labels: + additionalProperties: + type: string + type: object + name: + type: string + namespace: + type: string + type: object + spec: + properties: + destination: + properties: + name: + type: string + namespace: + type: string + server: + type: string + type: object + ignoreDifferences: + items: + properties: + group: + type: string + jqPathExpressions: + items: + type: string + type: array + jsonPointers: + items: + type: string + type: array + kind: + type: string + managedFieldsManagers: + items: + type: string + type: array + name: + type: string + namespace: + type: string + required: + - kind + type: object + type: array + info: + items: + properties: + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + project: + type: string + revisionHistoryLimit: + format: int64 + type: integer + source: + properties: + chart: + type: string + directory: + properties: + exclude: + type: string + include: + type: string + jsonnet: + properties: + extVars: + items: + properties: + code: type: boolean - images: - items: - type: string - type: array - namePrefix: - type: string - nameSuffix: - type: string - namespace: + name: type: string - replicas: - items: - properties: - count: - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - name: - type: string - required: - - count - - name - type: object - type: array - version: + value: type: string + required: + - name + - value type: object - path: + type: array + libs: + items: type: string - plugin: + type: array + tlas: + items: properties: - env: - items: - properties: - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array + code: + type: boolean name: type: string - parameters: - items: - properties: - array: - items: - type: string - type: array - map: - additionalProperties: - type: string - type: object - name: - type: string - string: - type: string - type: object - type: array + value: + type: string + required: + - name + - value type: object - ref: + type: array + type: object + recurse: + type: boolean + type: object + helm: + properties: + fileParameters: + items: + properties: + name: type: string - repoURL: + path: type: string - targetRevision: + type: object + type: array + ignoreMissingValueFiles: + type: boolean + parameters: + items: + properties: + forceString: + type: boolean + name: + type: string + value: + type: string + type: object + type: array + passCredentials: + type: boolean + releaseName: + type: string + skipCrds: + type: boolean + valueFiles: + items: + type: string + type: array + values: + type: string + valuesObject: + type: object + x-kubernetes-preserve-unknown-fields: true + version: + type: string + type: object + kustomize: + properties: + commonAnnotations: + additionalProperties: + type: string + type: object + commonAnnotationsEnvsubst: + type: boolean + commonLabels: + additionalProperties: + type: string + type: object + forceCommonAnnotations: + type: boolean + forceCommonLabels: + type: boolean + images: + items: + type: string + type: array + namePrefix: + type: string + nameSuffix: + type: string + namespace: + type: string + replicas: + items: + properties: + count: + anyOf: + - type: integer + - type: string + x-kubernetes-int-or-string: true + name: type: string required: - - repoURL + - count + - name type: object - sources: - items: - properties: - chart: + type: array + version: + type: string + type: object + path: + type: string + plugin: + properties: + env: + items: + properties: + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + name: + type: string + parameters: + items: + properties: + array: + items: type: string - directory: - properties: - exclude: - type: string - include: - type: string - jsonnet: - properties: - extVars: - items: - properties: - code: - type: boolean - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - libs: - items: - type: string - type: array - tlas: - items: - properties: - code: - type: boolean - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - type: object - recurse: - type: boolean - type: object - helm: + type: array + map: + additionalProperties: + type: string + type: object + name: + type: string + string: + type: string + type: object + type: array + type: object + ref: + type: string + repoURL: + type: string + targetRevision: + type: string + required: + - repoURL + type: object + sources: + items: + properties: + chart: + type: string + directory: + properties: + exclude: + type: string + include: + type: string + jsonnet: + properties: + extVars: + items: properties: - fileParameters: - items: - properties: - name: - type: string - path: - type: string - type: object - type: array - ignoreMissingValueFiles: - type: boolean - parameters: - items: - properties: - forceString: - type: boolean - name: - type: string - value: - type: string - type: object - type: array - passCredentials: - type: boolean - releaseName: - type: string - skipCrds: + code: type: boolean - valueFiles: - items: - type: string - type: array - values: + name: type: string - version: + value: type: string + required: + - name + - value type: object - kustomize: + type: array + libs: + items: + type: string + type: array + tlas: + items: properties: - commonAnnotations: - additionalProperties: - type: string - type: object - commonAnnotationsEnvsubst: - type: boolean - commonLabels: - additionalProperties: - type: string - type: object - forceCommonAnnotations: - type: boolean - forceCommonLabels: + code: type: boolean - images: - items: - type: string - type: array - namePrefix: - type: string - nameSuffix: - type: string - namespace: + name: type: string - replicas: - items: - properties: - count: - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - name: - type: string - required: - - count - - name - type: object - type: array - version: + value: type: string + required: + - name + - value type: object + type: array + type: object + recurse: + type: boolean + type: object + helm: + properties: + fileParameters: + items: + properties: + name: + type: string path: type: string - plugin: - properties: - env: - items: - properties: - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - name: - type: string - parameters: - items: - properties: - array: - items: - type: string - type: array - map: - additionalProperties: - type: string - type: object - name: - type: string - string: - type: string - type: object - type: array - type: object - ref: + type: object + type: array + ignoreMissingValueFiles: + type: boolean + parameters: + items: + properties: + forceString: + type: boolean + name: type: string - repoURL: + value: type: string - targetRevision: + type: object + type: array + passCredentials: + type: boolean + releaseName: + type: string + skipCrds: + type: boolean + valueFiles: + items: + type: string + type: array + values: + type: string + valuesObject: + type: object + x-kubernetes-preserve-unknown-fields: true + version: + type: string + type: object + kustomize: + properties: + commonAnnotations: + additionalProperties: + type: string + type: object + commonAnnotationsEnvsubst: + type: boolean + commonLabels: + additionalProperties: + type: string + type: object + forceCommonAnnotations: + type: boolean + forceCommonLabels: + type: boolean + images: + items: + type: string + type: array + namePrefix: + type: string + nameSuffix: + type: string + namespace: + type: string + replicas: + items: + properties: + count: + anyOf: + - type: integer + - type: string + x-kubernetes-int-or-string: true + name: type: string required: - - repoURL + - count + - name type: object type: array - syncPolicy: - properties: - automated: - properties: - allowEmpty: - type: boolean - prune: - type: boolean - selfHeal: - type: boolean - type: object - managedNamespaceMetadata: - properties: - annotations: - additionalProperties: - type: string - type: object - labels: - additionalProperties: - type: string - type: object - type: object - retry: - properties: - backoff: - properties: - duration: - type: string - factor: - format: int64 - type: integer - maxDuration: - type: string - type: object - limit: - format: int64 - type: integer - type: object - syncOptions: - items: + version: + type: string + type: object + path: + type: string + plugin: + properties: + env: + items: + properties: + name: type: string - type: array - type: object - required: - - destination - - project + value: + type: string + required: + - name + - value + type: object + type: array + name: + type: string + parameters: + items: + properties: + array: + items: + type: string + type: array + map: + additionalProperties: + type: string + type: object + name: + type: string + string: + type: string + type: object + type: array type: object + ref: + type: string + repoURL: + type: string + targetRevision: + type: string required: - - metadata - - spec + - repoURL type: object - type: object - selector: - properties: - matchExpressions: - items: + type: array + syncPolicy: + properties: + automated: properties: - key: - type: string - operator: - type: string - values: - items: + allowEmpty: + type: boolean + prune: + type: boolean + selfHeal: + type: boolean + type: object + managedNamespaceMetadata: + properties: + annotations: + additionalProperties: type: string - type: array - required: - - key - - operator + type: object + labels: + additionalProperties: + type: string + type: object type: object - type: array - matchLabels: - additionalProperties: - type: string - type: object - type: object - type: object - type: array - mergeKeys: - items: - type: string - type: array + retry: + properties: + backoff: + properties: + duration: + type: string + factor: + format: int64 + type: integer + maxDuration: + type: string + type: object + limit: + format: int64 + type: integer + type: object + syncOptions: + items: + type: string + type: array + type: object + required: + - destination + - project + type: object + required: + - metadata + - spec + type: object + required: + - generators + - mergeKeys + type: object + plugin: + properties: + configMapRef: + properties: + name: + type: string + required: + - name + type: object + input: + properties: + parameters: + additionalProperties: + x-kubernetes-preserve-unknown-fields: true + type: object + type: object + requeueAfterSeconds: + format: int64 + type: integer template: properties: metadata: @@ -9394,6 +11254,9 @@ spec: type: array values: type: string + valuesObject: + type: object + x-kubernetes-preserve-unknown-fields: true version: type: string type: object @@ -9571,6 +11434,9 @@ spec: type: array values: type: string + valuesObject: + type: object + x-kubernetes-preserve-unknown-fields: true version: type: string type: object @@ -9715,12 +11581,89 @@ spec: - metadata - spec type: object + values: + additionalProperties: + type: string + type: object required: - - generators - - mergeKeys + - configMapRef type: object pullRequest: properties: + azuredevops: + properties: + api: + type: string + labels: + items: + type: string + type: array + organization: + type: string + project: + type: string + repo: + type: string + tokenRef: + properties: + key: + type: string + secretName: + type: string + required: + - key + - secretName + type: object + required: + - organization + - project + - repo + type: object + bitbucket: + properties: + api: + type: string + basicAuth: + properties: + passwordRef: + properties: + key: + type: string + secretName: + type: string + required: + - key + - secretName + type: object + username: + type: string + required: + - passwordRef + - username + type: object + bearerToken: + properties: + tokenRef: + properties: + key: + type: string + secretName: + type: string + required: + - key + - secretName + type: object + required: + - tokenRef + type: object + owner: + type: string + repo: + type: string + required: + - owner + - repo + type: object bitbucketServer: properties: api: @@ -9757,6 +11700,8 @@ spec: properties: branchMatch: type: string + targetBranchMatch: + type: string type: object type: array gitea: @@ -9816,6 +11761,8 @@ spec: properties: api: type: string + insecure: + type: boolean labels: items: type: string @@ -10000,6 +11947,9 @@ spec: type: array values: type: string + valuesObject: + type: object + x-kubernetes-preserve-unknown-fields: true version: type: string type: object @@ -10177,6 +12127,9 @@ spec: type: array values: type: string + valuesObject: + type: object + x-kubernetes-preserve-unknown-fields: true version: type: string type: object @@ -10324,6 +12277,26 @@ spec: type: object scmProvider: properties: + awsCodeCommit: + properties: + allBranches: + type: boolean + region: + type: string + role: + type: string + tagFilters: + items: + properties: + key: + type: string + value: + type: string + required: + - key + type: object + type: array + type: object azureDevOps: properties: accessTokenRef: @@ -10480,6 +12453,8 @@ spec: type: string includeSubgroups: type: boolean + insecure: + type: boolean tokenRef: properties: key: @@ -10656,6 +12631,9 @@ spec: type: array values: type: string + valuesObject: + type: object + x-kubernetes-preserve-unknown-fields: true version: type: string type: object @@ -10833,6 +12811,9 @@ spec: type: array values: type: string + valuesObject: + type: object + x-kubernetes-preserve-unknown-fields: true version: type: string type: object @@ -10977,6 +12958,10 @@ spec: - metadata - spec type: object + values: + additionalProperties: + type: string + type: object type: object selector: properties: @@ -11005,6 +12990,10 @@ spec: type: array goTemplate: type: boolean + goTemplateOptions: + items: + type: string + type: array preservedFields: properties: annotations: @@ -11045,6 +13034,13 @@ spec: type: object syncPolicy: properties: + applicationsSync: + enum: + - create-only + - create-update + - create-delete + - sync + type: string preserveResourcesOnDeletion: type: boolean type: object @@ -11208,6 +13204,9 @@ spec: type: array values: type: string + valuesObject: + type: object + x-kubernetes-preserve-unknown-fields: true version: type: string type: object @@ -11385,6 +13384,9 @@ spec: type: array values: type: string + valuesObject: + type: object + x-kubernetes-preserve-unknown-fields: true version: type: string type: object diff --git a/charts/argo-cd/values.yaml b/charts/argo-cd/values.yaml index aa0716441..fb1db35cd 100644 --- a/charts/argo-cd/values.yaml +++ b/charts/argo-cd/values.yaml @@ -253,7 +253,7 @@ configs: # -- Disable Argo CD RBAC for user authentication server.disable.auth: false # -- Enable GZIP compression - server.enable.gzip: false + server.enable.gzip: true # -- Set X-Frame-Options header in HTTP responses to value. To disable, set to "". server.x.frame.options: sameorigin From b9c7b3104a8957a221362dab7e3d4daab989a9dd Mon Sep 17 00:00:00 2001 From: Jason Meridth Date: Tue, 8 Aug 2023 19:03:57 -0500 Subject: [PATCH 236/373] fix(argo-rollouts): add CI for enabling extra objects for argo-rollouts (#2198) * fix(argo-rollouts): add CI for enabling extra objects for argo-rollouts Add CI for extra objects Signed-off-by: jmeridth * fix: rename extra objects ci file to have -values suffix Signed-off-by: jmeridth --------- Signed-off-by: jmeridth Co-authored-by: Aikawa --- charts/argo-rollouts/Chart.yaml | 6 +++--- .../ci/enable-extra-objects-values.yaml | 14 ++++++++++++++ 2 files changed, 17 insertions(+), 3 deletions(-) create mode 100644 charts/argo-rollouts/ci/enable-extra-objects-values.yaml diff --git a/charts/argo-rollouts/Chart.yaml b/charts/argo-rollouts/Chart.yaml index 8cc669fb6..0bf8dfcb8 100644 --- a/charts/argo-rollouts/Chart.yaml +++ b/charts/argo-rollouts/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v2 appVersion: v1.5.1 description: A Helm chart for Argo Rollouts name: argo-rollouts -version: 2.31.4 +version: 2.31.5 home: https://github.com/argoproj/argo-helm icon: https://argoproj.github.io/argo-rollouts/assets/logo.png keywords: @@ -18,5 +18,5 @@ annotations: fingerprint: 2B8F22F57260EFA67BE1C5824B11F800CD9D2252 url: https://argoproj.github.io/argo-helm/pgp_keys.asc artifacthub.io/changes: | - - kind: fixed - description: Add required ingress permission + - kind: added + description: Add CI example for extra objects diff --git a/charts/argo-rollouts/ci/enable-extra-objects-values.yaml b/charts/argo-rollouts/ci/enable-extra-objects-values.yaml new file mode 100644 index 000000000..8d18ecd30 --- /dev/null +++ b/charts/argo-rollouts/ci/enable-extra-objects-values.yaml @@ -0,0 +1,14 @@ +# Test with extraObjects enabled +# Do not deploy the CRDs as they are already present from the previous test +installCRDs: false + +extraObjects: + - apiVersion: v1 + kind: Secret + metadata: + name: datadog + type: Opaque + data: + address: aHR0cHM6Ly9hcGkuZGF0YWRvZ2hxLmNvbQo= # https://api.datadoghq.com + api-key: dGVzdC1hcGkta2V5Cg== # test-api-key + app-key: dGVzdC1hcHAta2V5Cg== # test-app-key From 51e22106314012c2b4e620ad90b59340b5afb39e Mon Sep 17 00:00:00 2001 From: Petr Drastil Date: Wed, 9 Aug 2023 10:19:54 +0200 Subject: [PATCH 237/373] fix(argo-cd): Fix global log level configuration (#2213) fix(argo-cd) - Fix global log level configuration Signed-off-by: Petr Drastil --- charts/argo-cd/Chart.yaml | 6 +++--- charts/argo-cd/templates/_helpers.tpl | 2 +- 2 files changed, 4 insertions(+), 4 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index f85b8bb3b..6140b2cb9 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -3,7 +3,7 @@ appVersion: v2.8.0 kubeVersion: ">=1.23.0-0" description: A Helm chart for Argo CD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 5.43.0 +version: 5.43.1 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png sources: @@ -26,5 +26,5 @@ annotations: fingerprint: 2B8F22F57260EFA67BE1C5824B11F800CD9D2252 url: https://argoproj.github.io/argo-helm/pgp_keys.asc artifacthub.io/changes: | - - kind: changed - description: Upgrade Argo CD to 2.8.0 + - kind: fixed + description: Fixed global log level configuration diff --git a/charts/argo-cd/templates/_helpers.tpl b/charts/argo-cd/templates/_helpers.tpl index c4c814daf..058526862 100644 --- a/charts/argo-cd/templates/_helpers.tpl +++ b/charts/argo-cd/templates/_helpers.tpl @@ -198,7 +198,7 @@ NOTE: Configuration keys must be stored as dict because YAML treats dot as separ {{- end -}} {{- range $component := tuple "applicationsetcontroller" "controller" "server" "reposerver" -}} {{- $_ := set $presets (printf "%s.log.format" $component) $.Values.global.logging.format -}} -{{- $_ := set $presets (printf "%s.log.format" $component) $.Values.global.logging.format -}} +{{- $_ := set $presets (printf "%s.log.level" $component) $.Values.global.logging.level -}} {{- end -}} {{- if .Values.applicationSet.enabled -}} {{- $_ := set $presets "applicationsetcontroller.enable.leader.election" (gt (.Values.applicationSet.replicaCount | int64) 1) -}} From 4b7dcd0d31531f44a275729e86880d52c75323ed Mon Sep 17 00:00:00 2001 From: Petr Drastil Date: Wed, 9 Aug 2023 10:35:48 +0200 Subject: [PATCH 238/373] chore(argo-cd): Change applicationSet replicaCount to replicas (#2214) Signed-off-by: Petr Drastil --- charts/argo-cd/Chart.yaml | 8 +++++--- charts/argo-cd/README.md | 2 +- charts/argo-cd/templates/NOTES.txt | 3 +++ .../templates/argocd-applicationset/deployment.yaml | 2 +- charts/argo-cd/values.yaml | 2 +- 5 files changed, 11 insertions(+), 6 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index 6140b2cb9..821de8504 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -3,7 +3,7 @@ appVersion: v2.8.0 kubeVersion: ">=1.23.0-0" description: A Helm chart for Argo CD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 5.43.1 +version: 5.43.2 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png sources: @@ -26,5 +26,7 @@ annotations: fingerprint: 2B8F22F57260EFA67BE1C5824B11F800CD9D2252 url: https://argoproj.github.io/argo-helm/pgp_keys.asc artifacthub.io/changes: | - - kind: fixed - description: Fixed global log level configuration + - kind: changed + description: Renamed applicationSet.replicaCount to replicas + - kind: deprecated + description: Option applicationSet.replicaCount diff --git a/charts/argo-cd/README.md b/charts/argo-cd/README.md index 305f09232..45a97eb52 100644 --- a/charts/argo-cd/README.md +++ b/charts/argo-cd/README.md @@ -1113,7 +1113,7 @@ If you want to use an existing Redis (eg. a managed service from a cloud provide | applicationSet.readinessProbe.periodSeconds | int | `10` | How often (in seconds) to perform the [probe] | | applicationSet.readinessProbe.successThreshold | int | `1` | Minimum consecutive successes for the [probe] to be considered successful after having failed | | applicationSet.readinessProbe.timeoutSeconds | int | `1` | Number of seconds after which the [probe] times out | -| applicationSet.replicaCount | int | `1` | The number of ApplicationSet controller pods to run | +| applicationSet.replicas | int | `1` | The number of ApplicationSet controller pods to run | | applicationSet.resources | object | `{}` | Resource limits and requests for the ApplicationSet controller pods. | | applicationSet.service.annotations | object | `{}` | ApplicationSet service annotations | | applicationSet.service.labels | object | `{}` | ApplicationSet service labels | diff --git a/charts/argo-cd/templates/NOTES.txt b/charts/argo-cd/templates/NOTES.txt index d79d95f0c..afd18a1b2 100644 --- a/charts/argo-cd/templates/NOTES.txt +++ b/charts/argo-cd/templates/NOTES.txt @@ -73,6 +73,9 @@ DEPRECATED option configs.tlsCertsAnnotations - Use configs.tls.annotations {{- if hasKey .Values.configs "tlsCerts" }} DEPRECATED option configs.tlsCerts.data - Use configs.tls.certificates {{- end }} +{{- if .Values.applicationSet.replicaCount }} +DEPRECATED option applicationSet.replicaCount - Use applicationSet.replicas +{{- end }} {{- if .Values.applicationSet.logFormat }} DEPRECATED option applicationSet.logFormat - Use configs.params.applicationsetcontroller.log.format {{- end }} diff --git a/charts/argo-cd/templates/argocd-applicationset/deployment.yaml b/charts/argo-cd/templates/argocd-applicationset/deployment.yaml index 4da1597c2..d8fb8cbc4 100644 --- a/charts/argo-cd/templates/argocd-applicationset/deployment.yaml +++ b/charts/argo-cd/templates/argocd-applicationset/deployment.yaml @@ -17,7 +17,7 @@ spec: strategy: {{- trim . | nindent 4 }} {{- end }} - replicas: {{ .Values.applicationSet.replicaCount }} + replicas: {{ .Values.applicationSet.replicas | default .Values.applicationSet.replicaCount }} revisionHistoryLimit: {{ .Values.global.revisionHistoryLimit }} selector: matchLabels: diff --git a/charts/argo-cd/values.yaml b/charts/argo-cd/values.yaml index fb1db35cd..341cf8da2 100644 --- a/charts/argo-cd/values.yaml +++ b/charts/argo-cd/values.yaml @@ -2373,7 +2373,7 @@ applicationSet: name: applicationset-controller # -- The number of ApplicationSet controller pods to run - replicaCount: 1 + replicas: 1 ## ApplicationSet controller Pod Disruption Budget ## Ref: https://kubernetes.io/docs/tasks/run-application/configure-pdb/ From 23708c6a30e059aa2896dbedc4a4ec52d7674ff7 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Micka=C3=ABl=20Can=C3=A9vet?= Date: Thu, 10 Aug 2023 00:18:37 +0200 Subject: [PATCH 239/373] fix(argo-cd): add missing permissions to run actions (#2212) MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: Mickaël Canévet --- charts/argo-cd/Chart.yaml | 8 +++----- .../argo-cd/templates/argocd-server/clusterrole.yaml | 12 ++++++++++++ 2 files changed, 15 insertions(+), 5 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index 821de8504..fc7614e1a 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -3,7 +3,7 @@ appVersion: v2.8.0 kubeVersion: ">=1.23.0-0" description: A Helm chart for Argo CD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 5.43.2 +version: 5.43.3 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png sources: @@ -26,7 +26,5 @@ annotations: fingerprint: 2B8F22F57260EFA67BE1C5824B11F800CD9D2252 url: https://argoproj.github.io/argo-helm/pgp_keys.asc artifacthub.io/changes: | - - kind: changed - description: Renamed applicationSet.replicaCount to replicas - - kind: deprecated - description: Option applicationSet.replicaCount + - kind: fixed + description: add missing permissions to run actions diff --git a/charts/argo-cd/templates/argocd-server/clusterrole.yaml b/charts/argo-cd/templates/argocd-server/clusterrole.yaml index 0f26d4707..3d2c44b55 100644 --- a/charts/argo-cd/templates/argocd-server/clusterrole.yaml +++ b/charts/argo-cd/templates/argocd-server/clusterrole.yaml @@ -45,4 +45,16 @@ rules: - list - update - watch + - apiGroups: + - batch + resources: + - jobs + verbs: + - create + - apiGroups: + - argoproj.io + resources: + - workflows + verbs: + - create {{- end }} From a64615414d61500835a3de0723a8a9e099540ade Mon Sep 17 00:00:00 2001 From: Anton Gilgur <4970083+agilgur5@users.noreply.github.com> Date: Thu, 10 Aug 2023 21:14:54 -0400 Subject: [PATCH 240/373] fix(argo-workflows): Server only needs `get` Secrets (#2211) - as of https://github.com/argoproj/argo-workflows/commit/aa366db345d794f0d330336d51eb2a88f14ebbe6, the Server no longer needs `list` or `watch` and only uses `get` - this was released as part of [v3.4.0](https://github.com/argoproj/argo-workflows/blob/master/CHANGELOG.md#v340-rc1-2022-08-09), and the current version of the chart uses v3.4.9 (per `Chart.yaml#appVersion`) - `update` is not needed either for SSO secret - manifests RBAC: https://github.com/argoproj/argo-workflows/blob/a68ea0feabc87c09d5e13d12e6f0d1a61adc5b16/manifests/cluster-install/argo-server-rbac/argo-server-clusterole.yaml#L18 - SSO source code only uses [`create`](https://github.com/argoproj/argo-workflows/blob/20d0923611f1df6b7147c3547aeeff6b6bfecf18/server/auth/sso/sso.go#L140) and [`get`](https://github.com/argoproj/argo-workflows/blob/20d0923611f1df6b7147c3547aeeff6b6bfecf18/server/auth/sso/sso.go#L151) - (also some `get`s above that for [`clientID`](https://github.com/argoproj/argo-workflows/blob/20d0923611f1df6b7147c3547aeeff6b6bfecf18/server/auth/sso/sso.go#L127) and [`clientSecret`](https://github.com/argoproj/argo-workflows/blob/20d0923611f1df6b7147c3547aeeff6b6bfecf18/server/auth/sso/sso.go#L106) as well) Signed-off-by: Anton Gilgur Co-authored-by: Aikawa Co-authored-by: Jason Meridth --- charts/argo-workflows/Chart.yaml | 6 +++--- .../templates/server/server-cluster-roles.yaml | 3 --- 2 files changed, 3 insertions(+), 6 deletions(-) diff --git a/charts/argo-workflows/Chart.yaml b/charts/argo-workflows/Chart.yaml index 681b73b9f..c9ae07a5a 100644 --- a/charts/argo-workflows/Chart.yaml +++ b/charts/argo-workflows/Chart.yaml @@ -3,7 +3,7 @@ appVersion: v3.4.9 name: argo-workflows description: A Helm chart for Argo Workflows type: application -version: 0.32.1 +version: 0.32.2 icon: https://argoproj.github.io/argo-workflows/assets/logo.png home: https://github.com/argoproj/argo-helm sources: @@ -16,5 +16,5 @@ annotations: fingerprint: 2B8F22F57260EFA67BE1C5824B11F800CD9D2252 url: https://argoproj.github.io/argo-helm/pgp_keys.asc artifacthub.io/changes: | - - kind: added - description: Add support for executor args + - kind: fixed + description: Removed Secrets list and watch from Server RBAC diff --git a/charts/argo-workflows/templates/server/server-cluster-roles.yaml b/charts/argo-workflows/templates/server/server-cluster-roles.yaml index 2a52d9567..56d4dcaaa 100644 --- a/charts/argo-workflows/templates/server/server-cluster-roles.yaml +++ b/charts/argo-workflows/templates/server/server-cluster-roles.yaml @@ -47,7 +47,6 @@ rules: - sso verbs: - get - - update - apiGroups: - "" resources: @@ -71,8 +70,6 @@ rules: - secrets verbs: - get - - list - - watch {{- if and .Values.server.sso.enabled .Values.server.sso.rbac.enabled }} {{- with .Values.server.sso.rbac.secretWhitelist }} resourceNames: {{- toYaml . | nindent 4 }} From 4e0698ec43f63267e63d741f9bcb8c8489c53859 Mon Sep 17 00:00:00 2001 From: Ali Reza Date: Tue, 15 Aug 2023 10:57:28 +0200 Subject: [PATCH 241/373] docs(argo-cd): Rename comment of repositoryCredentials to credentialTemplates (#2219) Rename comment of repositoryCredentials to credentialTemplates Signed-off-by: Ali Reza --- charts/argo-cd/Chart.yaml | 4 ++-- charts/argo-cd/values.yaml | 2 +- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index fc7614e1a..6865acb08 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -3,7 +3,7 @@ appVersion: v2.8.0 kubeVersion: ">=1.23.0-0" description: A Helm chart for Argo CD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 5.43.3 +version: 5.43.4 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png sources: @@ -27,4 +27,4 @@ annotations: url: https://argoproj.github.io/argo-helm/pgp_keys.asc artifacthub.io/changes: | - kind: fixed - description: add missing permissions to run actions + description: Rename comment of repositoryCredentials to credentialTemplates diff --git a/charts/argo-cd/values.yaml b/charts/argo-cd/values.yaml index 341cf8da2..d748234eb 100644 --- a/charts/argo-cd/values.yaml +++ b/charts/argo-cd/values.yaml @@ -476,7 +476,7 @@ configs: # -- Repositories list to be used by applications ## Creates a secret for each key/value specified below to create repositories - ## Note: the last example in the list would use a repository credential template, configured under "configs.repositoryCredentials". + ## Note: the last example in the list would use a repository credential template, configured under "configs.credentialTemplates". repositories: {} # istio-helm-repo: # url: https://storage.googleapis.com/istio-prerelease/daily-build/master-latest-daily/charts From 3737457b0fd8e3f05da8aec80da86911be24fcf6 Mon Sep 17 00:00:00 2001 From: Nick Kampe Date: Wed, 16 Aug 2023 02:01:43 -0500 Subject: [PATCH 242/373] feat(argo-rollouts): update servicemonitor.yaml to allow for namespace to be set (#2222) * Update servicemonitor.yaml to allow for namespace to be set Signed-off-by: Nick Kampe * Update README.md Signed-off-by: Nick Kampe * Update values.yaml Signed-off-by: Nick Kampe * Update Chart.yaml Signed-off-by: Nick Kampe * Update Chart.yaml Signed-off-by: Nick Kampe * Alphabetized namespace addition in README Signed-off-by: Nick Kampe --------- Signed-off-by: Nick Kampe --- charts/argo-rollouts/Chart.yaml | 4 ++-- charts/argo-rollouts/README.md | 1 + charts/argo-rollouts/templates/controller/servicemonitor.yaml | 2 +- charts/argo-rollouts/values.yaml | 2 ++ 4 files changed, 6 insertions(+), 3 deletions(-) diff --git a/charts/argo-rollouts/Chart.yaml b/charts/argo-rollouts/Chart.yaml index 0bf8dfcb8..2aba36f12 100644 --- a/charts/argo-rollouts/Chart.yaml +++ b/charts/argo-rollouts/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v2 appVersion: v1.5.1 description: A Helm chart for Argo Rollouts name: argo-rollouts -version: 2.31.5 +version: 2.31.6 home: https://github.com/argoproj/argo-helm icon: https://argoproj.github.io/argo-rollouts/assets/logo.png keywords: @@ -19,4 +19,4 @@ annotations: url: https://argoproj.github.io/argo-helm/pgp_keys.asc artifacthub.io/changes: | - kind: added - description: Add CI example for extra objects + description: Add ability to set namespace on ServiceMonitor resource diff --git a/charts/argo-rollouts/README.md b/charts/argo-rollouts/README.md index 4e0287795..b91989988 100644 --- a/charts/argo-rollouts/README.md +++ b/charts/argo-rollouts/README.md @@ -98,6 +98,7 @@ For full list of changes please check ArtifactHub [changelog]. | controller.metrics.serviceMonitor.additionalLabels | object | `{}` | Labels to be added to the ServiceMonitor | | controller.metrics.serviceMonitor.enabled | bool | `false` | Enable a prometheus ServiceMonitor | | controller.metrics.serviceMonitor.metricRelabelings | list | `[]` | MetricRelabelConfigs to apply to samples before ingestion | +| controller.metrics.serviceMonitor.namespace | string | `""` | Namespace to be used for the ServiceMonitor | | controller.metrics.serviceMonitor.relabelings | list | `[]` | RelabelConfigs to apply to samples before scraping | | controller.nodeSelector | object | `{}` | [Node selector] | | controller.pdb.annotations | object | `{}` | Annotations to be added to controller [Pod Disruption Budget] | diff --git a/charts/argo-rollouts/templates/controller/servicemonitor.yaml b/charts/argo-rollouts/templates/controller/servicemonitor.yaml index 62713764e..d7ab901e3 100644 --- a/charts/argo-rollouts/templates/controller/servicemonitor.yaml +++ b/charts/argo-rollouts/templates/controller/servicemonitor.yaml @@ -3,7 +3,7 @@ apiVersion: monitoring.coreos.com/v1 kind: ServiceMonitor metadata: name: {{ include "argo-rollouts.fullname" . }} - namespace: {{ .Release.Namespace | quote }} + namespace: {{ default .Release.Namespace .Values.controller.metrics.serviceMonitor.namespace | quote }} labels: app.kubernetes.io/component: {{ .Values.controller.component }} {{- include "argo-rollouts.labels" . | nindent 4 }} diff --git a/charts/argo-rollouts/values.yaml b/charts/argo-rollouts/values.yaml index f9d8e1cfe..b711ee37d 100644 --- a/charts/argo-rollouts/values.yaml +++ b/charts/argo-rollouts/values.yaml @@ -132,6 +132,8 @@ controller: serviceMonitor: # -- Enable a prometheus ServiceMonitor enabled: false + # -- Namespace to be used for the ServiceMonitor + namespace: "" # -- Labels to be added to the ServiceMonitor additionalLabels: {} # -- Annotations to be added to the ServiceMonitor From 92b2724b0fa82186bb13c452947c216cc04bd5f0 Mon Sep 17 00:00:00 2001 From: Jason Meridth Date: Wed, 16 Aug 2023 06:00:35 -0500 Subject: [PATCH 243/373] chore(argo-workflows): Upgrade to Argo Workflows v3.4.10 (#2220) --- charts/argo-workflows/Chart.yaml | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/charts/argo-workflows/Chart.yaml b/charts/argo-workflows/Chart.yaml index c9ae07a5a..6413a6589 100644 --- a/charts/argo-workflows/Chart.yaml +++ b/charts/argo-workflows/Chart.yaml @@ -1,9 +1,9 @@ apiVersion: v2 -appVersion: v3.4.9 +appVersion: v3.4.10 name: argo-workflows description: A Helm chart for Argo Workflows type: application -version: 0.32.2 +version: 0.32.3 icon: https://argoproj.github.io/argo-workflows/assets/logo.png home: https://github.com/argoproj/argo-helm sources: @@ -16,5 +16,5 @@ annotations: fingerprint: 2B8F22F57260EFA67BE1C5824B11F800CD9D2252 url: https://argoproj.github.io/argo-helm/pgp_keys.asc artifacthub.io/changes: | - - kind: fixed - description: Removed Secrets list and watch from Server RBAC + - kind: changed + description: Upgrade to Argo Workflows v3.4.10 From dc56fa63f3baceaf2684fe0874e6851d9f3451cb Mon Sep 17 00:00:00 2001 From: Fuochi Date: Thu, 17 Aug 2023 14:08:03 +0200 Subject: [PATCH 244/373] feat(argo-workflows): add imagePullSecret for workflow sa (#2226) Signed-off-by: Fuochi --- charts/argo-workflows/Chart.yaml | 6 +++--- charts/argo-workflows/README.md | 1 + charts/argo-workflows/templates/controller/workflow-sa.yaml | 4 ++++ charts/argo-workflows/values.yaml | 2 ++ 4 files changed, 10 insertions(+), 3 deletions(-) diff --git a/charts/argo-workflows/Chart.yaml b/charts/argo-workflows/Chart.yaml index 6413a6589..6741d7e0e 100644 --- a/charts/argo-workflows/Chart.yaml +++ b/charts/argo-workflows/Chart.yaml @@ -3,7 +3,7 @@ appVersion: v3.4.10 name: argo-workflows description: A Helm chart for Argo Workflows type: application -version: 0.32.3 +version: 0.33.0 icon: https://argoproj.github.io/argo-workflows/assets/logo.png home: https://github.com/argoproj/argo-helm sources: @@ -16,5 +16,5 @@ annotations: fingerprint: 2B8F22F57260EFA67BE1C5824B11F800CD9D2252 url: https://argoproj.github.io/argo-helm/pgp_keys.asc artifacthub.io/changes: | - - kind: changed - description: Upgrade to Argo Workflows v3.4.10 + - kind: added + description: add imagePullSecret for workflow sa diff --git a/charts/argo-workflows/README.md b/charts/argo-workflows/README.md index eb57fe448..ef78bc5ba 100644 --- a/charts/argo-workflows/README.md +++ b/charts/argo-workflows/README.md @@ -127,6 +127,7 @@ Fields to note: | workflow.serviceAccount.create | bool | `false` | Specifies whether a service account should be created | | workflow.serviceAccount.labels | object | `{}` | Labels applied to created service account | | workflow.serviceAccount.name | string | `"argo-workflow"` | Service account which is used to run workflows | +| workflow.serviceAccount.pullSecrets | list | `[]` | Secrets with credentials to pull images from a private registry. Same format as `.Values.images.pullSecrets` | ### Workflow Controller diff --git a/charts/argo-workflows/templates/controller/workflow-sa.yaml b/charts/argo-workflows/templates/controller/workflow-sa.yaml index 8928b32e8..273487c48 100644 --- a/charts/argo-workflows/templates/controller/workflow-sa.yaml +++ b/charts/argo-workflows/templates/controller/workflow-sa.yaml @@ -17,5 +17,9 @@ metadata: annotations: {{- toYaml . | nindent 4 }} {{- end }} + {{- with $.Values.workflow.serviceAccount.pullSecrets }} +imagePullSecrets: + {{- toYaml . | nindent 2 }} + {{- end }} {{- end }} {{- end }} diff --git a/charts/argo-workflows/values.yaml b/charts/argo-workflows/values.yaml index bfc3ce3f5..a9c827e70 100644 --- a/charts/argo-workflows/values.yaml +++ b/charts/argo-workflows/values.yaml @@ -54,6 +54,8 @@ workflow: annotations: {} # -- Service account which is used to run workflows name: "argo-workflow" + # -- Secrets with credentials to pull images from a private registry. Same format as `.Values.images.pullSecrets` + pullSecrets: [] rbac: # -- Adds Role and RoleBinding for the above specified service account to be able to run workflows. # A Role and Rolebinding pair is also created for each namespace in controller.workflowNamespaces (see below) From a9acf935ab3abc442f41ccadd0a62e94ec1cd205 Mon Sep 17 00:00:00 2001 From: Jeongwon Song <46633758+jsong336@users.noreply.github.com> Date: Sat, 19 Aug 2023 01:59:46 -0400 Subject: [PATCH 245/373] chore(argo-workflows): update comment for azure artifact repository blobNameFormat (#2229) --- charts/argo-workflows/Chart.yaml | 6 +++--- charts/argo-workflows/values.yaml | 2 +- 2 files changed, 4 insertions(+), 4 deletions(-) diff --git a/charts/argo-workflows/Chart.yaml b/charts/argo-workflows/Chart.yaml index 6741d7e0e..1c60fbb4f 100644 --- a/charts/argo-workflows/Chart.yaml +++ b/charts/argo-workflows/Chart.yaml @@ -3,7 +3,7 @@ appVersion: v3.4.10 name: argo-workflows description: A Helm chart for Argo Workflows type: application -version: 0.33.0 +version: 0.33.1 icon: https://argoproj.github.io/argo-workflows/assets/logo.png home: https://github.com/argoproj/argo-helm sources: @@ -16,5 +16,5 @@ annotations: fingerprint: 2B8F22F57260EFA67BE1C5824B11F800CD9D2252 url: https://argoproj.github.io/argo-helm/pgp_keys.asc artifacthub.io/changes: | - - kind: added - description: add imagePullSecret for workflow sa + - kind: fixed + description: fixed comment in values.yaml for blobNameFormat field diff --git a/charts/argo-workflows/values.yaml b/charts/argo-workflows/values.yaml index a9c827e70..d6d224646 100644 --- a/charts/argo-workflows/values.yaml +++ b/charts/argo-workflows/values.yaml @@ -752,7 +752,7 @@ artifactRepository: azure: {} # endpoint: https://mystorageaccountname.blob.core.windows.net # container: my-container-name - # blob: path/in/container + # blobNameFormat: path/in/container ## accountKeySecret is a secret selector. ## It references the k8s secret named 'my-azure-storage-credentials'. ## This secret is expected to have have the key 'account-access-key', From 7dcc174402d4a81dcdd6324bd7be095a3c52a921 Mon Sep 17 00:00:00 2001 From: Aikawa Date: Wed, 23 Aug 2023 12:52:03 +0900 Subject: [PATCH 246/373] chore(argo-cd): Upgrade Argo CD to v2.8.1 (#2230) Signed-off-by: yu-croco --- charts/argo-cd/Chart.yaml | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index 6865acb08..a9ecf5617 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -1,9 +1,9 @@ apiVersion: v2 -appVersion: v2.8.0 +appVersion: v2.8.1 kubeVersion: ">=1.23.0-0" description: A Helm chart for Argo CD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 5.43.4 +version: 5.43.5 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png sources: @@ -26,5 +26,5 @@ annotations: fingerprint: 2B8F22F57260EFA67BE1C5824B11F800CD9D2252 url: https://argoproj.github.io/argo-helm/pgp_keys.asc artifacthub.io/changes: | - - kind: fixed - description: Rename comment of repositoryCredentials to credentialTemplates + - kind: changed + description: Upgrade Argo CD to v2.8.1 From 58999c1aae652baeef4df169a5a758cabebdadf7 Mon Sep 17 00:00:00 2001 From: Aikawa Date: Fri, 25 Aug 2023 17:45:53 +0900 Subject: [PATCH 247/373] chore(argo-cd): Upgrade Argo CD to v2.8.2 (#2231) Signed-off-by: yu-croco --- charts/argo-cd/Chart.yaml | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index a9ecf5617..01d4e8e18 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -1,9 +1,9 @@ apiVersion: v2 -appVersion: v2.8.1 +appVersion: v2.8.2 kubeVersion: ">=1.23.0-0" description: A Helm chart for Argo CD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 5.43.5 +version: 5.43.6 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png sources: @@ -27,4 +27,4 @@ annotations: url: https://argoproj.github.io/argo-helm/pgp_keys.asc artifacthub.io/changes: | - kind: changed - description: Upgrade Argo CD to v2.8.1 + description: Upgrade Argo CD to v2.8.2 From 86d92b95964e31c2f7ef071e6cd3dcc72be52f16 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Joonas=20Ven=C3=A4l=C3=A4inen?= <38143731+joonvena@users.noreply.github.com> Date: Fri, 25 Aug 2023 13:52:04 +0300 Subject: [PATCH 248/373] fix(argo-cd): Fix applicationSet HA examples in README.md (#2232) MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: Joonas Venäläinen --- charts/argo-cd/Chart.yaml | 6 +++--- charts/argo-cd/README.md | 4 ++-- charts/argo-cd/README.md.gotmpl | 4 ++-- 3 files changed, 7 insertions(+), 7 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index 01d4e8e18..4fa32c98d 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -3,7 +3,7 @@ appVersion: v2.8.2 kubeVersion: ">=1.23.0-0" description: A Helm chart for Argo CD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 5.43.6 +version: 5.43.7 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png sources: @@ -26,5 +26,5 @@ annotations: fingerprint: 2B8F22F57260EFA67BE1C5824B11F800CD9D2252 url: https://argoproj.github.io/argo-helm/pgp_keys.asc artifacthub.io/changes: | - - kind: changed - description: Upgrade Argo CD to v2.8.2 + - kind: fixed + description: Fix applicationSet HA examples in README.md diff --git a/charts/argo-cd/README.md b/charts/argo-cd/README.md index 45a97eb52..04a78ca41 100644 --- a/charts/argo-cd/README.md +++ b/charts/argo-cd/README.md @@ -42,7 +42,7 @@ repoServer: minReplicas: 2 applicationSet: - replicaCount: 2 + replicas: 2 ``` ### HA mode without autoscaling @@ -61,7 +61,7 @@ repoServer: replicas: 2 applicationSet: - replicaCount: 2 + replicas: 2 ``` ### Synchronizing Changes from Original Repository diff --git a/charts/argo-cd/README.md.gotmpl b/charts/argo-cd/README.md.gotmpl index f1dea7f2d..dce6d9224 100644 --- a/charts/argo-cd/README.md.gotmpl +++ b/charts/argo-cd/README.md.gotmpl @@ -41,7 +41,7 @@ repoServer: minReplicas: 2 applicationSet: - replicaCount: 2 + replicas: 2 ``` ### HA mode without autoscaling @@ -60,7 +60,7 @@ repoServer: replicas: 2 applicationSet: - replicaCount: 2 + replicas: 2 ``` ### Synchronizing Changes from Original Repository From 75221849eb5888768515c4ead5702bd4f683f118 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Sat, 26 Aug 2023 20:23:07 +0200 Subject: [PATCH 249/373] chore(deps): bump actions/checkout from 3.5.3 to 3.6.0 (#2234) Bumps [actions/checkout](https://github.com/actions/checkout) from 3.5.3 to 3.6.0. - [Release notes](https://github.com/actions/checkout/releases) - [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md) - [Commits](https://github.com/actions/checkout/compare/c85c95e3d7251135ab7dc9ce3241c5835cc595a9...f43a0e5ff2bd294095638e18286ca9a3d1956744) --- updated-dependencies: - dependency-name: actions/checkout dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> --- .github/workflows/lint-and-test.yml | 4 ++-- .github/workflows/publish.yml | 2 +- .github/workflows/scorecard.yml | 2 +- 3 files changed, 4 insertions(+), 4 deletions(-) diff --git a/.github/workflows/lint-and-test.yml b/.github/workflows/lint-and-test.yml index bd8d22554..a78bf610a 100644 --- a/.github/workflows/lint-and-test.yml +++ b/.github/workflows/lint-and-test.yml @@ -13,7 +13,7 @@ jobs: options: --user 1001 steps: - name: Checkout - uses: actions/checkout@c85c95e3d7251135ab7dc9ce3241c5835cc595a9 # v3.5.3 + uses: actions/checkout@f43a0e5ff2bd294095638e18286ca9a3d1956744 # v3.6.0 - name: Run ah lint working-directory: ./charts run: ah lint @@ -22,7 +22,7 @@ jobs: runs-on: ubuntu-latest steps: - name: Checkout - uses: actions/checkout@c85c95e3d7251135ab7dc9ce3241c5835cc595a9 # v3.5.3 + uses: actions/checkout@f43a0e5ff2bd294095638e18286ca9a3d1956744 # v3.6.0 with: fetch-depth: 0 diff --git a/.github/workflows/publish.yml b/.github/workflows/publish.yml index c2d1dc24e..9ad42ed76 100644 --- a/.github/workflows/publish.yml +++ b/.github/workflows/publish.yml @@ -18,7 +18,7 @@ jobs: runs-on: ubuntu-latest steps: - name: Checkout - uses: actions/checkout@c85c95e3d7251135ab7dc9ce3241c5835cc595a9 # v3.5.3 + uses: actions/checkout@f43a0e5ff2bd294095638e18286ca9a3d1956744 # v3.6.0 with: fetch-depth: 0 diff --git a/.github/workflows/scorecard.yml b/.github/workflows/scorecard.yml index 066d3c57e..3f00b6dd5 100644 --- a/.github/workflows/scorecard.yml +++ b/.github/workflows/scorecard.yml @@ -33,7 +33,7 @@ jobs: steps: - name: "Checkout code" - uses: actions/checkout@c85c95e3d7251135ab7dc9ce3241c5835cc595a9 # v3.5.3 + uses: actions/checkout@f43a0e5ff2bd294095638e18286ca9a3d1956744 # v3.6.0 with: persist-credentials: false From 2fc1fd04a01d98c6fb40b8fbad9fa01d1be2a477 Mon Sep 17 00:00:00 2001 From: Petr Drastil Date: Sun, 27 Aug 2023 04:20:39 +0200 Subject: [PATCH 250/373] chore(argo-cd): Upgrade redis-exporter to 1.53.0 (#2236) Signed-off-by: Petr Drastil Co-authored-by: Aikawa --- charts/argo-cd/Chart.yaml | 6 +++--- charts/argo-cd/README.md | 4 ++-- charts/argo-cd/values.yaml | 4 ++-- 3 files changed, 7 insertions(+), 7 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index 4fa32c98d..dc245d83b 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -3,7 +3,7 @@ appVersion: v2.8.2 kubeVersion: ">=1.23.0-0" description: A Helm chart for Argo CD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 5.43.7 +version: 5.43.8 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png sources: @@ -26,5 +26,5 @@ annotations: fingerprint: 2B8F22F57260EFA67BE1C5824B11F800CD9D2252 url: https://argoproj.github.io/argo-helm/pgp_keys.asc artifacthub.io/changes: | - - kind: fixed - description: Fix applicationSet HA examples in README.md + - kind: changed + description: Upgrade redis-exporter to 1.53.0 diff --git a/charts/argo-cd/README.md b/charts/argo-cd/README.md index 04a78ca41..ee37a2b74 100644 --- a/charts/argo-cd/README.md +++ b/charts/argo-cd/README.md @@ -942,7 +942,7 @@ server: | redis.exporter.env | list | `[]` | Environment variables to pass to the Redis exporter | | redis.exporter.image.imagePullPolicy | string | `""` (defaults to global.image.imagePullPolicy) | Image pull policy for the redis-exporter | | redis.exporter.image.repository | string | `"public.ecr.aws/bitnami/redis-exporter"` | Repository to use for the redis-exporter | -| redis.exporter.image.tag | string | `"1.45.0"` | Tag to use for the redis-exporter | +| redis.exporter.image.tag | string | `"1.53.0"` | Tag to use for the redis-exporter | | redis.exporter.resources | object | `{}` | Resource limits and requests for redis-exporter sidecar | | redis.extraArgs | list | `[]` | Additional command line arguments to pass to redis-server | | redis.extraContainers | list | `[]` | Additional containers to be added to the redis pod | @@ -1003,7 +1003,7 @@ The main options are listed here: | redis-ha.enabled | bool | `false` | Enables the Redis HA subchart and disables the custom Redis single node deployment | | redis-ha.exporter.enabled | bool | `false` | Enable Prometheus redis-exporter sidecar | | redis-ha.exporter.image | string | `"public.ecr.aws/bitnami/redis-exporter"` | Repository to use for the redis-exporter | -| redis-ha.exporter.tag | string | `"1.45.0"` | Tag to use for the redis-exporter | +| redis-ha.exporter.tag | string | `"1.53.0"` | Tag to use for the redis-exporter | | redis-ha.haproxy.enabled | bool | `true` | Enabled HAProxy LoadBalancing/Proxy | | redis-ha.haproxy.metrics.enabled | bool | `true` | HAProxy enable prometheus metric scraping | | redis-ha.image.tag | string | `"7.0.11-alpine"` | Redis tag | diff --git a/charts/argo-cd/values.yaml b/charts/argo-cd/values.yaml index d748234eb..fb2ca38dc 100644 --- a/charts/argo-cd/values.yaml +++ b/charts/argo-cd/values.yaml @@ -1182,7 +1182,7 @@ redis: # -- Repository to use for the redis-exporter repository: public.ecr.aws/bitnami/redis-exporter # -- Tag to use for the redis-exporter - tag: 1.45.0 + tag: 1.53.0 # -- Image pull policy for the redis-exporter # @default -- `""` (defaults to global.image.imagePullPolicy) imagePullPolicy: "" @@ -1388,7 +1388,7 @@ redis-ha: # -- Repository to use for the redis-exporter image: public.ecr.aws/bitnami/redis-exporter # -- Tag to use for the redis-exporter - tag: 1.45.0 + tag: 1.53.0 persistentVolume: # -- Configures persistence on Redis nodes enabled: false From 6797f01c1b564132670cf687ba010c72d5800de0 Mon Sep 17 00:00:00 2001 From: Petr Drastil Date: Sun, 27 Aug 2023 21:07:17 +0200 Subject: [PATCH 251/373] chore(argo-cd): Remove support for legacy cert-manager APIs (#2238) * chore(argo-cd): Remove support for legacy cert-manager APIs Signed-off-by: Petr Drastil * Bump minor version Signed-off-by: Petr Drastil --------- Signed-off-by: Petr Drastil --- charts/argo-cd/Chart.yaml | 6 +++--- charts/argo-cd/README.md | 1 - charts/argo-cd/templates/NOTES.txt | 3 +++ charts/argo-cd/templates/_versions.tpl | 18 ------------------ .../argocd-applicationset/certificate.yaml | 2 +- .../templates/argocd-server/certificate.yaml | 2 +- charts/argo-cd/values.yaml | 2 -- 7 files changed, 8 insertions(+), 26 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index dc245d83b..37d6e1ae6 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -3,7 +3,7 @@ appVersion: v2.8.2 kubeVersion: ">=1.23.0-0" description: A Helm chart for Argo CD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 5.43.8 +version: 5.44.0 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png sources: @@ -26,5 +26,5 @@ annotations: fingerprint: 2B8F22F57260EFA67BE1C5824B11F800CD9D2252 url: https://argoproj.github.io/argo-helm/pgp_keys.asc artifacthub.io/changes: | - - kind: changed - description: Upgrade redis-exporter to 1.53.0 + - kind: removed + description: Support for cert-manager APIs prior K8s 1.22 diff --git a/charts/argo-cd/README.md b/charts/argo-cd/README.md index ee37a2b74..bf76f1d6a 100644 --- a/charts/argo-cd/README.md +++ b/charts/argo-cd/README.md @@ -384,7 +384,6 @@ NAME: my-release | Key | Type | Default | Description | |-----|------|---------|-------------| | apiVersionOverrides.autoscaling | string | `""` | String to override apiVersion of autoscaling rendered by this helm chart | -| apiVersionOverrides.certmanager | string | `""` | String to override apiVersion of cert-manager resources rendered by this helm chart | | apiVersionOverrides.cloudgoogle | string | `""` | String to override apiVersion of GKE resources rendered by this helm chart | | crds.additionalLabels | object | `{}` | Addtional labels to be added to all CRDs | | crds.annotations | object | `{}` | Annotations to be added to all CRDs | diff --git a/charts/argo-cd/templates/NOTES.txt b/charts/argo-cd/templates/NOTES.txt index afd18a1b2..18b9a1a17 100644 --- a/charts/argo-cd/templates/NOTES.txt +++ b/charts/argo-cd/templates/NOTES.txt @@ -121,6 +121,9 @@ REMOVED option redis.containerPort - Use redis.containerPorts {{- if .Values.redis.metrics.containerPort }} REMOVED option redis.metrics.containerPort - Use redis.containerPorts {{- end }} +{{- if .Values.apiVersionOverrides.certmanager }} +REMOVED option apiVersionOverrides.certmanager - API v1 is only possible option after K8s 1.22 +{{- end }} In order to access the server UI you have the following options: diff --git a/charts/argo-cd/templates/_versions.tpl b/charts/argo-cd/templates/_versions.tpl index 8240c4b09..b8fcc32ef 100644 --- a/charts/argo-cd/templates/_versions.tpl +++ b/charts/argo-cd/templates/_versions.tpl @@ -19,24 +19,6 @@ Return the appropriate apiVersion for autoscaling {{- end -}} {{- end -}} -{{/* -Return the appropriate apiVersion for cert-manager -*/}} -{{- define "argo-cd.apiVersion.cert-manager" -}} -{{- if .Values.apiVersionOverrides.certmanager -}} -{{- print .Values.apiVersionOverrides.certmanager -}} -{{- else if .Capabilities.APIVersions.Has "cert-manager.io/v1" -}} -{{- print "cert-manager.io/v1" -}} -{{- else if .Capabilities.APIVersions.Has "cert-manager.io/v1beta1" -}} -{{- print "cert-manager.io/v1beta1" -}} -{{- else if .Capabilities.APIVersions.Has "cert-manager.io/v1alpha3" -}} -{{- print "cert-manager.io/v1alpha3" -}} -{{- else if .Capabilities.APIVersions.Has "cert-manager.io/v1alpha2" -}} -{{- print "cert-manager.io/v1alpha2" -}} -{{- else -}} -{{- print "certmanager.k8s.io/v1alpha1" -}} -{{- end -}} -{{- end -}} {{/* Return the appropriate apiVersion for GKE resources diff --git a/charts/argo-cd/templates/argocd-applicationset/certificate.yaml b/charts/argo-cd/templates/argocd-applicationset/certificate.yaml index f3b7d5d15..76e63eb31 100644 --- a/charts/argo-cd/templates/argocd-applicationset/certificate.yaml +++ b/charts/argo-cd/templates/argocd-applicationset/certificate.yaml @@ -1,5 +1,5 @@ {{- if .Values.applicationSet.certificate.enabled -}} -apiVersion: {{ include "argo-cd.apiVersion.cert-manager" . }} +apiVersion: cert-manager.io/v1 kind: Certificate metadata: {{- with (mergeOverwrite (deepCopy .Values.global.certificateAnnotations) .Values.applicationSet.certificate.annotations) }} diff --git a/charts/argo-cd/templates/argocd-server/certificate.yaml b/charts/argo-cd/templates/argocd-server/certificate.yaml index 716c38ea1..74066ef8f 100644 --- a/charts/argo-cd/templates/argocd-server/certificate.yaml +++ b/charts/argo-cd/templates/argocd-server/certificate.yaml @@ -1,5 +1,5 @@ {{- if .Values.server.certificate.enabled -}} -apiVersion: {{ include "argo-cd.apiVersion.cert-manager" . }} +apiVersion: cert-manager.io/v1 kind: Certificate metadata: {{- with (mergeOverwrite (deepCopy .Values.global.certificateAnnotations) .Values.server.certificate.annotations) }} diff --git a/charts/argo-cd/values.yaml b/charts/argo-cd/values.yaml index fb2ca38dc..81b96ad8f 100644 --- a/charts/argo-cd/values.yaml +++ b/charts/argo-cd/values.yaml @@ -12,8 +12,6 @@ kubeVersionOverride: "" # If you want to template helm charts but cannot access k8s API server # you can set api versions here apiVersionOverrides: - # -- String to override apiVersion of cert-manager resources rendered by this helm chart - certmanager: "" # cert-manager.io/v1 # -- String to override apiVersion of GKE resources rendered by this helm chart cloudgoogle: "" # cloud.google.com/v1 # -- String to override apiVersion of autoscaling rendered by this helm chart From 224a227fa49b00fabfb535825c9bd5648f16a30a Mon Sep 17 00:00:00 2001 From: Petr Drastil Date: Mon, 28 Aug 2023 10:12:29 +0200 Subject: [PATCH 252/373] chore(argo-cd): Remove support for autoscaling/v1 (#2237) Signed-off-by: Petr Drastil --- charts/argo-cd/Chart.yaml | 6 ++-- charts/argo-cd/README.md | 5 ++- charts/argo-cd/templates/NOTES.txt | 3 ++ charts/argo-cd/templates/_versions.tpl | 14 -------- .../templates/argocd-repo-server/hpa.yaml | 34 +++++++------------ .../argo-cd/templates/argocd-server/hpa.yaml | 34 +++++++------------ charts/argo-cd/values.yaml | 4 --- 7 files changed, 35 insertions(+), 65 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index 37d6e1ae6..4c262f653 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -3,7 +3,7 @@ appVersion: v2.8.2 kubeVersion: ">=1.23.0-0" description: A Helm chart for Argo CD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 5.44.0 +version: 5.45.0 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png sources: @@ -27,4 +27,6 @@ annotations: url: https://argoproj.github.io/argo-helm/pgp_keys.asc artifacthub.io/changes: | - kind: removed - description: Support for cert-manager APIs prior K8s 1.22 + description: Option apiVersionOverrides.autoscaling as v2 is now GA + - kind: removed + description: Codebase for autoscaling/v1 API diff --git a/charts/argo-cd/README.md b/charts/argo-cd/README.md index bf76f1d6a..125fcf697 100644 --- a/charts/argo-cd/README.md +++ b/charts/argo-cd/README.md @@ -383,7 +383,6 @@ NAME: my-release | Key | Type | Default | Description | |-----|------|---------|-------------| -| apiVersionOverrides.autoscaling | string | `""` | String to override apiVersion of autoscaling rendered by this helm chart | | apiVersionOverrides.cloudgoogle | string | `""` | String to override apiVersion of GKE resources rendered by this helm chart | | crds.additionalLabels | object | `{}` | Addtional labels to be added to all CRDs | | crds.annotations | object | `{}` | Annotations to be added to all CRDs | @@ -572,7 +571,7 @@ NAME: my-release | Key | Type | Default | Description | |-----|------|---------|-------------| | repoServer.affinity | object | `{}` (defaults to global.affinity preset) | Assign custom [affinity] rules to the deployment | -| repoServer.autoscaling.behavior | object | `{}` | Configures the scaling behavior of the target in both Up and Down directions. This is only available on HPA apiVersion `autoscaling/v2beta2` and newer | +| repoServer.autoscaling.behavior | object | `{}` | Configures the scaling behavior of the target in both Up and Down directions. | | repoServer.autoscaling.enabled | bool | `false` | Enable Horizontal Pod Autoscaler ([HPA]) for the repo server | | repoServer.autoscaling.maxReplicas | int | `5` | Maximum number of replicas for the repo server [HPA] | | repoServer.autoscaling.metrics | list | `[]` | Configures custom HPA metrics for the Argo CD repo server Ref: https://kubernetes.io/docs/tasks/run-application/horizontal-pod-autoscale/ | @@ -670,7 +669,7 @@ NAME: my-release | server.GKEmanagedCertificate.domains | list | `["argocd.example.com"]` | Domains for the Google Managed Certificate | | server.GKEmanagedCertificate.enabled | bool | `false` | Enable ManagedCertificate custom resource for Google Kubernetes Engine. | | server.affinity | object | `{}` (defaults to global.affinity preset) | Assign custom [affinity] rules to the deployment | -| server.autoscaling.behavior | object | `{}` | Configures the scaling behavior of the target in both Up and Down directions. This is only available on HPA apiVersion `autoscaling/v2beta2` and newer | +| server.autoscaling.behavior | object | `{}` | Configures the scaling behavior of the target in both Up and Down directions. | | server.autoscaling.enabled | bool | `false` | Enable Horizontal Pod Autoscaler ([HPA]) for the Argo CD server | | server.autoscaling.maxReplicas | int | `5` | Maximum number of replicas for the Argo CD server [HPA] | | server.autoscaling.metrics | list | `[]` | Configures custom HPA metrics for the Argo CD server Ref: https://kubernetes.io/docs/tasks/run-application/horizontal-pod-autoscale/ | diff --git a/charts/argo-cd/templates/NOTES.txt b/charts/argo-cd/templates/NOTES.txt index 18b9a1a17..1b6267969 100644 --- a/charts/argo-cd/templates/NOTES.txt +++ b/charts/argo-cd/templates/NOTES.txt @@ -121,6 +121,9 @@ REMOVED option redis.containerPort - Use redis.containerPorts {{- if .Values.redis.metrics.containerPort }} REMOVED option redis.metrics.containerPort - Use redis.containerPorts {{- end }} +{{- if .Values.apiVersionOverrides.autoscaling }} +REMOVED option apiVersionOverrides.autoscaling - API autoscaling/v2 is GA from 1.23 +{{- end }} {{- if .Values.apiVersionOverrides.certmanager }} REMOVED option apiVersionOverrides.certmanager - API v1 is only possible option after K8s 1.22 {{- end }} diff --git a/charts/argo-cd/templates/_versions.tpl b/charts/argo-cd/templates/_versions.tpl index b8fcc32ef..5d65fcd6d 100644 --- a/charts/argo-cd/templates/_versions.tpl +++ b/charts/argo-cd/templates/_versions.tpl @@ -6,20 +6,6 @@ Return the target Kubernetes version {{- default .Capabilities.KubeVersion.Version .Values.kubeVersionOverride }} {{- end }} -{{/* -Return the appropriate apiVersion for autoscaling -*/}} -{{- define "argo-cd.apiVersion.autoscaling" -}} -{{- if .Values.apiVersionOverrides.autoscaling -}} -{{- print .Values.apiVersionOverrides.autoscaling -}} -{{- else if semverCompare "<1.23-0" (include "argo-cd.kubeVersion" .) -}} -{{- print "autoscaling/v2beta1" -}} -{{- else -}} -{{- print "autoscaling/v2" -}} -{{- end -}} -{{- end -}} - - {{/* Return the appropriate apiVersion for GKE resources */}} diff --git a/charts/argo-cd/templates/argocd-repo-server/hpa.yaml b/charts/argo-cd/templates/argocd-repo-server/hpa.yaml index ef3d5e80b..ce6ed371d 100644 --- a/charts/argo-cd/templates/argocd-repo-server/hpa.yaml +++ b/charts/argo-cd/templates/argocd-repo-server/hpa.yaml @@ -1,46 +1,38 @@ {{- if .Values.repoServer.autoscaling.enabled }} -apiVersion: {{ include "argo-cd.apiVersion.autoscaling" . }} +apiVersion: autoscaling/v2 kind: HorizontalPodAutoscaler metadata: - labels: - {{- include "argo-cd.labels" (dict "context" . "component" .Values.repoServer.name "name" (printf "%s-hpa" .Values.repoServer.name)) | nindent 4 }} - name: {{ template "argo-cd.repoServer.fullname" . }}-hpa + name: {{ include "argo-cd.repoServer.fullname" . }} namespace: {{ .Release.Namespace | quote }} + labels: + {{- include "argo-cd.labels" (dict "context" . "component" .Values.repoServer.name "name" .Values.repoServer.name) | nindent 4 }} spec: scaleTargetRef: apiVersion: apps/v1 kind: Deployment - name: {{ template "argo-cd.repoServer.fullname" . }} + name: {{ include "argo-cd.repoServer.fullname" . }} minReplicas: {{ .Values.repoServer.autoscaling.minReplicas }} maxReplicas: {{ .Values.repoServer.autoscaling.maxReplicas }} metrics: - {{- if .Values.repoServer.autoscaling.metrics }} - {{- toYaml .Values.repoServer.autoscaling.metrics | nindent 4 }} + {{- with .Values.repoServer.autoscaling.metrics }} + {{- toYaml . | nindent 4 }} {{- else }} - {{- with .Values.repoServer.autoscaling.targetMemoryUtilizationPercentage }} + {{- with .Values.repoServer.autoscaling.targetMemoryUtilizationPercentage }} - type: Resource resource: name: memory - {{- if eq (include "argo-cd.apiVersion.autoscaling" $) "autoscaling/v2beta1" }} - targetAverageUtilization: {{ . }} - {{- else }} target: - averageUtilization: {{ . }} type: Utilization - {{- end }} - {{- end }} - {{- with .Values.repoServer.autoscaling.targetCPUUtilizationPercentage }} + averageUtilization: {{ . }} + {{- end }} + {{- with .Values.repoServer.autoscaling.targetCPUUtilizationPercentage }} - type: Resource resource: name: cpu - {{- if eq (include "argo-cd.apiVersion.autoscaling" $) "autoscaling/v2beta1" }} - targetAverageUtilization: {{ . }} - {{- else }} target: - averageUtilization: {{ . }} type: Utilization - {{- end }} - {{- end }} + averageUtilization: {{ . }} + {{- end }} {{- end }} {{- with .Values.repoServer.autoscaling.behavior }} behavior: diff --git a/charts/argo-cd/templates/argocd-server/hpa.yaml b/charts/argo-cd/templates/argocd-server/hpa.yaml index c19b89433..a509e5694 100644 --- a/charts/argo-cd/templates/argocd-server/hpa.yaml +++ b/charts/argo-cd/templates/argocd-server/hpa.yaml @@ -1,47 +1,39 @@ {{- if .Values.server.autoscaling.enabled }} -apiVersion: {{ include "argo-cd.apiVersion.autoscaling" . }} +apiVersion: autoscaling/v2 kind: HorizontalPodAutoscaler metadata: - labels: - {{- include "argo-cd.labels" (dict "context" . "component" .Values.server.name "name" (printf "%s-hpa" .Values.server.name)) | nindent 4 }} - name: {{ template "argo-cd.server.fullname" . }}-hpa + name: {{ include "argo-cd.server.fullname" . }} namespace: {{ .Release.Namespace | quote }} + labels: + {{- include "argo-cd.labels" (dict "context" . "component" .Values.server.name "name" .Values.server.name) | nindent 4 }} spec: scaleTargetRef: apiVersion: apps/v1 kind: Deployment - name: {{ template "argo-cd.server.fullname" . }} + name: {{ include "argo-cd.server.fullname" . }} minReplicas: {{ .Values.server.autoscaling.minReplicas }} maxReplicas: {{ .Values.server.autoscaling.maxReplicas }} metrics: - {{- if .Values.server.autoscaling.metrics }} - {{ toYaml .Values.server.autoscaling.metrics | nindent 4 }} + {{- with .Values.server.autoscaling.metrics }} + {{- toYaml . | nindent 4 }} {{- else }} - {{- with .Values.server.autoscaling.targetMemoryUtilizationPercentage }} + {{- with .Values.server.autoscaling.targetMemoryUtilizationPercentage }} - type: Resource resource: name: memory - {{- if eq (include "argo-cd.apiVersion.autoscaling" $) "autoscaling/v2beta1" }} - targetAverageUtilization: {{ . }} - {{- else }} target: - averageUtilization: {{ . }} type: Utilization - {{- end }} - {{- end }} - {{- with .Values.server.autoscaling.targetCPUUtilizationPercentage }} + averageUtilization: {{ . }} + {{- end }} + {{- with .Values.server.autoscaling.targetCPUUtilizationPercentage }} - type: Resource resource: name: cpu - {{- if eq (include "argo-cd.apiVersion.autoscaling" $) "autoscaling/v2beta1" }} - targetAverageUtilization: {{ . }} - {{- else }} target: - averageUtilization: {{ . }} type: Utilization - {{- end }} + averageUtilization: {{ . }} + {{- end }} {{- end }} - {{- end}} {{- with .Values.server.autoscaling.behavior }} behavior: {{- toYaml . | nindent 4 }} diff --git a/charts/argo-cd/values.yaml b/charts/argo-cd/values.yaml index 81b96ad8f..77501eb8a 100644 --- a/charts/argo-cd/values.yaml +++ b/charts/argo-cd/values.yaml @@ -14,8 +14,6 @@ kubeVersionOverride: "" apiVersionOverrides: # -- String to override apiVersion of GKE resources rendered by this helm chart cloudgoogle: "" # cloud.google.com/v1 - # -- String to override apiVersion of autoscaling rendered by this helm chart - autoscaling: "" # autoscaling/v2 # -- Create aggregated roles that extend existing cluster roles to interact with argo-cd resources ## Ref: https://kubernetes.io/docs/reference/access-authn-authz/rbac/#aggregated-clusterroles @@ -1460,7 +1458,6 @@ server: # -- Average memory utilization percentage for the Argo CD server [HPA] targetMemoryUtilizationPercentage: 50 # -- Configures the scaling behavior of the target in both Up and Down directions. - # This is only available on HPA apiVersion `autoscaling/v2beta2` and newer behavior: {} # scaleDown: # stabilizationWindowSeconds: 300 @@ -2030,7 +2027,6 @@ repoServer: # -- Average memory utilization percentage for the repo server [HPA] targetMemoryUtilizationPercentage: 50 # -- Configures the scaling behavior of the target in both Up and Down directions. - # This is only available on HPA apiVersion `autoscaling/v2beta2` and newer behavior: {} # scaleDown: # stabilizationWindowSeconds: 300 From 57da3549afc43c12d261768e69a6316db7b59e0d Mon Sep 17 00:00:00 2001 From: Jason Meridth Date: Sun, 3 Sep 2023 20:15:15 -0500 Subject: [PATCH 253/373] chore(argo-events): Upgrade argo-events to 1.8.1 (#2247) https://github.com/argoproj/argo-events/releases/tag/v1.8.1 Signed-off-by: jmeridth --- charts/argo-events/Chart.yaml | 8 +++----- 1 file changed, 3 insertions(+), 5 deletions(-) diff --git a/charts/argo-events/Chart.yaml b/charts/argo-events/Chart.yaml index bfb82ea11..b9f441fe8 100644 --- a/charts/argo-events/Chart.yaml +++ b/charts/argo-events/Chart.yaml @@ -1,8 +1,8 @@ apiVersion: v2 -appVersion: v1.8.0 +appVersion: v1.8.1 description: A Helm chart for Argo Events, the event-driven workflow automation framework name: argo-events -version: 2.4.0 +version: 2.4.1 home: https://github.com/argoproj/argo-helm icon: https://avatars.githubusercontent.com/u/30269780?s=200&v=4 keywords: @@ -19,6 +19,4 @@ annotations: url: https://argoproj.github.io/argo-helm/pgp_keys.asc artifacthub.io/changes: | - kind: changed - description: Upgrade Argo Events to v1.8.0 - - kind: added - description: Add managed namespace configuration + description: Upgrade Argo Events to v1.8.1 From cd5b9a06e33b9a7b4b717d2d5e38dee7e16ca20d Mon Sep 17 00:00:00 2001 From: JesseBot Date: Mon, 4 Sep 2023 13:01:36 +0200 Subject: [PATCH 254/373] fix(argo-cd): Update values.yaml - update custom css styles side bar example (#2245) * Update values.yaml - update custom css styles side barexample .nav-bar is no longer the css class name Signed-off-by: JesseBot * Update Chart.yaml - update patch version for values.yaml comment update Signed-off-by: JesseBot * Update Chart.yaml - update change log Signed-off-by: JesseBot --------- Signed-off-by: JesseBot --- charts/argo-cd/Chart.yaml | 8 +++----- charts/argo-cd/values.yaml | 2 +- 2 files changed, 4 insertions(+), 6 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index 4c262f653..18d2d2b48 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -3,7 +3,7 @@ appVersion: v2.8.2 kubeVersion: ">=1.23.0-0" description: A Helm chart for Argo CD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 5.45.0 +version: 5.45.1 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png sources: @@ -26,7 +26,5 @@ annotations: fingerprint: 2B8F22F57260EFA67BE1C5824B11F800CD9D2252 url: https://argoproj.github.io/argo-helm/pgp_keys.asc artifacthub.io/changes: | - - kind: removed - description: Option apiVersionOverrides.autoscaling as v2 is now GA - - kind: removed - description: Codebase for autoscaling/v1 API + - kind: fixed + description: fixed example for configs.styles to be sidebar instead of nav-bar diff --git a/charts/argo-cd/values.yaml b/charts/argo-cd/values.yaml index 77501eb8a..e0a605430 100644 --- a/charts/argo-cd/values.yaml +++ b/charts/argo-cd/values.yaml @@ -539,7 +539,7 @@ configs: ## Ref: https://argo-cd.readthedocs.io/en/stable/operator-manual/custom-styles/ styles: "" # styles: | - # .nav-bar { + # .sidebar { # background: linear-gradient(to bottom, #999, #777, #333, #222, #111); # } From 2557347583f98a34cbe2da83ec30fda68023b982 Mon Sep 17 00:00:00 2001 From: Gustav Kofoed Clausen Date: Thu, 7 Sep 2023 14:23:20 +0200 Subject: [PATCH 255/373] chore(argo-rollouts): Upgrade Argo Rollouts to v1.6.0 (#2252) * chore(argo-rollouts): Upgrade Argo Rollouts to v1.6.0 Signed-off-by: Gustav Kofoed Clausen * chore(argo-rollouts): Update CRDs to matching version Signed-off-by: Gustav Kofoed Clausen --------- Signed-off-by: Gustav Kofoed Clausen Co-authored-by: Gustav Kofoed Clausen --- charts/argo-rollouts/Chart.yaml | 8 +- .../templates/crds/analysis-run-crd.yaml | 63 +++++++++++++- .../templates/crds/analysis-template-crd.yaml | 63 +++++++++++++- .../crds/cluster-analysis-template-crd.yaml | 63 +++++++++++++- .../templates/crds/experiment-crd.yaml | 34 +++++++- .../templates/crds/rollout-crd.yaml | 85 ++++++++++++++++++- 6 files changed, 306 insertions(+), 10 deletions(-) diff --git a/charts/argo-rollouts/Chart.yaml b/charts/argo-rollouts/Chart.yaml index 2aba36f12..457f76a09 100644 --- a/charts/argo-rollouts/Chart.yaml +++ b/charts/argo-rollouts/Chart.yaml @@ -1,8 +1,8 @@ apiVersion: v2 -appVersion: v1.5.1 +appVersion: v1.6.0 description: A Helm chart for Argo Rollouts name: argo-rollouts -version: 2.31.6 +version: 2.32.0 home: https://github.com/argoproj/argo-helm icon: https://argoproj.github.io/argo-rollouts/assets/logo.png keywords: @@ -18,5 +18,5 @@ annotations: fingerprint: 2B8F22F57260EFA67BE1C5824B11F800CD9D2252 url: https://argoproj.github.io/argo-helm/pgp_keys.asc artifacthub.io/changes: | - - kind: added - description: Add ability to set namespace on ServiceMonitor resource + - kind: changed + description: Upgrade Argo Rollouts to v1.6.0 diff --git a/charts/argo-rollouts/templates/crds/analysis-run-crd.yaml b/charts/argo-rollouts/templates/crds/analysis-run-crd.yaml index bc2e61dbc..7324e908c 100644 --- a/charts/argo-rollouts/templates/crds/analysis-run-crd.yaml +++ b/charts/argo-rollouts/templates/crds/analysis-run-crd.yaml @@ -3,7 +3,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.7.0 + controller-gen.kubebuilder.io/version: v0.12.1 {{- if .Values.keepCRDs }} "helm.sh/resource-policy": keep {{- end }} @@ -310,6 +310,7 @@ spec: type: string type: object type: object + x-kubernetes-map-type: atomic suspend: type: boolean template: @@ -372,6 +373,7 @@ spec: type: object type: array type: object + x-kubernetes-map-type: atomic weight: format: int32 type: integer @@ -418,10 +420,12 @@ spec: type: object type: array type: object + x-kubernetes-map-type: atomic type: array required: - nodeSelectorTerms type: object + x-kubernetes-map-type: atomic type: object podAffinity: properties: @@ -453,6 +457,7 @@ spec: type: string type: object type: object + x-kubernetes-map-type: atomic namespaceSelector: properties: matchExpressions: @@ -476,6 +481,7 @@ spec: type: string type: object type: object + x-kubernetes-map-type: atomic namespaces: items: type: string @@ -519,6 +525,7 @@ spec: type: string type: object type: object + x-kubernetes-map-type: atomic namespaceSelector: properties: matchExpressions: @@ -542,6 +549,7 @@ spec: type: string type: object type: object + x-kubernetes-map-type: atomic namespaces: items: type: string @@ -583,6 +591,7 @@ spec: type: string type: object type: object + x-kubernetes-map-type: atomic namespaceSelector: properties: matchExpressions: @@ -606,6 +615,7 @@ spec: type: string type: object type: object + x-kubernetes-map-type: atomic namespaces: items: type: string @@ -649,6 +659,7 @@ spec: type: string type: object type: object + x-kubernetes-map-type: atomic namespaceSelector: properties: matchExpressions: @@ -672,6 +683,7 @@ spec: type: string type: object type: object + x-kubernetes-map-type: atomic namespaces: items: type: string @@ -717,6 +729,7 @@ spec: required: - key type: object + x-kubernetes-map-type: atomic fieldRef: properties: apiVersion: @@ -726,6 +739,7 @@ spec: required: - fieldPath type: object + x-kubernetes-map-type: atomic resourceFieldRef: properties: containerName: @@ -741,6 +755,7 @@ spec: required: - resource type: object + x-kubernetes-map-type: atomic secretKeyRef: properties: key: @@ -752,6 +767,7 @@ spec: required: - key type: object + x-kubernetes-map-type: atomic type: object required: - name @@ -767,6 +783,7 @@ spec: optional: type: boolean type: object + x-kubernetes-map-type: atomic prefix: type: string secretRef: @@ -776,6 +793,7 @@ spec: optional: type: boolean type: object + x-kubernetes-map-type: atomic type: object type: array image: @@ -1316,6 +1334,7 @@ spec: required: - key type: object + x-kubernetes-map-type: atomic fieldRef: properties: apiVersion: @@ -1325,6 +1344,7 @@ spec: required: - fieldPath type: object + x-kubernetes-map-type: atomic resourceFieldRef: properties: containerName: @@ -1340,6 +1360,7 @@ spec: required: - resource type: object + x-kubernetes-map-type: atomic secretKeyRef: properties: key: @@ -1351,6 +1372,7 @@ spec: required: - key type: object + x-kubernetes-map-type: atomic type: object required: - name @@ -1366,6 +1388,7 @@ spec: optional: type: boolean type: object + x-kubernetes-map-type: atomic prefix: type: string secretRef: @@ -1375,6 +1398,7 @@ spec: optional: type: boolean type: object + x-kubernetes-map-type: atomic type: object type: array image: @@ -1889,6 +1913,7 @@ spec: name: type: string type: object + x-kubernetes-map-type: atomic type: array initContainers: items: @@ -1921,6 +1946,7 @@ spec: required: - key type: object + x-kubernetes-map-type: atomic fieldRef: properties: apiVersion: @@ -1930,6 +1956,7 @@ spec: required: - fieldPath type: object + x-kubernetes-map-type: atomic resourceFieldRef: properties: containerName: @@ -1945,6 +1972,7 @@ spec: required: - resource type: object + x-kubernetes-map-type: atomic secretKeyRef: properties: key: @@ -1956,6 +1984,7 @@ spec: required: - key type: object + x-kubernetes-map-type: atomic type: object required: - name @@ -1971,6 +2000,7 @@ spec: optional: type: boolean type: object + x-kubernetes-map-type: atomic prefix: type: string secretRef: @@ -1980,6 +2010,7 @@ spec: optional: type: boolean type: object + x-kubernetes-map-type: atomic type: object type: array image: @@ -2628,6 +2659,7 @@ spec: type: string type: object type: object + x-kubernetes-map-type: atomic matchLabelKeys: items: type: string @@ -2775,8 +2807,37 @@ spec: properties: address: type: string + authentication: + properties: + sigv4: + properties: + profile: + type: string + region: + type: string + roleArn: + type: string + type: object + type: object + headers: + items: + properties: + key: + type: string + value: + type: string + required: + - key + - value + type: object + type: array + insecure: + type: boolean query: type: string + timeout: + format: int64 + type: integer type: object skywalking: properties: diff --git a/charts/argo-rollouts/templates/crds/analysis-template-crd.yaml b/charts/argo-rollouts/templates/crds/analysis-template-crd.yaml index 2c73c5c96..934790970 100644 --- a/charts/argo-rollouts/templates/crds/analysis-template-crd.yaml +++ b/charts/argo-rollouts/templates/crds/analysis-template-crd.yaml @@ -3,7 +3,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.7.0 + controller-gen.kubebuilder.io/version: v0.12.1 {{- if .Values.keepCRDs }} "helm.sh/resource-policy": keep {{- end }} @@ -306,6 +306,7 @@ spec: type: string type: object type: object + x-kubernetes-map-type: atomic suspend: type: boolean template: @@ -368,6 +369,7 @@ spec: type: object type: array type: object + x-kubernetes-map-type: atomic weight: format: int32 type: integer @@ -414,10 +416,12 @@ spec: type: object type: array type: object + x-kubernetes-map-type: atomic type: array required: - nodeSelectorTerms type: object + x-kubernetes-map-type: atomic type: object podAffinity: properties: @@ -449,6 +453,7 @@ spec: type: string type: object type: object + x-kubernetes-map-type: atomic namespaceSelector: properties: matchExpressions: @@ -472,6 +477,7 @@ spec: type: string type: object type: object + x-kubernetes-map-type: atomic namespaces: items: type: string @@ -515,6 +521,7 @@ spec: type: string type: object type: object + x-kubernetes-map-type: atomic namespaceSelector: properties: matchExpressions: @@ -538,6 +545,7 @@ spec: type: string type: object type: object + x-kubernetes-map-type: atomic namespaces: items: type: string @@ -579,6 +587,7 @@ spec: type: string type: object type: object + x-kubernetes-map-type: atomic namespaceSelector: properties: matchExpressions: @@ -602,6 +611,7 @@ spec: type: string type: object type: object + x-kubernetes-map-type: atomic namespaces: items: type: string @@ -645,6 +655,7 @@ spec: type: string type: object type: object + x-kubernetes-map-type: atomic namespaceSelector: properties: matchExpressions: @@ -668,6 +679,7 @@ spec: type: string type: object type: object + x-kubernetes-map-type: atomic namespaces: items: type: string @@ -713,6 +725,7 @@ spec: required: - key type: object + x-kubernetes-map-type: atomic fieldRef: properties: apiVersion: @@ -722,6 +735,7 @@ spec: required: - fieldPath type: object + x-kubernetes-map-type: atomic resourceFieldRef: properties: containerName: @@ -737,6 +751,7 @@ spec: required: - resource type: object + x-kubernetes-map-type: atomic secretKeyRef: properties: key: @@ -748,6 +763,7 @@ spec: required: - key type: object + x-kubernetes-map-type: atomic type: object required: - name @@ -763,6 +779,7 @@ spec: optional: type: boolean type: object + x-kubernetes-map-type: atomic prefix: type: string secretRef: @@ -772,6 +789,7 @@ spec: optional: type: boolean type: object + x-kubernetes-map-type: atomic type: object type: array image: @@ -1312,6 +1330,7 @@ spec: required: - key type: object + x-kubernetes-map-type: atomic fieldRef: properties: apiVersion: @@ -1321,6 +1340,7 @@ spec: required: - fieldPath type: object + x-kubernetes-map-type: atomic resourceFieldRef: properties: containerName: @@ -1336,6 +1356,7 @@ spec: required: - resource type: object + x-kubernetes-map-type: atomic secretKeyRef: properties: key: @@ -1347,6 +1368,7 @@ spec: required: - key type: object + x-kubernetes-map-type: atomic type: object required: - name @@ -1362,6 +1384,7 @@ spec: optional: type: boolean type: object + x-kubernetes-map-type: atomic prefix: type: string secretRef: @@ -1371,6 +1394,7 @@ spec: optional: type: boolean type: object + x-kubernetes-map-type: atomic type: object type: array image: @@ -1885,6 +1909,7 @@ spec: name: type: string type: object + x-kubernetes-map-type: atomic type: array initContainers: items: @@ -1917,6 +1942,7 @@ spec: required: - key type: object + x-kubernetes-map-type: atomic fieldRef: properties: apiVersion: @@ -1926,6 +1952,7 @@ spec: required: - fieldPath type: object + x-kubernetes-map-type: atomic resourceFieldRef: properties: containerName: @@ -1941,6 +1968,7 @@ spec: required: - resource type: object + x-kubernetes-map-type: atomic secretKeyRef: properties: key: @@ -1952,6 +1980,7 @@ spec: required: - key type: object + x-kubernetes-map-type: atomic type: object required: - name @@ -1967,6 +1996,7 @@ spec: optional: type: boolean type: object + x-kubernetes-map-type: atomic prefix: type: string secretRef: @@ -1976,6 +2006,7 @@ spec: optional: type: boolean type: object + x-kubernetes-map-type: atomic type: object type: array image: @@ -2624,6 +2655,7 @@ spec: type: string type: object type: object + x-kubernetes-map-type: atomic matchLabelKeys: items: type: string @@ -2771,8 +2803,37 @@ spec: properties: address: type: string + authentication: + properties: + sigv4: + properties: + profile: + type: string + region: + type: string + roleArn: + type: string + type: object + type: object + headers: + items: + properties: + key: + type: string + value: + type: string + required: + - key + - value + type: object + type: array + insecure: + type: boolean query: type: string + timeout: + format: int64 + type: integer type: object skywalking: properties: diff --git a/charts/argo-rollouts/templates/crds/cluster-analysis-template-crd.yaml b/charts/argo-rollouts/templates/crds/cluster-analysis-template-crd.yaml index 612608de4..669773748 100644 --- a/charts/argo-rollouts/templates/crds/cluster-analysis-template-crd.yaml +++ b/charts/argo-rollouts/templates/crds/cluster-analysis-template-crd.yaml @@ -3,7 +3,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.7.0 + controller-gen.kubebuilder.io/version: v0.12.1 {{- if .Values.keepCRDs }} "helm.sh/resource-policy": keep {{- end }} @@ -306,6 +306,7 @@ spec: type: string type: object type: object + x-kubernetes-map-type: atomic suspend: type: boolean template: @@ -368,6 +369,7 @@ spec: type: object type: array type: object + x-kubernetes-map-type: atomic weight: format: int32 type: integer @@ -414,10 +416,12 @@ spec: type: object type: array type: object + x-kubernetes-map-type: atomic type: array required: - nodeSelectorTerms type: object + x-kubernetes-map-type: atomic type: object podAffinity: properties: @@ -449,6 +453,7 @@ spec: type: string type: object type: object + x-kubernetes-map-type: atomic namespaceSelector: properties: matchExpressions: @@ -472,6 +477,7 @@ spec: type: string type: object type: object + x-kubernetes-map-type: atomic namespaces: items: type: string @@ -515,6 +521,7 @@ spec: type: string type: object type: object + x-kubernetes-map-type: atomic namespaceSelector: properties: matchExpressions: @@ -538,6 +545,7 @@ spec: type: string type: object type: object + x-kubernetes-map-type: atomic namespaces: items: type: string @@ -579,6 +587,7 @@ spec: type: string type: object type: object + x-kubernetes-map-type: atomic namespaceSelector: properties: matchExpressions: @@ -602,6 +611,7 @@ spec: type: string type: object type: object + x-kubernetes-map-type: atomic namespaces: items: type: string @@ -645,6 +655,7 @@ spec: type: string type: object type: object + x-kubernetes-map-type: atomic namespaceSelector: properties: matchExpressions: @@ -668,6 +679,7 @@ spec: type: string type: object type: object + x-kubernetes-map-type: atomic namespaces: items: type: string @@ -713,6 +725,7 @@ spec: required: - key type: object + x-kubernetes-map-type: atomic fieldRef: properties: apiVersion: @@ -722,6 +735,7 @@ spec: required: - fieldPath type: object + x-kubernetes-map-type: atomic resourceFieldRef: properties: containerName: @@ -737,6 +751,7 @@ spec: required: - resource type: object + x-kubernetes-map-type: atomic secretKeyRef: properties: key: @@ -748,6 +763,7 @@ spec: required: - key type: object + x-kubernetes-map-type: atomic type: object required: - name @@ -763,6 +779,7 @@ spec: optional: type: boolean type: object + x-kubernetes-map-type: atomic prefix: type: string secretRef: @@ -772,6 +789,7 @@ spec: optional: type: boolean type: object + x-kubernetes-map-type: atomic type: object type: array image: @@ -1312,6 +1330,7 @@ spec: required: - key type: object + x-kubernetes-map-type: atomic fieldRef: properties: apiVersion: @@ -1321,6 +1340,7 @@ spec: required: - fieldPath type: object + x-kubernetes-map-type: atomic resourceFieldRef: properties: containerName: @@ -1336,6 +1356,7 @@ spec: required: - resource type: object + x-kubernetes-map-type: atomic secretKeyRef: properties: key: @@ -1347,6 +1368,7 @@ spec: required: - key type: object + x-kubernetes-map-type: atomic type: object required: - name @@ -1362,6 +1384,7 @@ spec: optional: type: boolean type: object + x-kubernetes-map-type: atomic prefix: type: string secretRef: @@ -1371,6 +1394,7 @@ spec: optional: type: boolean type: object + x-kubernetes-map-type: atomic type: object type: array image: @@ -1885,6 +1909,7 @@ spec: name: type: string type: object + x-kubernetes-map-type: atomic type: array initContainers: items: @@ -1917,6 +1942,7 @@ spec: required: - key type: object + x-kubernetes-map-type: atomic fieldRef: properties: apiVersion: @@ -1926,6 +1952,7 @@ spec: required: - fieldPath type: object + x-kubernetes-map-type: atomic resourceFieldRef: properties: containerName: @@ -1941,6 +1968,7 @@ spec: required: - resource type: object + x-kubernetes-map-type: atomic secretKeyRef: properties: key: @@ -1952,6 +1980,7 @@ spec: required: - key type: object + x-kubernetes-map-type: atomic type: object required: - name @@ -1967,6 +1996,7 @@ spec: optional: type: boolean type: object + x-kubernetes-map-type: atomic prefix: type: string secretRef: @@ -1976,6 +2006,7 @@ spec: optional: type: boolean type: object + x-kubernetes-map-type: atomic type: object type: array image: @@ -2624,6 +2655,7 @@ spec: type: string type: object type: object + x-kubernetes-map-type: atomic matchLabelKeys: items: type: string @@ -2771,8 +2803,37 @@ spec: properties: address: type: string + authentication: + properties: + sigv4: + properties: + profile: + type: string + region: + type: string + roleArn: + type: string + type: object + type: object + headers: + items: + properties: + key: + type: string + value: + type: string + required: + - key + - value + type: object + type: array + insecure: + type: boolean query: type: string + timeout: + format: int64 + type: integer type: object skywalking: properties: diff --git a/charts/argo-rollouts/templates/crds/experiment-crd.yaml b/charts/argo-rollouts/templates/crds/experiment-crd.yaml index acf989351..2f60d415b 100644 --- a/charts/argo-rollouts/templates/crds/experiment-crd.yaml +++ b/charts/argo-rollouts/templates/crds/experiment-crd.yaml @@ -3,7 +3,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.7.0 + controller-gen.kubebuilder.io/version: v0.12.1 {{- if .Values.keepCRDs }} "helm.sh/resource-policy": keep {{- end }} @@ -158,6 +158,7 @@ spec: type: string type: object type: object + x-kubernetes-map-type: atomic service: properties: name: @@ -223,6 +224,7 @@ spec: type: object type: array type: object + x-kubernetes-map-type: atomic weight: format: int32 type: integer @@ -269,10 +271,12 @@ spec: type: object type: array type: object + x-kubernetes-map-type: atomic type: array required: - nodeSelectorTerms type: object + x-kubernetes-map-type: atomic type: object podAffinity: properties: @@ -304,6 +308,7 @@ spec: type: string type: object type: object + x-kubernetes-map-type: atomic namespaceSelector: properties: matchExpressions: @@ -327,6 +332,7 @@ spec: type: string type: object type: object + x-kubernetes-map-type: atomic namespaces: items: type: string @@ -370,6 +376,7 @@ spec: type: string type: object type: object + x-kubernetes-map-type: atomic namespaceSelector: properties: matchExpressions: @@ -393,6 +400,7 @@ spec: type: string type: object type: object + x-kubernetes-map-type: atomic namespaces: items: type: string @@ -434,6 +442,7 @@ spec: type: string type: object type: object + x-kubernetes-map-type: atomic namespaceSelector: properties: matchExpressions: @@ -457,6 +466,7 @@ spec: type: string type: object type: object + x-kubernetes-map-type: atomic namespaces: items: type: string @@ -500,6 +510,7 @@ spec: type: string type: object type: object + x-kubernetes-map-type: atomic namespaceSelector: properties: matchExpressions: @@ -523,6 +534,7 @@ spec: type: string type: object type: object + x-kubernetes-map-type: atomic namespaces: items: type: string @@ -568,6 +580,7 @@ spec: required: - key type: object + x-kubernetes-map-type: atomic fieldRef: properties: apiVersion: @@ -577,6 +590,7 @@ spec: required: - fieldPath type: object + x-kubernetes-map-type: atomic resourceFieldRef: properties: containerName: @@ -592,6 +606,7 @@ spec: required: - resource type: object + x-kubernetes-map-type: atomic secretKeyRef: properties: key: @@ -603,6 +618,7 @@ spec: required: - key type: object + x-kubernetes-map-type: atomic type: object required: - name @@ -618,6 +634,7 @@ spec: optional: type: boolean type: object + x-kubernetes-map-type: atomic prefix: type: string secretRef: @@ -627,6 +644,7 @@ spec: optional: type: boolean type: object + x-kubernetes-map-type: atomic type: object type: array image: @@ -1167,6 +1185,7 @@ spec: required: - key type: object + x-kubernetes-map-type: atomic fieldRef: properties: apiVersion: @@ -1176,6 +1195,7 @@ spec: required: - fieldPath type: object + x-kubernetes-map-type: atomic resourceFieldRef: properties: containerName: @@ -1191,6 +1211,7 @@ spec: required: - resource type: object + x-kubernetes-map-type: atomic secretKeyRef: properties: key: @@ -1202,6 +1223,7 @@ spec: required: - key type: object + x-kubernetes-map-type: atomic type: object required: - name @@ -1217,6 +1239,7 @@ spec: optional: type: boolean type: object + x-kubernetes-map-type: atomic prefix: type: string secretRef: @@ -1226,6 +1249,7 @@ spec: optional: type: boolean type: object + x-kubernetes-map-type: atomic type: object type: array image: @@ -1740,6 +1764,7 @@ spec: name: type: string type: object + x-kubernetes-map-type: atomic type: array initContainers: items: @@ -1772,6 +1797,7 @@ spec: required: - key type: object + x-kubernetes-map-type: atomic fieldRef: properties: apiVersion: @@ -1781,6 +1807,7 @@ spec: required: - fieldPath type: object + x-kubernetes-map-type: atomic resourceFieldRef: properties: containerName: @@ -1796,6 +1823,7 @@ spec: required: - resource type: object + x-kubernetes-map-type: atomic secretKeyRef: properties: key: @@ -1807,6 +1835,7 @@ spec: required: - key type: object + x-kubernetes-map-type: atomic type: object required: - name @@ -1822,6 +1851,7 @@ spec: optional: type: boolean type: object + x-kubernetes-map-type: atomic prefix: type: string secretRef: @@ -1831,6 +1861,7 @@ spec: optional: type: boolean type: object + x-kubernetes-map-type: atomic type: object type: array image: @@ -2479,6 +2510,7 @@ spec: type: string type: object type: object + x-kubernetes-map-type: atomic matchLabelKeys: items: type: string diff --git a/charts/argo-rollouts/templates/crds/rollout-crd.yaml b/charts/argo-rollouts/templates/crds/rollout-crd.yaml index 45f59ee0c..7faf37904 100644 --- a/charts/argo-rollouts/templates/crds/rollout-crd.yaml +++ b/charts/argo-rollouts/templates/crds/rollout-crd.yaml @@ -3,7 +3,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.7.0 + controller-gen.kubebuilder.io/version: v0.12.1 {{- if .Values.keepCRDs }} "helm.sh/resource-policy": keep {{- end }} @@ -118,6 +118,7 @@ spec: type: string type: object type: object + x-kubernetes-map-type: atomic strategy: properties: blueGreen: @@ -624,6 +625,7 @@ spec: type: string type: object type: object + x-kubernetes-map-type: atomic service: properties: name: @@ -742,6 +744,10 @@ spec: type: string ingress: type: string + ingresses: + items: + type: string + type: array rootService: type: string servicePort: @@ -759,7 +765,6 @@ spec: - enabled type: object required: - - ingress - servicePort type: object ambassador: @@ -1003,6 +1008,7 @@ spec: type: object type: array type: object + x-kubernetes-map-type: atomic weight: format: int32 type: integer @@ -1049,10 +1055,12 @@ spec: type: object type: array type: object + x-kubernetes-map-type: atomic type: array required: - nodeSelectorTerms type: object + x-kubernetes-map-type: atomic type: object podAffinity: properties: @@ -1084,6 +1092,7 @@ spec: type: string type: object type: object + x-kubernetes-map-type: atomic namespaceSelector: properties: matchExpressions: @@ -1107,6 +1116,7 @@ spec: type: string type: object type: object + x-kubernetes-map-type: atomic namespaces: items: type: string @@ -1150,6 +1160,7 @@ spec: type: string type: object type: object + x-kubernetes-map-type: atomic namespaceSelector: properties: matchExpressions: @@ -1173,6 +1184,7 @@ spec: type: string type: object type: object + x-kubernetes-map-type: atomic namespaces: items: type: string @@ -1214,6 +1226,7 @@ spec: type: string type: object type: object + x-kubernetes-map-type: atomic namespaceSelector: properties: matchExpressions: @@ -1237,6 +1250,7 @@ spec: type: string type: object type: object + x-kubernetes-map-type: atomic namespaces: items: type: string @@ -1280,6 +1294,7 @@ spec: type: string type: object type: object + x-kubernetes-map-type: atomic namespaceSelector: properties: matchExpressions: @@ -1303,6 +1318,7 @@ spec: type: string type: object type: object + x-kubernetes-map-type: atomic namespaces: items: type: string @@ -1348,6 +1364,7 @@ spec: required: - key type: object + x-kubernetes-map-type: atomic fieldRef: properties: apiVersion: @@ -1357,6 +1374,7 @@ spec: required: - fieldPath type: object + x-kubernetes-map-type: atomic resourceFieldRef: properties: containerName: @@ -1372,6 +1390,7 @@ spec: required: - resource type: object + x-kubernetes-map-type: atomic secretKeyRef: properties: key: @@ -1383,6 +1402,7 @@ spec: required: - key type: object + x-kubernetes-map-type: atomic type: object required: - name @@ -1398,6 +1418,7 @@ spec: optional: type: boolean type: object + x-kubernetes-map-type: atomic prefix: type: string secretRef: @@ -1407,6 +1428,7 @@ spec: optional: type: boolean type: object + x-kubernetes-map-type: atomic type: object type: array image: @@ -1947,6 +1969,7 @@ spec: required: - key type: object + x-kubernetes-map-type: atomic fieldRef: properties: apiVersion: @@ -1956,6 +1979,7 @@ spec: required: - fieldPath type: object + x-kubernetes-map-type: atomic resourceFieldRef: properties: containerName: @@ -1971,6 +1995,7 @@ spec: required: - resource type: object + x-kubernetes-map-type: atomic secretKeyRef: properties: key: @@ -1982,6 +2007,7 @@ spec: required: - key type: object + x-kubernetes-map-type: atomic type: object required: - name @@ -1997,6 +2023,7 @@ spec: optional: type: boolean type: object + x-kubernetes-map-type: atomic prefix: type: string secretRef: @@ -2006,6 +2033,7 @@ spec: optional: type: boolean type: object + x-kubernetes-map-type: atomic type: object type: array image: @@ -2520,6 +2548,7 @@ spec: name: type: string type: object + x-kubernetes-map-type: atomic type: array initContainers: items: @@ -2552,6 +2581,7 @@ spec: required: - key type: object + x-kubernetes-map-type: atomic fieldRef: properties: apiVersion: @@ -2561,6 +2591,7 @@ spec: required: - fieldPath type: object + x-kubernetes-map-type: atomic resourceFieldRef: properties: containerName: @@ -2576,6 +2607,7 @@ spec: required: - resource type: object + x-kubernetes-map-type: atomic secretKeyRef: properties: key: @@ -2587,6 +2619,7 @@ spec: required: - key type: object + x-kubernetes-map-type: atomic type: object required: - name @@ -2602,6 +2635,7 @@ spec: optional: type: boolean type: object + x-kubernetes-map-type: atomic prefix: type: string secretRef: @@ -2611,6 +2645,7 @@ spec: optional: type: boolean type: object + x-kubernetes-map-type: atomic type: object type: array image: @@ -3259,6 +3294,7 @@ spec: type: string type: object type: object + x-kubernetes-map-type: atomic matchLabelKeys: items: type: string @@ -3330,6 +3366,8 @@ spec: - arn - name type: object + ingress: + type: string loadBalancer: properties: arn: @@ -3355,6 +3393,49 @@ spec: - name type: object type: object + albs: + items: + properties: + canaryTargetGroup: + properties: + arn: + type: string + fullName: + type: string + name: + type: string + required: + - arn + - name + type: object + ingress: + type: string + loadBalancer: + properties: + arn: + type: string + fullName: + type: string + name: + type: string + required: + - arn + - name + type: object + stableTargetGroup: + properties: + arn: + type: string + fullName: + type: string + name: + type: string + required: + - arn + - name + type: object + type: object + type: array availableReplicas: format: int32 type: integer From 258efc9a0c4c5d6bdd13339489f2689018652218 Mon Sep 17 00:00:00 2001 From: Tamas Szasz Date: Thu, 7 Sep 2023 16:52:17 +0300 Subject: [PATCH 256/373] fix(argo-cd): Make the PathType configurable when using single ingress resource in AWS (#2251) * Make the PathType configurable when using single ingress resource in AWS Signed-off-by: Tamas * update chart version and doc Signed-off-by: Tamas * Fix reference to value in range Signed-off-by: Tamas --------- Signed-off-by: Tamas Co-authored-by: Tamas --- charts/argo-cd/Chart.yaml | 4 ++-- charts/argo-cd/templates/argocd-server/ingress.yaml | 2 +- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index 18d2d2b48..18c029e2e 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -3,7 +3,7 @@ appVersion: v2.8.2 kubeVersion: ">=1.23.0-0" description: A Helm chart for Argo CD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 5.45.1 +version: 5.45.2 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png sources: @@ -27,4 +27,4 @@ annotations: url: https://argoproj.github.io/argo-helm/pgp_keys.asc artifacthub.io/changes: | - kind: fixed - description: fixed example for configs.styles to be sidebar instead of nav-bar + description: do not hardcode the pathtype of the grpc ingress rule when using a single ingress resource in aws alb diff --git a/charts/argo-cd/templates/argocd-server/ingress.yaml b/charts/argo-cd/templates/argocd-server/ingress.yaml index 98ec1cb12..a142bb666 100644 --- a/charts/argo-cd/templates/argocd-server/ingress.yaml +++ b/charts/argo-cd/templates/argocd-server/ingress.yaml @@ -39,7 +39,7 @@ spec: {{- range $p := $paths }} {{- if and $.Values.server.ingressGrpc.isAWSALB $.Values.server.ingressGrpc.enabled }} - path: {{ $p }} - pathType: Prefix + pathType: {{ $.Values.server.ingressGrpc.pathType }} backend: service: name: {{ template "argo-cd.server.fullname" $ }}-grpc From 3bb85b7d3eb0dfec12f195b5afc06b3bda70b5c3 Mon Sep 17 00:00:00 2001 From: Alexej Disterhoft Date: Fri, 8 Sep 2023 02:08:37 +0200 Subject: [PATCH 257/373] chore(argo-cd): Upgrade Argo CD to v2.8.3 (#2254) Signed-off-by: Alexej Disterhoft --- charts/argo-cd/Chart.yaml | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index 18c029e2e..76534308b 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -1,9 +1,9 @@ apiVersion: v2 -appVersion: v2.8.2 +appVersion: v2.8.3 kubeVersion: ">=1.23.0-0" description: A Helm chart for Argo CD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 5.45.2 +version: 5.45.3 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png sources: @@ -26,5 +26,5 @@ annotations: fingerprint: 2B8F22F57260EFA67BE1C5824B11F800CD9D2252 url: https://argoproj.github.io/argo-helm/pgp_keys.asc artifacthub.io/changes: | - - kind: fixed - description: do not hardcode the pathtype of the grpc ingress rule when using a single ingress resource in aws alb + - kind: changed + description: Upgrade Argo CD to v2.8.3 From 925cd8454ca2c648273e303c06f9f7560ffdc2f1 Mon Sep 17 00:00:00 2001 From: Aikawa Date: Fri, 8 Sep 2023 13:10:55 +0900 Subject: [PATCH 258/373] chore(argo-workflows): Upgrade Argo Workflows to v3.4.11 (#2255) --- charts/argo-workflows/Chart.yaml | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/charts/argo-workflows/Chart.yaml b/charts/argo-workflows/Chart.yaml index 1c60fbb4f..60dd66c88 100644 --- a/charts/argo-workflows/Chart.yaml +++ b/charts/argo-workflows/Chart.yaml @@ -1,9 +1,9 @@ apiVersion: v2 -appVersion: v3.4.10 +appVersion: v3.4.11 name: argo-workflows description: A Helm chart for Argo Workflows type: application -version: 0.33.1 +version: 0.33.2 icon: https://argoproj.github.io/argo-workflows/assets/logo.png home: https://github.com/argoproj/argo-helm sources: @@ -16,5 +16,5 @@ annotations: fingerprint: 2B8F22F57260EFA67BE1C5824B11F800CD9D2252 url: https://argoproj.github.io/argo-helm/pgp_keys.asc artifacthub.io/changes: | - - kind: fixed - description: fixed comment in values.yaml for blobNameFormat field + - kind: changed + description: Upgrade Argo Workflows to v3.4.11 From 95310f995b24226b2532d28d57f2b6de8687738b Mon Sep 17 00:00:00 2001 From: Aikawa Date: Fri, 8 Sep 2023 23:02:25 +0900 Subject: [PATCH 259/373] fix(argo-cd): Restart Repo Server and Application Controller as following the change of Argo CD CM (#2235) * fix(argo-cd): Restart Repo Server and Application Controller as following the change of Argo CD CM Signed-off-by: yu-croco * fix(argo-cd): Aligne condition to argocd-cm Signed-off-by: yu-croco --------- Signed-off-by: yu-croco --- charts/argo-cd/Chart.yaml | 6 +++--- .../argocd-application-controller/statefulset.yaml | 3 +++ charts/argo-cd/templates/argocd-repo-server/deployment.yaml | 3 +++ 3 files changed, 9 insertions(+), 3 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index 76534308b..345a2ae1b 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -3,7 +3,7 @@ appVersion: v2.8.3 kubeVersion: ">=1.23.0-0" description: A Helm chart for Argo CD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 5.45.3 +version: 5.45.4 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png sources: @@ -26,5 +26,5 @@ annotations: fingerprint: 2B8F22F57260EFA67BE1C5824B11F800CD9D2252 url: https://argoproj.github.io/argo-helm/pgp_keys.asc artifacthub.io/changes: | - - kind: changed - description: Upgrade Argo CD to v2.8.3 + - kind: fixed + description: Restart Repo Server and Application Controller as following the change of Argo CD CM diff --git a/charts/argo-cd/templates/argocd-application-controller/statefulset.yaml b/charts/argo-cd/templates/argocd-application-controller/statefulset.yaml index 8faac38da..3583a2b72 100644 --- a/charts/argo-cd/templates/argocd-application-controller/statefulset.yaml +++ b/charts/argo-cd/templates/argocd-application-controller/statefulset.yaml @@ -23,6 +23,9 @@ spec: metadata: annotations: checksum/cmd-params: {{ include (print $.Template.BasePath "/argocd-configs/argocd-cmd-params-cm.yaml") . | sha256sum }} + {{- if (hasKey .Values.server "configEnabled") | ternary .Values.server.configEnabled .Values.configs.cm.create }} + checksum/cm: {{ include (print $.Template.BasePath "/argocd-configs/argocd-cm.yaml") . | sha256sum }} + {{- end }} {{- with (mergeOverwrite (deepCopy .Values.global.podAnnotations) .Values.controller.podAnnotations) }} {{- range $key, $value := . }} {{ $key }}: {{ $value | quote }} diff --git a/charts/argo-cd/templates/argocd-repo-server/deployment.yaml b/charts/argo-cd/templates/argocd-repo-server/deployment.yaml index b9959018e..61fb545a1 100755 --- a/charts/argo-cd/templates/argocd-repo-server/deployment.yaml +++ b/charts/argo-cd/templates/argocd-repo-server/deployment.yaml @@ -30,6 +30,9 @@ spec: {{- if .Values.repoServer.certificateSecret.enabled }} checksum/repo-server-tls: {{ include (print $.Template.BasePath "/argocd-configs/argocd-repo-server-tls-secret.yaml") . | sha256sum }} {{- end }} + {{- if (hasKey .Values.server "configEnabled") | ternary .Values.server.configEnabled .Values.configs.cm.create }} + checksum/cm: {{ include (print $.Template.BasePath "/argocd-configs/argocd-cm.yaml") . | sha256sum }} + {{- end }} {{- with (mergeOverwrite (deepCopy .Values.global.podAnnotations) .Values.repoServer.podAnnotations) }} {{- range $key, $value := . }} {{ $key }}: {{ $value | quote }} From 34663ae9e6528098cc54a4465634154d48b14fce Mon Sep 17 00:00:00 2001 From: Petr Drastil Date: Fri, 8 Sep 2023 16:58:05 +0200 Subject: [PATCH 260/373] docs(argo-cd): Document scheduling parameters for redis-ha (#2253) Signed-off-by: Petr Drastil --- charts/argo-cd/Chart.yaml | 6 +++--- charts/argo-cd/README.md | 10 ++++++++++ charts/argo-cd/values.yaml | 37 +++++++++++++++++++++++++++++++------ 3 files changed, 44 insertions(+), 9 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index 345a2ae1b..39ecaeb6d 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -3,7 +3,7 @@ appVersion: v2.8.3 kubeVersion: ">=1.23.0-0" description: A Helm chart for Argo CD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 5.45.4 +version: 5.45.5 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png sources: @@ -26,5 +26,5 @@ annotations: fingerprint: 2B8F22F57260EFA67BE1C5824B11F800CD9D2252 url: https://argoproj.github.io/argo-helm/pgp_keys.asc artifacthub.io/changes: | - - kind: fixed - description: Restart Repo Server and Application Controller as following the change of Argo CD CM + - kind: added + description: Documented scheduling parameters for redis-ha diff --git a/charts/argo-cd/README.md b/charts/argo-cd/README.md index 125fcf697..49abfcea3 100644 --- a/charts/argo-cd/README.md +++ b/charts/argo-cd/README.md @@ -998,17 +998,27 @@ The main options are listed here: | Key | Type | Default | Description | |-----|------|---------|-------------| +| redis-ha.additionalAffinities | object | `{}` | Additional affinities to add to the Redis server pods. | +| redis-ha.affinity | object | `{}` | Assign custom [affinity] rules to the Redis pods. | | redis-ha.enabled | bool | `false` | Enables the Redis HA subchart and disables the custom Redis single node deployment | | redis-ha.exporter.enabled | bool | `false` | Enable Prometheus redis-exporter sidecar | | redis-ha.exporter.image | string | `"public.ecr.aws/bitnami/redis-exporter"` | Repository to use for the redis-exporter | | redis-ha.exporter.tag | string | `"1.53.0"` | Tag to use for the redis-exporter | +| redis-ha.haproxy.additionalAffinities | object | `{}` | Additional affinities to add to the haproxy pods. | +| redis-ha.haproxy.affinity | object | `{}` | Assign custom [affinity] rules to the haproxy pods. | | redis-ha.haproxy.enabled | bool | `true` | Enabled HAProxy LoadBalancing/Proxy | +| redis-ha.haproxy.hardAntiAffinity | bool | `true` | Whether the haproxy pods should be forced to run on separate nodes. | | redis-ha.haproxy.metrics.enabled | bool | `true` | HAProxy enable prometheus metric scraping | +| redis-ha.haproxy.tolerations | list | `[]` | [Tolerations] for use with node taints for haproxy pods. | +| redis-ha.hardAntiAffinity | bool | `true` | Whether the Redis server pods should be forced to run on separate nodes. | +| redis-ha.image.repository | string | `"redis"` | Redis repository | | redis-ha.image.tag | string | `"7.0.11-alpine"` | Redis tag | | redis-ha.persistentVolume.enabled | bool | `false` | Configures persistence on Redis nodes | | redis-ha.redis.config | object | See [values.yaml] | Any valid redis config options in this section will be applied to each server (see `redis-ha` chart) | | redis-ha.redis.config.save | string | `'""'` | Will save the DB if both the given number of seconds and the given number of write operations against the DB occurred. `""` is disabled | | redis-ha.redis.masterGroupName | string | `"argocd"` | Redis convention for naming the cluster group: must match `^[\\w-\\.]+$` and can be templated | +| redis-ha.tolerations | list | `[]` | [Tolerations] for use with node taints for Redis pods. | +| redis-ha.topologySpreadConstraints | object | `{"enabled":false,"maxSkew":"","topologyKey":"","whenUnsatisfiable":""}` | Assign custom [TopologySpreadConstraints] rules to the Redis pods. | | redis-ha.topologySpreadConstraints.enabled | bool | `false` | Enable Redis HA topology spread constraints | | redis-ha.topologySpreadConstraints.maxSkew | string | `""` (defaults to `1`) | Max skew of pods tolerated | | redis-ha.topologySpreadConstraints.topologyKey | string | `""` (defaults to `topology.kubernetes.io/zone`) | Topology key for spread | diff --git a/charts/argo-cd/values.yaml b/charts/argo-cd/values.yaml index e0a605430..a9ab7ad63 100644 --- a/charts/argo-cd/values.yaml +++ b/charts/argo-cd/values.yaml @@ -1371,12 +1371,17 @@ redis: # -- Prometheus ServiceMonitor annotations annotations: {} -# This key configures Redis-HA subchart and when enabled (redis-ha.enabled=true) -# the custom redis deployment is omitted -# Check the redis-ha chart for more properties +## Redis-HA subchart replaces custom redis deployment when `redis-ha.enabled=true` +# Ref: https://github.com/DandyDeveloper/charts/blob/master/charts/redis-ha/values.yaml redis-ha: # -- Enables the Redis HA subchart and disables the custom Redis single node deployment enabled: false + ## Redis image + image: + # -- Redis repository + repository: redis + # -- Redis tag + tag: 7.0.11-alpine ## Prometheus redis-exporter sidecar exporter: # -- Enable Prometheus redis-exporter sidecar @@ -1388,6 +1393,7 @@ redis-ha: persistentVolume: # -- Configures persistence on Redis nodes enabled: false + ## Redis specific configuration options redis: # -- Redis convention for naming the cluster group: must match `^[\\w-\\.]+$` and can be templated masterGroupName: argocd @@ -1397,16 +1403,35 @@ redis-ha: # -- Will save the DB if both the given number of seconds and the given number of write operations against the DB occurred. `""` is disabled # @default -- `'""'` save: '""' + ## Enables a HA Proxy for better LoadBalancing / Sentinel Master support. Automatically proxies to Redis master. haproxy: # -- Enabled HAProxy LoadBalancing/Proxy enabled: true metrics: # -- HAProxy enable prometheus metric scraping enabled: true - image: - # -- Redis tag - tag: 7.0.11-alpine + # -- Whether the haproxy pods should be forced to run on separate nodes. + hardAntiAffinity: true + # -- Additional affinities to add to the haproxy pods. + additionalAffinities: {} + # -- Assign custom [affinity] rules to the haproxy pods. + affinity: {} + # -- [Tolerations] for use with node taints for haproxy pods. + tolerations: [] + + # -- Whether the Redis server pods should be forced to run on separate nodes. + hardAntiAffinity: true + + # -- Additional affinities to add to the Redis server pods. + additionalAffinities: {} + + # -- Assign custom [affinity] rules to the Redis pods. + affinity: {} + + # -- [Tolerations] for use with node taints for Redis pods. + tolerations: [] + # -- Assign custom [TopologySpreadConstraints] rules to the Redis pods. ## https://kubernetes.io/docs/concepts/workloads/pods/pod-topology-spread-constraints/ topologySpreadConstraints: # -- Enable Redis HA topology spread constraints From eebb8c8d489ea41ce5ba388a14208c8e05cff67a Mon Sep 17 00:00:00 2001 From: Andrew Hamilton Date: Sat, 9 Sep 2023 01:55:47 -0700 Subject: [PATCH 261/373] feat(argo-cd): adds toggle for helm-working-dir (#2249) - Adds a toggle to be able to turn off the helm-working-dir for the repo server deployment. Using a shared helm repo storage directory can cause issues when multiple helm commands are being run in parallel. The repo server also has the ability to rebuild the repos and do updates in the normal flow for checking the status of an application so it won't cause issues if it's disabled. Signed-off-by: Andrew Hamilton --- charts/argo-cd/Chart.yaml | 4 ++-- charts/argo-cd/README.md | 1 + charts/argo-cd/templates/argocd-repo-server/deployment.yaml | 6 ++++++ charts/argo-cd/values.yaml | 3 +++ 4 files changed, 12 insertions(+), 2 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index 39ecaeb6d..fcbd06424 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -3,7 +3,7 @@ appVersion: v2.8.3 kubeVersion: ">=1.23.0-0" description: A Helm chart for Argo CD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 5.45.5 +version: 5.46.0 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png sources: @@ -27,4 +27,4 @@ annotations: url: https://argoproj.github.io/argo-helm/pgp_keys.asc artifacthub.io/changes: | - kind: added - description: Documented scheduling parameters for redis-ha + description: added a toggle for the shared Helm working directory diff --git a/charts/argo-cd/README.md b/charts/argo-cd/README.md index 49abfcea3..5b780b0bd 100644 --- a/charts/argo-cd/README.md +++ b/charts/argo-cd/README.md @@ -655,6 +655,7 @@ NAME: my-release | repoServer.serviceAccount.name | string | `""` | Repo server service account name | | repoServer.tolerations | list | `[]` (defaults to global.tolerations) | [Tolerations] for use with node taints | | repoServer.topologySpreadConstraints | list | `[]` (defaults to global.topologySpreadConstraints) | Assign custom [TopologySpreadConstraints] rules to the repo server | +| repoServer.useEphemeralHelmWorkingDir | bool | `true` | Toggle the usage of a ephemeral Helm working directory | | repoServer.volumeMounts | list | `[]` | Additional volumeMounts to the repo server main container | | repoServer.volumes | list | `[]` | Additional volumes to the repo server pod | diff --git a/charts/argo-cd/templates/argocd-repo-server/deployment.yaml b/charts/argo-cd/templates/argocd-repo-server/deployment.yaml index 61fb545a1..3080c79fd 100755 --- a/charts/argo-cd/templates/argocd-repo-server/deployment.yaml +++ b/charts/argo-cd/templates/argocd-repo-server/deployment.yaml @@ -231,12 +231,14 @@ spec: key: reposerver.enable.git.submodule name: argocd-cmd-params-cm optional: true + {{- if .Values.repoServer.useEphemeralHelmWorkingDir }} - name: HELM_CACHE_HOME value: /helm-working-dir - name: HELM_CONFIG_HOME value: /helm-working-dir - name: HELM_DATA_HOME value: /helm-working-dir + {{- end }} {{- with .Values.repoServer.envFrom }} envFrom: {{- toYaml . | nindent 10 }} @@ -255,8 +257,10 @@ spec: name: gpg-keyring - mountPath: /app/config/reposerver/tls name: argocd-repo-server-tls + {{- if .Values.repoServer.useEphemeralHelmWorkingDir }} - mountPath: /helm-working-dir name: helm-working-dir + {{- end }} - mountPath: /home/argocd/cmp-server/plugins name: plugins - mountPath: /tmp @@ -349,8 +353,10 @@ spec: {{- with .Values.repoServer.volumes }} {{- toYaml . | nindent 6 }} {{- end }} + {{- if .Values.repoServer.useEphemeralHelmWorkingDir }} - name: helm-working-dir emptyDir: {} + {{- end }} - name: plugins emptyDir: {} - name: var-files diff --git a/charts/argo-cd/values.yaml b/charts/argo-cd/values.yaml index a9ab7ad63..22dcfcc63 100644 --- a/charts/argo-cd/values.yaml +++ b/charts/argo-cd/values.yaml @@ -2177,6 +2177,9 @@ repoServer: # - name: cmp-tmp # emptyDir: {} + # -- Toggle the usage of a ephemeral Helm working directory + useEphemeralHelmWorkingDir: true + # -- Annotations to be added to repo server Deployment deploymentAnnotations: {} From 738fe78d2096b6543114b1d94d5dba6157b78adf Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Sat, 9 Sep 2023 18:39:19 +0900 Subject: [PATCH 262/373] chore(deps): bump actions/checkout from 3.6.0 to 4.0.0 (#2258) Bumps [actions/checkout](https://github.com/actions/checkout) from 3.6.0 to 4.0.0. - [Release notes](https://github.com/actions/checkout/releases) - [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md) - [Commits](https://github.com/actions/checkout/compare/f43a0e5ff2bd294095638e18286ca9a3d1956744...3df4ab11eba7bda6032a0b82a6bb43b11571feac) --- updated-dependencies: - dependency-name: actions/checkout dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> --- .github/workflows/lint-and-test.yml | 4 ++-- .github/workflows/publish.yml | 2 +- .github/workflows/scorecard.yml | 2 +- 3 files changed, 4 insertions(+), 4 deletions(-) diff --git a/.github/workflows/lint-and-test.yml b/.github/workflows/lint-and-test.yml index a78bf610a..52e4746b9 100644 --- a/.github/workflows/lint-and-test.yml +++ b/.github/workflows/lint-and-test.yml @@ -13,7 +13,7 @@ jobs: options: --user 1001 steps: - name: Checkout - uses: actions/checkout@f43a0e5ff2bd294095638e18286ca9a3d1956744 # v3.6.0 + uses: actions/checkout@3df4ab11eba7bda6032a0b82a6bb43b11571feac # v4.0.0 - name: Run ah lint working-directory: ./charts run: ah lint @@ -22,7 +22,7 @@ jobs: runs-on: ubuntu-latest steps: - name: Checkout - uses: actions/checkout@f43a0e5ff2bd294095638e18286ca9a3d1956744 # v3.6.0 + uses: actions/checkout@3df4ab11eba7bda6032a0b82a6bb43b11571feac # v4.0.0 with: fetch-depth: 0 diff --git a/.github/workflows/publish.yml b/.github/workflows/publish.yml index 9ad42ed76..0c8f7cbf0 100644 --- a/.github/workflows/publish.yml +++ b/.github/workflows/publish.yml @@ -18,7 +18,7 @@ jobs: runs-on: ubuntu-latest steps: - name: Checkout - uses: actions/checkout@f43a0e5ff2bd294095638e18286ca9a3d1956744 # v3.6.0 + uses: actions/checkout@3df4ab11eba7bda6032a0b82a6bb43b11571feac # v4.0.0 with: fetch-depth: 0 diff --git a/.github/workflows/scorecard.yml b/.github/workflows/scorecard.yml index 3f00b6dd5..86ff1a7ba 100644 --- a/.github/workflows/scorecard.yml +++ b/.github/workflows/scorecard.yml @@ -33,7 +33,7 @@ jobs: steps: - name: "Checkout code" - uses: actions/checkout@f43a0e5ff2bd294095638e18286ca9a3d1956744 # v3.6.0 + uses: actions/checkout@3df4ab11eba7bda6032a0b82a6bb43b11571feac # v4.0.0 with: persist-credentials: false From 366114b3db06170065a80eeb773c010ad7f251d2 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Sat, 9 Sep 2023 18:40:59 +0900 Subject: [PATCH 263/373] chore(deps): bump actions/upload-artifact from 3.1.2 to 3.1.3 (#2259) Bumps [actions/upload-artifact](https://github.com/actions/upload-artifact) from 3.1.2 to 3.1.3. - [Release notes](https://github.com/actions/upload-artifact/releases) - [Commits](https://github.com/actions/upload-artifact/compare/0b7f8abb1508181956e8e162db84b466c27e18ce...a8a3f3ad30e3422c9c7b888a15615d19a852ae32) --- updated-dependencies: - dependency-name: actions/upload-artifact dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Aikawa --- .github/workflows/scorecard.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/scorecard.yml b/.github/workflows/scorecard.yml index 86ff1a7ba..8a924219d 100644 --- a/.github/workflows/scorecard.yml +++ b/.github/workflows/scorecard.yml @@ -60,7 +60,7 @@ jobs: # Upload the results as artifacts (optional). Commenting out will disable uploads of run results in SARIF # format to the repository Actions tab. - name: "Upload artifact" - uses: actions/upload-artifact@0b7f8abb1508181956e8e162db84b466c27e18ce # v3.1.2 + uses: actions/upload-artifact@a8a3f3ad30e3422c9c7b888a15615d19a852ae32 # v3.1.3 with: name: SARIF file path: results.sarif From db76bbed97c6be2248446debdc00e1c75cb6f3f5 Mon Sep 17 00:00:00 2001 From: Anton Gilgur <4970083+agilgur5@users.noreply.github.com> Date: Sat, 9 Sep 2023 21:57:17 -0400 Subject: [PATCH 264/373] docs(argo-workflows): add an HA section (#2183) * feat(argo-workflows): add a sample HA config - a `values-ha.yaml` as an example for how one would set-up HA according to the Argo Workflows docs Signed-off-by: Anton Gilgur * docs(argo-workflows): add an HA section - plus add a test for HA, which the docs link to as an example - link back to [upstream docs](https://argoproj.github.io/argo-workflows/high-availability/) as well - follow the same basic structure as the [Argo CD chart for HA](https://github.com/argoproj/argo-helm/blob/3e35b0c7f7d758d553b17f369cc5940484ef5d89/charts/argo-cd/README.md?plain=1#L17) - as asked in review Signed-off-by: Anton Gilgur --------- Signed-off-by: Anton Gilgur Signed-off-by: Anton Gilgur <4970083+agilgur5@users.noreply.github.com> Co-authored-by: Aikawa --- charts/argo-workflows/Chart.yaml | 6 +++--- charts/argo-workflows/README.md | 5 +++++ charts/argo-workflows/README.md.gotmpl | 5 +++++ charts/argo-workflows/ci/ha-values.yaml | 23 +++++++++++++++++++++++ 4 files changed, 36 insertions(+), 3 deletions(-) create mode 100644 charts/argo-workflows/ci/ha-values.yaml diff --git a/charts/argo-workflows/Chart.yaml b/charts/argo-workflows/Chart.yaml index 60dd66c88..85de8f7e5 100644 --- a/charts/argo-workflows/Chart.yaml +++ b/charts/argo-workflows/Chart.yaml @@ -3,7 +3,7 @@ appVersion: v3.4.11 name: argo-workflows description: A Helm chart for Argo Workflows type: application -version: 0.33.2 +version: 0.33.3 icon: https://argoproj.github.io/argo-workflows/assets/logo.png home: https://github.com/argoproj/argo-helm sources: @@ -16,5 +16,5 @@ annotations: fingerprint: 2B8F22F57260EFA67BE1C5824B11F800CD9D2252 url: https://argoproj.github.io/argo-helm/pgp_keys.asc artifacthub.io/changes: | - - kind: changed - description: Upgrade Argo Workflows to v3.4.11 + - kind: fixed + description: Add HA docs and example diff --git a/charts/argo-workflows/README.md b/charts/argo-workflows/README.md index ef78bc5ba..732baecdd 100644 --- a/charts/argo-workflows/README.md +++ b/charts/argo-workflows/README.md @@ -75,6 +75,11 @@ For full list of changes, please check ArtifactHub [changelog]. ## Usage Notes +### High Availability + +This chart installs the non-HA version of Argo Workflows by default. If you want to run in HA mode, you can use [these example values](ci/ha-values.yaml) as a starting point. +Please see the upstream [Operator Manual's High Availability page](https://argoproj.github.io/argo-workflows/high-availability/) to understand how to scale Argo Workflows in depth. + ### Workflow controller This chart defaults to setting the `controller.instanceID.enabled` to `false` now, which means the deployed controller will act upon any workflow deployed to the cluster. If you would like to limit the behavior and deploy multiple workflow controllers, please use the `controller.instanceID.enabled` attribute along with one of its configuration options to set the `instanceID` of the workflow controller to be properly scoped for your needs. diff --git a/charts/argo-workflows/README.md.gotmpl b/charts/argo-workflows/README.md.gotmpl index 8316e9a0a..60aa62afa 100644 --- a/charts/argo-workflows/README.md.gotmpl +++ b/charts/argo-workflows/README.md.gotmpl @@ -75,6 +75,11 @@ For full list of changes, please check ArtifactHub [changelog]. ## Usage Notes +### High Availability + +This chart installs the non-HA version of Argo Workflows by default. If you want to run in HA mode, you can use [these example values](ci/ha-values.yaml) as a starting point. +Please see the upstream [Operator Manual's High Availability page](https://argoproj.github.io/argo-workflows/high-availability/) to understand how to scale Argo Workflows in depth. + ### Workflow controller This chart defaults to setting the `controller.instanceID.enabled` to `false` now, which means the deployed controller will act upon any workflow deployed to the cluster. If you would like to limit the behavior and deploy multiple workflow controllers, please use the `controller.instanceID.enabled` attribute along with one of its configuration options to set the `instanceID` of the workflow controller to be properly scoped for your needs. diff --git a/charts/argo-workflows/ci/ha-values.yaml b/charts/argo-workflows/ci/ha-values.yaml new file mode 100644 index 000000000..3dfbb572a --- /dev/null +++ b/charts/argo-workflows/ci/ha-values.yaml @@ -0,0 +1,23 @@ +# Sample values for High Availability configuration, following https://argoproj.github.io/argo-workflows/high-availability/ + +controller: + # in v3.0+, a second controller can be ran as a hot-standby: https://argoproj.github.io/argo-workflows/high-availability/#workflow-controller + replicas: 2 # should be strictly greater than PDB minAvailable + # enable PDB with at least one Pod + pdb: + # -- Configure [Pod Disruption Budget] for the controller pods + enabled: true + minAvailable: 1 + +server: + # enable HPA with at least two Pods + autoscaling: + # -- Enable Horizontal Pod Autoscaler ([HPA]) for the Argo Server + enabled: true + # -- Minimum number of replicas for the Argo Server [HPA] + minReplicas: 2 # should be strictly greater than PDB minAvailable + # enable PDB with at least one Pod + pdb: + # -- Configure [Pod Disruption Budget] for the controller pods + enabled: true + minAvailable: 1 From 95f56b534c69b33190f0db106a93e6781a7b6ed4 Mon Sep 17 00:00:00 2001 From: Aikawa Date: Mon, 11 Sep 2023 22:24:21 +0900 Subject: [PATCH 265/373] fix(argo-cd): Migrate leftover of applicationSet.replicaCount to applicationSet.replicas (#2261) Signed-off-by: yu-croco --- charts/argo-cd/Chart.yaml | 6 +++--- charts/argo-cd/templates/_helpers.tpl | 2 +- 2 files changed, 4 insertions(+), 4 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index fcbd06424..291f33dc7 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -3,7 +3,7 @@ appVersion: v2.8.3 kubeVersion: ">=1.23.0-0" description: A Helm chart for Argo CD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 5.46.0 +version: 5.46.1 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png sources: @@ -26,5 +26,5 @@ annotations: fingerprint: 2B8F22F57260EFA67BE1C5824B11F800CD9D2252 url: https://argoproj.github.io/argo-helm/pgp_keys.asc artifacthub.io/changes: | - - kind: added - description: added a toggle for the shared Helm working directory + - kind: fixed + description: Migrate leftover of applicationSet.replicaCount to applicationSet.replicas diff --git a/charts/argo-cd/templates/_helpers.tpl b/charts/argo-cd/templates/_helpers.tpl index 058526862..b5d62a6ab 100644 --- a/charts/argo-cd/templates/_helpers.tpl +++ b/charts/argo-cd/templates/_helpers.tpl @@ -201,7 +201,7 @@ NOTE: Configuration keys must be stored as dict because YAML treats dot as separ {{- $_ := set $presets (printf "%s.log.level" $component) $.Values.global.logging.level -}} {{- end -}} {{- if .Values.applicationSet.enabled -}} -{{- $_ := set $presets "applicationsetcontroller.enable.leader.election" (gt (.Values.applicationSet.replicaCount | int64) 1) -}} +{{- $_ := set $presets "applicationsetcontroller.enable.leader.election" (gt ((.Values.applicationSet.replicas | default .Values.applicationSet.replicaCount) | int64) 1) -}} {{- end -}} {{- toYaml $presets }} {{- end -}} From d51d3c6b692e9729869bb1180bcaa7b18ef1f771 Mon Sep 17 00:00:00 2001 From: Josh Soref <2119212+jsoref@users.noreply.github.com> Date: Mon, 11 Sep 2023 19:32:56 -0400 Subject: [PATCH 266/373] docs(argo-cd): improve changelog (#2262) * clarify 5.19.0 changes * revise wording Signed-off-by: Josh Soref <2119212+jsoref@users.noreply.github.com> --- charts/argo-cd/Chart.yaml | 6 +++--- charts/argo-cd/README.md | 4 ++-- charts/argo-cd/README.md.gotmpl | 4 ++-- 3 files changed, 7 insertions(+), 7 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index 291f33dc7..82e892e26 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -3,7 +3,7 @@ appVersion: v2.8.3 kubeVersion: ">=1.23.0-0" description: A Helm chart for Argo CD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 5.46.1 +version: 5.46.2 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png sources: @@ -26,5 +26,5 @@ annotations: fingerprint: 2B8F22F57260EFA67BE1C5824B11F800CD9D2252 url: https://argoproj.github.io/argo-helm/pgp_keys.asc artifacthub.io/changes: | - - kind: fixed - description: Migrate leftover of applicationSet.replicaCount to applicationSet.replicas + - kind: changed + description: Improve readme migration notes diff --git a/charts/argo-cd/README.md b/charts/argo-cd/README.md index 5b780b0bd..abb6be29e 100644 --- a/charts/argo-cd/README.md +++ b/charts/argo-cd/README.md @@ -106,7 +106,7 @@ For full list of changes please check ArtifactHub [changelog]. Highlighted versions provide information about additional steps that should be performed by user when upgrading to newer version. ### 5.35.0 -This version supports Kubernetes version `>=1.23.0-0`. The current supported version of Kubernetes is v1.24 or later and we align with Amazon EKS calendar, because many of AWS users and conservative approach. +This version supports Kubernetes version `>=1.23.0-0`. The current supported version of Kubernetes is v1.24 or later and we align with the Amazon EKS calendar, because many AWS users follow a conservative approach. Please see more information about EoL: [Amazon EKS EoL][EKS EoL]. @@ -126,7 +126,7 @@ This versions adds `global.affinity` options that are used as a presets. Overrid ### 5.19.0 -This version consolidates config for custom repository TLS certificates and SSH known hosts. If you provide this values please move them into new `configs.ssh` and `configs.tls` sections. +This version consolidates config for custom repository TLS certificates and SSH known hosts. If you provided these values (`configs.knownHosts.*`, `configs.knownHostsAnnotations`, `configs.tlsCerts`, `configs.tlsCertsAnnotations`) please move them into new `configs.ssh` and `configs.tls` sections. You can also use new option `configs.ssh.extraHosts` to configure your SSH keys without maintaing / overwritting keys for public Git repositories. ### 5.13.0 diff --git a/charts/argo-cd/README.md.gotmpl b/charts/argo-cd/README.md.gotmpl index dce6d9224..5dc048b44 100644 --- a/charts/argo-cd/README.md.gotmpl +++ b/charts/argo-cd/README.md.gotmpl @@ -105,7 +105,7 @@ For full list of changes please check ArtifactHub [changelog]. Highlighted versions provide information about additional steps that should be performed by user when upgrading to newer version. ### 5.35.0 -This version supports Kubernetes version `>=1.23.0-0`. The current supported version of Kubernetes is v1.24 or later and we align with Amazon EKS calendar, because many of AWS users and conservative approach. +This version supports Kubernetes version `>=1.23.0-0`. The current supported version of Kubernetes is v1.24 or later and we align with the Amazon EKS calendar, because many AWS users follow a conservative approach. Please see more information about EoL: [Amazon EKS EoL][EKS EoL]. @@ -126,7 +126,7 @@ This versions adds `global.affinity` options that are used as a presets. Overrid ### 5.19.0 -This version consolidates config for custom repository TLS certificates and SSH known hosts. If you provide this values please move them into new `configs.ssh` and `configs.tls` sections. +This version consolidates config for custom repository TLS certificates and SSH known hosts. If you provided these values (`configs.knownHosts.*`, `configs.knownHostsAnnotations`, `configs.tlsCerts`, `configs.tlsCertsAnnotations`) please move them into new `configs.ssh` and `configs.tls` sections. You can also use new option `configs.ssh.extraHosts` to configure your SSH keys without maintaing / overwritting keys for public Git repositories. ### 5.13.0 From bf1e4f2dde154a91e97c325748ca7e3681988cc9 Mon Sep 17 00:00:00 2001 From: Josh Soref <2119212+jsoref@users.noreply.github.com> Date: Wed, 13 Sep 2023 09:48:41 -0400 Subject: [PATCH 267/373] fix(github): Fix changelog spelling of versions (#2263) Signed-off-by: Josh Soref <2119212+jsoref@users.noreply.github.com> Co-authored-by: Aikawa --- CONTRIBUTING.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/CONTRIBUTING.md b/CONTRIBUTING.md index 1f7745b5f..d67ddefc5 100644 --- a/CONTRIBUTING.md +++ b/CONTRIBUTING.md @@ -64,7 +64,7 @@ Each release for each chart must be immutable. Any change to a chart (even just ### Chart Versioning -Currently we require a chart version bump for every change to a chart, including updating information for older verions. This may change in the future. +Currently we require a chart version bump for every change to a chart, including updating information for older versions. This may change in the future. ### Artifact Hub Annotations From 44ddf5986426379f120f111a91a69db95c2c4498 Mon Sep 17 00:00:00 2001 From: Aikawa Date: Thu, 14 Sep 2023 13:33:34 +0900 Subject: [PATCH 268/373] chore(argo-cd): Upgrade Argo CD to v2.8.4 (#2268) --- charts/argo-cd/Chart.yaml | 6 +++--- charts/argo-cd/templates/argocd-server/clusterrole.yaml | 2 ++ 2 files changed, 5 insertions(+), 3 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index 82e892e26..b56bf88fe 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -1,9 +1,9 @@ apiVersion: v2 -appVersion: v2.8.3 +appVersion: v2.8.4 kubeVersion: ">=1.23.0-0" description: A Helm chart for Argo CD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 5.46.2 +version: 5.46.3 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png sources: @@ -27,4 +27,4 @@ annotations: url: https://argoproj.github.io/argo-helm/pgp_keys.asc artifacthub.io/changes: | - kind: changed - description: Improve readme migration notes + description: Upgrade Argo CD to v2.8.4 diff --git a/charts/argo-cd/templates/argocd-server/clusterrole.yaml b/charts/argo-cd/templates/argocd-server/clusterrole.yaml index 3d2c44b55..838016fa0 100644 --- a/charts/argo-cd/templates/argocd-server/clusterrole.yaml +++ b/charts/argo-cd/templates/argocd-server/clusterrole.yaml @@ -48,6 +48,7 @@ rules: - apiGroups: - batch resources: + {{/* supports triggering jobs from UI */}} - jobs verbs: - create @@ -56,5 +57,6 @@ rules: resources: - workflows verbs: + {{/* supports triggering workflows from UI */}} - create {{- end }} From 736b82433918304b086aaa4401f84f366eecd8b9 Mon Sep 17 00:00:00 2001 From: Aikawa Date: Fri, 15 Sep 2023 19:47:59 +0900 Subject: [PATCH 269/373] fix(argo-cd): Align redis-ha's affinity type to upstream due to warnings (#2270) Signed-off-by: yu-croco --- charts/argo-cd/Chart.yaml | 6 +++--- charts/argo-cd/README.md | 4 ++-- charts/argo-cd/values.yaml | 4 ++-- 3 files changed, 7 insertions(+), 7 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index b56bf88fe..49d2233c9 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -3,7 +3,7 @@ appVersion: v2.8.4 kubeVersion: ">=1.23.0-0" description: A Helm chart for Argo CD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 5.46.3 +version: 5.46.4 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png sources: @@ -26,5 +26,5 @@ annotations: fingerprint: 2B8F22F57260EFA67BE1C5824B11F800CD9D2252 url: https://argoproj.github.io/argo-helm/pgp_keys.asc artifacthub.io/changes: | - - kind: changed - description: Upgrade Argo CD to v2.8.4 + - kind: fixed + description: Align redis-ha's affinity type to upstream due to warnings diff --git a/charts/argo-cd/README.md b/charts/argo-cd/README.md index abb6be29e..bb51d130b 100644 --- a/charts/argo-cd/README.md +++ b/charts/argo-cd/README.md @@ -1000,13 +1000,13 @@ The main options are listed here: | Key | Type | Default | Description | |-----|------|---------|-------------| | redis-ha.additionalAffinities | object | `{}` | Additional affinities to add to the Redis server pods. | -| redis-ha.affinity | object | `{}` | Assign custom [affinity] rules to the Redis pods. | +| redis-ha.affinity | string | `""` | Assign custom [affinity] rules to the Redis pods. | | redis-ha.enabled | bool | `false` | Enables the Redis HA subchart and disables the custom Redis single node deployment | | redis-ha.exporter.enabled | bool | `false` | Enable Prometheus redis-exporter sidecar | | redis-ha.exporter.image | string | `"public.ecr.aws/bitnami/redis-exporter"` | Repository to use for the redis-exporter | | redis-ha.exporter.tag | string | `"1.53.0"` | Tag to use for the redis-exporter | | redis-ha.haproxy.additionalAffinities | object | `{}` | Additional affinities to add to the haproxy pods. | -| redis-ha.haproxy.affinity | object | `{}` | Assign custom [affinity] rules to the haproxy pods. | +| redis-ha.haproxy.affinity | string | `""` | Assign custom [affinity] rules to the haproxy pods. | | redis-ha.haproxy.enabled | bool | `true` | Enabled HAProxy LoadBalancing/Proxy | | redis-ha.haproxy.hardAntiAffinity | bool | `true` | Whether the haproxy pods should be forced to run on separate nodes. | | redis-ha.haproxy.metrics.enabled | bool | `true` | HAProxy enable prometheus metric scraping | diff --git a/charts/argo-cd/values.yaml b/charts/argo-cd/values.yaml index 22dcfcc63..fb078ac65 100644 --- a/charts/argo-cd/values.yaml +++ b/charts/argo-cd/values.yaml @@ -1415,7 +1415,7 @@ redis-ha: # -- Additional affinities to add to the haproxy pods. additionalAffinities: {} # -- Assign custom [affinity] rules to the haproxy pods. - affinity: {} + affinity: | # -- [Tolerations] for use with node taints for haproxy pods. tolerations: [] @@ -1426,7 +1426,7 @@ redis-ha: additionalAffinities: {} # -- Assign custom [affinity] rules to the Redis pods. - affinity: {} + affinity: | # -- [Tolerations] for use with node taints for Redis pods. tolerations: [] From 8d00bec86ebb64f2bbd428e3aaaf535e708ed5e8 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Sat, 16 Sep 2023 07:15:00 -0500 Subject: [PATCH 270/373] chore(deps): bump docker/login-action from 2.2.0 to 3.0.0 (#2271) --- .github/workflows/publish.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/publish.yml b/.github/workflows/publish.yml index 0c8f7cbf0..07319d36c 100644 --- a/.github/workflows/publish.yml +++ b/.github/workflows/publish.yml @@ -65,7 +65,7 @@ jobs: CR_TOKEN: "${{ secrets.GITHUB_TOKEN }}" - name: Login to GHCR - uses: docker/login-action@465a07811f14bebb1938fbed4728c6a1ff8901fc # v2.2.0 + uses: docker/login-action@343f7c4344506bcbf9b4de18042ae17996df046d # v3.0.0 with: registry: ghcr.io username: ${{ github.actor }} From 5626d0536f6f3e43273d2efa3b98641e29dcb4aa Mon Sep 17 00:00:00 2001 From: Mats Willemsen <60099717+ma-ts@users.noreply.github.com> Date: Mon, 18 Sep 2023 15:21:36 +0200 Subject: [PATCH 271/373] fix(argo-cd): make ServiceMonitor annotations in ArgoCD server conditional (#2273) * fix: add argocd servicemonitor annotations conditionally Signed-off-by: Mats Willemsen * chore(argo-cd): add changelog Signed-off-by: Mats Willemsen --------- Signed-off-by: Mats Willemsen --- charts/argo-cd/Chart.yaml | 4 ++-- charts/argo-cd/templates/argocd-server/servicemonitor.yaml | 6 +++--- 2 files changed, 5 insertions(+), 5 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index 49d2233c9..9b423e8f0 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -3,7 +3,7 @@ appVersion: v2.8.4 kubeVersion: ">=1.23.0-0" description: A Helm chart for Argo CD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 5.46.4 +version: 5.46.5 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png sources: @@ -27,4 +27,4 @@ annotations: url: https://argoproj.github.io/argo-helm/pgp_keys.asc artifacthub.io/changes: | - kind: fixed - description: Align redis-ha's affinity type to upstream due to warnings + description: fixed issue with argocd-server servicemonitor annotation attribute being added even when no annotations where defined diff --git a/charts/argo-cd/templates/argocd-server/servicemonitor.yaml b/charts/argo-cd/templates/argocd-server/servicemonitor.yaml index f876a1a18..d036a8e17 100644 --- a/charts/argo-cd/templates/argocd-server/servicemonitor.yaml +++ b/charts/argo-cd/templates/argocd-server/servicemonitor.yaml @@ -12,10 +12,10 @@ metadata: {{- with .Values.server.metrics.serviceMonitor.additionalLabels }} {{- toYaml . | nindent 4 }} {{- end }} + {{- with .Values.server.metrics.serviceMonitor.annotations }} annotations: - {{- range $key, $value := .Values.server.metrics.serviceMonitor.annotations }} - {{ $key }}: {{ $value | quote }} - {{- end }} + {{- toYaml . | nindent 4 }} + {{- end }} spec: endpoints: - port: {{ .Values.server.metrics.service.portName }} From 7a17fc2dc9688ce4db918079c13c83d8bd84c3d4 Mon Sep 17 00:00:00 2001 From: sibucan Date: Tue, 19 Sep 2023 05:01:42 -0400 Subject: [PATCH 272/373] fix(argo-cd): Add checksum for CMP ConfigMap in repo-server Pod annotations (#2275) Add checksum for CMP ConfigMap in repo-server This helm chart defines the plugins as ConfigMaps -- according to the docs, when the CM is modified, the repo-server Pod must be restarted to have the sidecars pick up the latest changes: https://argo-cd.readthedocs.io/en/stable/operator-manual/config-management-plugins/#debugging-a-cmp The changes in this helm chart allow for a checksum to be calculated from the ConfigMap and added as a Pod annotation so whenever the CM values are modified, the Pod is restarted automatically. Signed-off-by: sibucan --- charts/argo-cd/Chart.yaml | 4 ++-- charts/argo-cd/templates/argocd-repo-server/deployment.yaml | 3 +++ 2 files changed, 5 insertions(+), 2 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index 9b423e8f0..20d4f52a4 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -3,7 +3,7 @@ appVersion: v2.8.4 kubeVersion: ">=1.23.0-0" description: A Helm chart for Argo CD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 5.46.5 +version: 5.46.6 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png sources: @@ -27,4 +27,4 @@ annotations: url: https://argoproj.github.io/argo-helm/pgp_keys.asc artifacthub.io/changes: | - kind: fixed - description: fixed issue with argocd-server servicemonitor annotation attribute being added even when no annotations where defined + description: fixed repo-server deployment not restarting when a cmp configmap is modified diff --git a/charts/argo-cd/templates/argocd-repo-server/deployment.yaml b/charts/argo-cd/templates/argocd-repo-server/deployment.yaml index 3080c79fd..ea54e79d3 100755 --- a/charts/argo-cd/templates/argocd-repo-server/deployment.yaml +++ b/charts/argo-cd/templates/argocd-repo-server/deployment.yaml @@ -33,6 +33,9 @@ spec: {{- if (hasKey .Values.server "configEnabled") | ternary .Values.server.configEnabled .Values.configs.cm.create }} checksum/cm: {{ include (print $.Template.BasePath "/argocd-configs/argocd-cm.yaml") . | sha256sum }} {{- end }} + {{- if .Values.configs.cmp.create }} + checksum/cmp-cm: {{ include (print $.Template.BasePath "/argocd-configs/argocd-cmp-cm.yaml") . | sha256sum }} + {{- end }} {{- with (mergeOverwrite (deepCopy .Values.global.podAnnotations) .Values.repoServer.podAnnotations) }} {{- range $key, $value := . }} {{ $key }}: {{ $value | quote }} From 2a5bbf5cefdf8546bbf612ecf59c898996492142 Mon Sep 17 00:00:00 2001 From: Pieter <110168856+Pionerd@users.noreply.github.com> Date: Fri, 22 Sep 2023 17:39:58 +0200 Subject: [PATCH 273/373] fix(argo-cd): Redis to 7.0.13 to fix CVE-2022-48174 (#2279) * Redis to 7.0.13 Signed-off-by: Pieter van der Giessen * changelog Signed-off-by: Pieter van der Giessen --------- Signed-off-by: Pieter van der Giessen --- charts/argo-cd/Chart.yaml | 6 +++--- charts/argo-cd/README.md | 4 ++-- charts/argo-cd/values.yaml | 4 ++-- 3 files changed, 7 insertions(+), 7 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index 20d4f52a4..1bfed795c 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -3,7 +3,7 @@ appVersion: v2.8.4 kubeVersion: ">=1.23.0-0" description: A Helm chart for Argo CD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 5.46.6 +version: 5.46.7 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png sources: @@ -26,5 +26,5 @@ annotations: fingerprint: 2B8F22F57260EFA67BE1C5824B11F800CD9D2252 url: https://argoproj.github.io/argo-helm/pgp_keys.asc artifacthub.io/changes: | - - kind: fixed - description: fixed repo-server deployment not restarting when a cmp configmap is modified + - kind: security + description: updated redis dependency to 7.0.13-alpine to fix CVE-2022-48174 diff --git a/charts/argo-cd/README.md b/charts/argo-cd/README.md index bb51d130b..166619712 100644 --- a/charts/argo-cd/README.md +++ b/charts/argo-cd/README.md @@ -947,7 +947,7 @@ server: | redis.extraContainers | list | `[]` | Additional containers to be added to the redis pod | | redis.image.imagePullPolicy | string | `""` (defaults to global.image.imagePullPolicy) | Redis image pull policy | | redis.image.repository | string | `"public.ecr.aws/docker/library/redis"` | Redis repository | -| redis.image.tag | string | `"7.0.11-alpine"` | Redis tag | +| redis.image.tag | string | `"7.0.13-alpine"` | Redis tag | | redis.imagePullSecrets | list | `[]` (defaults to global.imagePullSecrets) | Secrets with credentials to pull images from a private registry | | redis.initContainers | list | `[]` | Init containers to add to the redis pod | | redis.metrics.enabled | bool | `false` | Deploy metrics service | @@ -1013,7 +1013,7 @@ The main options are listed here: | redis-ha.haproxy.tolerations | list | `[]` | [Tolerations] for use with node taints for haproxy pods. | | redis-ha.hardAntiAffinity | bool | `true` | Whether the Redis server pods should be forced to run on separate nodes. | | redis-ha.image.repository | string | `"redis"` | Redis repository | -| redis-ha.image.tag | string | `"7.0.11-alpine"` | Redis tag | +| redis-ha.image.tag | string | `"7.0.13-alpine"` | Redis tag | | redis-ha.persistentVolume.enabled | bool | `false` | Configures persistence on Redis nodes | | redis-ha.redis.config | object | See [values.yaml] | Any valid redis config options in this section will be applied to each server (see `redis-ha` chart) | | redis-ha.redis.config.save | string | `'""'` | Will save the DB if both the given number of seconds and the given number of write operations against the DB occurred. `""` is disabled | diff --git a/charts/argo-cd/values.yaml b/charts/argo-cd/values.yaml index fb078ac65..fed4e97c4 100644 --- a/charts/argo-cd/values.yaml +++ b/charts/argo-cd/values.yaml @@ -1162,7 +1162,7 @@ redis: # -- Redis repository repository: public.ecr.aws/docker/library/redis # -- Redis tag - tag: 7.0.11-alpine + tag: 7.0.13-alpine # -- Redis image pull policy # @default -- `""` (defaults to global.image.imagePullPolicy) imagePullPolicy: "" @@ -1381,7 +1381,7 @@ redis-ha: # -- Redis repository repository: redis # -- Redis tag - tag: 7.0.11-alpine + tag: 7.0.13-alpine ## Prometheus redis-exporter sidecar exporter: # -- Enable Prometheus redis-exporter sidecar From 03c1be1c6d92eae55a77b4d691dcdb470f8c68c9 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Sat, 23 Sep 2023 20:45:16 +0900 Subject: [PATCH 274/373] chore(deps): bump actions/checkout from 4.0.0 to 4.1.0 (#2280) Bumps [actions/checkout](https://github.com/actions/checkout) from 4.0.0 to 4.1.0. - [Release notes](https://github.com/actions/checkout/releases) - [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md) - [Commits](https://github.com/actions/checkout/compare/3df4ab11eba7bda6032a0b82a6bb43b11571feac...8ade135a41bc03ea155e62e844d188df1ea18608) --- updated-dependencies: - dependency-name: actions/checkout dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> --- .github/workflows/lint-and-test.yml | 4 ++-- .github/workflows/publish.yml | 2 +- .github/workflows/scorecard.yml | 2 +- 3 files changed, 4 insertions(+), 4 deletions(-) diff --git a/.github/workflows/lint-and-test.yml b/.github/workflows/lint-and-test.yml index 52e4746b9..719651eda 100644 --- a/.github/workflows/lint-and-test.yml +++ b/.github/workflows/lint-and-test.yml @@ -13,7 +13,7 @@ jobs: options: --user 1001 steps: - name: Checkout - uses: actions/checkout@3df4ab11eba7bda6032a0b82a6bb43b11571feac # v4.0.0 + uses: actions/checkout@8ade135a41bc03ea155e62e844d188df1ea18608 # v4.1.0 - name: Run ah lint working-directory: ./charts run: ah lint @@ -22,7 +22,7 @@ jobs: runs-on: ubuntu-latest steps: - name: Checkout - uses: actions/checkout@3df4ab11eba7bda6032a0b82a6bb43b11571feac # v4.0.0 + uses: actions/checkout@8ade135a41bc03ea155e62e844d188df1ea18608 # v4.1.0 with: fetch-depth: 0 diff --git a/.github/workflows/publish.yml b/.github/workflows/publish.yml index 07319d36c..99f0698d0 100644 --- a/.github/workflows/publish.yml +++ b/.github/workflows/publish.yml @@ -18,7 +18,7 @@ jobs: runs-on: ubuntu-latest steps: - name: Checkout - uses: actions/checkout@3df4ab11eba7bda6032a0b82a6bb43b11571feac # v4.0.0 + uses: actions/checkout@8ade135a41bc03ea155e62e844d188df1ea18608 # v4.1.0 with: fetch-depth: 0 diff --git a/.github/workflows/scorecard.yml b/.github/workflows/scorecard.yml index 8a924219d..a02eda747 100644 --- a/.github/workflows/scorecard.yml +++ b/.github/workflows/scorecard.yml @@ -33,7 +33,7 @@ jobs: steps: - name: "Checkout code" - uses: actions/checkout@3df4ab11eba7bda6032a0b82a6bb43b11571feac # v4.0.0 + uses: actions/checkout@8ade135a41bc03ea155e62e844d188df1ea18608 # v4.1.0 with: persist-credentials: false From 82081bce8ca4491a2a03e08dc04eec4f72c635cc Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Sat, 30 Sep 2023 22:53:47 -0500 Subject: [PATCH 275/373] chore(deps): bump amannn/action-semantic-pull-request from 5.2.0 to 5.3.0 (#2284) --- .github/workflows/pr-title.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/pr-title.yml b/.github/workflows/pr-title.yml index 2d45de124..be77f1aef 100644 --- a/.github/workflows/pr-title.yml +++ b/.github/workflows/pr-title.yml @@ -19,7 +19,7 @@ jobs: name: Validate PR title runs-on: ubuntu-latest steps: - - uses: amannn/action-semantic-pull-request@c3cd5d1ea3580753008872425915e343e351ab54 # v5.2.0 + - uses: amannn/action-semantic-pull-request@47b15d52c5c30e94a17ec87eb8dd51ff5221fed9 # v5.3.0 env: GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} with: From e9f6b1a8b48c499b8124df1b7d1db33dad979974 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Sat, 7 Oct 2023 07:19:01 -0500 Subject: [PATCH 276/373] chore(deps): bump ossf/scorecard-action from 2.2.0 to 2.3.0 (#2290) --- .github/workflows/scorecard.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/scorecard.yml b/.github/workflows/scorecard.yml index a02eda747..b1dc3b042 100644 --- a/.github/workflows/scorecard.yml +++ b/.github/workflows/scorecard.yml @@ -38,7 +38,7 @@ jobs: persist-credentials: false - name: "Run analysis" - uses: ossf/scorecard-action@08b4669551908b1024bb425080c797723083c031 # v2.2.0 + uses: ossf/scorecard-action@483ef80eb98fb506c348f7d62e28055e49fe2398 # v2.3.0 with: results_file: results.sarif results_format: sarif From 37069f92c953a7e1da2e281d4fdab9b368b737da Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Sat, 7 Oct 2023 07:37:13 -0500 Subject: [PATCH 277/373] chore(deps): bump actions/setup-python from 4.7.0 to 4.7.1 (#2289) --- .github/workflows/lint-and-test.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/lint-and-test.yml b/.github/workflows/lint-and-test.yml index 719651eda..9ac90a30d 100644 --- a/.github/workflows/lint-and-test.yml +++ b/.github/workflows/lint-and-test.yml @@ -32,7 +32,7 @@ jobs: version: v3.10.1 # Also update in publish.yaml - name: Set up python - uses: actions/setup-python@61a6322f88396a6271a6ee3565807d608ecaddd1 # v4.7.0 + uses: actions/setup-python@65d7f2d534ac1bc67fcd62888c5f4f3d2cb2b236 # v4.7.1 with: python-version: 3.9 From 052454f23392d957e8374aaffc5005baba211bd5 Mon Sep 17 00:00:00 2001 From: "Marco Maurer (-Kilchhofer)" Date: Thu, 12 Oct 2023 11:50:51 +0200 Subject: [PATCH 278/373] fix(argo-cd): Sync redis / redis-ha readOnlyRootFilesystem from upstream (#2294) Signed-off-by: Marco Maurer --- charts/argo-cd/Chart.yaml | 6 +++--- charts/argo-cd/README.md | 2 ++ charts/argo-cd/values.yaml | 10 ++++++++++ 3 files changed, 15 insertions(+), 3 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index 1bfed795c..5f4379441 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -3,7 +3,7 @@ appVersion: v2.8.4 kubeVersion: ">=1.23.0-0" description: A Helm chart for Argo CD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 5.46.7 +version: 5.46.8 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png sources: @@ -26,5 +26,5 @@ annotations: fingerprint: 2B8F22F57260EFA67BE1C5824B11F800CD9D2252 url: https://argoproj.github.io/argo-helm/pgp_keys.asc artifacthub.io/changes: | - - kind: security - description: updated redis dependency to 7.0.13-alpine to fix CVE-2022-48174 + - kind: fixed + description: Sync redis / redis-ha readOnlyRootFilesystem=true option from upstream. This was part of Argo CD 2.8.0. diff --git a/charts/argo-cd/README.md b/charts/argo-cd/README.md index 166619712..b2101038f 100644 --- a/charts/argo-cd/README.md +++ b/charts/argo-cd/README.md @@ -1001,12 +1001,14 @@ The main options are listed here: |-----|------|---------|-------------| | redis-ha.additionalAffinities | object | `{}` | Additional affinities to add to the Redis server pods. | | redis-ha.affinity | string | `""` | Assign custom [affinity] rules to the Redis pods. | +| redis-ha.containerSecurityContext | object | See [values.yaml] | Redis HA statefulset container-level security context | | redis-ha.enabled | bool | `false` | Enables the Redis HA subchart and disables the custom Redis single node deployment | | redis-ha.exporter.enabled | bool | `false` | Enable Prometheus redis-exporter sidecar | | redis-ha.exporter.image | string | `"public.ecr.aws/bitnami/redis-exporter"` | Repository to use for the redis-exporter | | redis-ha.exporter.tag | string | `"1.53.0"` | Tag to use for the redis-exporter | | redis-ha.haproxy.additionalAffinities | object | `{}` | Additional affinities to add to the haproxy pods. | | redis-ha.haproxy.affinity | string | `""` | Assign custom [affinity] rules to the haproxy pods. | +| redis-ha.haproxy.containerSecurityContext | object | See [values.yaml] | HAProxy container-level security context | | redis-ha.haproxy.enabled | bool | `true` | Enabled HAProxy LoadBalancing/Proxy | | redis-ha.haproxy.hardAntiAffinity | bool | `true` | Whether the haproxy pods should be forced to run on separate nodes. | | redis-ha.haproxy.metrics.enabled | bool | `true` | HAProxy enable prometheus metric scraping | diff --git a/charts/argo-cd/values.yaml b/charts/argo-cd/values.yaml index fed4e97c4..b029dfaab 100644 --- a/charts/argo-cd/values.yaml +++ b/charts/argo-cd/values.yaml @@ -1279,6 +1279,7 @@ redis: # -- Redis container-level security context # @default -- See [values.yaml] containerSecurityContext: + readOnlyRootFilesystem: true allowPrivilegeEscalation: false capabilities: drop: @@ -1416,8 +1417,13 @@ redis-ha: additionalAffinities: {} # -- Assign custom [affinity] rules to the haproxy pods. affinity: | + # -- [Tolerations] for use with node taints for haproxy pods. tolerations: [] + # -- HAProxy container-level security context + # @default -- See [values.yaml] + containerSecurityContext: + readOnlyRootFilesystem: true # -- Whether the Redis server pods should be forced to run on separate nodes. hardAntiAffinity: true @@ -1445,6 +1451,10 @@ redis-ha: # -- Enforcement policy, hard or soft # @default -- `""` (defaults to `ScheduleAnyway`) whenUnsatisfiable: "" + # -- Redis HA statefulset container-level security context + # @default -- See [values.yaml] + containerSecurityContext: + readOnlyRootFilesystem: true # External Redis parameters externalRedis: From 2730dc24c7ad69b98d3206705a5ebf5cb34dd96b Mon Sep 17 00:00:00 2001 From: Aikawa Date: Thu, 12 Oct 2023 23:14:41 +0900 Subject: [PATCH 279/373] feat(argo-workflows): Configure declarative server auth mode (#2291) --- charts/argo-workflows/Chart.yaml | 6 +++--- charts/argo-workflows/README.md | 5 +++-- .../templates/server/server-deployment.yaml | 3 +++ charts/argo-workflows/values.yaml | 16 +++++++--------- 4 files changed, 16 insertions(+), 14 deletions(-) diff --git a/charts/argo-workflows/Chart.yaml b/charts/argo-workflows/Chart.yaml index 85de8f7e5..3b1a60bd8 100644 --- a/charts/argo-workflows/Chart.yaml +++ b/charts/argo-workflows/Chart.yaml @@ -3,7 +3,7 @@ appVersion: v3.4.11 name: argo-workflows description: A Helm chart for Argo Workflows type: application -version: 0.33.3 +version: 0.34.0 icon: https://argoproj.github.io/argo-workflows/assets/logo.png home: https://github.com/argoproj/argo-helm sources: @@ -16,5 +16,5 @@ annotations: fingerprint: 2B8F22F57260EFA67BE1C5824B11F800CD9D2252 url: https://argoproj.github.io/argo-helm/pgp_keys.asc artifacthub.io/changes: | - - kind: fixed - description: Add HA docs and example + - kind: changed + description: Configure declarative server auth mode. diff --git a/charts/argo-workflows/README.md b/charts/argo-workflows/README.md index 732baecdd..d5485a589 100644 --- a/charts/argo-workflows/README.md +++ b/charts/argo-workflows/README.md @@ -256,6 +256,7 @@ Fields to note: | server.GKEmanagedCertificate.domains | list | `["argoworkflows.example.com"]` | Domains for the Google Managed Certificate | | server.GKEmanagedCertificate.enabled | bool | `false` | Enable ManagedCertificate custom resource for Google Kubernetes Engine. | | server.affinity | object | `{}` | Assign custom [affinity] rules | +| server.authMode | string | `""` | Auth Mode is available from `server` , `client` or `sso`. If you chose `sso` , please configure `.Values.server.sso` as well. | | server.autoscaling.behavior | object | `{}` | Configures the scaling behavior of the target in both Up and Down directions. This is only available on HPA apiVersion `autoscaling/v2beta2` and newer | | server.autoscaling.enabled | bool | `false` | Enable Horizontal Pod Autoscaler ([HPA]) for the Argo Server | | server.autoscaling.maxReplicas | int | `5` | Maximum number of replicas for the Argo Server [HPA] | @@ -267,7 +268,7 @@ Fields to note: | server.clusterWorkflowTemplates.enabled | bool | `true` | Create a ClusterRole and CRB for the server to access ClusterWorkflowTemplates. | | server.deploymentAnnotations | object | `{}` | optional map of annotations to be applied to the ui Deployment | | server.enabled | bool | `true` | Deploy the Argo Server | -| server.extraArgs | list | `[]` | Extra arguments to provide to the Argo server binary, such as for disabling authentication. | +| server.extraArgs | list | `[]` | Extra arguments to provide to the Argo server binary. | | server.extraContainers | list | `[]` | Extra containers to be added to the server deployment | | server.extraEnv | list | `[]` | Extra environment variables to provide to the argo-server container | | server.extraInitContainers | list | `[]` | Enables init containers to be added to the server deployment | @@ -315,7 +316,7 @@ Fields to note: | server.sso.clientSecret.key | string | `"client-secret"` | Key of a secret to retrieve the app OIDC client secret | | server.sso.clientSecret.name | string | `"argo-server-sso"` | Name of a secret to retrieve the app OIDC client secret | | server.sso.customGroupClaimName | string | `""` | Override claim name for OIDC groups | -| server.sso.enabled | bool | `false` | Create SSO configuration | +| server.sso.enabled | bool | `false` | Create SSO configuration. If you set `true` , please also set `.Values.server.authMode` as `sso`. | | server.sso.insecureSkipVerify | bool | `false` | Skip TLS verification for the HTTP client | | server.sso.issuer | string | `"https://accounts.google.com"` | The root URL of the OIDC identity provider | | server.sso.issuerAlias | string | `""` | Alternate root URLs that can be included for some OIDC providers | diff --git a/charts/argo-workflows/templates/server/server-deployment.yaml b/charts/argo-workflows/templates/server/server-deployment.yaml index b2e509677..cea885da7 100644 --- a/charts/argo-workflows/templates/server/server-deployment.yaml +++ b/charts/argo-workflows/templates/server/server-deployment.yaml @@ -52,6 +52,9 @@ spec: {{- with .Values.server.extraArgs }} {{- toYaml . | nindent 10 }} {{- end }} + {{- if .Values.server.authMode }} + - "--auth-mode={{ .Values.server.authMode }}" + {{- end }} - "--secure={{ .Values.server.secure }}" {{- if .Values.singleNamespace }} - "--namespaced" diff --git a/charts/argo-workflows/values.yaml b/charts/argo-workflows/values.yaml index d6d224646..1d1e60b85 100644 --- a/charts/argo-workflows/values.yaml +++ b/charts/argo-workflows/values.yaml @@ -522,14 +522,13 @@ server: # - name: FOO # value: "bar" - # -- Extra arguments to provide to the Argo server binary, such as for disabling authentication. + # -- Auth Mode is available from `server` , `client` or `sso`. If you chose `sso` , please configure `.Values.server.sso` as well. + ## Ref: https://argoproj.github.io/argo-workflows/argo-server-auth-mode/ + authMode: "" + + # -- Extra arguments to provide to the Argo server binary. + ## Ref: https://argoproj.github.io/argo-workflows/argo-server/#options extraArgs: [] - # If you want to disable authentication for purposes such as: - # - local dev-mode without authentication - # - gateway authentication through some other service such as KeyCloak - # uncomment the lines below and comment out the default empty list `extraArgs: []` above: - # extraArgs: - # - --auth-mode=server logging: # -- Set the logging level (one of: `debug`, `info`, `warn`, `error`) @@ -631,8 +630,7 @@ server: # SSO configuration when SSO is specified as a server auth mode. sso: - # -- Create SSO configuration - ## SSO is activated by adding --auth-mode=sso to the server command line. + # -- Create SSO configuration. If you set `true` , please also set `.Values.server.authMode` as `sso`. enabled: false # -- The root URL of the OIDC identity provider issuer: https://accounts.google.com From df9ee892b50b930e9ddd541b15298d7a59c80a4e Mon Sep 17 00:00:00 2001 From: Jason Meridth Date: Fri, 13 Oct 2023 16:59:02 -0500 Subject: [PATCH 280/373] chore(argo-workflows): Upgrade argo-workflows to 3.5.0 (#2228) Diff based on the rc1 branch currently here [3.4.10...3.5.0](https://github.com/argoproj/argo-workflows/compare/v3.4.10...v3.5.0) Signed-off-by: jmeridth --- charts/argo-workflows/Chart.yaml | 6 +++--- .../crds/argoproj.io_workflowtaskresults.yaml | 13 +++++++++++++ 2 files changed, 16 insertions(+), 3 deletions(-) diff --git a/charts/argo-workflows/Chart.yaml b/charts/argo-workflows/Chart.yaml index 3b1a60bd8..79c898f5a 100644 --- a/charts/argo-workflows/Chart.yaml +++ b/charts/argo-workflows/Chart.yaml @@ -1,9 +1,9 @@ apiVersion: v2 -appVersion: v3.4.11 +appVersion: v3.5.0 name: argo-workflows description: A Helm chart for Argo Workflows type: application -version: 0.34.0 +version: 0.35.0 icon: https://argoproj.github.io/argo-workflows/assets/logo.png home: https://github.com/argoproj/argo-helm sources: @@ -17,4 +17,4 @@ annotations: url: https://argoproj.github.io/argo-helm/pgp_keys.asc artifacthub.io/changes: | - kind: changed - description: Configure declarative server auth mode. + description: Upgrade to Argo Workflows v3.4.10 diff --git a/charts/argo-workflows/templates/crds/argoproj.io_workflowtaskresults.yaml b/charts/argo-workflows/templates/crds/argoproj.io_workflowtaskresults.yaml index e9bb93f69..861f1df8f 100644 --- a/charts/argo-workflows/templates/crds/argoproj.io_workflowtaskresults.yaml +++ b/charts/argo-workflows/templates/crds/argoproj.io_workflowtaskresults.yaml @@ -441,6 +441,8 @@ spec: type: object securityToken: type: string + useSDKCreds: + type: boolean required: - key type: object @@ -470,6 +472,17 @@ spec: type: object bucket: type: string + caSecret: + properties: + key: + type: string + name: + type: string + optional: + type: boolean + required: + - key + type: object createBucketIfNotPresent: properties: objectLocking: From 8c72bed7796333c6f50277b58987721f5f6d818b Mon Sep 17 00:00:00 2001 From: Koen van Zuijlen <8818390+kvanzuijlen@users.noreply.github.com> Date: Tue, 17 Oct 2023 17:40:33 +0200 Subject: [PATCH 281/373] feat(argo-workflows): Added commonLabels (#2300) --- charts/argo-workflows/Chart.yaml | 6 +++--- charts/argo-workflows/README.md | 1 + charts/argo-workflows/templates/_helpers.tpl | 3 +++ charts/argo-workflows/values.yaml | 3 +++ 4 files changed, 10 insertions(+), 3 deletions(-) diff --git a/charts/argo-workflows/Chart.yaml b/charts/argo-workflows/Chart.yaml index 79c898f5a..babc96c56 100644 --- a/charts/argo-workflows/Chart.yaml +++ b/charts/argo-workflows/Chart.yaml @@ -3,7 +3,7 @@ appVersion: v3.5.0 name: argo-workflows description: A Helm chart for Argo Workflows type: application -version: 0.35.0 +version: 0.36.0 icon: https://argoproj.github.io/argo-workflows/assets/logo.png home: https://github.com/argoproj/argo-helm sources: @@ -16,5 +16,5 @@ annotations: fingerprint: 2B8F22F57260EFA67BE1C5824B11F800CD9D2252 url: https://argoproj.github.io/argo-helm/pgp_keys.asc artifacthub.io/changes: | - - kind: changed - description: Upgrade to Argo Workflows v3.4.10 + - kind: added + description: added support for commonLabels diff --git a/charts/argo-workflows/README.md b/charts/argo-workflows/README.md index d5485a589..31582fc4d 100644 --- a/charts/argo-workflows/README.md +++ b/charts/argo-workflows/README.md @@ -108,6 +108,7 @@ Fields to note: |-----|------|---------|-------------| | apiVersionOverrides.autoscaling | string | `""` | String to override apiVersion of autoscaling rendered by this helm chart | | apiVersionOverrides.cloudgoogle | string | `""` | String to override apiVersion of GKE resources rendered by this helm chart | +| commonLabels | object | `{}` | Labels to set on all resources | | crds.annotations | object | `{}` | Annotations to be added to all CRDs | | crds.install | bool | `true` | Install and upgrade CRDs | | crds.keep | bool | `true` | Keep CRDs on chart uninstall | diff --git a/charts/argo-workflows/templates/_helpers.tpl b/charts/argo-workflows/templates/_helpers.tpl index f81e6fc45..0713264fb 100644 --- a/charts/argo-workflows/templates/_helpers.tpl +++ b/charts/argo-workflows/templates/_helpers.tpl @@ -79,6 +79,9 @@ helm.sh/chart: {{ include "argo-workflows.chart" .context }} {{ include "argo-workflows.selectorLabels" (dict "context" .context "component" .component "name" .name) }} app.kubernetes.io/managed-by: {{ .context.Release.Service }} app.kubernetes.io/part-of: argo-workflows +{{- with .context.Values.commonLabels }} +{{ toYaml .}} +{{- end }} {{- end }} {{/* diff --git a/charts/argo-workflows/values.yaml b/charts/argo-workflows/values.yaml index 1d1e60b85..8d98b37ea 100644 --- a/charts/argo-workflows/values.yaml +++ b/charts/argo-workflows/values.yaml @@ -26,6 +26,9 @@ nameOverride: # -- String to fully override "argo-workflows.fullname" template fullnameOverride: +# -- Labels to set on all resources +commonLabels: {} + # -- Override the Kubernetes version, which is used to evaluate certain manifests kubeVersionOverride: "" From 575ee244b23fa96b9dc3f118fb97f5a6c5f76863 Mon Sep 17 00:00:00 2001 From: Jonathan Raymond Date: Tue, 17 Oct 2023 17:53:16 -0600 Subject: [PATCH 282/373] fix(argo-workflows): add all crds to aggregate-roles template (#2301) fix: add all crds to aggregate-roles Signed-off-by: Jonathan Raymond --- charts/argo-workflows/Chart.yaml | 6 +++--- .../controller/workflow-aggregate-roles.yaml | 18 ++++++++++++++++++ 2 files changed, 21 insertions(+), 3 deletions(-) diff --git a/charts/argo-workflows/Chart.yaml b/charts/argo-workflows/Chart.yaml index babc96c56..c90d54460 100644 --- a/charts/argo-workflows/Chart.yaml +++ b/charts/argo-workflows/Chart.yaml @@ -3,7 +3,7 @@ appVersion: v3.5.0 name: argo-workflows description: A Helm chart for Argo Workflows type: application -version: 0.36.0 +version: 0.36.1 icon: https://argoproj.github.io/argo-workflows/assets/logo.png home: https://github.com/argoproj/argo-helm sources: @@ -16,5 +16,5 @@ annotations: fingerprint: 2B8F22F57260EFA67BE1C5824B11F800CD9D2252 url: https://argoproj.github.io/argo-helm/pgp_keys.asc artifacthub.io/changes: | - - kind: added - description: added support for commonLabels + - kind: fixed + description: added all crds to aggregate-roles diff --git a/charts/argo-workflows/templates/controller/workflow-aggregate-roles.yaml b/charts/argo-workflows/templates/controller/workflow-aggregate-roles.yaml index 977bb86be..ca2ae93e3 100644 --- a/charts/argo-workflows/templates/controller/workflow-aggregate-roles.yaml +++ b/charts/argo-workflows/templates/controller/workflow-aggregate-roles.yaml @@ -20,6 +20,12 @@ rules: - cronworkflows/finalizers - clusterworkflowtemplates - clusterworkflowtemplates/finalizers + - workflowtasksets + - workflowtasksets/finalizers + - workflowtaskresults + - workflowtaskresults/finalizers + - workflowartifactgctasks + - workflowartifactgctasks/finalizers verbs: - get - list @@ -46,6 +52,12 @@ rules: - cronworkflows/finalizers - clusterworkflowtemplates - clusterworkflowtemplates/finalizers + - workflowtasksets + - workflowtasksets/finalizers + - workflowtaskresults + - workflowtaskresults/finalizers + - workflowartifactgctasks + - workflowartifactgctasks/finalizers verbs: - create - delete @@ -79,6 +91,12 @@ rules: - cronworkflows/finalizers - clusterworkflowtemplates - clusterworkflowtemplates/finalizers + - workflowtasksets + - workflowtasksets/finalizers + - workflowtaskresults + - workflowtaskresults/finalizers + - workflowartifactgctasks + - workflowartifactgctasks/finalizers verbs: - create - delete From 579b91fde33ef8e469817a3507853d8fb8058632 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Sat, 21 Oct 2023 07:48:41 -0500 Subject: [PATCH 283/373] chore(deps): bump actions/checkout from 4.1.0 to 4.1.1 (#2304) --- .github/workflows/lint-and-test.yml | 4 ++-- .github/workflows/publish.yml | 2 +- .github/workflows/scorecard.yml | 2 +- 3 files changed, 4 insertions(+), 4 deletions(-) diff --git a/.github/workflows/lint-and-test.yml b/.github/workflows/lint-and-test.yml index 9ac90a30d..bd97afe96 100644 --- a/.github/workflows/lint-and-test.yml +++ b/.github/workflows/lint-and-test.yml @@ -13,7 +13,7 @@ jobs: options: --user 1001 steps: - name: Checkout - uses: actions/checkout@8ade135a41bc03ea155e62e844d188df1ea18608 # v4.1.0 + uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1 - name: Run ah lint working-directory: ./charts run: ah lint @@ -22,7 +22,7 @@ jobs: runs-on: ubuntu-latest steps: - name: Checkout - uses: actions/checkout@8ade135a41bc03ea155e62e844d188df1ea18608 # v4.1.0 + uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1 with: fetch-depth: 0 diff --git a/.github/workflows/publish.yml b/.github/workflows/publish.yml index 99f0698d0..9d3a170fb 100644 --- a/.github/workflows/publish.yml +++ b/.github/workflows/publish.yml @@ -18,7 +18,7 @@ jobs: runs-on: ubuntu-latest steps: - name: Checkout - uses: actions/checkout@8ade135a41bc03ea155e62e844d188df1ea18608 # v4.1.0 + uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1 with: fetch-depth: 0 diff --git a/.github/workflows/scorecard.yml b/.github/workflows/scorecard.yml index b1dc3b042..64dd515ae 100644 --- a/.github/workflows/scorecard.yml +++ b/.github/workflows/scorecard.yml @@ -33,7 +33,7 @@ jobs: steps: - name: "Checkout code" - uses: actions/checkout@8ade135a41bc03ea155e62e844d188df1ea18608 # v4.1.0 + uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1 with: persist-credentials: false From 14e2e32bedf186c088da0804c262298ca771bc2f Mon Sep 17 00:00:00 2001 From: Aikawa Date: Tue, 24 Oct 2023 19:06:28 +0900 Subject: [PATCH 284/373] chore(argo-workflows): Add sample of PostgreSQL ssl entries in values.yaml (#2307) Signed-off-by: yu-croco --- charts/argo-workflows/Chart.yaml | 6 +++--- charts/argo-workflows/values.yaml | 4 ++++ 2 files changed, 7 insertions(+), 3 deletions(-) diff --git a/charts/argo-workflows/Chart.yaml b/charts/argo-workflows/Chart.yaml index c90d54460..4b42b7a5c 100644 --- a/charts/argo-workflows/Chart.yaml +++ b/charts/argo-workflows/Chart.yaml @@ -3,7 +3,7 @@ appVersion: v3.5.0 name: argo-workflows description: A Helm chart for Argo Workflows type: application -version: 0.36.1 +version: 0.36.2 icon: https://argoproj.github.io/argo-workflows/assets/logo.png home: https://github.com/argoproj/argo-helm sources: @@ -16,5 +16,5 @@ annotations: fingerprint: 2B8F22F57260EFA67BE1C5824B11F800CD9D2252 url: https://argoproj.github.io/argo-helm/pgp_keys.asc artifacthub.io/changes: | - - kind: fixed - description: added all crds to aggregate-roles + - kind: added + description: Add sample of PostgreSQL ssl entries in values.yaml diff --git a/charts/argo-workflows/values.yaml b/charts/argo-workflows/values.yaml index 8d98b37ea..84cd8aef1 100644 --- a/charts/argo-workflows/values.yaml +++ b/charts/argo-workflows/values.yaml @@ -161,6 +161,10 @@ controller: # passwordSecret: # name: argo-postgres-config # key: password + # ssl: true + # # sslMode must be one of: disable, require, verify-ca, verify-full + # # you can find more information about those ssl options here: https://godoc.org/github.com/lib/pq + # sslMode: require # -- Default values that will apply to all Workflows from this controller, unless overridden on the Workflow-level. # Only valid for 2.7+ From a67424d0c43cf0231d77fb1e086fba0a686094f7 Mon Sep 17 00:00:00 2001 From: Ujin <592652+evgeniy-khatko@users.noreply.github.com> Date: Tue, 24 Oct 2023 08:34:49 -0400 Subject: [PATCH 285/373] feat(argo-workflows): Updated supported workers parameters (#2297) * feat(argo-workflows): Updated supported workers parameters Change ------ Based on argo-workflows [scaling documents](https://argoproj.github.io/argo-workflows/scaling/) it's possible to set following workers values: `--workflow-workers`, `--workflow-ttl-workers`, `--pod-cleanup-workers` and statring 3.5 `--cron-workflow-workers`. This change allows chart consumers to take advatage of _all_ these parameters. Testing ------- ``` helm upgrade argowf charts/argo-workflows -n argo --values charts/argo-workflows/values.yaml --create-namespace --debug | grep -A70 "Source: argo-workflows/templates/controller/workflow-controller-deployment.yaml" | grep workers helm upgrade argowf charts/argo-workflows -n argo --values charts/argo-workflows/values.yaml --create-namespace --debug | grep -A70 "Source: argo-workflows/templates/controller/workflow-controller-deployment.yaml" | grep -A1 workers - "--workflow-workers" - "10" helm upgrade argowf charts/argo-workflows -n argo --values charts/argo-workflows/values.yaml --create-namespace --debug | grep -A70 "Source: argo-workflows/templates/controller/workflow-controller-deployment.yaml" | grep -A1 workers - "--workflow-workers" - "10" - "--workflow-ttl-workers" - "20" helm upgrade argowf charts/argo-workflows -n argo --values charts/argo-workflows/values.yaml --create-namespace --debug | grep -A70 "Source: argo-workflows/templates/controller/workflow-controller-deployment.yaml" | grep -A1 workers - "--workflow-workers" - "10" - "--workflow-ttl-workers" - "20" - "--pod-cleanup-workers" - "30" helm upgrade argowf charts/argo-workflows -n argo --values charts/argo-workflows/values.yaml --create-namespace --debug | grep -A70 "Source: argo-workflows/templates/controller/workflow-controller-deployment.yaml" | grep -A1 workers - "--workflow-workers" - "10" - "--workflow-ttl-workers" - "20" - "--pod-cleanup-workers" - "30" - "--cron-workflow-workers" - "40" ``` Signed-off-by: Evgeny Khatko Signed-off-by: Evgeny Khatko * Addressing PR feedback. Signed-off-by: Evgeny Khatko * newline Signed-off-by: Tim Collins <45351296+tico24@users.noreply.github.com> * Update Chart.yaml Signed-off-by: Tim Collins <45351296+tico24@users.noreply.github.com> * Update Chart.yaml Signed-off-by: Tim Collins <45351296+tico24@users.noreply.github.com> --------- Signed-off-by: Evgeny Khatko Signed-off-by: Evgeny Khatko Signed-off-by: Tim Collins <45351296+tico24@users.noreply.github.com> Co-authored-by: Evgeny Khatko Co-authored-by: Tim Collins <45351296+tico24@users.noreply.github.com> --- charts/argo-workflows/Chart.yaml | 6 +++--- charts/argo-workflows/README.md | 3 +++ .../controller/workflow-controller-deployment.yaml | 12 ++++++++++++ charts/argo-workflows/values.yaml | 7 +++++++ 4 files changed, 25 insertions(+), 3 deletions(-) diff --git a/charts/argo-workflows/Chart.yaml b/charts/argo-workflows/Chart.yaml index 4b42b7a5c..44d16babd 100644 --- a/charts/argo-workflows/Chart.yaml +++ b/charts/argo-workflows/Chart.yaml @@ -3,7 +3,7 @@ appVersion: v3.5.0 name: argo-workflows description: A Helm chart for Argo Workflows type: application -version: 0.36.2 +version: 0.37.0 icon: https://argoproj.github.io/argo-workflows/assets/logo.png home: https://github.com/argoproj/argo-helm sources: @@ -16,5 +16,5 @@ annotations: fingerprint: 2B8F22F57260EFA67BE1C5824B11F800CD9D2252 url: https://argoproj.github.io/argo-helm/pgp_keys.asc artifacthub.io/changes: | - - kind: added - description: Add sample of PostgreSQL ssl entries in values.yaml + - kind: changed + description: Updated supported scaling parameters based on https://argoproj.github.io/argo-workflows/scaling/ diff --git a/charts/argo-workflows/README.md b/charts/argo-workflows/README.md index 31582fc4d..038111696 100644 --- a/charts/argo-workflows/README.md +++ b/charts/argo-workflows/README.md @@ -142,6 +142,7 @@ Fields to note: | controller.affinity | object | `{}` | Assign custom [affinity] rules | | controller.clusterWorkflowTemplates.enabled | bool | `true` | Create a ClusterRole and CRB for the controller to access ClusterWorkflowTemplates. | | controller.columns | list | `[]` | Configure Argo Server to show custom [columns] | +| controller.cronWorkflowWorkers | string | `nil` | Number of cron workflow workers Only valid for 3.5+ | | controller.deploymentAnnotations | object | `{}` | deploymentAnnotations is an optional map of annotations to be applied to the controller Deployment | | controller.extraArgs | list | `[]` | Extra arguments to be added to the controller | | controller.extraContainers | list | `[]` | Extra containers to be added to the controller deployment | @@ -182,6 +183,7 @@ Fields to note: | controller.pdb.enabled | bool | `false` | Configure [Pod Disruption Budget] for the controller pods | | controller.persistence | object | `{}` | enable persistence using postgres | | controller.podAnnotations | object | `{}` | podAnnotations is an optional map of annotations to be applied to the controller Pods | +| controller.podCleanupWorkers | string | `nil` | Number of pod cleanup workers | | controller.podGCDeleteDelayDuration | string | `5s` (Argo Workflows default) | The duration in seconds before the pods in the GC queue get deleted. A zero value indicates that the pods will be deleted immediately. | | controller.podGCGracePeriodSeconds | string | `30` seconds (Kubernetes default) | Specifies the duration in seconds before a terminating pod is forcefully killed. A zero value indicates that the pod will be forcefully terminated immediately. | | controller.podLabels | object | `{}` | Optional labels to add to the controller pods | @@ -221,6 +223,7 @@ Fields to note: | controller.workflowDefaults | object | `{}` | Default values that will apply to all Workflows from this controller, unless overridden on the Workflow-level. Only valid for 2.7+ | | controller.workflowNamespaces | list | `["default"]` | Specify all namespaces where this workflow controller instance will manage workflows. This controls where the service account and RBAC resources will be created. Only valid when singleNamespace is false. | | controller.workflowRestrictions | object | `{}` | Restricts the Workflows that the controller will process. Only valid for 2.9+ | +| controller.workflowTTLWorkers | string | `nil` | Number of workflow TTL workers | | controller.workflowWorkers | string | `nil` | Number of workflow workers | ### Workflow Main Container diff --git a/charts/argo-workflows/templates/controller/workflow-controller-deployment.yaml b/charts/argo-workflows/templates/controller/workflow-controller-deployment.yaml index c391bee80..132d7f8ce 100644 --- a/charts/argo-workflows/templates/controller/workflow-controller-deployment.yaml +++ b/charts/argo-workflows/templates/controller/workflow-controller-deployment.yaml @@ -60,6 +60,18 @@ spec: - "--workflow-workers" - {{ . | quote }} {{- end }} + {{- with .Values.controller.workflowTTLWorkers }} + - "--workflow-ttl-workers" + - {{ . | quote }} + {{- end }} + {{- with .Values.controller.podCleanupWorkers }} + - "--pod-cleanup-workers" + - {{ . | quote }} + {{- end }} + {{- with .Values.controller.cronWorkflowWorkers }} + - "--cron-workflow-workers" + - {{ . | quote }} + {{- end }} {{- with .Values.controller.extraArgs }} {{- toYaml . | nindent 10 }} {{- end }} diff --git a/charts/argo-workflows/values.yaml b/charts/argo-workflows/values.yaml index 84cd8aef1..cae5f749e 100644 --- a/charts/argo-workflows/values.yaml +++ b/charts/argo-workflows/values.yaml @@ -180,6 +180,13 @@ controller: # -- Number of workflow workers workflowWorkers: # 32 + # -- Number of workflow TTL workers + workflowTTLWorkers: # 4 + # -- Number of pod cleanup workers + podCleanupWorkers: # 4 + # -- Number of cron workflow workers + # Only valid for 3.5+ + cronWorkflowWorkers: # 8 # -- Restricts the Workflows that the controller will process. # Only valid for 2.9+ workflowRestrictions: {} From 804af65b38dd1c4a27a3df5fb478d18c126a6e24 Mon Sep 17 00:00:00 2001 From: Jason Meridth Date: Tue, 24 Oct 2023 07:39:37 -0500 Subject: [PATCH 286/373] fix(argo-rollouts): controller replicas count comparison (#2309) --- charts/argo-rollouts/Chart.yaml | 6 +++--- charts/argo-rollouts/templates/controller/deployment.yaml | 2 +- 2 files changed, 4 insertions(+), 4 deletions(-) diff --git a/charts/argo-rollouts/Chart.yaml b/charts/argo-rollouts/Chart.yaml index 457f76a09..ddc6582b7 100644 --- a/charts/argo-rollouts/Chart.yaml +++ b/charts/argo-rollouts/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v2 appVersion: v1.6.0 description: A Helm chart for Argo Rollouts name: argo-rollouts -version: 2.32.0 +version: 2.32.1 home: https://github.com/argoproj/argo-helm icon: https://argoproj.github.io/argo-rollouts/assets/logo.png keywords: @@ -18,5 +18,5 @@ annotations: fingerprint: 2B8F22F57260EFA67BE1C5824B11F800CD9D2252 url: https://argoproj.github.io/argo-helm/pgp_keys.asc artifacthub.io/changes: | - - kind: changed - description: Upgrade Argo Rollouts to v1.6.0 + - kind: fixed + description: Use integer instead of float for controller replicas diff --git a/charts/argo-rollouts/templates/controller/deployment.yaml b/charts/argo-rollouts/templates/controller/deployment.yaml index 966491c85..23dc14cbc 100644 --- a/charts/argo-rollouts/templates/controller/deployment.yaml +++ b/charts/argo-rollouts/templates/controller/deployment.yaml @@ -48,7 +48,7 @@ spec: {{- if not .Values.clusterInstall }} - --namespaced {{- end }} - {{- if gt .Values.controller.replicas 1.0 }} + {{- if gt (int .Values.controller.replicas) 1 }} - --leader-elect {{- end }} {{- with .Values.controller.extraArgs }} From a41b70b59cf2ff7e9495969e041d853c8e06ba0d Mon Sep 17 00:00:00 2001 From: gussan <83329336+toyamagu-2021@users.noreply.github.com> Date: Fri, 27 Oct 2023 18:43:52 +0900 Subject: [PATCH 287/373] feat(argo-cd): add terminationGracePeriodSeconds (#2310) Signed-off-by: toyamagu-2021 --- charts/argo-cd/Chart.yaml | 6 +++--- charts/argo-cd/README.md | 7 +++++++ .../statefulset.yaml | 3 +++ .../argocd-applicationset/deployment.yaml | 3 +++ .../argocd-notifications/deployment.yaml | 3 +++ .../argocd-repo-server/deployment.yaml | 3 +++ .../templates/argocd-server/deployment.yaml | 3 +++ charts/argo-cd/templates/dex/deployment.yaml | 3 +++ .../argo-cd/templates/redis/deployment.yaml | 3 +++ charts/argo-cd/values.yaml | 21 +++++++++++++++++++ 10 files changed, 52 insertions(+), 3 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index 5f4379441..7302ce5e1 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -3,7 +3,7 @@ appVersion: v2.8.4 kubeVersion: ">=1.23.0-0" description: A Helm chart for Argo CD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 5.46.8 +version: 5.47.0 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png sources: @@ -26,5 +26,5 @@ annotations: fingerprint: 2B8F22F57260EFA67BE1C5824B11F800CD9D2252 url: https://argoproj.github.io/argo-helm/pgp_keys.asc artifacthub.io/changes: | - - kind: fixed - description: Sync redis / redis-ha readOnlyRootFilesystem=true option from upstream. This was part of Argo CD 2.8.0. + - kind: added + description: add terminationGracePeriodSeconds diff --git a/charts/argo-cd/README.md b/charts/argo-cd/README.md index b2101038f..d870dbdc6 100644 --- a/charts/argo-cd/README.md +++ b/charts/argo-cd/README.md @@ -561,6 +561,7 @@ NAME: my-release | controller.serviceAccount.labels | object | `{}` | Labels applied to created service account | | controller.serviceAccount.name | string | `"argocd-application-controller"` | Service account name | | controller.statefulsetAnnotations | object | `{}` | Annotations for the application controller StatefulSet | +| controller.terminationGracePeriodSeconds | int | `30` | terminationGracePeriodSeconds for container lifecycle hook | | controller.tolerations | list | `[]` (defaults to global.tolerations) | [Tolerations] for use with node taints | | controller.topologySpreadConstraints | list | `[]` (defaults to global.topologySpreadConstraints) | Assign custom [TopologySpreadConstraints] rules to the application controller | | controller.volumeMounts | list | `[]` | Additional volumeMounts to the application controller main container | @@ -653,6 +654,7 @@ NAME: my-release | repoServer.serviceAccount.create | bool | `true` | Create repo server service account | | repoServer.serviceAccount.labels | object | `{}` | Labels applied to created service account | | repoServer.serviceAccount.name | string | `""` | Repo server service account name | +| repoServer.terminationGracePeriodSeconds | int | `30` | terminationGracePeriodSeconds for container lifecycle hook | | repoServer.tolerations | list | `[]` (defaults to global.tolerations) | [Tolerations] for use with node taints | | repoServer.topologySpreadConstraints | list | `[]` (defaults to global.topologySpreadConstraints) | Assign custom [TopologySpreadConstraints] rules to the repo server | | repoServer.useEphemeralHelmWorkingDir | bool | `true` | Toggle the usage of a ephemeral Helm working directory | @@ -807,6 +809,7 @@ NAME: my-release | server.serviceAccount.create | bool | `true` | Create server service account | | server.serviceAccount.labels | object | `{}` | Labels applied to created service account | | server.serviceAccount.name | string | `"argocd-server"` | Server service account name | +| server.terminationGracePeriodSeconds | int | `30` | terminationGracePeriodSeconds for container lifecycle hook | | server.tolerations | list | `[]` (defaults to global.tolerations) | [Tolerations] for use with node taints | | server.topologySpreadConstraints | list | `[]` (defaults to global.topologySpreadConstraints) | Assign custom [TopologySpreadConstraints] rules to the Argo CD server | | server.volumeMounts | list | `[]` | Additional volumeMounts to the server main container | @@ -915,6 +918,7 @@ server: | dex.servicePortHttp | int | `5556` | Service port for HTTP access | | dex.servicePortHttpName | string | `"http"` | Service port name for HTTP access | | dex.servicePortMetrics | int | `5558` | Service port for metrics access | +| dex.terminationGracePeriodSeconds | int | `30` | terminationGracePeriodSeconds for container lifecycle hook | | dex.tolerations | list | `[]` (defaults to global.tolerations) | [Tolerations] for use with node taints | | dex.topologySpreadConstraints | list | `[]` (defaults to global.topologySpreadConstraints) | Assign custom [TopologySpreadConstraints] rules to dex | | dex.volumeMounts | list | `[]` | Additional volumeMounts to the dex main container | @@ -986,6 +990,7 @@ server: | redis.serviceAccount.create | bool | `false` | Create a service account for the redis pod | | redis.serviceAccount.name | string | `""` | Service account name for redis pod | | redis.servicePort | int | `6379` | Redis service port | +| redis.terminationGracePeriodSeconds | int | `30` | terminationGracePeriodSeconds for container lifecycle hook | | redis.tolerations | list | `[]` (defaults to global.tolerations) | [Tolerations] for use with node taints | | redis.topologySpreadConstraints | list | `[]` (defaults to global.topologySpreadConstraints) | Assign custom [TopologySpreadConstraints] rules to redis | | redis.volumeMounts | list | `[]` | Additional volumeMounts to the redis container | @@ -1136,6 +1141,7 @@ If you want to use an existing Redis (eg. a managed service from a cloud provide | applicationSet.serviceAccount.create | bool | `true` | Create ApplicationSet controller service account | | applicationSet.serviceAccount.labels | object | `{}` | Labels applied to created service account | | applicationSet.serviceAccount.name | string | `"argocd-applicationset-controller"` | ApplicationSet controller service account name | +| applicationSet.terminationGracePeriodSeconds | int | `30` | terminationGracePeriodSeconds for container lifecycle hook | | applicationSet.tolerations | list | `[]` (defaults to global.tolerations) | [Tolerations] for use with node taints | | applicationSet.topologySpreadConstraints | list | `[]` (defaults to global.topologySpreadConstraints) | Assign custom [TopologySpreadConstraints] rules to the ApplicationSet controller | | applicationSet.webhook.ingress.annotations | object | `{}` | Additional ingress annotations | @@ -1214,6 +1220,7 @@ If you want to use an existing Redis (eg. a managed service from a cloud provide | notifications.serviceAccount.name | string | `"argocd-notifications-controller"` | Notification controller service account name | | notifications.subscriptions | list | `[]` | Contains centrally managed global application subscriptions | | notifications.templates | object | `{}` | The notification template is used to generate the notification content | +| notifications.terminationGracePeriodSeconds | int | `30` | terminationGracePeriodSeconds for container lifecycle hook | | notifications.tolerations | list | `[]` (defaults to global.tolerations) | [Tolerations] for use with node taints | | notifications.topologySpreadConstraints | list | `[]` (defaults to global.topologySpreadConstraints) | Assign custom [TopologySpreadConstraints] rules to the application controller | | notifications.triggers | object | `{}` | The trigger defines the condition when the notification should be sent | diff --git a/charts/argo-cd/templates/argocd-application-controller/statefulset.yaml b/charts/argo-cd/templates/argocd-application-controller/statefulset.yaml index 3583a2b72..31bce2993 100644 --- a/charts/argo-cd/templates/argocd-application-controller/statefulset.yaml +++ b/charts/argo-cd/templates/argocd-application-controller/statefulset.yaml @@ -52,6 +52,9 @@ spec: {{- with .Values.controller.priorityClassName | default .Values.global.priorityClassName }} priorityClassName: {{ . }} {{- end }} + {{- if .Values.controller.terminationGracePeriodSeconds }} + terminationGracePeriodSeconds: {{ .Values.controller.terminationGracePeriodSeconds }} + {{- end }} serviceAccountName: {{ include "argo-cd.controllerServiceAccountName" . }} containers: - args: diff --git a/charts/argo-cd/templates/argocd-applicationset/deployment.yaml b/charts/argo-cd/templates/argocd-applicationset/deployment.yaml index d8fb8cbc4..ed161d538 100644 --- a/charts/argo-cd/templates/argocd-applicationset/deployment.yaml +++ b/charts/argo-cd/templates/argocd-applicationset/deployment.yaml @@ -52,6 +52,9 @@ spec: {{- with .Values.applicationSet.priorityClassName | default .Values.global.priorityClassName }} priorityClassName: {{ . }} {{- end }} + {{- if .Values.applicationSet.terminationGracePeriodSeconds }} + terminationGracePeriodSeconds: {{ .Values.applicationSet.terminationGracePeriodSeconds }} + {{- end }} serviceAccountName: {{ include "argo-cd.applicationSetServiceAccountName" . }} containers: - name: {{ .Values.applicationSet.name }} diff --git a/charts/argo-cd/templates/argocd-notifications/deployment.yaml b/charts/argo-cd/templates/argocd-notifications/deployment.yaml index d2eca77f4..633e19432 100644 --- a/charts/argo-cd/templates/argocd-notifications/deployment.yaml +++ b/charts/argo-cd/templates/argocd-notifications/deployment.yaml @@ -51,6 +51,9 @@ spec: {{- with .Values.notifications.priorityClassName | default .Values.global.priorityClassName }} priorityClassName: {{ . }} {{- end }} + {{- if .Values.notifications.terminationGracePeriodSeconds }} + terminationGracePeriodSeconds: {{ .Values.notifications.terminationGracePeriodSeconds }} + {{- end }} serviceAccountName: {{ include "argo-cd.notificationsServiceAccountName" . }} containers: - name: {{ .Values.notifications.name }} diff --git a/charts/argo-cd/templates/argocd-repo-server/deployment.yaml b/charts/argo-cd/templates/argocd-repo-server/deployment.yaml index ea54e79d3..515984d7a 100755 --- a/charts/argo-cd/templates/argocd-repo-server/deployment.yaml +++ b/charts/argo-cd/templates/argocd-repo-server/deployment.yaml @@ -62,6 +62,9 @@ spec: {{- with .Values.repoServer.priorityClassName | default .Values.global.priorityClassName }} priorityClassName: {{ . }} {{- end }} + {{- if .Values.repoServer.terminationGracePeriodSeconds }} + terminationGracePeriodSeconds: {{ .Values.repoServer.terminationGracePeriodSeconds }} + {{- end }} serviceAccountName: {{ include "argo-cd.repoServerServiceAccountName" . }} containers: - name: {{ .Values.repoServer.name }} diff --git a/charts/argo-cd/templates/argocd-server/deployment.yaml b/charts/argo-cd/templates/argocd-server/deployment.yaml index e3f322cb2..983121a98 100755 --- a/charts/argo-cd/templates/argocd-server/deployment.yaml +++ b/charts/argo-cd/templates/argocd-server/deployment.yaml @@ -53,6 +53,9 @@ spec: {{- with .Values.server.priorityClassName | default .Values.global.priorityClassName }} priorityClassName: {{ . }} {{- end }} + {{- if .Values.server.terminationGracePeriodSeconds }} + terminationGracePeriodSeconds: {{ .Values.server.terminationGracePeriodSeconds }} + {{- end }} serviceAccountName: {{ include "argo-cd.serverServiceAccountName" . }} containers: - name: {{ .Values.server.name }} diff --git a/charts/argo-cd/templates/dex/deployment.yaml b/charts/argo-cd/templates/dex/deployment.yaml index abca6e142..9f782c8d6 100755 --- a/charts/argo-cd/templates/dex/deployment.yaml +++ b/charts/argo-cd/templates/dex/deployment.yaml @@ -55,6 +55,9 @@ spec: {{- with .Values.dex.priorityClassName | default .Values.global.priorityClassName }} priorityClassName: {{ . }} {{- end }} + {{- if .Values.dex.terminationGracePeriodSeconds }} + terminationGracePeriodSeconds: {{ .Values.dex.terminationGracePeriodSeconds }} + {{- end }} serviceAccountName: {{ template "argo-cd.dexServiceAccountName" . }} containers: - name: {{ .Values.dex.name }} diff --git a/charts/argo-cd/templates/redis/deployment.yaml b/charts/argo-cd/templates/redis/deployment.yaml index 419e5f316..3f272d027 100755 --- a/charts/argo-cd/templates/redis/deployment.yaml +++ b/charts/argo-cd/templates/redis/deployment.yaml @@ -48,6 +48,9 @@ spec: {{- with .Values.redis.priorityClassName | default .Values.global.priorityClassName }} priorityClassName: {{ . }} {{- end }} + {{- if .Values.redis.terminationGracePeriodSeconds }} + terminationGracePeriodSeconds: {{ .Values.redis.terminationGracePeriodSeconds }} + {{- end }} serviceAccountName: {{ include "argo-cd.redisServiceAccountName" . }} containers: - name: {{ .Values.redis.name }} diff --git a/charts/argo-cd/values.yaml b/charts/argo-cd/values.yaml index b029dfaab..0352ef2e8 100644 --- a/charts/argo-cd/values.yaml +++ b/charts/argo-cd/values.yaml @@ -731,6 +731,9 @@ controller: # -- Number of seconds after which the [probe] times out timeoutSeconds: 1 + # -- terminationGracePeriodSeconds for container lifecycle hook + terminationGracePeriodSeconds: 30 + # -- Priority class for the application controller pods # @default -- `""` (defaults to global.priorityClassName) priorityClassName: "" @@ -1074,6 +1077,9 @@ dex: # -- Number of seconds after which the [probe] times out timeoutSeconds: 1 + # -- terminationGracePeriodSeconds for container lifecycle hook + terminationGracePeriodSeconds: 30 + serviceAccount: # -- Create dex service account create: true @@ -1313,6 +1319,9 @@ redis: # topologyKey: topology.kubernetes.io/zone # whenUnsatisfiable: DoNotSchedule + # -- terminationGracePeriodSeconds for container lifecycle hook + terminationGracePeriodSeconds: 30 + serviceAccount: # -- Create a service account for the redis pod create: false @@ -1718,6 +1727,9 @@ server: # -- Number of seconds after which the [probe] times out timeoutSeconds: 1 + # -- terminationGracePeriodSeconds for container lifecycle hook + terminationGracePeriodSeconds: 30 + # -- Priority class for the Argo CD server pods # @default -- `""` (defaults to global.priorityClassName) priorityClassName: "" @@ -2261,6 +2273,9 @@ repoServer: # -- Number of seconds after which the [probe] times out timeoutSeconds: 1 + # -- terminationGracePeriodSeconds for container lifecycle hook + terminationGracePeriodSeconds: 30 + # -- [Node selector] # @default -- `{}` (defaults to global.nodeSelector) nodeSelector: {} @@ -2618,6 +2633,9 @@ applicationSet: # -- Minimum consecutive failures for the [probe] to be considered failed after having succeeded failureThreshold: 3 + # -- terminationGracePeriodSeconds for container lifecycle hook + terminationGracePeriodSeconds: 30 + # -- [Node selector] # @default -- `{}` (defaults to global.nodeSelector) nodeSelector: {} @@ -2931,6 +2949,9 @@ notifications: drop: - ALL + # -- terminationGracePeriodSeconds for container lifecycle hook + terminationGracePeriodSeconds: 30 + # -- [Node selector] # @default -- `{}` (defaults to global.nodeSelector) nodeSelector: {} From 9193d8592949969e7d05e24e066b77ada6a50b9e Mon Sep 17 00:00:00 2001 From: Aikawa Date: Sat, 28 Oct 2023 16:28:44 +0900 Subject: [PATCH 288/373] chore(argo-cd): Upgrade Argo CD to v2.8.5 (#2313) --- charts/argo-cd/Chart.yaml | 8 ++++---- .../templates/argocd-notifications/deployment.yaml | 8 +++++++- 2 files changed, 11 insertions(+), 5 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index 7302ce5e1..06de55fb3 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -1,9 +1,9 @@ apiVersion: v2 -appVersion: v2.8.4 +appVersion: v2.8.5 kubeVersion: ">=1.23.0-0" description: A Helm chart for Argo CD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 5.47.0 +version: 5.48.0 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png sources: @@ -26,5 +26,5 @@ annotations: fingerprint: 2B8F22F57260EFA67BE1C5824B11F800CD9D2252 url: https://argoproj.github.io/argo-helm/pgp_keys.asc artifacthub.io/changes: | - - kind: added - description: add terminationGracePeriodSeconds + - kind: changed + description: Upgrade Argo CD to v2.8.5 diff --git a/charts/argo-cd/templates/argocd-notifications/deployment.yaml b/charts/argo-cd/templates/argocd-notifications/deployment.yaml index 633e19432..edee786a4 100644 --- a/charts/argo-cd/templates/argocd-notifications/deployment.yaml +++ b/charts/argo-cd/templates/argocd-notifications/deployment.yaml @@ -78,13 +78,19 @@ spec: configMapKeyRef: key: notificationscontroller.log.level name: argocd-cmd-params-cm - optional: true + optional: true - name: ARGOCD_NOTIFICATIONS_CONTROLLER_LOGFORMAT valueFrom: configMapKeyRef: key: notificationscontroller.log.format name: argocd-cmd-params-cm optional: true + - name: ARGOCD_APPLICATION_NAMESPACES + valueFrom: + configMapKeyRef: + key: application.namespaces + name: argocd-cmd-params-cm + optional: true {{- with .Values.notifications.extraEnvFrom }} envFrom: {{- toYaml . | nindent 12 }} From 25d7b519bc7fc37d2820721cd648f3a3403d0e38 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Sat, 28 Oct 2023 14:21:37 +0200 Subject: [PATCH 289/373] chore(deps): bump ossf/scorecard-action from 2.3.0 to 2.3.1 (#2314) --- .github/workflows/scorecard.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/scorecard.yml b/.github/workflows/scorecard.yml index 64dd515ae..3273e72d6 100644 --- a/.github/workflows/scorecard.yml +++ b/.github/workflows/scorecard.yml @@ -38,7 +38,7 @@ jobs: persist-credentials: false - name: "Run analysis" - uses: ossf/scorecard-action@483ef80eb98fb506c348f7d62e28055e49fe2398 # v2.3.0 + uses: ossf/scorecard-action@0864cf19026789058feabb7e87baa5f140aac736 # v2.3.1 with: results_file: results.sarif results_format: sarif From 0cc17965301b838977c8b1cca2cbf86969c889a0 Mon Sep 17 00:00:00 2001 From: Petr Drastil Date: Mon, 30 Oct 2023 09:51:56 +0100 Subject: [PATCH 290/373] fix(argo-cd): Update Bitbucket SSH key (#2317) Signed-off-by: Petr Drastil --- charts/argo-cd/Chart.yaml | 4 ++-- charts/argo-cd/values.yaml | 2 +- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index 06de55fb3..ac473f030 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -3,7 +3,7 @@ appVersion: v2.8.5 kubeVersion: ">=1.23.0-0" description: A Helm chart for Argo CD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 5.48.0 +version: 5.48.1 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png sources: @@ -27,4 +27,4 @@ annotations: url: https://argoproj.github.io/argo-helm/pgp_keys.asc artifacthub.io/changes: | - kind: changed - description: Upgrade Argo CD to v2.8.5 + description: Update Bitbucket.org SSH key diff --git a/charts/argo-cd/values.yaml b/charts/argo-cd/values.yaml index 0352ef2e8..802e512ca 100644 --- a/charts/argo-cd/values.yaml +++ b/charts/argo-cd/values.yaml @@ -326,7 +326,7 @@ configs: [ssh.github.com]:443 ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABgQCj7ndNxQowgcQnjshcLrqPEiiphnt+VTTvDP6mHBL9j1aNUkY4Ue1gvwnGLVlOhGeYrnZaMgRK6+PKCUXaDbC7qtbW8gIkhL7aGCsOr/C56SJMy/BCZfxd1nWzAOxSDPgVsmerOBYfNqltV9/hWCqBywINIR+5dIg6JTJ72pcEpEjcYgXkE2YEFXV1JHnsKgbLWNlhScqb2UmyRkQyytRLtL+38TGxkxCflmO+5Z8CSSNY7GidjMIZ7Q4zMjA2n1nGrlTDkzwDCsw+wqFPGQA179cnfGWOWRVruj16z6XyvxvjJwbz0wQZ75XK5tKSb7FNyeIEs4TT4jk+S4dhPeAUC5y+bDYirYgM4GC7uEnztnZyaVWQ7B381AK4Qdrwt51ZqExKbQpTUNn+EjqoTwvqNj4kqx5QUCI0ThS/YkOxJCXmPUWZbhjpCg56i+2aB6CmK2JGhn57K5mj0MNdBXA4/WnwH6XoPWJzK5Nyu2zB3nAZp+S5hpQs+p1vN1/wsjk= bitbucket.org ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBPIQmuzMBuKdWeF4+a2sjSSpBK0iqitSQ+5BM9KhpexuGt20JpTVM7u5BDZngncgrqDMbWdxMWWOGtZ9UgbqgZE= bitbucket.org ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIIazEu89wgQZ4bqs3d63QSMzYVa0MuJ2e2gKTKqu+UUO - bitbucket.org ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAQEAubiN81eDcafrgMeLzaFPsw2kNvEcqTKl/VqLat/MaB33pZy0y3rJZtnqwR2qOOvbwKZYKiEO1O6VqNEBxKvJJelCq0dTXWT5pbO2gDXC6h6QDXCaHo6pOHGPUy+YBaGQRGuSusMEASYiWunYN0vCAI8QaXnWMXNMdFP3jHAJH0eDsoiGnLPBlBp4TNm6rYI74nMzgz3B9IikW4WVK+dc8KZJZWYjAuORU3jc1c/NPskD2ASinf8v3xnfXeukU0sJ5N6m5E8VLjObPEO+mN2t/FZTMZLiFqPWc/ALSqnMnnhwrNi2rbfg/rd/IpL8Le3pSBne8+seeFVBoGqzHM9yXw== + bitbucket.org ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABgQDQeJzhupRu0u0cdegZIa8e86EG2qOCsIsD1Xw0xSeiPDlCr7kq97NLmMbpKTX6Esc30NuoqEEHCuc7yWtwp8dI76EEEB1VqY9QJq6vk+aySyboD5QF61I/1WeTwu+deCbgKMGbUijeXhtfbxSxm6JwGrXrhBdofTsbKRUsrN1WoNgUa8uqN1Vx6WAJw1JHPhglEGGHea6QICwJOAr/6mrui/oB7pkaWKHj3z7d1IC4KWLtY47elvjbaTlkN04Kc/5LFEirorGYVbt15kAUlqGM65pk6ZBxtaO3+30LVlORZkxOh+LKL/BvbZ/iRNhItLqNyieoQj/uh/7Iv4uyH/cV/0b4WDSd3DptigWq84lJubb9t/DnZlrJazxyDCulTmKdOR7vs9gMTo+uoIrPSb8ScTtvw65+odKAlBj59dhnVp9zd7QUojOpXlL62Aw56U4oO+FALuevvMjiWeavKhJqlR7i5n9srYcrNV7ttmDw7kf/97P5zauIhxcjX+xHv4M= github.com ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBEmKSENjQEezOmxkZMy7opKgwFB9nkt5YRrYMjNuG5N87uRgg6CLrbo5wAdT/y6v0mKV0U2w0WZ2YB/++Tpockg= github.com ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIOMqqnkVzrm0SdG6UOoqKLsabgH5C9okWi0dh2l9GKJl github.com ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABgQCj7ndNxQowgcQnjshcLrqPEiiphnt+VTTvDP6mHBL9j1aNUkY4Ue1gvwnGLVlOhGeYrnZaMgRK6+PKCUXaDbC7qtbW8gIkhL7aGCsOr/C56SJMy/BCZfxd1nWzAOxSDPgVsmerOBYfNqltV9/hWCqBywINIR+5dIg6JTJ72pcEpEjcYgXkE2YEFXV1JHnsKgbLWNlhScqb2UmyRkQyytRLtL+38TGxkxCflmO+5Z8CSSNY7GidjMIZ7Q4zMjA2n1nGrlTDkzwDCsw+wqFPGQA179cnfGWOWRVruj16z6XyvxvjJwbz0wQZ75XK5tKSb7FNyeIEs4TT4jk+S4dhPeAUC5y+bDYirYgM4GC7uEnztnZyaVWQ7B381AK4Qdrwt51ZqExKbQpTUNn+EjqoTwvqNj4kqx5QUCI0ThS/YkOxJCXmPUWZbhjpCg56i+2aB6CmK2JGhn57K5mj0MNdBXA4/WnwH6XoPWJzK5Nyu2zB3nAZp+S5hpQs+p1vN1/wsjk= From 94c0a0a246771e0d1996de4759d3dba036407b27 Mon Sep 17 00:00:00 2001 From: Ilia Lazebnik Date: Mon, 30 Oct 2023 16:42:32 +0200 Subject: [PATCH 291/373] feat(argo-cd): add notification cluster role (#2315) * Add notification cluster role Signed-off-by: drfaust92 * Add notification cluster role Signed-off-by: drfaust92 * Add notification cluster role Signed-off-by: drfaust92 * Add notification cluster role Signed-off-by: drfaust92 --------- Signed-off-by: drfaust92 --- charts/argo-cd/Chart.yaml | 6 ++--- charts/argo-cd/README.md | 1 + .../argocd-notifications/clusterrole.yaml | 22 +++++++++++++++++++ .../clusterrolebinding.yaml | 16 ++++++++++++++ charts/argo-cd/values.yaml | 6 +++++ 5 files changed, 48 insertions(+), 3 deletions(-) create mode 100644 charts/argo-cd/templates/argocd-notifications/clusterrole.yaml create mode 100644 charts/argo-cd/templates/argocd-notifications/clusterrolebinding.yaml diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index ac473f030..eaa7c2c66 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -3,7 +3,7 @@ appVersion: v2.8.5 kubeVersion: ">=1.23.0-0" description: A Helm chart for Argo CD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 5.48.1 +version: 5.49.0 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png sources: @@ -26,5 +26,5 @@ annotations: fingerprint: 2B8F22F57260EFA67BE1C5824B11F800CD9D2252 url: https://argoproj.github.io/argo-helm/pgp_keys.asc artifacthub.io/changes: | - - kind: changed - description: Update Bitbucket.org SSH key + - kind: added + description: Add notification cluster role support diff --git a/charts/argo-cd/README.md b/charts/argo-cd/README.md index d870dbdc6..e0e250256 100644 --- a/charts/argo-cd/README.md +++ b/charts/argo-cd/README.md @@ -1160,6 +1160,7 @@ If you want to use an existing Redis (eg. a managed service from a cloud provide |-----|------|---------|-------------| | notifications.affinity | object | `{}` (defaults to global.affinity preset) | Assign custom [affinity] rules | | notifications.argocdUrl | string | `nil` | Argo CD dashboard url; used in place of {{.context.argocdUrl}} in templates | +| notifications.clusterRoleRules.rules | list | `[]` | List of custom rules for the notifications controller's ClusterRole resource | | notifications.cm.create | bool | `true` | Whether helm chart creates notifications controller config map | | notifications.containerPorts.metrics | int | `9001` | Metrics container port | | notifications.containerSecurityContext | object | See [values.yaml] | Notification controller container-level security Context | diff --git a/charts/argo-cd/templates/argocd-notifications/clusterrole.yaml b/charts/argo-cd/templates/argocd-notifications/clusterrole.yaml new file mode 100644 index 000000000..1d2e0fd7f --- /dev/null +++ b/charts/argo-cd/templates/argocd-notifications/clusterrole.yaml @@ -0,0 +1,22 @@ +{{- if .Values.createClusterRoles }} +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRole +metadata: + name: {{ include "argo-cd.notifications.fullname" . }} + labels: + {{- include "argo-cd.labels" (dict "context" . "component" .Values.notifications.name "name" .Values.notifications.name) | nindent 4 }} +rules: + {{- with .Values.notifications.clusterRoleRules.rules }} + {{- toYaml . | nindent 2 }} + {{- end }} + - apiGroups: + - "argoproj.io" + resources: + - "applications" + verbs: + - get + - list + - watch + - update + - patch +{{- end }} diff --git a/charts/argo-cd/templates/argocd-notifications/clusterrolebinding.yaml b/charts/argo-cd/templates/argocd-notifications/clusterrolebinding.yaml new file mode 100644 index 000000000..1b47bf123 --- /dev/null +++ b/charts/argo-cd/templates/argocd-notifications/clusterrolebinding.yaml @@ -0,0 +1,16 @@ +{{- if .Values.createClusterRoles }} +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRoleBinding +metadata: + name: {{ include "argo-cd.notifications.fullname" . }} + labels: + {{- include "argo-cd.labels" (dict "context" . "component" .Values.notifications.name "name" .Values.notifications.name) | nindent 4 }} +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: ClusterRole + name: {{ include "argo-cd.notifications.fullname" . }} +subjects: +- kind: ServiceAccount + name: {{ include "argo-cd.notificationsServiceAccountName" . }} + namespace: {{ .Release.Namespace }} +{{- end }} diff --git a/charts/argo-cd/values.yaml b/charts/argo-cd/values.yaml index 802e512ca..4ec932224 100644 --- a/charts/argo-cd/values.yaml +++ b/charts/argo-cd/values.yaml @@ -2997,6 +2997,12 @@ notifications: # -- Whether helm chart creates notifications controller config map create: true + ## Enable this and set the rules: to whatever custom rules you want for the Cluster Role resource. + ## Defaults to off + clusterRoleRules: + # -- List of custom rules for the notifications controller's ClusterRole resource + rules: [] + # -- Contains centrally managed global application subscriptions ## For more information: https://argocd-notifications.readthedocs.io/en/stable/subscriptions/ subscriptions: [] From 4f5c75fbc7513d0359e11208e24df51474493686 Mon Sep 17 00:00:00 2001 From: Jason Meridth Date: Mon, 30 Oct 2023 12:42:39 -0500 Subject: [PATCH 292/373] fix(argo-rollouts): Update AnalysisRun CRD to match upstream (#2320) --- charts/argo-rollouts/Chart.yaml | 4 +- .../templates/crds/analysis-run-crd.yaml | 51 ++++++++++++++++++- 2 files changed, 51 insertions(+), 4 deletions(-) diff --git a/charts/argo-rollouts/Chart.yaml b/charts/argo-rollouts/Chart.yaml index ddc6582b7..6d343fdce 100644 --- a/charts/argo-rollouts/Chart.yaml +++ b/charts/argo-rollouts/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v2 appVersion: v1.6.0 description: A Helm chart for Argo Rollouts name: argo-rollouts -version: 2.32.1 +version: 2.32.2 home: https://github.com/argoproj/argo-helm icon: https://argoproj.github.io/argo-rollouts/assets/logo.png keywords: @@ -19,4 +19,4 @@ annotations: url: https://argoproj.github.io/argo-helm/pgp_keys.asc artifacthub.io/changes: | - kind: fixed - description: Use integer instead of float for controller replicas + description: Update AnalysisRun CRD to match upstream diff --git a/charts/argo-rollouts/templates/crds/analysis-run-crd.yaml b/charts/argo-rollouts/templates/crds/analysis-run-crd.yaml index 7324e908c..1dddfa7dc 100644 --- a/charts/argo-rollouts/templates/crds/analysis-run-crd.yaml +++ b/charts/argo-rollouts/templates/crds/analysis-run-crd.yaml @@ -189,13 +189,22 @@ spec: datadog: properties: apiVersion: + default: v1 + enum: + - v1 + - v2 + type: string + formula: type: string interval: + default: 5m type: string + queries: + additionalProperties: + type: string + type: object query: type: string - required: - - query type: object graphite: properties: @@ -2809,6 +2818,19 @@ spec: type: string authentication: properties: + oauth2: + properties: + clientId: + type: string + clientSecret: + type: string + scopes: + items: + type: string + type: array + tokenUrl: + type: string + type: object sigv4: properties: profile: @@ -2857,6 +2879,31 @@ spec: type: object web: properties: + authentication: + properties: + oauth2: + properties: + clientId: + type: string + clientSecret: + type: string + scopes: + items: + type: string + type: array + tokenUrl: + type: string + type: object + sigv4: + properties: + profile: + type: string + region: + type: string + roleArn: + type: string + type: object + type: object body: type: string headers: From 2eb537dde00f9bc6d250ea349ad85a709565cce0 Mon Sep 17 00:00:00 2001 From: Jason Meridth Date: Tue, 31 Oct 2023 12:21:05 -0500 Subject: [PATCH 293/373] fix(github): update chart testing action due to failure (#2324) Getting failure when running chart testing action pulling v2.0.0 from sigstore Updating action to see if this helps Signed-off-by: jmeridth --- .github/workflows/lint-and-test.yml | 4 ++-- scripts/lint.sh | 2 +- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/.github/workflows/lint-and-test.yml b/.github/workflows/lint-and-test.yml index bd97afe96..b6da136fd 100644 --- a/.github/workflows/lint-and-test.yml +++ b/.github/workflows/lint-and-test.yml @@ -38,10 +38,10 @@ jobs: - name: Setup Chart Linting id: lint - uses: helm/chart-testing-action@e8788873172cb653a90ca2e819d79d65a66d4e76 # v2.4.0 + uses: helm/chart-testing-action@b43128a8b25298e1e7b043b78ea6613844e079b1 # v2.6.0 with: # Note: Also update in scripts/lint.sh - version: v3.7.1 + version: v3.10.0 - name: List changed charts id: list-changed diff --git a/scripts/lint.sh b/scripts/lint.sh index b44a6cee4..6061adb5f 100755 --- a/scripts/lint.sh +++ b/scripts/lint.sh @@ -9,7 +9,7 @@ echo -e "\n-- Linting all Helm Charts --\n" docker run \ -v "$SRCROOT:/workdir" \ --entrypoint /bin/sh \ - quay.io/helmpack/chart-testing:v3.7.1 \ + quay.io/helmpack/chart-testing:v3.10.0 \ -c cd /workdir \ ct lint \ --config .github/configs/ct-lint.yaml \ From 733d84a42398cc1a1a6dea8bf75b2a7a2bf3101f Mon Sep 17 00:00:00 2001 From: Tim Collins <45351296+tico24@users.noreply.github.com> Date: Tue, 31 Oct 2023 17:48:55 +0000 Subject: [PATCH 294/373] chore(argo-cd): Upgrade Argo CD to v2.8.6 (#2323) * chore(argo-cd): Upgrade Argo CD to v2.8.6 Signed-off-by: Tim Collins * fix: drop unrecognized helm timeout Signed-off-by: jmeridth --------- Signed-off-by: Tim Collins Signed-off-by: Jason Meridth Signed-off-by: jmeridth Co-authored-by: Jason Meridth --- .github/configs/ct-lint.yaml | 1 - charts/argo-cd/Chart.yaml | 8 ++++---- 2 files changed, 4 insertions(+), 5 deletions(-) diff --git a/.github/configs/ct-lint.yaml b/.github/configs/ct-lint.yaml index 1e66067aa..99cb8b3ce 100644 --- a/.github/configs/ct-lint.yaml +++ b/.github/configs/ct-lint.yaml @@ -7,7 +7,6 @@ chart-dirs: - charts chart-repos: - dandydeveloper=https://dandydeveloper.github.io/charts/ -helm-extra-args: "--timeout 600s" validate-chart-schema: false validate-maintainers: true validate-yaml: true diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index eaa7c2c66..8114ee707 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -1,9 +1,9 @@ apiVersion: v2 -appVersion: v2.8.5 +appVersion: v2.8.6 kubeVersion: ">=1.23.0-0" description: A Helm chart for Argo CD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 5.49.0 +version: 5.50.0 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png sources: @@ -26,5 +26,5 @@ annotations: fingerprint: 2B8F22F57260EFA67BE1C5824B11F800CD9D2252 url: https://argoproj.github.io/argo-helm/pgp_keys.asc artifacthub.io/changes: | - - kind: added - description: Add notification cluster role support + - kind: changed + description: Upgrade Argo CD to v2.8.6 From 4afebb25f60aeeadb7c4365ab2fc1824185d0aa8 Mon Sep 17 00:00:00 2001 From: Denis Kadyshev Date: Thu, 2 Nov 2023 16:43:50 +0700 Subject: [PATCH 295/373] fix(argo-cd): Create notifications clusterrole and clusterrolebinding when enabled (#2326) * Create clusterrole for nitifications only when notifications enabled Signed-off-by: Denis Kadyshev * Create clusterrolebinding for nitifications only when notifications enbaled Signed-off-by: Denis Kadyshev * Bump version in Chart.yaml Signed-off-by: Denis Kadyshev * Update Chart.yaml Signed-off-by: Denis Kadyshev * Update Chart.yaml Signed-off-by: Denis Kadyshev --------- Signed-off-by: Denis Kadyshev --- charts/argo-cd/Chart.yaml | 6 +++--- .../argo-cd/templates/argocd-notifications/clusterrole.yaml | 2 +- .../templates/argocd-notifications/clusterrolebinding.yaml | 2 +- 3 files changed, 5 insertions(+), 5 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index 8114ee707..d986c987a 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -3,7 +3,7 @@ appVersion: v2.8.6 kubeVersion: ">=1.23.0-0" description: A Helm chart for Argo CD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 5.50.0 +version: 5.50.1 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png sources: @@ -26,5 +26,5 @@ annotations: fingerprint: 2B8F22F57260EFA67BE1C5824B11F800CD9D2252 url: https://argoproj.github.io/argo-helm/pgp_keys.asc artifacthub.io/changes: | - - kind: changed - description: Upgrade Argo CD to v2.8.6 + - kind: fixed + description: Create notifications clusterrole and clusterrolebinding when enabled diff --git a/charts/argo-cd/templates/argocd-notifications/clusterrole.yaml b/charts/argo-cd/templates/argocd-notifications/clusterrole.yaml index 1d2e0fd7f..927d30a05 100644 --- a/charts/argo-cd/templates/argocd-notifications/clusterrole.yaml +++ b/charts/argo-cd/templates/argocd-notifications/clusterrole.yaml @@ -1,4 +1,4 @@ -{{- if .Values.createClusterRoles }} +{{- if and .Values.notifications.enabled .Values.createClusterRoles }} apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRole metadata: diff --git a/charts/argo-cd/templates/argocd-notifications/clusterrolebinding.yaml b/charts/argo-cd/templates/argocd-notifications/clusterrolebinding.yaml index 1b47bf123..3dba71a2f 100644 --- a/charts/argo-cd/templates/argocd-notifications/clusterrolebinding.yaml +++ b/charts/argo-cd/templates/argocd-notifications/clusterrolebinding.yaml @@ -1,4 +1,4 @@ -{{- if .Values.createClusterRoles }} +{{- if and .Values.notifications.enabled .Values.createClusterRoles }} apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRoleBinding metadata: From d170cdb2df6c9a78fff7f7ec3240be7cf046afea Mon Sep 17 00:00:00 2001 From: Max! Date: Fri, 3 Nov 2023 21:39:05 +0100 Subject: [PATCH 296/373] fix(argo-workflows): Fix outdated URL in values.yaml comments (#2328) * fix outdated link branch link Branch was renamed prior, redirects to main now Signed-off-by: Max! * Update Chart.yaml Signed-off-by: Max! * add to changelog Signed-off-by: Max! --------- Signed-off-by: Max! --- charts/argo-workflows/Chart.yaml | 4 +++- charts/argo-workflows/values.yaml | 2 +- 2 files changed, 4 insertions(+), 2 deletions(-) diff --git a/charts/argo-workflows/Chart.yaml b/charts/argo-workflows/Chart.yaml index 44d16babd..53d392c21 100644 --- a/charts/argo-workflows/Chart.yaml +++ b/charts/argo-workflows/Chart.yaml @@ -3,7 +3,7 @@ appVersion: v3.5.0 name: argo-workflows description: A Helm chart for Argo Workflows type: application -version: 0.37.0 +version: 0.37.1 icon: https://argoproj.github.io/argo-workflows/assets/logo.png home: https://github.com/argoproj/argo-helm sources: @@ -18,3 +18,5 @@ annotations: artifacthub.io/changes: | - kind: changed description: Updated supported scaling parameters based on https://argoproj.github.io/argo-workflows/scaling/ + - kind: changed + description: Updated a url in values.yaml comments. diff --git a/charts/argo-workflows/values.yaml b/charts/argo-workflows/values.yaml index cae5f749e..8d3c830de 100644 --- a/charts/argo-workflows/values.yaml +++ b/charts/argo-workflows/values.yaml @@ -124,7 +124,7 @@ controller: # -- Service metrics port name servicePortName: metrics # -- ServiceMonitor relabel configs to apply to samples before scraping - ## Ref: https://github.com/prometheus-operator/prometheus-operator/blob/master/Documentation/api.md#relabelconfig + ## Ref: https://github.com/prometheus-operator/prometheus-operator/blob/main/Documentation/api.md#relabelconfig relabelings: [] # -- ServiceMonitor metric relabel configs to apply to samples before ingestion ## Ref: https://github.com/prometheus-operator/prometheus-operator/blob/main/Documentation/api.md#endpoint From a98dd96059a3c49c587ec56deba028642ac7f9ca Mon Sep 17 00:00:00 2001 From: Aikawa Date: Sat, 4 Nov 2023 14:57:43 +0900 Subject: [PATCH 297/373] chore(argo-workflows): Upgrade Argo Workflows to v3.5.1 (#2329) Signed-off-by: yu-croco --- charts/argo-workflows/Chart.yaml | 8 +++----- 1 file changed, 3 insertions(+), 5 deletions(-) diff --git a/charts/argo-workflows/Chart.yaml b/charts/argo-workflows/Chart.yaml index 53d392c21..aa941d422 100644 --- a/charts/argo-workflows/Chart.yaml +++ b/charts/argo-workflows/Chart.yaml @@ -1,9 +1,9 @@ apiVersion: v2 -appVersion: v3.5.0 +appVersion: v3.5.1 name: argo-workflows description: A Helm chart for Argo Workflows type: application -version: 0.37.1 +version: 0.38.0 icon: https://argoproj.github.io/argo-workflows/assets/logo.png home: https://github.com/argoproj/argo-helm sources: @@ -17,6 +17,4 @@ annotations: url: https://argoproj.github.io/argo-helm/pgp_keys.asc artifacthub.io/changes: | - kind: changed - description: Updated supported scaling parameters based on https://argoproj.github.io/argo-workflows/scaling/ - - kind: changed - description: Updated a url in values.yaml comments. + description: Upgrade Argo Workflows to v3.5.1 From 16f4c26e9cca37f3354056ae6d581bc74adf8c0c Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Sat, 4 Nov 2023 06:42:32 -0500 Subject: [PATCH 298/373] chore(deps): bump amannn/action-semantic-pull-request from 5.3.0 to 5.4.0 (#2330) chore(deps): bump amannn/action-semantic-pull-request Bumps [amannn/action-semantic-pull-request](https://github.com/amannn/action-semantic-pull-request) from 5.3.0 to 5.4.0. - [Release notes](https://github.com/amannn/action-semantic-pull-request/releases) - [Changelog](https://github.com/amannn/action-semantic-pull-request/blob/main/CHANGELOG.md) - [Commits](https://github.com/amannn/action-semantic-pull-request/compare/47b15d52c5c30e94a17ec87eb8dd51ff5221fed9...e9fabac35e210fea40ca5b14c0da95a099eff26f) --- updated-dependencies: - dependency-name: amannn/action-semantic-pull-request dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> --- .github/workflows/pr-title.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/pr-title.yml b/.github/workflows/pr-title.yml index be77f1aef..256b1c382 100644 --- a/.github/workflows/pr-title.yml +++ b/.github/workflows/pr-title.yml @@ -19,7 +19,7 @@ jobs: name: Validate PR title runs-on: ubuntu-latest steps: - - uses: amannn/action-semantic-pull-request@47b15d52c5c30e94a17ec87eb8dd51ff5221fed9 # v5.3.0 + - uses: amannn/action-semantic-pull-request@e9fabac35e210fea40ca5b14c0da95a099eff26f # v5.4.0 env: GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} with: From 9f8f48386923bd7d7086798be709b3267f99f247 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Sat, 4 Nov 2023 06:43:58 -0500 Subject: [PATCH 299/373] chore(deps): bump helm/chart-releaser-action from 1.5.0 to 1.6.0 (#2331) Bumps [helm/chart-releaser-action](https://github.com/helm/chart-releaser-action) from 1.5.0 to 1.6.0. - [Release notes](https://github.com/helm/chart-releaser-action/releases) - [Commits](https://github.com/helm/chart-releaser-action/compare/be16258da8010256c6e82849661221415f031968...a917fd15b20e8b64b94d9158ad54cd6345335584) --- updated-dependencies: - dependency-name: helm/chart-releaser-action dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> --- .github/workflows/publish.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/publish.yml b/.github/workflows/publish.yml index 9d3a170fb..7c0e768be 100644 --- a/.github/workflows/publish.yml +++ b/.github/workflows/publish.yml @@ -58,7 +58,7 @@ jobs: PGP_PASSPHRASE: "${{ secrets.PGP_PASSPHRASE }}" - name: Run chart-releaser - uses: helm/chart-releaser-action@be16258da8010256c6e82849661221415f031968 # v1.5.0 + uses: helm/chart-releaser-action@a917fd15b20e8b64b94d9158ad54cd6345335584 # v1.6.0 with: config: "./.github/configs/cr.yaml" env: From 8b17cdf924a047fb8b7c6aa819f87dbae7477492 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Sat, 4 Nov 2023 06:46:02 -0500 Subject: [PATCH 300/373] chore(deps): bump helm/chart-testing-action from 2.6.0 to 2.6.1 (#2332) Bumps [helm/chart-testing-action](https://github.com/helm/chart-testing-action) from 2.6.0 to 2.6.1. - [Release notes](https://github.com/helm/chart-testing-action/releases) - [Commits](https://github.com/helm/chart-testing-action/compare/b43128a8b25298e1e7b043b78ea6613844e079b1...e6669bcd63d7cb57cb4380c33043eebe5d111992) --- updated-dependencies: - dependency-name: helm/chart-testing-action dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> --- .github/workflows/lint-and-test.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/lint-and-test.yml b/.github/workflows/lint-and-test.yml index b6da136fd..c2102b61d 100644 --- a/.github/workflows/lint-and-test.yml +++ b/.github/workflows/lint-and-test.yml @@ -38,7 +38,7 @@ jobs: - name: Setup Chart Linting id: lint - uses: helm/chart-testing-action@b43128a8b25298e1e7b043b78ea6613844e079b1 # v2.6.0 + uses: helm/chart-testing-action@e6669bcd63d7cb57cb4380c33043eebe5d111992 # v2.6.1 with: # Note: Also update in scripts/lint.sh version: v3.10.0 From f634cf6e9c35458756a7a3b74e83a8c7c14398a8 Mon Sep 17 00:00:00 2001 From: Petr Drastil Date: Mon, 6 Nov 2023 13:54:34 +0100 Subject: [PATCH 301/373] feat(argo-cd): Upgrade Argo CD to 2.9.0 (#2318) Signed-off-by: Petr Drastil --- charts/argo-cd/Chart.yaml | 8 +- .../argocd-applicationset/deployment.yaml | 12 + .../argocd-repo-server/deployment.yaml | 12 + .../templates/argocd-server/clusterrole.yaml | 1 + .../templates/crds/crd-application.yaml | 389 ++++- .../templates/crds/crd-applicationset.yaml | 1495 ++++++++++++++++- 6 files changed, 1895 insertions(+), 22 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index d986c987a..fa544effc 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -1,9 +1,9 @@ apiVersion: v2 -appVersion: v2.8.6 +appVersion: v2.9.0 kubeVersion: ">=1.23.0-0" description: A Helm chart for Argo CD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 5.50.1 +version: 5.51.0 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png sources: @@ -26,5 +26,5 @@ annotations: fingerprint: 2B8F22F57260EFA67BE1C5824B11F800CD9D2252 url: https://argoproj.github.io/argo-helm/pgp_keys.asc artifacthub.io/changes: | - - kind: fixed - description: Create notifications clusterrole and clusterrolebinding when enabled + - kind: changed + description: Upgrade Argo CD to v2.9.0 diff --git a/charts/argo-cd/templates/argocd-applicationset/deployment.yaml b/charts/argo-cd/templates/argocd-applicationset/deployment.yaml index ed161d538..b704650ae 100644 --- a/charts/argo-cd/templates/argocd-applicationset/deployment.yaml +++ b/charts/argo-cd/templates/argocd-applicationset/deployment.yaml @@ -90,6 +90,18 @@ spec: valueFrom: fieldRef: fieldPath: metadata.namespace + - name: ARGOCD_APPLICATIONSET_CONTROLLER_GLOBAL_PRESERVED_ANNOTATIONS + valueFrom: + configMapKeyRef: + key: applicationsetcontroller.global.preserved.annotations + name: argocd-cmd-params-cm + optional: true + - name: ARGOCD_APPLICATIONSET_CONTROLLER_GLOBAL_PRESERVED_LABELS + valueFrom: + configMapKeyRef: + key: applicationsetcontroller.global.preserved.labels + name: argocd-cmd-params-cm + optional: true - name: ARGOCD_APPLICATIONSET_CONTROLLER_ENABLE_LEADER_ELECTION valueFrom: configMapKeyRef: diff --git a/charts/argo-cd/templates/argocd-repo-server/deployment.yaml b/charts/argo-cd/templates/argocd-repo-server/deployment.yaml index 515984d7a..90941428e 100755 --- a/charts/argo-cd/templates/argocd-repo-server/deployment.yaml +++ b/charts/argo-cd/templates/argocd-repo-server/deployment.yaml @@ -231,6 +231,18 @@ spec: key: reposerver.streamed.manifest.max.extracted.size name: argocd-cmd-params-cm optional: true + - name: ARGOCD_REPO_SERVER_HELM_MANIFEST_MAX_EXTRACTED_SIZE + valueFrom: + configMapKeyRef: + key: reposerver.helm.manifest.max.extracted.size + name: argocd-cmd-params-cm + optional: true + - name: ARGOCD_REPO_SERVER_DISABLE_HELM_MANIFEST_MAX_EXTRACTED_SIZE + valueFrom: + configMapKeyRef: + name: argocd-cmd-params-cm + key: reposerver.disable.helm.manifest.max.extracted.size + optional: true - name: ARGOCD_GIT_MODULES_ENABLED valueFrom: configMapKeyRef: diff --git a/charts/argo-cd/templates/argocd-server/clusterrole.yaml b/charts/argo-cd/templates/argocd-server/clusterrole.yaml index 838016fa0..44d50515c 100644 --- a/charts/argo-cd/templates/argocd-server/clusterrole.yaml +++ b/charts/argo-cd/templates/argocd-server/clusterrole.yaml @@ -40,6 +40,7 @@ rules: - argoproj.io resources: - applications + - applicationsets verbs: - get - list diff --git a/charts/argo-cd/templates/crds/crd-application.yaml b/charts/argo-cd/templates/crds/crd-application.yaml index b4d13a15e..034015741 100644 --- a/charts/argo-cd/templates/crds/crd-application.yaml +++ b/charts/argo-cd/templates/crds/crd-application.yaml @@ -359,6 +359,37 @@ spec: description: Namespace sets the namespace that Kustomize adds to all resources type: string + patches: + description: Patches is a list of Kustomize patches + items: + properties: + options: + additionalProperties: + type: boolean + type: object + patch: + type: string + path: + type: string + target: + properties: + annotationSelector: + type: string + group: + type: string + kind: + type: string + labelSelector: + type: string + name: + type: string + namespace: + type: string + version: + type: string + type: object + type: object + type: array replicas: description: Replicas is a list of Kustomize Replicas override specifications @@ -657,6 +688,37 @@ spec: description: Namespace sets the namespace that Kustomize adds to all resources type: string + patches: + description: Patches is a list of Kustomize patches + items: + properties: + options: + additionalProperties: + type: boolean + type: object + patch: + type: string + path: + type: string + target: + properties: + annotationSelector: + type: string + group: + type: string + kind: + type: string + labelSelector: + type: string + name: + type: string + namespace: + type: string + version: + type: string + type: object + type: object + type: array replicas: description: Replicas is a list of Kustomize Replicas override specifications @@ -797,7 +859,8 @@ spec: properties: name: description: Name is an alternate way of specifying the target - cluster by its symbolic name + cluster by its symbolic name. This must be set if Server is + not set. type: string namespace: description: Namespace specifies the target namespace for the @@ -805,8 +868,9 @@ spec: namespace-scoped resources that have not set a value for .metadata.namespace type: string server: - description: Server specifies the URL of the target cluster and - must be set to the Kubernetes control plane API + description: Server specifies the URL of the target cluster's + Kubernetes control plane API. This must be set if Name is not + set. type: string type: object ignoreDifferences: @@ -1067,6 +1131,37 @@ spec: description: Namespace sets the namespace that Kustomize adds to all resources type: string + patches: + description: Patches is a list of Kustomize patches + items: + properties: + options: + additionalProperties: + type: boolean + type: object + patch: + type: string + path: + type: string + target: + properties: + annotationSelector: + type: string + group: + type: string + kind: + type: string + labelSelector: + type: string + name: + type: string + namespace: + type: string + version: + type: string + type: object + type: object + type: array replicas: description: Replicas is a list of Kustomize Replicas override specifications @@ -1355,6 +1450,37 @@ spec: description: Namespace sets the namespace that Kustomize adds to all resources type: string + patches: + description: Patches is a list of Kustomize patches + items: + properties: + options: + additionalProperties: + type: boolean + type: object + patch: + type: string + path: + type: string + target: + properties: + annotationSelector: + type: string + group: + type: string + kind: + type: string + labelSelector: + type: string + name: + type: string + namespace: + type: string + version: + type: string + type: object + type: object + type: array replicas: description: Replicas is a list of Kustomize Replicas override specifications @@ -1796,6 +1922,37 @@ spec: description: Namespace sets the namespace that Kustomize adds to all resources type: string + patches: + description: Patches is a list of Kustomize patches + items: + properties: + options: + additionalProperties: + type: boolean + type: object + patch: + type: string + path: + type: string + target: + properties: + annotationSelector: + type: string + group: + type: string + kind: + type: string + labelSelector: + type: string + name: + type: string + namespace: + type: string + version: + type: string + type: object + type: object + type: array replicas: description: Replicas is a list of Kustomize Replicas override specifications @@ -2097,6 +2254,37 @@ spec: description: Namespace sets the namespace that Kustomize adds to all resources type: string + patches: + description: Patches is a list of Kustomize patches + items: + properties: + options: + additionalProperties: + type: boolean + type: object + patch: + type: string + path: + type: string + target: + properties: + annotationSelector: + type: string + group: + type: string + kind: + type: string + labelSelector: + type: string + name: + type: string + namespace: + type: string + version: + type: string + type: object + type: object + type: array replicas: description: Replicas is a list of Kustomize Replicas override specifications @@ -2542,6 +2730,37 @@ spec: description: Namespace sets the namespace that Kustomize adds to all resources type: string + patches: + description: Patches is a list of Kustomize patches + items: + properties: + options: + additionalProperties: + type: boolean + type: object + patch: + type: string + path: + type: string + target: + properties: + annotationSelector: + type: string + group: + type: string + kind: + type: string + labelSelector: + type: string + name: + type: string + namespace: + type: string + version: + type: string + type: object + type: object + type: array replicas: description: Replicas is a list of Kustomize Replicas override specifications @@ -2860,6 +3079,38 @@ spec: description: Namespace sets the namespace that Kustomize adds to all resources type: string + patches: + description: Patches is a list of Kustomize + patches + items: + properties: + options: + additionalProperties: + type: boolean + type: object + patch: + type: string + path: + type: string + target: + properties: + annotationSelector: + type: string + group: + type: string + kind: + type: string + labelSelector: + type: string + name: + type: string + namespace: + type: string + version: + type: string + type: object + type: object + type: array replicas: description: Replicas is a list of Kustomize Replicas override specifications @@ -3292,6 +3543,37 @@ spec: description: Namespace sets the namespace that Kustomize adds to all resources type: string + patches: + description: Patches is a list of Kustomize patches + items: + properties: + options: + additionalProperties: + type: boolean + type: object + patch: + type: string + path: + type: string + target: + properties: + annotationSelector: + type: string + group: + type: string + kind: + type: string + labelSelector: + type: string + name: + type: string + namespace: + type: string + version: + type: string + type: object + type: object + type: array replicas: description: Replicas is a list of Kustomize Replicas override specifications @@ -3603,6 +3885,37 @@ spec: description: Namespace sets the namespace that Kustomize adds to all resources type: string + patches: + description: Patches is a list of Kustomize patches + items: + properties: + options: + additionalProperties: + type: boolean + type: object + patch: + type: string + path: + type: string + target: + properties: + annotationSelector: + type: string + group: + type: string + kind: + type: string + labelSelector: + type: string + name: + type: string + namespace: + type: string + version: + type: string + type: object + type: object + type: array replicas: description: Replicas is a list of Kustomize Replicas override specifications @@ -3804,7 +4117,8 @@ spec: properties: name: description: Name is an alternate way of specifying the - target cluster by its symbolic name + target cluster by its symbolic name. This must be set + if Server is not set. type: string namespace: description: Namespace specifies the target namespace @@ -3813,8 +4127,9 @@ spec: not set a value for .metadata.namespace type: string server: - description: Server specifies the URL of the target cluster - and must be set to the Kubernetes control plane API + description: Server specifies the URL of the target cluster's + Kubernetes control plane API. This must be set if Name + is not set. type: string type: object ignoreDifferences: @@ -4056,6 +4371,37 @@ spec: description: Namespace sets the namespace that Kustomize adds to all resources type: string + patches: + description: Patches is a list of Kustomize patches + items: + properties: + options: + additionalProperties: + type: boolean + type: object + patch: + type: string + path: + type: string + target: + properties: + annotationSelector: + type: string + group: + type: string + kind: + type: string + labelSelector: + type: string + name: + type: string + namespace: + type: string + version: + type: string + type: object + type: object + type: array replicas: description: Replicas is a list of Kustomize Replicas override specifications @@ -4367,6 +4713,37 @@ spec: description: Namespace sets the namespace that Kustomize adds to all resources type: string + patches: + description: Patches is a list of Kustomize patches + items: + properties: + options: + additionalProperties: + type: boolean + type: object + patch: + type: string + path: + type: string + target: + properties: + annotationSelector: + type: string + group: + type: string + kind: + type: string + labelSelector: + type: string + name: + type: string + namespace: + type: string + version: + type: string + type: object + type: object + type: array replicas: description: Replicas is a list of Kustomize Replicas override specifications diff --git a/charts/argo-cd/templates/crds/crd-applicationset.yaml b/charts/argo-cd/templates/crds/crd-applicationset.yaml index fa0d926a7..8d7409e57 100644 --- a/charts/argo-cd/templates/crds/crd-applicationset.yaml +++ b/charts/argo-cd/templates/crds/crd-applicationset.yaml @@ -269,6 +269,36 @@ spec: type: string namespace: type: string + patches: + items: + properties: + options: + additionalProperties: + type: boolean + type: object + patch: + type: string + path: + type: string + target: + properties: + annotationSelector: + type: string + group: + type: string + kind: + type: string + labelSelector: + type: string + name: + type: string + namespace: + type: string + version: + type: string + type: object + type: object + type: array replicas: items: properties: @@ -449,6 +479,36 @@ spec: type: string namespace: type: string + patches: + items: + properties: + options: + additionalProperties: + type: boolean + type: object + patch: + type: string + path: + type: string + target: + properties: + annotationSelector: + type: string + group: + type: string + kind: + type: string + labelSelector: + type: string + name: + type: string + namespace: + type: string + version: + type: string + type: object + type: object + type: array replicas: items: properties: @@ -788,6 +848,36 @@ spec: type: string namespace: type: string + patches: + items: + properties: + options: + additionalProperties: + type: boolean + type: object + patch: + type: string + path: + type: string + target: + properties: + annotationSelector: + type: string + group: + type: string + kind: + type: string + labelSelector: + type: string + name: + type: string + namespace: + type: string + version: + type: string + type: object + type: object + type: array replicas: items: properties: @@ -968,6 +1058,36 @@ spec: type: string namespace: type: string + patches: + items: + properties: + options: + additionalProperties: + type: boolean + type: object + patch: + type: string + path: + type: string + target: + properties: + annotationSelector: + type: string + group: + type: string + kind: + type: string + labelSelector: + type: string + name: + type: string + namespace: + type: string + version: + type: string + type: object + type: object + type: array replicas: items: properties: @@ -1311,6 +1431,36 @@ spec: type: string namespace: type: string + patches: + items: + properties: + options: + additionalProperties: + type: boolean + type: object + patch: + type: string + path: + type: string + target: + properties: + annotationSelector: + type: string + group: + type: string + kind: + type: string + labelSelector: + type: string + name: + type: string + namespace: + type: string + version: + type: string + type: object + type: object + type: array replicas: items: properties: @@ -1491,6 +1641,36 @@ spec: type: string namespace: type: string + patches: + items: + properties: + options: + additionalProperties: + type: boolean + type: object + patch: + type: string + path: + type: string + target: + properties: + annotationSelector: + type: string + group: + type: string + kind: + type: string + labelSelector: + type: string + name: + type: string + namespace: + type: string + version: + type: string + type: object + type: object + type: array replicas: items: properties: @@ -1814,6 +1994,36 @@ spec: type: string namespace: type: string + patches: + items: + properties: + options: + additionalProperties: + type: boolean + type: object + patch: + type: string + path: + type: string + target: + properties: + annotationSelector: + type: string + group: + type: string + kind: + type: string + labelSelector: + type: string + name: + type: string + namespace: + type: string + version: + type: string + type: object + type: object + type: array replicas: items: properties: @@ -1994,6 +2204,36 @@ spec: type: string namespace: type: string + patches: + items: + properties: + options: + additionalProperties: + type: boolean + type: object + patch: + type: string + path: + type: string + target: + properties: + annotationSelector: + type: string + group: + type: string + kind: + type: string + labelSelector: + type: string + name: + type: string + namespace: + type: string + version: + type: string + type: object + type: object + type: array replicas: items: properties: @@ -2341,6 +2581,36 @@ spec: type: string namespace: type: string + patches: + items: + properties: + options: + additionalProperties: + type: boolean + type: object + patch: + type: string + path: + type: string + target: + properties: + annotationSelector: + type: string + group: + type: string + kind: + type: string + labelSelector: + type: string + name: + type: string + namespace: + type: string + version: + type: string + type: object + type: object + type: array replicas: items: properties: @@ -2521,6 +2791,36 @@ spec: type: string namespace: type: string + patches: + items: + properties: + options: + additionalProperties: + type: boolean + type: object + patch: + type: string + path: + type: string + target: + properties: + annotationSelector: + type: string + group: + type: string + kind: + type: string + labelSelector: + type: string + name: + type: string + namespace: + type: string + version: + type: string + type: object + type: object + type: array replicas: items: properties: @@ -2860,6 +3160,36 @@ spec: type: string namespace: type: string + patches: + items: + properties: + options: + additionalProperties: + type: boolean + type: object + patch: + type: string + path: + type: string + target: + properties: + annotationSelector: + type: string + group: + type: string + kind: + type: string + labelSelector: + type: string + name: + type: string + namespace: + type: string + version: + type: string + type: object + type: object + type: array replicas: items: properties: @@ -3040,6 +3370,36 @@ spec: type: string namespace: type: string + patches: + items: + properties: + options: + additionalProperties: + type: boolean + type: object + patch: + type: string + path: + type: string + target: + properties: + annotationSelector: + type: string + group: + type: string + kind: + type: string + labelSelector: + type: string + name: + type: string + namespace: + type: string + version: + type: string + type: object + type: object + type: array replicas: items: properties: @@ -3377,12 +3737,42 @@ spec: items: type: string type: array - namePrefix: - type: string - nameSuffix: - type: string - namespace: - type: string + namePrefix: + type: string + nameSuffix: + type: string + namespace: + type: string + patches: + items: + properties: + options: + additionalProperties: + type: boolean + type: object + patch: + type: string + path: + type: string + target: + properties: + annotationSelector: + type: string + group: + type: string + kind: + type: string + labelSelector: + type: string + name: + type: string + namespace: + type: string + version: + type: string + type: object + type: object + type: array replicas: items: properties: @@ -3563,6 +3953,36 @@ spec: type: string namespace: type: string + patches: + items: + properties: + options: + additionalProperties: + type: boolean + type: object + patch: + type: string + path: + type: string + target: + properties: + annotationSelector: + type: string + group: + type: string + kind: + type: string + labelSelector: + type: string + name: + type: string + namespace: + type: string + version: + type: string + type: object + type: object + type: array replicas: items: properties: @@ -3886,6 +4306,36 @@ spec: type: string namespace: type: string + patches: + items: + properties: + options: + additionalProperties: + type: boolean + type: object + patch: + type: string + path: + type: string + target: + properties: + annotationSelector: + type: string + group: + type: string + kind: + type: string + labelSelector: + type: string + name: + type: string + namespace: + type: string + version: + type: string + type: object + type: object + type: array replicas: items: properties: @@ -4066,6 +4516,36 @@ spec: type: string namespace: type: string + patches: + items: + properties: + options: + additionalProperties: + type: boolean + type: object + patch: + type: string + path: + type: string + target: + properties: + annotationSelector: + type: string + group: + type: string + kind: + type: string + labelSelector: + type: string + name: + type: string + namespace: + type: string + version: + type: string + type: object + type: object + type: array replicas: items: properties: @@ -4399,6 +4879,36 @@ spec: type: string namespace: type: string + patches: + items: + properties: + options: + additionalProperties: + type: boolean + type: object + patch: + type: string + path: + type: string + target: + properties: + annotationSelector: + type: string + group: + type: string + kind: + type: string + labelSelector: + type: string + name: + type: string + namespace: + type: string + version: + type: string + type: object + type: object + type: array replicas: items: properties: @@ -4579,6 +5089,36 @@ spec: type: string namespace: type: string + patches: + items: + properties: + options: + additionalProperties: + type: boolean + type: object + patch: + type: string + path: + type: string + target: + properties: + annotationSelector: + type: string + group: + type: string + kind: + type: string + labelSelector: + type: string + name: + type: string + namespace: + type: string + version: + type: string + type: object + type: object + type: array replicas: items: properties: @@ -5092,6 +5632,36 @@ spec: type: string namespace: type: string + patches: + items: + properties: + options: + additionalProperties: + type: boolean + type: object + patch: + type: string + path: + type: string + target: + properties: + annotationSelector: + type: string + group: + type: string + kind: + type: string + labelSelector: + type: string + name: + type: string + namespace: + type: string + version: + type: string + type: object + type: object + type: array replicas: items: properties: @@ -5272,6 +5842,36 @@ spec: type: string namespace: type: string + patches: + items: + properties: + options: + additionalProperties: + type: boolean + type: object + patch: + type: string + path: + type: string + target: + properties: + annotationSelector: + type: string + group: + type: string + kind: + type: string + labelSelector: + type: string + name: + type: string + namespace: + type: string + version: + type: string + type: object + type: object + type: array replicas: items: properties: @@ -5564,6 +6164,8 @@ spec: type: string group: type: string + includeSharedProjects: + type: boolean includeSubgroups: type: boolean insecure: @@ -5578,6 +6180,8 @@ spec: - key - secretName type: object + topic: + type: string required: - group type: object @@ -5776,6 +6380,36 @@ spec: type: string namespace: type: string + patches: + items: + properties: + options: + additionalProperties: + type: boolean + type: object + patch: + type: string + path: + type: string + target: + properties: + annotationSelector: + type: string + group: + type: string + kind: + type: string + labelSelector: + type: string + name: + type: string + namespace: + type: string + version: + type: string + type: object + type: object + type: array replicas: items: properties: @@ -5956,6 +6590,36 @@ spec: type: string namespace: type: string + patches: + items: + properties: + options: + additionalProperties: + type: boolean + type: object + patch: + type: string + path: + type: string + target: + properties: + annotationSelector: + type: string + group: + type: string + kind: + type: string + labelSelector: + type: string + name: + type: string + namespace: + type: string + version: + type: string + type: object + type: object + type: array replicas: items: properties: @@ -6293,6 +6957,36 @@ spec: type: string namespace: type: string + patches: + items: + properties: + options: + additionalProperties: + type: boolean + type: object + patch: + type: string + path: + type: string + target: + properties: + annotationSelector: + type: string + group: + type: string + kind: + type: string + labelSelector: + type: string + name: + type: string + namespace: + type: string + version: + type: string + type: object + type: object + type: array replicas: items: properties: @@ -6473,6 +7167,36 @@ spec: type: string namespace: type: string + patches: + items: + properties: + options: + additionalProperties: + type: boolean + type: object + patch: + type: string + path: + type: string + target: + properties: + annotationSelector: + type: string + group: + type: string + kind: + type: string + labelSelector: + type: string + name: + type: string + namespace: + type: string + version: + type: string + type: object + type: object + type: array replicas: items: properties: @@ -6814,12 +7538,42 @@ spec: items: type: string type: array - namePrefix: - type: string - nameSuffix: - type: string - namespace: - type: string + namePrefix: + type: string + nameSuffix: + type: string + namespace: + type: string + patches: + items: + properties: + options: + additionalProperties: + type: boolean + type: object + patch: + type: string + path: + type: string + target: + properties: + annotationSelector: + type: string + group: + type: string + kind: + type: string + labelSelector: + type: string + name: + type: string + namespace: + type: string + version: + type: string + type: object + type: object + type: array replicas: items: properties: @@ -7000,6 +7754,36 @@ spec: type: string namespace: type: string + patches: + items: + properties: + options: + additionalProperties: + type: boolean + type: object + patch: + type: string + path: + type: string + target: + properties: + annotationSelector: + type: string + group: + type: string + kind: + type: string + labelSelector: + type: string + name: + type: string + namespace: + type: string + version: + type: string + type: object + type: object + type: array replicas: items: properties: @@ -7339,6 +8123,36 @@ spec: type: string namespace: type: string + patches: + items: + properties: + options: + additionalProperties: + type: boolean + type: object + patch: + type: string + path: + type: string + target: + properties: + annotationSelector: + type: string + group: + type: string + kind: + type: string + labelSelector: + type: string + name: + type: string + namespace: + type: string + version: + type: string + type: object + type: object + type: array replicas: items: properties: @@ -7519,6 +8333,36 @@ spec: type: string namespace: type: string + patches: + items: + properties: + options: + additionalProperties: + type: boolean + type: object + patch: + type: string + path: + type: string + target: + properties: + annotationSelector: + type: string + group: + type: string + kind: + type: string + labelSelector: + type: string + name: + type: string + namespace: + type: string + version: + type: string + type: object + type: object + type: array replicas: items: properties: @@ -7862,6 +8706,36 @@ spec: type: string namespace: type: string + patches: + items: + properties: + options: + additionalProperties: + type: boolean + type: object + patch: + type: string + path: + type: string + target: + properties: + annotationSelector: + type: string + group: + type: string + kind: + type: string + labelSelector: + type: string + name: + type: string + namespace: + type: string + version: + type: string + type: object + type: object + type: array replicas: items: properties: @@ -8042,6 +8916,36 @@ spec: type: string namespace: type: string + patches: + items: + properties: + options: + additionalProperties: + type: boolean + type: object + patch: + type: string + path: + type: string + target: + properties: + annotationSelector: + type: string + group: + type: string + kind: + type: string + labelSelector: + type: string + name: + type: string + namespace: + type: string + version: + type: string + type: object + type: object + type: array replicas: items: properties: @@ -8365,6 +9269,36 @@ spec: type: string namespace: type: string + patches: + items: + properties: + options: + additionalProperties: + type: boolean + type: object + patch: + type: string + path: + type: string + target: + properties: + annotationSelector: + type: string + group: + type: string + kind: + type: string + labelSelector: + type: string + name: + type: string + namespace: + type: string + version: + type: string + type: object + type: object + type: array replicas: items: properties: @@ -8545,6 +9479,36 @@ spec: type: string namespace: type: string + patches: + items: + properties: + options: + additionalProperties: + type: boolean + type: object + patch: + type: string + path: + type: string + target: + properties: + annotationSelector: + type: string + group: + type: string + kind: + type: string + labelSelector: + type: string + name: + type: string + namespace: + type: string + version: + type: string + type: object + type: object + type: array replicas: items: properties: @@ -8878,6 +9842,36 @@ spec: type: string namespace: type: string + patches: + items: + properties: + options: + additionalProperties: + type: boolean + type: object + patch: + type: string + path: + type: string + target: + properties: + annotationSelector: + type: string + group: + type: string + kind: + type: string + labelSelector: + type: string + name: + type: string + namespace: + type: string + version: + type: string + type: object + type: object + type: array replicas: items: properties: @@ -9058,6 +10052,36 @@ spec: type: string namespace: type: string + patches: + items: + properties: + options: + additionalProperties: + type: boolean + type: object + patch: + type: string + path: + type: string + target: + properties: + annotationSelector: + type: string + group: + type: string + kind: + type: string + labelSelector: + type: string + name: + type: string + namespace: + type: string + version: + type: string + type: object + type: object + type: array replicas: items: properties: @@ -9571,6 +10595,36 @@ spec: type: string namespace: type: string + patches: + items: + properties: + options: + additionalProperties: + type: boolean + type: object + patch: + type: string + path: + type: string + target: + properties: + annotationSelector: + type: string + group: + type: string + kind: + type: string + labelSelector: + type: string + name: + type: string + namespace: + type: string + version: + type: string + type: object + type: object + type: array replicas: items: properties: @@ -9751,6 +10805,36 @@ spec: type: string namespace: type: string + patches: + items: + properties: + options: + additionalProperties: + type: boolean + type: object + patch: + type: string + path: + type: string + target: + properties: + annotationSelector: + type: string + group: + type: string + kind: + type: string + labelSelector: + type: string + name: + type: string + namespace: + type: string + version: + type: string + type: object + type: object + type: array replicas: items: properties: @@ -10043,6 +11127,8 @@ spec: type: string group: type: string + includeSharedProjects: + type: boolean includeSubgroups: type: boolean insecure: @@ -10057,6 +11143,8 @@ spec: - key - secretName type: object + topic: + type: string required: - group type: object @@ -10255,6 +11343,36 @@ spec: type: string namespace: type: string + patches: + items: + properties: + options: + additionalProperties: + type: boolean + type: object + patch: + type: string + path: + type: string + target: + properties: + annotationSelector: + type: string + group: + type: string + kind: + type: string + labelSelector: + type: string + name: + type: string + namespace: + type: string + version: + type: string + type: object + type: object + type: array replicas: items: properties: @@ -10435,6 +11553,36 @@ spec: type: string namespace: type: string + patches: + items: + properties: + options: + additionalProperties: + type: boolean + type: object + patch: + type: string + path: + type: string + target: + properties: + annotationSelector: + type: string + group: + type: string + kind: + type: string + labelSelector: + type: string + name: + type: string + namespace: + type: string + version: + type: string + type: object + type: object + type: array replicas: items: properties: @@ -10776,6 +11924,36 @@ spec: type: string namespace: type: string + patches: + items: + properties: + options: + additionalProperties: + type: boolean + type: object + patch: + type: string + path: + type: string + target: + properties: + annotationSelector: + type: string + group: + type: string + kind: + type: string + labelSelector: + type: string + name: + type: string + namespace: + type: string + version: + type: string + type: object + type: object + type: array replicas: items: properties: @@ -10956,6 +12134,36 @@ spec: type: string namespace: type: string + patches: + items: + properties: + options: + additionalProperties: + type: boolean + type: object + patch: + type: string + path: + type: string + target: + properties: + annotationSelector: + type: string + group: + type: string + kind: + type: string + labelSelector: + type: string + name: + type: string + namespace: + type: string + version: + type: string + type: object + type: object + type: array replicas: items: properties: @@ -11286,6 +12494,36 @@ spec: type: string namespace: type: string + patches: + items: + properties: + options: + additionalProperties: + type: boolean + type: object + patch: + type: string + path: + type: string + target: + properties: + annotationSelector: + type: string + group: + type: string + kind: + type: string + labelSelector: + type: string + name: + type: string + namespace: + type: string + version: + type: string + type: object + type: object + type: array replicas: items: properties: @@ -11466,6 +12704,36 @@ spec: type: string namespace: type: string + patches: + items: + properties: + options: + additionalProperties: + type: boolean + type: object + patch: + type: string + path: + type: string + target: + properties: + annotationSelector: + type: string + group: + type: string + kind: + type: string + labelSelector: + type: string + name: + type: string + namespace: + type: string + version: + type: string + type: object + type: object + type: array replicas: items: properties: @@ -11979,6 +13247,36 @@ spec: type: string namespace: type: string + patches: + items: + properties: + options: + additionalProperties: + type: boolean + type: object + patch: + type: string + path: + type: string + target: + properties: + annotationSelector: + type: string + group: + type: string + kind: + type: string + labelSelector: + type: string + name: + type: string + namespace: + type: string + version: + type: string + type: object + type: object + type: array replicas: items: properties: @@ -12159,6 +13457,36 @@ spec: type: string namespace: type: string + patches: + items: + properties: + options: + additionalProperties: + type: boolean + type: object + patch: + type: string + path: + type: string + target: + properties: + annotationSelector: + type: string + group: + type: string + kind: + type: string + labelSelector: + type: string + name: + type: string + namespace: + type: string + version: + type: string + type: object + type: object + type: array replicas: items: properties: @@ -12451,6 +13779,8 @@ spec: type: string group: type: string + includeSharedProjects: + type: boolean includeSubgroups: type: boolean insecure: @@ -12465,6 +13795,8 @@ spec: - key - secretName type: object + topic: + type: string required: - group type: object @@ -12663,6 +13995,36 @@ spec: type: string namespace: type: string + patches: + items: + properties: + options: + additionalProperties: + type: boolean + type: object + patch: + type: string + path: + type: string + target: + properties: + annotationSelector: + type: string + group: + type: string + kind: + type: string + labelSelector: + type: string + name: + type: string + namespace: + type: string + version: + type: string + type: object + type: object + type: array replicas: items: properties: @@ -12843,6 +14205,36 @@ spec: type: string namespace: type: string + patches: + items: + properties: + options: + additionalProperties: + type: boolean + type: object + patch: + type: string + path: + type: string + target: + properties: + annotationSelector: + type: string + group: + type: string + kind: + type: string + labelSelector: + type: string + name: + type: string + namespace: + type: string + version: + type: string + type: object + type: object + type: array replicas: items: properties: @@ -12994,12 +14386,31 @@ spec: items: type: string type: array + ignoreApplicationDifferences: + items: + properties: + jqPathExpressions: + items: + type: string + type: array + jsonPointers: + items: + type: string + type: array + name: + type: string + type: object + type: array preservedFields: properties: annotations: items: type: string type: array + labels: + items: + type: string + type: array type: object strategy: properties: @@ -13236,6 +14647,36 @@ spec: type: string namespace: type: string + patches: + items: + properties: + options: + additionalProperties: + type: boolean + type: object + patch: + type: string + path: + type: string + target: + properties: + annotationSelector: + type: string + group: + type: string + kind: + type: string + labelSelector: + type: string + name: + type: string + namespace: + type: string + version: + type: string + type: object + type: object + type: array replicas: items: properties: @@ -13416,6 +14857,36 @@ spec: type: string namespace: type: string + patches: + items: + properties: + options: + additionalProperties: + type: boolean + type: object + patch: + type: string + path: + type: string + target: + properties: + annotationSelector: + type: string + group: + type: string + kind: + type: string + labelSelector: + type: string + name: + type: string + namespace: + type: string + version: + type: string + type: object + type: object + type: array replicas: items: properties: From 622aee3850af8a0a3b4c7298fcc23e42f49cd799 Mon Sep 17 00:00:00 2001 From: Eddie Knight Date: Mon, 6 Nov 2023 09:10:35 -0600 Subject: [PATCH 302/373] chore(github): Updated security documentation and CLOMonitor exemptions (#2333) * Updated security documentation and CLOMonitor exemptions Signed-off-by: Eddie Knight * Added license scanning exepmtion Signed-off-by: Eddie Knight * Added best practices badge to README Signed-off-by: Eddie Knight --------- Signed-off-by: Eddie Knight Co-authored-by: Jason Meridth --- .clomonitor.yml | 6 ++++++ CONTRIBUTING.md | 2 ++ README.md | 1 + SECURITY-INSIGHTS.yml | 23 +++++++++++++++++++++++ 4 files changed, 32 insertions(+) create mode 100644 SECURITY-INSIGHTS.yml diff --git a/.clomonitor.yml b/.clomonitor.yml index 9f1fff8c4..c75e8a7b4 100644 --- a/.clomonitor.yml +++ b/.clomonitor.yml @@ -7,6 +7,12 @@ exemptions: reason: "Helm deps are not currently scanned. Maintainers are watching developments to dependabot-core #2237" # Justification of this exemption (mandatory, it will be displayed on the UI) - check: sbom reason: "Tracking Helm dependencies is not yet a stable practice." + - check: self_assessment + reason: "Refer to self assessments supplied by the codebases Argo Helm supports." + - check: signed_releases + reason: "Argo Helm releases are made via Artifact Hub, where they are signed. The unsigned GitHub releases are for reference only." + - check: license_scanning + reason: "Temporary exemption: pending response from CNCF Service Desk" # TODO: # License scanning information diff --git a/CONTRIBUTING.md b/CONTRIBUTING.md index d67ddefc5..f9861dcba 100644 --- a/CONTRIBUTING.md +++ b/CONTRIBUTING.md @@ -47,6 +47,8 @@ Any breaking changes to a chart (backwards incompatible) require: ### New Application Versions +Helm charts are intended to be created for all non-patched releases of Argo CD, Workflows, Rollouts, and Events. Associated dependencies, such as Redis, will use the version recommended by the associated release. + When selecting new application versions ensure you make the following changes: * `values.yaml`: Bump all instances of the container image version diff --git a/README.md b/README.md index b29bb3d13..0c5c67989 100644 --- a/README.md +++ b/README.md @@ -6,6 +6,7 @@ [![Artifact HUB](https://img.shields.io/endpoint?url=https://artifacthub.io/badge/repository/argo)](https://artifacthub.io/packages/search?repo=argo) [![CLOMonitor](https://img.shields.io/endpoint?url=https://clomonitor.io/api/projects/cncf/argo/badge)](https://clomonitor.io/projects/cncf/argo) [![OpenSSF Scorecard](https://api.securityscorecards.dev/projects/github.com/argoproj/argo-helm/badge)](https://api.securityscorecards.dev/projects/github.com/argoproj/argo-helm) +[![OpenSSF Best Practices](https://www.bestpractices.dev/projects/7942/badge)](https://www.bestpractices.dev/projects/7942) Argo Helm is a collection of **community maintained** charts for [https://argoproj.github.io](https://argoproj.github.io) projects. The charts can be added using following command: diff --git a/SECURITY-INSIGHTS.yml b/SECURITY-INSIGHTS.yml new file mode 100644 index 000000000..a983c4f1d --- /dev/null +++ b/SECURITY-INSIGHTS.yml @@ -0,0 +1,23 @@ +header: + schema-version: '1.0.0' + expiration-date: '2024-11-04T10:00:00.000Z' + project-url: https://github.com/argoproj/argo-helm +project-lifecycle: + status: active + bug-fixes-only: false + core-maintainers: + - https://github.com/mkilchhofer + - https://github.com/jmeridth +contribution-policy: + accepts-pull-requests: true + accepts-automated-pull-requests: true +distribution-points: + - https://github.com/argoproj/argo-helm/blob/main/SECURITY.md +vulnerability-reporting: + accepts-vulnerability-reports: true + email-contact: cncf-argo-maintainers@lists.cncf.io + security-policy: https://github.com/argoproj/argo-helm/blob/main/SECURITY.md + comment: Please refer to the security policy for reporting information prior to using the email contact. +dependencies: + env-dependencies-policy: + policy-url: https://github.com/argoproj/argo-helm/blob/master/CONTRIBUTING.md#new-application-versions From 9840ebedc640e8f30e0f9223ff10dd9284af543e Mon Sep 17 00:00:00 2001 From: Aikawa Date: Thu, 9 Nov 2023 01:04:58 +0900 Subject: [PATCH 303/373] fix(argo-workflows): Accept multi auth mode for server (#2336) * fix(argo-workflows): Accept multi auth mode for server Signed-off-by: yu-croco * chore(argo-workflows): improve description of authMode Signed-off-by: yu-croco * chore(argo-workflows): keep the older value valid for now as compatibility. Signed-off-by: yu-croco --------- Signed-off-by: yu-croco --- charts/argo-workflows/Chart.yaml | 6 +++--- charts/argo-workflows/README.md | 3 ++- charts/argo-workflows/templates/NOTES.txt | 4 ++++ .../argo-workflows/templates/server/server-deployment.yaml | 3 +++ charts/argo-workflows/values.yaml | 7 +++++-- 5 files changed, 17 insertions(+), 6 deletions(-) diff --git a/charts/argo-workflows/Chart.yaml b/charts/argo-workflows/Chart.yaml index aa941d422..79929c7de 100644 --- a/charts/argo-workflows/Chart.yaml +++ b/charts/argo-workflows/Chart.yaml @@ -3,7 +3,7 @@ appVersion: v3.5.1 name: argo-workflows description: A Helm chart for Argo Workflows type: application -version: 0.38.0 +version: 0.39.0 icon: https://argoproj.github.io/argo-workflows/assets/logo.png home: https://github.com/argoproj/argo-helm sources: @@ -16,5 +16,5 @@ annotations: fingerprint: 2B8F22F57260EFA67BE1C5824B11F800CD9D2252 url: https://argoproj.github.io/argo-helm/pgp_keys.asc artifacthub.io/changes: | - - kind: changed - description: Upgrade Argo Workflows to v3.5.1 + - kind: fixed + description: Accept multi auth mode for server. diff --git a/charts/argo-workflows/README.md b/charts/argo-workflows/README.md index 038111696..e34988674 100644 --- a/charts/argo-workflows/README.md +++ b/charts/argo-workflows/README.md @@ -260,7 +260,8 @@ Fields to note: | server.GKEmanagedCertificate.domains | list | `["argoworkflows.example.com"]` | Domains for the Google Managed Certificate | | server.GKEmanagedCertificate.enabled | bool | `false` | Enable ManagedCertificate custom resource for Google Kubernetes Engine. | | server.affinity | object | `{}` | Assign custom [affinity] rules | -| server.authMode | string | `""` | Auth Mode is available from `server` , `client` or `sso`. If you chose `sso` , please configure `.Values.server.sso` as well. | +| server.authMode | string | `""` | Deprecated; use server.authModes instead. | +| server.authModes | list | `[]` | A list of supported authentication modes. Available values are `server`, `client`, or `sso`. If you provide sso, please configure `.Values.server.sso` as well. | | server.autoscaling.behavior | object | `{}` | Configures the scaling behavior of the target in both Up and Down directions. This is only available on HPA apiVersion `autoscaling/v2beta2` and newer | | server.autoscaling.enabled | bool | `false` | Enable Horizontal Pod Autoscaler ([HPA]) for the Argo Server | | server.autoscaling.maxReplicas | int | `5` | Maximum number of replicas for the Argo Server [HPA] | diff --git a/charts/argo-workflows/templates/NOTES.txt b/charts/argo-workflows/templates/NOTES.txt index b4933a7dd..43c1c8f84 100644 --- a/charts/argo-workflows/templates/NOTES.txt +++ b/charts/argo-workflows/templates/NOTES.txt @@ -1,3 +1,7 @@ +{{- if .Values.server.authMode }} +DEPRECATED option server.authMode - Use server.authModes +{{- end }} + 1. Get Argo Server external IP/domain by running: kubectl --namespace {{ .Release.Namespace }} get services -o wide | grep {{ template "argo-workflows.server.fullname" . }} diff --git a/charts/argo-workflows/templates/server/server-deployment.yaml b/charts/argo-workflows/templates/server/server-deployment.yaml index cea885da7..38c6072bb 100644 --- a/charts/argo-workflows/templates/server/server-deployment.yaml +++ b/charts/argo-workflows/templates/server/server-deployment.yaml @@ -55,6 +55,9 @@ spec: {{- if .Values.server.authMode }} - "--auth-mode={{ .Values.server.authMode }}" {{- end }} + {{- range .Values.server.authModes }} + - "--auth-mode={{ . }}" + {{- end }} - "--secure={{ .Values.server.secure }}" {{- if .Values.singleNamespace }} - "--namespaced" diff --git a/charts/argo-workflows/values.yaml b/charts/argo-workflows/values.yaml index 8d3c830de..10a0e5a44 100644 --- a/charts/argo-workflows/values.yaml +++ b/charts/argo-workflows/values.yaml @@ -536,10 +536,13 @@ server: # - name: FOO # value: "bar" - # -- Auth Mode is available from `server` , `client` or `sso`. If you chose `sso` , please configure `.Values.server.sso` as well. - ## Ref: https://argoproj.github.io/argo-workflows/argo-server-auth-mode/ + # -- Deprecated; use server.authModes instead. authMode: "" + # -- A list of supported authentication modes. Available values are `server`, `client`, or `sso`. If you provide sso, please configure `.Values.server.sso` as well. + ## Ref: https://argoproj.github.io/argo-workflows/argo-server-auth-mode/ + authModes: [] + # -- Extra arguments to provide to the Argo server binary. ## Ref: https://argoproj.github.io/argo-workflows/argo-server/#options extraArgs: [] From d3d9e7de238e0dab0b45d01535658173c51af3f7 Mon Sep 17 00:00:00 2001 From: Jason Meridth Date: Wed, 8 Nov 2023 14:09:44 -0600 Subject: [PATCH 304/373] chore(github): Add yu-cruco to * in CODEOWNERS (#2338) chore: Add yu-cruco to * in CODEOWNERS yu-cruco is now a maintainer and will be notified on all PRs - [x] moved CODEOWNERS into .github folder where it belongs Signed-off-by: jmeridth --- CODEOWNERS => .github/CODEOWNERS | 10 +--------- 1 file changed, 1 insertion(+), 9 deletions(-) rename CODEOWNERS => .github/CODEOWNERS (68%) diff --git a/CODEOWNERS b/.github/CODEOWNERS similarity index 68% rename from CODEOWNERS rename to .github/CODEOWNERS index f7432a773..05c993b96 100644 --- a/CODEOWNERS +++ b/.github/CODEOWNERS @@ -1,14 +1,6 @@ -# All -* @mkilchhofer @jmeridth +* @mkilchhofer @jmeridth @yu-croco -# Argo Workflows /charts/argo-workflows/ @vladlosev @jmeridth @yu-croco @tico24 - -# Argo CD /charts/argo-cd/ @mbevc1 @mkilchhofer @yu-croco @jmeridth @pdrastil @tico24 - -# Argo Events /charts/argo-events/ @pdrastil @jmeridth @tico24 - -# Argo Rollouts /charts/argo-rollouts/ @jmeridth From 3f2654d24aacc35af23a664392438c0e5954c60d Mon Sep 17 00:00:00 2001 From: Aikawa Date: Fri, 10 Nov 2023 21:41:09 +0900 Subject: [PATCH 305/373] fix(argo-cd): Add permission for Applications in any namespace (#2341) Signed-off-by: yu-croco --- charts/argo-cd/Chart.yaml | 6 +++--- charts/argo-cd/README.md | 2 ++ charts/argo-cd/README.md.gotmpl | 1 + charts/argo-cd/templates/argocd-server/clusterrole.yaml | 3 +++ charts/argo-cd/values.yaml | 6 ++++++ 5 files changed, 15 insertions(+), 3 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index fa544effc..ac684be91 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -3,7 +3,7 @@ appVersion: v2.9.0 kubeVersion: ">=1.23.0-0" description: A Helm chart for Argo CD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 5.51.0 +version: 5.51.1 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png sources: @@ -26,5 +26,5 @@ annotations: fingerprint: 2B8F22F57260EFA67BE1C5824B11F800CD9D2252 url: https://argoproj.github.io/argo-helm/pgp_keys.asc artifacthub.io/changes: | - - kind: changed - description: Upgrade Argo CD to v2.9.0 + - kind: fixed + description: Add configurations for Applications in any namespace diff --git a/charts/argo-cd/README.md b/charts/argo-cd/README.md index e0e250256..7b79080ec 100644 --- a/charts/argo-cd/README.md +++ b/charts/argo-cd/README.md @@ -449,6 +449,7 @@ NAME: my-release | configs.credentialTemplatesAnnotations | object | `{}` | Annotations to be added to `configs.credentialTemplates` Secret | | configs.gpg.annotations | object | `{}` | Annotations to be added to argocd-gpg-keys-cm configmap | | configs.gpg.keys | object | `{}` (See [values.yaml]) | [GnuPG] public keys to add to the keyring | +| configs.params."application.namespaces" | string | `""` | Enables [Applications in any namespace] | | configs.params."applicationsetcontroller.enable.progressive.syncs" | bool | `false` | Enables use of the Progressive Syncs capability | | configs.params."applicationsetcontroller.policy" | string | `"sync"` | Modify how application is synced between the generator and the cluster. One of: `sync`, `create-only`, `create-update`, `create-delete` | | configs.params."controller.operation.processors" | int | `10` | Number of application operation processors | @@ -1253,3 +1254,4 @@ Autogenerated from chart metadata using [helm-docs](https://github.com/norwoodj/ [tini]: https://github.com/argoproj/argo-cd/pull/12707 [EKS EoL]: https://endoflife.date/amazon-eks [Kubernetes Compatibility Matrix]: https://argo-cd.readthedocs.io/en/stable/operator-manual/installation/#supported-versions +[Applications in any namespace]: https://argo-cd.readthedocs.io/en/stable/operator-manual/app-any-namespace/#applications-in-any-namespace diff --git a/charts/argo-cd/README.md.gotmpl b/charts/argo-cd/README.md.gotmpl index 5dc048b44..b8ffa4fb5 100644 --- a/charts/argo-cd/README.md.gotmpl +++ b/charts/argo-cd/README.md.gotmpl @@ -562,3 +562,4 @@ Autogenerated from chart metadata using [helm-docs](https://github.com/norwoodj/ [tini]: https://github.com/argoproj/argo-cd/pull/12707 [EKS EoL]: https://endoflife.date/amazon-eks [Kubernetes Compatibility Matrix]: https://argo-cd.readthedocs.io/en/stable/operator-manual/installation/#supported-versions +[Applications in any namespace]: https://argo-cd.readthedocs.io/en/stable/operator-manual/app-any-namespace/#applications-in-any-namespace diff --git a/charts/argo-cd/templates/argocd-server/clusterrole.yaml b/charts/argo-cd/templates/argocd-server/clusterrole.yaml index 44d50515c..bd10316b4 100644 --- a/charts/argo-cd/templates/argocd-server/clusterrole.yaml +++ b/charts/argo-cd/templates/argocd-server/clusterrole.yaml @@ -21,6 +21,9 @@ rules: - events verbs: - list + {{- if (index .Values.configs.params "application.namespaces") }} + - create + {{- end }} - apiGroups: - "" resources: diff --git a/charts/argo-cd/values.yaml b/charts/argo-cd/values.yaml index 4ec932224..49dd4e70b 100644 --- a/charts/argo-cd/values.yaml +++ b/charts/argo-cd/values.yaml @@ -263,6 +263,12 @@ configs: # -- Enables use of the Progressive Syncs capability applicationsetcontroller.enable.progressive.syncs: false + # -- Enables [Applications in any namespace] + ## List of additional namespaces where applications may be created in and reconciled from. + ## The namespace where Argo CD is installed to will always be allowed. + ## Set comma-separated list. (e.g. app-team-one, app-team-two) + application.namespaces: "" + # Argo CD RBAC policy configuration ## Ref: https://github.com/argoproj/argo-cd/blob/master/docs/operator-manual/rbac.md rbac: From 84c433962338329141010a9f5b8de1d8c919fff4 Mon Sep 17 00:00:00 2001 From: Aikawa Date: Wed, 15 Nov 2023 14:59:16 +0900 Subject: [PATCH 306/373] chore(argo-cd): Upgrade Argo CD to v2.9.1 (#2344) --- charts/argo-cd/Chart.yaml | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index ac684be91..9a7211241 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -1,9 +1,9 @@ apiVersion: v2 -appVersion: v2.9.0 +appVersion: v2.9.1 kubeVersion: ">=1.23.0-0" description: A Helm chart for Argo CD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 5.51.1 +version: 5.51.2 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png sources: @@ -26,5 +26,5 @@ annotations: fingerprint: 2B8F22F57260EFA67BE1C5824B11F800CD9D2252 url: https://argoproj.github.io/argo-helm/pgp_keys.asc artifacthub.io/changes: | - - kind: fixed - description: Add configurations for Applications in any namespace + - kind: changed + description: Upgrade Argo CD to v2.9.1 From a29d2165ac9ecc0f168b61cd54b945016a182d5a Mon Sep 17 00:00:00 2001 From: Ilia Lazebnik Date: Wed, 15 Nov 2023 12:00:23 +0200 Subject: [PATCH 307/373] chore(argo-rollouts): Bump rollouts to 1.6.1 (#2345) * Bump rollouts to 1.6.2 Signed-off-by: drfaust92 * Bump to 1.6.1 Signed-off-by: drfaust92 * Bump to 1.6.1 Signed-off-by: drfaust92 --------- Signed-off-by: drfaust92 Co-authored-by: Aikawa --- charts/argo-rollouts/Chart.yaml | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/charts/argo-rollouts/Chart.yaml b/charts/argo-rollouts/Chart.yaml index 6d343fdce..6b49176d2 100644 --- a/charts/argo-rollouts/Chart.yaml +++ b/charts/argo-rollouts/Chart.yaml @@ -1,8 +1,8 @@ apiVersion: v2 -appVersion: v1.6.0 +appVersion: v1.6.1 description: A Helm chart for Argo Rollouts name: argo-rollouts -version: 2.32.2 +version: 2.32.3 home: https://github.com/argoproj/argo-helm icon: https://argoproj.github.io/argo-rollouts/assets/logo.png keywords: @@ -18,5 +18,5 @@ annotations: fingerprint: 2B8F22F57260EFA67BE1C5824B11F800CD9D2252 url: https://argoproj.github.io/argo-helm/pgp_keys.asc artifacthub.io/changes: | - - kind: fixed - description: Update AnalysisRun CRD to match upstream + - kind: changed + description: Upgrade Argo Rollouts to v1.6.1 From d98747224e9200760e7a1684f14c197d5b3c0cec Mon Sep 17 00:00:00 2001 From: Ilia Lazebnik Date: Wed, 15 Nov 2023 15:09:30 +0200 Subject: [PATCH 308/373] chore(argo-rollouts): Bump rollouts to 1.6.2 (#2347) --- charts/argo-rollouts/Chart.yaml | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/charts/argo-rollouts/Chart.yaml b/charts/argo-rollouts/Chart.yaml index 6b49176d2..6999850f0 100644 --- a/charts/argo-rollouts/Chart.yaml +++ b/charts/argo-rollouts/Chart.yaml @@ -1,8 +1,8 @@ apiVersion: v2 -appVersion: v1.6.1 +appVersion: v1.6.2 description: A Helm chart for Argo Rollouts name: argo-rollouts -version: 2.32.3 +version: 2.32.4 home: https://github.com/argoproj/argo-helm icon: https://argoproj.github.io/argo-rollouts/assets/logo.png keywords: @@ -19,4 +19,4 @@ annotations: url: https://argoproj.github.io/argo-helm/pgp_keys.asc artifacthub.io/changes: | - kind: changed - description: Upgrade Argo Rollouts to v1.6.1 + description: Upgrade Argo Rollouts to v1.6.2 From 737b9724de6e829207ab48caa4b4b0a672840e78 Mon Sep 17 00:00:00 2001 From: Matt Dainty Date: Wed, 15 Nov 2023 13:17:09 +0000 Subject: [PATCH 309/373] fix(argo-workflows): Add parameters for tuning revisionHistoryLimit and emptyDir volumes (#2346) --- charts/argo-workflows/Chart.yaml | 6 +++--- charts/argo-workflows/README.md | 3 +++ .../controller/workflow-controller-deployment.yaml | 1 + .../argo-workflows/templates/server/server-deployment.yaml | 3 ++- charts/argo-workflows/values.yaml | 7 +++++++ 5 files changed, 16 insertions(+), 4 deletions(-) diff --git a/charts/argo-workflows/Chart.yaml b/charts/argo-workflows/Chart.yaml index 79929c7de..327adb893 100644 --- a/charts/argo-workflows/Chart.yaml +++ b/charts/argo-workflows/Chart.yaml @@ -3,7 +3,7 @@ appVersion: v3.5.1 name: argo-workflows description: A Helm chart for Argo Workflows type: application -version: 0.39.0 +version: 0.39.1 icon: https://argoproj.github.io/argo-workflows/assets/logo.png home: https://github.com/argoproj/argo-helm sources: @@ -16,5 +16,5 @@ annotations: fingerprint: 2B8F22F57260EFA67BE1C5824B11F800CD9D2252 url: https://argoproj.github.io/argo-helm/pgp_keys.asc artifacthub.io/changes: | - - kind: fixed - description: Accept multi auth mode for server. + - kind: added + description: Add parameters for tuning revisionHistoryLimit and emptyDir volumes. diff --git a/charts/argo-workflows/README.md b/charts/argo-workflows/README.md index e34988674..a5f703413 100644 --- a/charts/argo-workflows/README.md +++ b/charts/argo-workflows/README.md @@ -197,6 +197,7 @@ Fields to note: | controller.resourceRateLimit | object | `{}` | Globally limits the rate at which pods are created. This is intended to mitigate flooding of the Kubernetes API server by workflows with a large amount of parallel nodes. | | controller.resources | object | `{}` | Resource limits and requests for the controller | | controller.retentionPolicy | object | `{}` | Workflow retention by number of workflows | +| controller.revisionHistoryLimit | int | `10` | The number of revisions to keep. | | controller.securityContext | object | `{"allowPrivilegeEscalation":false,"capabilities":{"drop":["ALL"]},"readOnlyRootFilesystem":true,"runAsNonRoot":true}` | the controller container's securityContext | | controller.serviceAccount.annotations | object | `{}` | Annotations applied to created service account | | controller.serviceAccount.create | bool | `true` | Create a service account for the controller | @@ -304,6 +305,7 @@ Fields to note: | server.rbac.create | bool | `true` | Adds Role and RoleBinding for the server. | | server.replicas | int | `1` | The number of server pods to run | | server.resources | object | `{}` | Resource limits and requests for the server | +| server.revisionHistoryLimit | int | `10` | The number of revisions to keep. | | server.secure | bool | `false` | Run the argo server in "secure" mode. Configure this value instead of `--secure` in extraArgs. | | server.securityContext | object | `{"allowPrivilegeEscalation":false,"capabilities":{"drop":["ALL"]},"readOnlyRootFilesystem":false,"runAsNonRoot":true}` | Servers container-level security context | | server.serviceAccount.annotations | object | `{}` | Annotations applied to created service account | @@ -331,6 +333,7 @@ Fields to note: | server.sso.scopes | list | `[]` | Scopes requested from the SSO ID provider | | server.sso.sessionExpiry | string | `""` | Define how long your login is valid for (in hours) | | server.sso.userInfoPath | string | `""` | Specify the user info endpoint that contains the groups claim | +| server.tmpVolume | object | `{"emptyDir":{}}` | Volume to be mounted in Pods for temporary files. | | server.tolerations | list | `[]` | [Tolerations] for use with node taints | | server.topologySpreadConstraints | list | `[]` | Assign custom [TopologySpreadConstraints] rules to the argo server | | server.volumeMounts | list | `[]` | Additional volume mounts to the server main container. | diff --git a/charts/argo-workflows/templates/controller/workflow-controller-deployment.yaml b/charts/argo-workflows/templates/controller/workflow-controller-deployment.yaml index 132d7f8ce..3db5f971f 100644 --- a/charts/argo-workflows/templates/controller/workflow-controller-deployment.yaml +++ b/charts/argo-workflows/templates/controller/workflow-controller-deployment.yaml @@ -12,6 +12,7 @@ metadata: {{- end }} spec: replicas: {{ .Values.controller.replicas }} + revisionHistoryLimit: {{ .Values.controller.revisionHistoryLimit }} selector: matchLabels: {{- include "argo-workflows.selectorLabels" (dict "context" . "name" .Values.controller.name) | nindent 6 }} diff --git a/charts/argo-workflows/templates/server/server-deployment.yaml b/charts/argo-workflows/templates/server/server-deployment.yaml index 38c6072bb..182d31695 100644 --- a/charts/argo-workflows/templates/server/server-deployment.yaml +++ b/charts/argo-workflows/templates/server/server-deployment.yaml @@ -15,6 +15,7 @@ spec: {{- if not .Values.server.autoscaling.enabled }} replicas: {{ .Values.server.replicas }} {{- end }} + revisionHistoryLimit: {{ .Values.server.revisionHistoryLimit }} selector: matchLabels: {{- include "argo-workflows.selectorLabels" (dict "context" . "name" .Values.server.name) | nindent 6 }} @@ -112,7 +113,7 @@ spec: {{- end }} volumes: - name: tmp - emptyDir: {} + {{- toYaml .Values.server.tmpVolume | nindent 8 }} {{- with .Values.server.volumes }} {{- toYaml . | nindent 6}} {{- end }} diff --git a/charts/argo-workflows/values.yaml b/charts/argo-workflows/values.yaml index 10a0e5a44..7a5f04e09 100644 --- a/charts/argo-workflows/values.yaml +++ b/charts/argo-workflows/values.yaml @@ -295,6 +295,8 @@ controller: volumes: [] # -- The number of controller pods to run replicas: 1 + # -- The number of revisions to keep. + revisionHistoryLimit: 10 pdb: # -- Configure [Pod Disruption Budget] for the controller pods @@ -472,6 +474,8 @@ server: resources: {} # -- The number of server pods to run replicas: 1 + # -- The number of revisions to keep. + revisionHistoryLimit: 10 ## Argo Server Horizontal Pod Autoscaler autoscaling: # -- Enable Horizontal Pod Autoscaler ([HPA]) for the Argo Server @@ -555,6 +559,9 @@ server: # -- Set the logging format (one of: `text`, `json`) format: "text" + # -- Volume to be mounted in Pods for temporary files. + tmpVolume: + emptyDir: {} # -- Additional volume mounts to the server main container. volumeMounts: [] # -- Additional volumes to the server pod. From 9496f2f1e6f5b2bf7d4149b09a787ee404868924 Mon Sep 17 00:00:00 2001 From: Aikawa Date: Wed, 15 Nov 2023 22:32:49 +0900 Subject: [PATCH 310/373] fix(argo-workflows): Align version label (#2342) * fix(argo-workflows): Aligne version label Signed-off-by: yu-croco * fix(argo-workflows): fix typo Signed-off-by: yu-croco --------- Signed-off-by: yu-croco --- charts/argo-workflows/Chart.yaml | 6 +++--- .../templates/controller/workflow-controller-service.yaml | 2 +- 2 files changed, 4 insertions(+), 4 deletions(-) diff --git a/charts/argo-workflows/Chart.yaml b/charts/argo-workflows/Chart.yaml index 327adb893..f5275105b 100644 --- a/charts/argo-workflows/Chart.yaml +++ b/charts/argo-workflows/Chart.yaml @@ -3,7 +3,7 @@ appVersion: v3.5.1 name: argo-workflows description: A Helm chart for Argo Workflows type: application -version: 0.39.1 +version: 0.39.2 icon: https://argoproj.github.io/argo-workflows/assets/logo.png home: https://github.com/argoproj/argo-helm sources: @@ -16,5 +16,5 @@ annotations: fingerprint: 2B8F22F57260EFA67BE1C5824B11F800CD9D2252 url: https://argoproj.github.io/argo-helm/pgp_keys.asc artifacthub.io/changes: | - - kind: added - description: Add parameters for tuning revisionHistoryLimit and emptyDir volumes. + - kind: fixed + description: Align version label diff --git a/charts/argo-workflows/templates/controller/workflow-controller-service.yaml b/charts/argo-workflows/templates/controller/workflow-controller-service.yaml index 5ade3d401..1959eb2e0 100644 --- a/charts/argo-workflows/templates/controller/workflow-controller-service.yaml +++ b/charts/argo-workflows/templates/controller/workflow-controller-service.yaml @@ -6,7 +6,7 @@ metadata: namespace: {{ .Release.Namespace | quote }} labels: {{- include "argo-workflows.labels" (dict "context" . "component" .Values.controller.name "name" .Values.controller.name) | nindent 4 }} - app.kubernetes.io/version: {{ default (include "argo-workflows.defaultTag" .) .Values.controller.image.tag | trunc 63 | quote }} + app.kubernetes.io/version: {{ include "argo-workflows.controller_chart_version_label" . }} {{- with .Values.controller.serviceLabels }} {{ toYaml . | nindent 4 }} {{- end }} From 4c256348e85d0d2419504b0ab4eed3852b8e42ae Mon Sep 17 00:00:00 2001 From: Kripu Khadka <84505567+Kripu77@users.noreply.github.com> Date: Wed, 15 Nov 2023 19:23:26 +0545 Subject: [PATCH 311/373] docs(github): typo fix in security.md (#2343) * typo fix Signed-off-by: Kripu Khadka * Revert "typo fix" This reverts commit b02b2fb766508226eda658eb870a9216a76fed3e. Signed-off-by: Kripu Khadka * typo fix in SECURITY.md Signed-off-by: Kripu Khadka <84505567+Kripu77@users.noreply.github.com> Signed-off-by: Kripu Khadka --------- Signed-off-by: Kripu Khadka Signed-off-by: Kripu Khadka <84505567+Kripu77@users.noreply.github.com> Co-authored-by: Aikawa --- SECURITY.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/SECURITY.md b/SECURITY.md index 7c30259c2..f4fb60022 100644 --- a/SECURITY.md +++ b/SECURITY.md @@ -2,7 +2,7 @@ ## Supported Versions and Upstream Reporting -Each helm chart currently supports the designated application version in the Chart.yaml. There is a chance a security issue you've discovered may not be with the helm chart but with the upstream application. Please visit that application's Security policy docueent to find out how to report the security issue. +Each helm chart currently supports the designated application version in the Chart.yaml. There is a chance a security issue you've discovered may not be with the helm chart but with the upstream application. Please visit that application's Security policy document to find out how to report the security issue. * [Security Policy for Argo Workflows](https://github.com/argoproj/argo-workflows/blob/master/SECURITY.md) * [Security Policy for Argo Events](https://github.com/argoproj/argo-events/blob/master/SECURITY.md) From a78556018dc70fa78fb6c4b65fc66489a8e555a7 Mon Sep 17 00:00:00 2001 From: Tim Collins <45351296+tico24@users.noreply.github.com> Date: Thu, 16 Nov 2023 12:31:53 +0000 Subject: [PATCH 312/373] chore(argo-workflows): Remove xip url from test to avoid confusion (#2350) * chore(argo-workflows): Remove xip url from test to avoid confusion Signed-off-by: Tim Collins * Bump version Signed-off-by: Tim Collins * More bumpings Signed-off-by: Tim Collins * Tim can't type Signed-off-by: Tim Collins * Swap to example.com - rfc2606 Signed-off-by: Tim Collins --------- Signed-off-by: Tim Collins --- charts/argo-workflows/Chart.yaml | 6 +++--- charts/argo-workflows/ci/enable-ingress-values.yaml | 2 +- 2 files changed, 4 insertions(+), 4 deletions(-) diff --git a/charts/argo-workflows/Chart.yaml b/charts/argo-workflows/Chart.yaml index f5275105b..0e3a49a53 100644 --- a/charts/argo-workflows/Chart.yaml +++ b/charts/argo-workflows/Chart.yaml @@ -3,7 +3,7 @@ appVersion: v3.5.1 name: argo-workflows description: A Helm chart for Argo Workflows type: application -version: 0.39.2 +version: 0.39.3 icon: https://argoproj.github.io/argo-workflows/assets/logo.png home: https://github.com/argoproj/argo-helm sources: @@ -16,5 +16,5 @@ annotations: fingerprint: 2B8F22F57260EFA67BE1C5824B11F800CD9D2252 url: https://argoproj.github.io/argo-helm/pgp_keys.asc artifacthub.io/changes: | - - kind: fixed - description: Align version label + - kind: changed + description: Modify test host url to avoid user confusion diff --git a/charts/argo-workflows/ci/enable-ingress-values.yaml b/charts/argo-workflows/ci/enable-ingress-values.yaml index 05dae8861..bfcc37c3f 100644 --- a/charts/argo-workflows/ci/enable-ingress-values.yaml +++ b/charts/argo-workflows/ci/enable-ingress-values.yaml @@ -5,4 +5,4 @@ server: ingress: enabled: true hosts: - - argo-workflows.127.0.0.1.xip.io + - argo-workflows.example.com From 14887dd57d15255b567108bd1d890ed0cf025aeb Mon Sep 17 00:00:00 2001 From: "Marco Maurer (-Kilchhofer)" Date: Sun, 19 Nov 2023 23:18:57 +0100 Subject: [PATCH 313/373] chore(argo-cd): Replace non-existing examples with official example domain (#2352) --- charts/argo-cd/Chart.yaml | 4 ++-- charts/argo-cd/values.yaml | 6 +++--- 2 files changed, 5 insertions(+), 5 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index 9a7211241..038ae63cf 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -3,7 +3,7 @@ appVersion: v2.9.1 kubeVersion: ">=1.23.0-0" description: A Helm chart for Argo CD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 5.51.2 +version: 5.51.3 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png sources: @@ -27,4 +27,4 @@ annotations: url: https://argoproj.github.io/argo-helm/pgp_keys.asc artifacthub.io/changes: | - kind: changed - description: Upgrade Argo CD to v2.9.1 + description: Replace non-existing examples with official example domain (RFC 2606) diff --git a/charts/argo-cd/values.yaml b/charts/argo-cd/values.yaml index 49dd4e70b..c4480e6ce 100644 --- a/charts/argo-cd/values.yaml +++ b/charts/argo-cd/values.yaml @@ -410,7 +410,7 @@ configs: ## - https://argo-cd.readthedocs.io/en/stable/user-guide/projects/#project-scoped-repositories-and-clusters clusterCredentials: [] # - name: mycluster - # server: https://mycluster.com + # server: https://mycluster.example.com # labels: {} # annotations: {} # config: @@ -419,7 +419,7 @@ configs: # insecure: false # caData: "" # - name: mycluster2 - # server: https://mycluster2.com + # server: https://mycluster2.example.com # labels: {} # annotations: {} # namespaces: namespace1,namespace2 @@ -430,7 +430,7 @@ configs: # insecure: false # caData: "" # - name: mycluster3-project-scoped - # server: https://mycluster3.com + # server: https://mycluster3.example.com # labels: {} # annotations: {} # project: my-project1 From c18365288937157459c2fda20d5a0cdeb6478abb Mon Sep 17 00:00:00 2001 From: Aikawa Date: Tue, 21 Nov 2023 03:49:41 +0900 Subject: [PATCH 314/373] chore(argo-cd): Upgrade Argo CD to v2.9.2 (#2353) Signed-off-by: yu-croco --- charts/argo-cd/Chart.yaml | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index 038ae63cf..f0100f7f8 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -1,9 +1,9 @@ apiVersion: v2 -appVersion: v2.9.1 +appVersion: v2.9.2 kubeVersion: ">=1.23.0-0" description: A Helm chart for Argo CD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 5.51.3 +version: 5.51.4 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png sources: @@ -27,4 +27,4 @@ annotations: url: https://argoproj.github.io/argo-helm/pgp_keys.asc artifacthub.io/changes: | - kind: changed - description: Replace non-existing examples with official example domain (RFC 2606) + description: Upgrade Argo CD to v2.9.2 From 7f95a5f9f0cf777ad564c5d90c973e17bde1b7bc Mon Sep 17 00:00:00 2001 From: "Marco Maurer (-Kilchhofer)" Date: Mon, 27 Nov 2023 07:30:08 +0100 Subject: [PATCH 315/373] chore(github): Update SECURITY-INSIGHTS.yml to include security-contacts (#2356) --- SECURITY-INSIGHTS.yml | 19 +++++++++++++++++-- 1 file changed, 17 insertions(+), 2 deletions(-) diff --git a/SECURITY-INSIGHTS.yml b/SECURITY-INSIGHTS.yml index a983c4f1d..e3a6aeed1 100644 --- a/SECURITY-INSIGHTS.yml +++ b/SECURITY-INSIGHTS.yml @@ -11,13 +11,28 @@ project-lifecycle: contribution-policy: accepts-pull-requests: true accepts-automated-pull-requests: true + automated-tools-list: + - automated-tool: dependabot + action: allowed + path: + - / + contributing-policy: https://github.com/argoproj/argo-helm/blob/main/CONTRIBUTING.md + code-of-conduct: https://github.com/cncf/foundation/blob/master/code-of-conduct.md distribution-points: - - https://github.com/argoproj/argo-helm/blob/main/SECURITY.md + - https://argoproj.github.io/argo-helm + - https://artifacthub.io/packages/search?org=argoproj&repo=argo +security-contacts: + - type: website + value: https://github.com/argoproj/argo-helm/security/advisories/new + primary: true vulnerability-reporting: accepts-vulnerability-reports: true email-contact: cncf-argo-maintainers@lists.cncf.io security-policy: https://github.com/argoproj/argo-helm/blob/main/SECURITY.md - comment: Please refer to the security policy for reporting information prior to using the email contact. + comment: | + Our preferred contact method related to vulnerabilities is the Security tab on GitHub. + Click the button "Report a vulnerability" to open the advisory form. + Please refer to the security policy for reporting information prior to using the email contact. dependencies: env-dependencies-policy: policy-url: https://github.com/argoproj/argo-helm/blob/master/CONTRIBUTING.md#new-application-versions From 7261decaf8c15cc644ff8b0d8e5b3b9633a6a17d Mon Sep 17 00:00:00 2001 From: qa-florian-wende <113123884+qa-florian-wende@users.noreply.github.com> Date: Mon, 27 Nov 2023 18:44:58 +0100 Subject: [PATCH 316/373] feat(argo-workflows): Make workflow controller ConfigMap optional (#2354) --- charts/argo-workflows/Chart.yaml | 6 +++--- charts/argo-workflows/README.md | 2 ++ charts/argo-workflows/templates/_helpers.tpl | 7 +++++++ .../controller/workflow-controller-config-map.yaml | 4 +++- .../controller/workflow-controller-deployment.yaml | 2 +- .../argo-workflows/templates/server/server-deployment.yaml | 2 +- charts/argo-workflows/values.yaml | 6 ++++++ 7 files changed, 23 insertions(+), 6 deletions(-) diff --git a/charts/argo-workflows/Chart.yaml b/charts/argo-workflows/Chart.yaml index 0e3a49a53..3e93c1f65 100644 --- a/charts/argo-workflows/Chart.yaml +++ b/charts/argo-workflows/Chart.yaml @@ -3,7 +3,7 @@ appVersion: v3.5.1 name: argo-workflows description: A Helm chart for Argo Workflows type: application -version: 0.39.3 +version: 0.39.4 icon: https://argoproj.github.io/argo-workflows/assets/logo.png home: https://github.com/argoproj/argo-helm sources: @@ -16,5 +16,5 @@ annotations: fingerprint: 2B8F22F57260EFA67BE1C5824B11F800CD9D2252 url: https://argoproj.github.io/argo-helm/pgp_keys.asc artifacthub.io/changes: | - - kind: changed - description: Modify test host url to avoid user confusion + - kind: added + description: Make configMap optional and allow its name to be overridden diff --git a/charts/argo-workflows/README.md b/charts/argo-workflows/README.md index a5f703413..64bd81918 100644 --- a/charts/argo-workflows/README.md +++ b/charts/argo-workflows/README.md @@ -142,6 +142,8 @@ Fields to note: | controller.affinity | object | `{}` | Assign custom [affinity] rules | | controller.clusterWorkflowTemplates.enabled | bool | `true` | Create a ClusterRole and CRB for the controller to access ClusterWorkflowTemplates. | | controller.columns | list | `[]` | Configure Argo Server to show custom [columns] | +| controller.configMap.create | bool | `true` | Create a ConfigMap for the controller | +| controller.configMap.name | string | `""` | ConfigMap name | | controller.cronWorkflowWorkers | string | `nil` | Number of cron workflow workers Only valid for 3.5+ | | controller.deploymentAnnotations | object | `{}` | deploymentAnnotations is an optional map of annotations to be applied to the controller Deployment | | controller.extraArgs | list | `[]` | Extra arguments to be added to the controller | diff --git a/charts/argo-workflows/templates/_helpers.tpl b/charts/argo-workflows/templates/_helpers.tpl index 0713264fb..0d170ec98 100644 --- a/charts/argo-workflows/templates/_helpers.tpl +++ b/charts/argo-workflows/templates/_helpers.tpl @@ -97,6 +97,13 @@ app.kubernetes.io/component: {{ .component }} {{- end }} {{- end }} +{{/* +Create the name of the controller configMap +*/}} +{{- define "argo-workflows.controller.config-map.name" -}} +{{- .Values.controller.configMap.name | default (printf "%s-%s" (include "argo-workflows.controller.fullname" .) "configmap") | trunc 63 | trimSuffix "-" -}} +{{- end -}} + {{/* Create the name of the server service account to use */}} diff --git a/charts/argo-workflows/templates/controller/workflow-controller-config-map.yaml b/charts/argo-workflows/templates/controller/workflow-controller-config-map.yaml index d4728a30f..bff3e1218 100644 --- a/charts/argo-workflows/templates/controller/workflow-controller-config-map.yaml +++ b/charts/argo-workflows/templates/controller/workflow-controller-config-map.yaml @@ -1,7 +1,8 @@ +{{- if .Values.controller.configMap.create }} apiVersion: v1 kind: ConfigMap metadata: - name: {{ template "argo-workflows.controller.fullname" . }}-configmap + name: {{ template "argo-workflows.controller.config-map.name" . }} namespace: {{ .Release.Namespace | quote }} labels: {{- include "argo-workflows.labels" (dict "context" . "component" .Values.controller.name "name" "cm") | nindent 4 }} @@ -191,3 +192,4 @@ data: {{- with .Values.controller.podGCDeleteDelayDuration }} podGCDeleteDelayDuration: {{ . }} {{- end }} +{{- end }} diff --git a/charts/argo-workflows/templates/controller/workflow-controller-deployment.yaml b/charts/argo-workflows/templates/controller/workflow-controller-deployment.yaml index 3db5f971f..2cc8a9036 100644 --- a/charts/argo-workflows/templates/controller/workflow-controller-deployment.yaml +++ b/charts/argo-workflows/templates/controller/workflow-controller-deployment.yaml @@ -45,7 +45,7 @@ spec: command: [ "workflow-controller" ] args: - "--configmap" - - "{{ template "argo-workflows.controller.fullname" . }}-configmap" + - "{{ template "argo-workflows.controller.config-map.name" . }}" - "--executor-image" - "{{- include "argo-workflows.image" (dict "context" . "image" .Values.executor.image) }}:{{ default (include "argo-workflows.defaultTag" .) .Values.executor.image.tag }}" - "--loglevel" diff --git a/charts/argo-workflows/templates/server/server-deployment.yaml b/charts/argo-workflows/templates/server/server-deployment.yaml index 182d31695..f44fa57d1 100644 --- a/charts/argo-workflows/templates/server/server-deployment.yaml +++ b/charts/argo-workflows/templates/server/server-deployment.yaml @@ -49,7 +49,7 @@ spec: {{- toYaml .Values.server.securityContext | nindent 12 }} args: - server - - --configmap={{ template "argo-workflows.controller.fullname" . }}-configmap + - --configmap={{ template "argo-workflows.controller.config-map.name" . }} {{- with .Values.server.extraArgs }} {{- toYaml . | nindent 10 }} {{- end }} diff --git a/charts/argo-workflows/values.yaml b/charts/argo-workflows/values.yaml index 7a5f04e09..a1a101d53 100644 --- a/charts/argo-workflows/values.yaml +++ b/charts/argo-workflows/values.yaml @@ -91,6 +91,12 @@ controller: # -- Allows controller to create and update ConfigMaps. Enables memoization feature writeConfigMaps: false + configMap: + # -- Create a ConfigMap for the controller + create: true + # -- ConfigMap name + name: "" + # -- Limits the maximum number of incomplete workflows in a namespace namespaceParallelism: # -- Resolves ongoing, uncommon AWS EKS bug: https://github.com/argoproj/argo-workflows/pull/4224 From cabe63d2b65ef6708567c249e676fce069815b6d Mon Sep 17 00:00:00 2001 From: Aikawa Date: Tue, 28 Nov 2023 06:12:50 +0900 Subject: [PATCH 317/373] chore(argo-workflows): Upgrade Argo Workflows to v3.5.2 (#2357) Signed-off-by: yu-croco --- charts/argo-workflows/Chart.yaml | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/charts/argo-workflows/Chart.yaml b/charts/argo-workflows/Chart.yaml index 3e93c1f65..d71407c90 100644 --- a/charts/argo-workflows/Chart.yaml +++ b/charts/argo-workflows/Chart.yaml @@ -1,9 +1,9 @@ apiVersion: v2 -appVersion: v3.5.1 +appVersion: v3.5.2 name: argo-workflows description: A Helm chart for Argo Workflows type: application -version: 0.39.4 +version: 0.39.5 icon: https://argoproj.github.io/argo-workflows/assets/logo.png home: https://github.com/argoproj/argo-helm sources: @@ -16,5 +16,5 @@ annotations: fingerprint: 2B8F22F57260EFA67BE1C5824B11F800CD9D2252 url: https://argoproj.github.io/argo-helm/pgp_keys.asc artifacthub.io/changes: | - - kind: added - description: Make configMap optional and allow its name to be overridden + - kind: changed + description: Upgrade Argo Workflows to v3.5.2 From f5201e76ad3bd83bc9f093baf8a398ae15ad3f7e Mon Sep 17 00:00:00 2001 From: Abdulla Abdurakhmanov Date: Wed, 29 Nov 2023 14:34:39 +0100 Subject: [PATCH 318/373] fix(argo-rollouts): Update all rollout CRDs to match upstream (#2361) Signed-off-by: Abdulla Abdurakhmanov --- charts/argo-rollouts/Chart.yaml | 4 +- .../templates/crds/analysis-template-crd.yaml | 51 ++++++++++++++++++- .../crds/cluster-analysis-template-crd.yaml | 51 ++++++++++++++++++- 3 files changed, 100 insertions(+), 6 deletions(-) diff --git a/charts/argo-rollouts/Chart.yaml b/charts/argo-rollouts/Chart.yaml index 6999850f0..933cc9d34 100644 --- a/charts/argo-rollouts/Chart.yaml +++ b/charts/argo-rollouts/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v2 appVersion: v1.6.2 description: A Helm chart for Argo Rollouts name: argo-rollouts -version: 2.32.4 +version: 2.32.5 home: https://github.com/argoproj/argo-helm icon: https://argoproj.github.io/argo-rollouts/assets/logo.png keywords: @@ -19,4 +19,4 @@ annotations: url: https://argoproj.github.io/argo-helm/pgp_keys.asc artifacthub.io/changes: | - kind: changed - description: Upgrade Argo Rollouts to v1.6.2 + description: Upgrade Argo Rollouts CRDs to match them mainstream from v1.6.2 diff --git a/charts/argo-rollouts/templates/crds/analysis-template-crd.yaml b/charts/argo-rollouts/templates/crds/analysis-template-crd.yaml index 934790970..d97a6ce98 100644 --- a/charts/argo-rollouts/templates/crds/analysis-template-crd.yaml +++ b/charts/argo-rollouts/templates/crds/analysis-template-crd.yaml @@ -185,13 +185,22 @@ spec: datadog: properties: apiVersion: + default: v1 + enum: + - v1 + - v2 + type: string + formula: type: string interval: + default: 5m type: string + queries: + additionalProperties: + type: string + type: object query: type: string - required: - - query type: object graphite: properties: @@ -2805,6 +2814,19 @@ spec: type: string authentication: properties: + oauth2: + properties: + clientId: + type: string + clientSecret: + type: string + scopes: + items: + type: string + type: array + tokenUrl: + type: string + type: object sigv4: properties: profile: @@ -2853,6 +2875,31 @@ spec: type: object web: properties: + authentication: + properties: + oauth2: + properties: + clientId: + type: string + clientSecret: + type: string + scopes: + items: + type: string + type: array + tokenUrl: + type: string + type: object + sigv4: + properties: + profile: + type: string + region: + type: string + roleArn: + type: string + type: object + type: object body: type: string headers: diff --git a/charts/argo-rollouts/templates/crds/cluster-analysis-template-crd.yaml b/charts/argo-rollouts/templates/crds/cluster-analysis-template-crd.yaml index 669773748..335f06a24 100644 --- a/charts/argo-rollouts/templates/crds/cluster-analysis-template-crd.yaml +++ b/charts/argo-rollouts/templates/crds/cluster-analysis-template-crd.yaml @@ -185,13 +185,22 @@ spec: datadog: properties: apiVersion: + default: v1 + enum: + - v1 + - v2 + type: string + formula: type: string interval: + default: 5m type: string + queries: + additionalProperties: + type: string + type: object query: type: string - required: - - query type: object graphite: properties: @@ -2805,6 +2814,19 @@ spec: type: string authentication: properties: + oauth2: + properties: + clientId: + type: string + clientSecret: + type: string + scopes: + items: + type: string + type: array + tokenUrl: + type: string + type: object sigv4: properties: profile: @@ -2853,6 +2875,31 @@ spec: type: object web: properties: + authentication: + properties: + oauth2: + properties: + clientId: + type: string + clientSecret: + type: string + scopes: + items: + type: string + type: array + tokenUrl: + type: string + type: object + sigv4: + properties: + profile: + type: string + region: + type: string + roleArn: + type: string + type: object + type: object body: type: string headers: From f4eb968c22dadd9ff40f0836dcaf14008e34d831 Mon Sep 17 00:00:00 2001 From: Andre Marcelo-Tanner Date: Wed, 29 Nov 2023 13:39:59 -0500 Subject: [PATCH 319/373] docs(argo-cd): Add migration guide to README for Config Management Plugins (#2360) --- charts/argo-cd/Chart.yaml | 6 +++--- charts/argo-cd/README.md | 12 ++++++++++-- charts/argo-cd/README.md.gotmpl | 12 ++++++++++-- 3 files changed, 23 insertions(+), 7 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index f0100f7f8..8853d5a39 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -3,7 +3,7 @@ appVersion: v2.9.2 kubeVersion: ">=1.23.0-0" description: A Helm chart for Argo CD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 5.51.4 +version: 5.51.5 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png sources: @@ -26,5 +26,5 @@ annotations: fingerprint: 2B8F22F57260EFA67BE1C5824B11F800CD9D2252 url: https://argoproj.github.io/argo-helm/pgp_keys.asc artifacthub.io/changes: | - - kind: changed - description: Upgrade Argo CD to v2.9.2 + - kind: added + description: "[docs] Added migration steps to README for Config Management Plugins settings available since 5.26.0" diff --git a/charts/argo-cd/README.md b/charts/argo-cd/README.md index 7b79080ec..fa8699754 100644 --- a/charts/argo-cd/README.md +++ b/charts/argo-cd/README.md @@ -115,14 +115,22 @@ The manifests are now using [`tini` as entrypoint][tini], instead of `entrypoint This means that the deployment manifests have to be updated after upgrading to Argo CD v2.7, and before upgrading to Argo CD v2.8 later. In case the manifests are updated before moving to Argo CD v2.8, the containers will not be able to start. +### 5.26.0 + +This version adds support for Config Management Plugins using the sidecar model and configured in a ConfigMap named `argocd-cmp-cm`. +Users will need to migrate from the previous `argocd-cm` ConfigMap method to using the sidecar method before Argo CD v2.8. See the [Argo CD CMP migration guide](https://argo-cd.readthedocs.io/en/stable/operator-manual/config-management-plugins/#migrating-from-argocd-cm-plugins) for more specifics. + +To migrate your plugins, you can now set the `configs.cmp.create` to `true` and move your plugins from `configs.cm` to `configs.cmp.plugins`. +You will also need to configure the sidecar containers under `repoServer.extraContainers` and ensure you are mounting any custom volumes you need from `repoServer.volumes` into here also. + ### 5.24.0 -This versions adds additional global parameters for scheduling (`nodeSelector`, `tolerations`, `topologySpreadConstraints`). +This version adds additional global parameters for scheduling (`nodeSelector`, `tolerations`, `topologySpreadConstraints`). Default `global.affinity` rules can be disabled when `none` value is used for the preset. ### 5.22.0 -This versions adds `global.affinity` options that are used as a presets. Override on component level works as before and replaces the default preset completely. +This version adds `global.affinity` options that are used as a presets. Override on component level works as before and replaces the default preset completely. ### 5.19.0 diff --git a/charts/argo-cd/README.md.gotmpl b/charts/argo-cd/README.md.gotmpl index b8ffa4fb5..7df790782 100644 --- a/charts/argo-cd/README.md.gotmpl +++ b/charts/argo-cd/README.md.gotmpl @@ -115,14 +115,22 @@ The manifests are now using [`tini` as entrypoint][tini], instead of `entrypoint This means that the deployment manifests have to be updated after upgrading to Argo CD v2.7, and before upgrading to Argo CD v2.8 later. In case the manifests are updated before moving to Argo CD v2.8, the containers will not be able to start. +### 5.26.0 + +This version adds support for Config Management Plugins using the sidecar model and configured in a ConfigMap named `argocd-cmp-cm`. +Users will need to migrate from the previous `argocd-cm` ConfigMap method to using the sidecar method before Argo CD v2.8. See the [Argo CD CMP migration guide](https://argo-cd.readthedocs.io/en/stable/operator-manual/config-management-plugins/#migrating-from-argocd-cm-plugins) for more specifics. + +To migrate your plugins, you can now set the `configs.cmp.create` to `true` and move your plugins from `configs.cm` to `configs.cmp.plugins`. +You will also need to configure the sidecar containers under `repoServer.extraContainers` and ensure you are mounting any custom volumes you need from `repoServer.volumes` into here also. + ### 5.24.0 -This versions adds additional global parameters for scheduling (`nodeSelector`, `tolerations`, `topologySpreadConstraints`). +This version adds additional global parameters for scheduling (`nodeSelector`, `tolerations`, `topologySpreadConstraints`). Default `global.affinity` rules can be disabled when `none` value is used for the preset. ### 5.22.0 -This versions adds `global.affinity` options that are used as a presets. Override on component level works as before and replaces the default preset completely. +This version adds `global.affinity` options that are used as a presets. Override on component level works as before and replaces the default preset completely. ### 5.19.0 From d62aafdf629e66e23af98405698c9d0fc0f83e6c Mon Sep 17 00:00:00 2001 From: Michael Crenshaw <350466+crenshaw-dev@users.noreply.github.com> Date: Thu, 30 Nov 2023 15:14:55 -0500 Subject: [PATCH 320/373] docs(github): remove unnecessary qualifier in README (#2364) docs: remove unnecessary qualifier in README I think the sentence applies to all Argo projects. Signed-off-by: Michael Crenshaw <350466+crenshaw-dev@users.noreply.github.com> --- README.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/README.md b/README.md index 0c5c67989..3d57db36f 100644 --- a/README.md +++ b/README.md @@ -24,7 +24,7 @@ Some users would prefer to install the CRDs _outside_ of the chart. You can disa Helm cannot upgrade custom resource definitions in the `/crds` folder [by design](https://helm.sh/docs/chart_best_practices/custom_resource_definitions/#some-caveats-and-explanations). Our CRDs have been moved to `/templates` to address this design decision. -If you are using versions of a chart that have the CRDs in the root of the chart or have elected to manage the Argo Workflows CRDs outside of the chart, please use `kubectl` to upgrade CRDs manually from [templates/crds](templates/crds/) folder or via the manifests from the upstream project repo: +If you are using versions of a chart that have the CRDs in the root of the chart or have elected to manage the Argo CRDs outside of the chart, please use `kubectl` to upgrade CRDs manually from [templates/crds](templates/crds/) folder or via the manifests from the upstream project repo: Example: From 152c04f827d08b9e53fdf2f52ef773551c2e3707 Mon Sep 17 00:00:00 2001 From: Aikawa Date: Sat, 2 Dec 2023 20:03:24 +0900 Subject: [PATCH 321/373] chore(argo-cd): Upgrade Argo CD to v2.9.3 (#2365) --- charts/argo-cd/Chart.yaml | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index 8853d5a39..594dd1615 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -1,9 +1,9 @@ apiVersion: v2 -appVersion: v2.9.2 +appVersion: v2.9.3 kubeVersion: ">=1.23.0-0" description: A Helm chart for Argo CD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 5.51.5 +version: 5.51.6 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png sources: @@ -26,5 +26,5 @@ annotations: fingerprint: 2B8F22F57260EFA67BE1C5824B11F800CD9D2252 url: https://argoproj.github.io/argo-helm/pgp_keys.asc artifacthub.io/changes: | - - kind: added - description: "[docs] Added migration steps to README for Config Management Plugins settings available since 5.26.0" + - kind: changed + description: Upgrade Argo CD to v2.9.3 From 2c046f9a9a647ff1b53a81c0defcc311af95974d Mon Sep 17 00:00:00 2001 From: Aikawa Date: Tue, 5 Dec 2023 14:55:10 +0900 Subject: [PATCH 322/373] fix(argo-workflows): Add missing permission to workflow role (#2367) --- charts/argo-workflows/Chart.yaml | 6 +++--- .../argo-workflows/templates/controller/workflow-role.yaml | 1 + 2 files changed, 4 insertions(+), 3 deletions(-) diff --git a/charts/argo-workflows/Chart.yaml b/charts/argo-workflows/Chart.yaml index d71407c90..9ef6fce8a 100644 --- a/charts/argo-workflows/Chart.yaml +++ b/charts/argo-workflows/Chart.yaml @@ -3,7 +3,7 @@ appVersion: v3.5.2 name: argo-workflows description: A Helm chart for Argo Workflows type: application -version: 0.39.5 +version: 0.39.6 icon: https://argoproj.github.io/argo-workflows/assets/logo.png home: https://github.com/argoproj/argo-helm sources: @@ -16,5 +16,5 @@ annotations: fingerprint: 2B8F22F57260EFA67BE1C5824B11F800CD9D2252 url: https://argoproj.github.io/argo-helm/pgp_keys.asc artifacthub.io/changes: | - - kind: changed - description: Upgrade Argo Workflows to v3.5.2 + - kind: fixed + description: Add missing permission to workflow role diff --git a/charts/argo-workflows/templates/controller/workflow-role.yaml b/charts/argo-workflows/templates/controller/workflow-role.yaml index 51050d0fa..80309119e 100644 --- a/charts/argo-workflows/templates/controller/workflow-role.yaml +++ b/charts/argo-workflows/templates/controller/workflow-role.yaml @@ -38,6 +38,7 @@ rules: - workflowtaskresults verbs: - create + - patch - apiGroups: - argoproj.io resources: From 690e83be66297fd776f69bf0b44633e91f1e7388 Mon Sep 17 00:00:00 2001 From: Vlad Losev Date: Wed, 6 Dec 2023 23:23:14 -0800 Subject: [PATCH 323/373] fix(argo-workflows): Fix OAuth redirect URL autoconfig. (#2369) --- charts/argo-workflows/Chart.yaml | 4 ++-- charts/argo-workflows/README.md | 2 +- charts/argo-workflows/values.yaml | 2 +- 3 files changed, 4 insertions(+), 4 deletions(-) diff --git a/charts/argo-workflows/Chart.yaml b/charts/argo-workflows/Chart.yaml index 9ef6fce8a..f5e725d3b 100644 --- a/charts/argo-workflows/Chart.yaml +++ b/charts/argo-workflows/Chart.yaml @@ -3,7 +3,7 @@ appVersion: v3.5.2 name: argo-workflows description: A Helm chart for Argo Workflows type: application -version: 0.39.6 +version: 0.39.7 icon: https://argoproj.github.io/argo-workflows/assets/logo.png home: https://github.com/argoproj/argo-helm sources: @@ -17,4 +17,4 @@ annotations: url: https://argoproj.github.io/argo-helm/pgp_keys.asc artifacthub.io/changes: | - kind: fixed - description: Add missing permission to workflow role + description: Fixes OAuth redirect URL autoconfig. diff --git a/charts/argo-workflows/README.md b/charts/argo-workflows/README.md index 64bd81918..c8e5f5f8c 100644 --- a/charts/argo-workflows/README.md +++ b/charts/argo-workflows/README.md @@ -331,7 +331,7 @@ Fields to note: | server.sso.issuerAlias | string | `""` | Alternate root URLs that can be included for some OIDC providers | | server.sso.rbac.enabled | bool | `true` | Adds ServiceAccount Policy to server (Cluster)Role. | | server.sso.rbac.secretWhitelist | list | `[]` | Whitelist to allow server to fetch Secrets | -| server.sso.redirectUrl | string | `"https://argo/oauth2/callback"` | | +| server.sso.redirectUrl | string | `""` | | | server.sso.scopes | list | `[]` | Scopes requested from the SSO ID provider | | server.sso.sessionExpiry | string | `""` | Define how long your login is valid for (in hours) | | server.sso.userInfoPath | string | `""` | Specify the user info endpoint that contains the groups claim | diff --git a/charts/argo-workflows/values.yaml b/charts/argo-workflows/values.yaml index a1a101d53..9a5fa8594 100644 --- a/charts/argo-workflows/values.yaml +++ b/charts/argo-workflows/values.yaml @@ -675,7 +675,7 @@ server: # -- Key of a secret to retrieve the app OIDC client secret key: client-secret # - The OIDC redirect URL. Should be in the form /oauth2/callback. - redirectUrl: https://argo/oauth2/callback + redirectUrl: "" rbac: # -- Adds ServiceAccount Policy to server (Cluster)Role. enabled: true From d0e0ce792837ade3c49ce3540d843a3b639350ca Mon Sep 17 00:00:00 2001 From: Tim Collins <45351296+tico24@users.noreply.github.com> Date: Thu, 7 Dec 2023 09:06:01 +0000 Subject: [PATCH 324/373] feat(github): Use renovate to create PRs when upstream releases (#2358) * feat(github): Use renovate to create PRs when upstream releases Signed-off-by: Tim Collins * add write permissions Signed-off-by: Tim Collins * remove the 'v' in the chart version Signed-off-by: Tim Collins * switch to digests for actions Signed-off-by: Tim Collins --------- Signed-off-by: Tim Collins --- .github/workflows/chart-version-bump.yml | 53 ++++++++++++++ renovate.json | 91 ++++++++++++++++++++++++ 2 files changed, 144 insertions(+) create mode 100644 .github/workflows/chart-version-bump.yml create mode 100644 renovate.json diff --git a/.github/workflows/chart-version-bump.yml b/.github/workflows/chart-version-bump.yml new file mode 100644 index 000000000..d09ff045d --- /dev/null +++ b/.github/workflows/chart-version-bump.yml @@ -0,0 +1,53 @@ +## Used on Renovate PRs to bump the chart version and add a changelog entry +## Reference: https://github.com/stefanzweifel/git-auto-commit-action +## Reference: https://github.com/marketplace/actions/changed-files +name: 'Chart Version Bump and Changelog' + +on: + pull_request: + types: + - labeled + +permissions: + contents: write + +jobs: + helm-bumper: + if: ${{ (contains(github.event.pull_request.labels.*.name, 'renovate')) }} + runs-on: ubuntu-latest + steps: + - uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1 + with: + fetch-depth: 0 + - name: Get changed files + id: changed-files + uses: tj-actions/changed-files@https://github.com/tj-actions/changed-files/commit/1c938490c880156b746568a518594309cfb3f66b # v40.2.1 + with: + files: charts/{argo-workflows,argo-cd,argo-events,argo-rollouts,argocd-image-updater}/Chart.yaml + - name: "Bump Version and Changelog" + run: | + chartName="$(echo \"${{ steps.changed-files.outputs.all_changed_files }}\" | cut -d '/' -f2)" + echo "Changed chart name is: $chartName" + echo "----------------------------------------" + + parentDir="charts/${chartName}" + + # Bump the chart version by one patch version + version=$(grep '^version:' ${parentDir}/Chart.yaml | awk '{print $2}') + major=$(echo $version | cut -d. -f1) + minor=$(echo $version | cut -d. -f2) + patch=$(echo $version | cut -d. -f3) + patch=$(expr $patch + 1) + sed -i "s/^version:.*/version: ${major}.${minor}.${patch}/g" ${parentDir}/Chart.yaml + + # Add a changelog entry + appVersion=$(grep '^appVersion:' ${parentDir}/Chart.yaml | awk '{print $2}') + sed -i -e '/^ artifacthub.io\/changes: |/,$d' ${parentDir}/Chart.yaml + echo " artifacthub.io/changes: |" >> ${parentDir}/Chart.yaml + echo " - kind: changed" >> ${parentDir}/Chart.yaml + echo " description: Bump ${chartName} to ${appVersion}" >> ${parentDir}/Chart.yaml + cat ${parentDir}/Chart.yaml + - name: "Commit and push changes" + uses: stefanzweifel/git-auto-commit-action@8756aa072ef5b4a080af5dc8fef36c5d586e521d # v5.0.0 + with: + commit_options: '--signoff' diff --git a/renovate.json b/renovate.json new file mode 100644 index 000000000..12c7f3ea1 --- /dev/null +++ b/renovate.json @@ -0,0 +1,91 @@ +{ + "$schema": "https://docs.renovatebot.com/renovate-schema.json", + "kubernetes": { + "fileMatch": ["\\.yaml$", "\\.yml$"] + }, + "extends": [ + "config:base", + "docker:enableMajor" + ], + "labels": ["renovate"], + "includePaths": [ + "**/charts/argo-workflows/Chart.yaml", + "**/charts/argo-cd/Chart.yaml", + "**/charts/argo-events/Chart.yaml", + "**/charts/argo-rollouts/Chart.yaml", + "**/charts/argocd-image-updater/Chart.yaml" + ], + "regexManagers": [ + { + "fileMatch": ["charts/argo-workflows/Chart.yaml$"], + "matchStrings": [ + "\\sappVersion: (?.*)\\s" + ], + "versioningTemplate": "{{#if versioning}}{{{versioning}}}{{else}}semver{{/if}}", + "depNameTemplate": "argoproj/argo-workflows", + "datasourceTemplate": "github-releases" + }, + { + "fileMatch": ["charts/argo-cd/Chart.yaml$"], + "matchStrings": [ + "\\sappVersion: (?.*)\\s" + ], + "versioningTemplate": "{{#if versioning}}{{{versioning}}}{{else}}semver{{/if}}", + "depNameTemplate": "argoproj/argo-cd", + "datasourceTemplate": "github-releases" + }, + { + "fileMatch": ["charts/argo-events/Chart.yaml$"], + "matchStrings": [ + "\\sappVersion: (?.*)\\s" + ], + "versioningTemplate": "{{#if versioning}}{{{versioning}}}{{else}}semver{{/if}}", + "depNameTemplate": "argoproj/argo-events", + "datasourceTemplate": "github-releases" + }, + { + "fileMatch": ["charts/argo-rollouts/Chart.yaml$"], + "matchStrings": [ + "\\sappVersion: (?.*)\\s" + ], + "versioningTemplate": "{{#if versioning}}{{{versioning}}}{{else}}semver{{/if}}", + "depNameTemplate": "argoproj/argo-rollouts", + "datasourceTemplate": "github-releases" + }, + { + "fileMatch": ["charts/argocd-image-updater/Chart.yaml$"], + "matchStrings": [ + "\\sappVersion: (?.*)\\s" + ], + "versioningTemplate": "{{#if versioning}}{{{versioning}}}{{else}}semver{{/if}}", + "depNameTemplate": "argoproj-labs/argocd-image-updater", + "datasourceTemplate": "github-releases" + } + ], + "packageRules": [ + { + "matchPackagePatterns": ["argoproj/argo-workflows"], + "commitMessagePrefix": "chore(argo-workflows):" + }, + { + "matchPackagePatterns": ["argoproj/argo-cd"], + "commitMessagePrefix": "chore(argo-cd):" + }, + { + "matchPackagePatterns": ["argoproj/argo-events"], + "commitMessagePrefix": "chore(argo-events):" + }, + { + "matchPackagePatterns": ["argoproj/argo-rollouts"], + "commitMessagePrefix": "chore(argo-rollouts):" + }, + { + "matchPackagePatterns": ["argoproj-labs/argocd-image-updater"], + "commitMessagePrefix": "chore(argocd-image-updater):" + }, + { + "matchPackagePatterns": ["redis-ha"], + "enabled": false + } + ] +} From 6cf99a08c81f4672a696eff85b58692e20fa367f Mon Sep 17 00:00:00 2001 From: Aikawa Date: Thu, 7 Dec 2023 21:23:52 +0900 Subject: [PATCH 325/373] chore(github): Add yu-croco to CODEOWNERS of argo-events and argo-rollouts (#2372) Signed-off-by: yu-croco --- .github/CODEOWNERS | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/.github/CODEOWNERS b/.github/CODEOWNERS index 05c993b96..c0d0ab9db 100644 --- a/.github/CODEOWNERS +++ b/.github/CODEOWNERS @@ -2,5 +2,5 @@ /charts/argo-workflows/ @vladlosev @jmeridth @yu-croco @tico24 /charts/argo-cd/ @mbevc1 @mkilchhofer @yu-croco @jmeridth @pdrastil @tico24 -/charts/argo-events/ @pdrastil @jmeridth @tico24 -/charts/argo-rollouts/ @jmeridth +/charts/argo-events/ @pdrastil @jmeridth @tico24 @yu-croco +/charts/argo-rollouts/ @jmeridth @yu-croco From 83c3bc811565e68bada5d095dd58d4e822640552 Mon Sep 17 00:00:00 2001 From: yyzxw <34639446+yyzxw@users.noreply.github.com> Date: Fri, 8 Dec 2023 01:49:59 +0800 Subject: [PATCH 326/373] feat(argo-rollouts): add rollout plugin contour rbac (#2371) --- charts/argo-rollouts/Chart.yaml | 4 ++-- charts/argo-rollouts/README.md | 1 + .../templates/controller/clusterrole.yaml | 12 ++++++++++++ charts/argo-rollouts/values.yaml | 2 ++ 4 files changed, 17 insertions(+), 2 deletions(-) diff --git a/charts/argo-rollouts/Chart.yaml b/charts/argo-rollouts/Chart.yaml index 933cc9d34..09b46332a 100644 --- a/charts/argo-rollouts/Chart.yaml +++ b/charts/argo-rollouts/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v2 appVersion: v1.6.2 description: A Helm chart for Argo Rollouts name: argo-rollouts -version: 2.32.5 +version: 2.32.6 home: https://github.com/argoproj/argo-helm icon: https://argoproj.github.io/argo-rollouts/assets/logo.png keywords: @@ -19,4 +19,4 @@ annotations: url: https://argoproj.github.io/argo-helm/pgp_keys.asc artifacthub.io/changes: | - kind: changed - description: Upgrade Argo Rollouts CRDs to match them mainstream from v1.6.2 + description: Add Contour plugin RBAC. diff --git a/charts/argo-rollouts/README.md b/charts/argo-rollouts/README.md index b91989988..e74afaca6 100644 --- a/charts/argo-rollouts/README.md +++ b/charts/argo-rollouts/README.md @@ -65,6 +65,7 @@ For full list of changes please check ArtifactHub [changelog]. | providerRBAC.providers.apisix | bool | `true` | Adds RBAC rules for the Apisix provider | | providerRBAC.providers.awsAppMesh | bool | `true` | Adds RBAC rules for the AWS App Mesh provider | | providerRBAC.providers.awsLoadBalancerController | bool | `true` | Adds RBAC rules for the AWS Load Balancer Controller provider | +| providerRBAC.providers.contour | bool | `true` | Adds RBAC rules for the Contour provider, see `https://github.com/argoproj-labs/rollouts-plugin-trafficrouter-contour/blob/main/README.md` | | providerRBAC.providers.istio | bool | `true` | Adds RBAC rules for the Istio provider | | providerRBAC.providers.smi | bool | `true` | Adds RBAC rules for the SMI provider | | providerRBAC.providers.traefik | bool | `true` | Adds RBAC rules for the Traefik provider | diff --git a/charts/argo-rollouts/templates/controller/clusterrole.yaml b/charts/argo-rollouts/templates/controller/clusterrole.yaml index ab0f7ee15..56afb5cb9 100644 --- a/charts/argo-rollouts/templates/controller/clusterrole.yaml +++ b/charts/argo-rollouts/templates/controller/clusterrole.yaml @@ -255,5 +255,17 @@ rules: - get - update {{- end }} +{{- if .Values.providerRBAC.providers.contour }} + # Access needed when using the Contour provider +- apiGroups: + - projectcontour.io + resources: + - httpproxies + verbs: + - get + - list + - watch + - update +{{- end }} {{- end }} {{- end }} diff --git a/charts/argo-rollouts/values.yaml b/charts/argo-rollouts/values.yaml index b711ee37d..34c5a286f 100644 --- a/charts/argo-rollouts/values.yaml +++ b/charts/argo-rollouts/values.yaml @@ -262,6 +262,8 @@ providerRBAC: traefik: true # -- Adds RBAC rules for the Apisix provider apisix: true + # -- Adds RBAC rules for the Contour provider, see `https://github.com/argoproj-labs/rollouts-plugin-trafficrouter-contour/blob/main/README.md` + contour: true dashboard: # -- Deploy dashboard server From c3c588038daa7c550bbd977c1298a1fd3f42d7c8 Mon Sep 17 00:00:00 2001 From: "Marco Maurer (-Kilchhofer)" Date: Thu, 7 Dec 2023 20:11:53 +0100 Subject: [PATCH 327/373] fix(github): Copy-pasta error on Action digest (#2373) Signed-off-by: Marco Maurer (-Kilchhofer) Co-authored-by: Aikawa --- .github/workflows/chart-version-bump.yml | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/.github/workflows/chart-version-bump.yml b/.github/workflows/chart-version-bump.yml index d09ff045d..44c77bb87 100644 --- a/.github/workflows/chart-version-bump.yml +++ b/.github/workflows/chart-version-bump.yml @@ -19,11 +19,13 @@ jobs: - uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1 with: fetch-depth: 0 + - name: Get changed files id: changed-files - uses: tj-actions/changed-files@https://github.com/tj-actions/changed-files/commit/1c938490c880156b746568a518594309cfb3f66b # v40.2.1 + uses: tj-actions/changed-files@1c938490c880156b746568a518594309cfb3f66b # v40.2.1 with: files: charts/{argo-workflows,argo-cd,argo-events,argo-rollouts,argocd-image-updater}/Chart.yaml + - name: "Bump Version and Changelog" run: | chartName="$(echo \"${{ steps.changed-files.outputs.all_changed_files }}\" | cut -d '/' -f2)" @@ -47,6 +49,7 @@ jobs: echo " - kind: changed" >> ${parentDir}/Chart.yaml echo " description: Bump ${chartName} to ${appVersion}" >> ${parentDir}/Chart.yaml cat ${parentDir}/Chart.yaml + - name: "Commit and push changes" uses: stefanzweifel/git-auto-commit-action@8756aa072ef5b4a080af5dc8fef36c5d586e521d # v5.0.0 with: From c7df8c14e6c6c807794ab2240ed67dc91b3de161 Mon Sep 17 00:00:00 2001 From: Tim Collins <45351296+tico24@users.noreply.github.com> Date: Fri, 8 Dec 2023 14:56:40 +0000 Subject: [PATCH 328/373] fix(github): Include PAT to trigger CI jobs on auto-push (#2376) Signed-off-by: Tim Collins --- .github/workflows/chart-version-bump.yml | 1 + 1 file changed, 1 insertion(+) diff --git a/.github/workflows/chart-version-bump.yml b/.github/workflows/chart-version-bump.yml index 44c77bb87..f8aa07b24 100644 --- a/.github/workflows/chart-version-bump.yml +++ b/.github/workflows/chart-version-bump.yml @@ -18,6 +18,7 @@ jobs: steps: - uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1 with: + token: ${{ secrets.PAT }} fetch-depth: 0 - name: Get changed files From 4a0f512f70d68ecd4dbb63c74b97e3c28f0c2828 Mon Sep 17 00:00:00 2001 From: "renovate[bot]" <29139614+renovate[bot]@users.noreply.github.com> Date: Fri, 8 Dec 2023 15:06:40 +0000 Subject: [PATCH 329/373] chore(argo-rollouts): Update dependency argoproj/argo-rollouts to v1.6.3 (#2374) * chore(argo-rollouts): Update dependency argoproj/argo-rollouts to v1.6.3 * Apply automatic changes Signed-off-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com> --------- Signed-off-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com> Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com> Co-authored-by: tico24 --- charts/argo-rollouts/Chart.yaml | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/charts/argo-rollouts/Chart.yaml b/charts/argo-rollouts/Chart.yaml index 09b46332a..c0f40f888 100644 --- a/charts/argo-rollouts/Chart.yaml +++ b/charts/argo-rollouts/Chart.yaml @@ -1,8 +1,8 @@ apiVersion: v2 -appVersion: v1.6.2 +appVersion: v1.6.3 description: A Helm chart for Argo Rollouts name: argo-rollouts -version: 2.32.6 +version: 2.32.7 home: https://github.com/argoproj/argo-helm icon: https://argoproj.github.io/argo-rollouts/assets/logo.png keywords: @@ -19,4 +19,4 @@ annotations: url: https://argoproj.github.io/argo-helm/pgp_keys.asc artifacthub.io/changes: | - kind: changed - description: Add Contour plugin RBAC. + description: Bump argo-rollouts to v1.6.3 From a9e31c82fd63f42c8e56fe9bb8f19d583be83e69 Mon Sep 17 00:00:00 2001 From: Neile Havens Date: Fri, 8 Dec 2023 16:44:59 -0600 Subject: [PATCH 330/373] feat(argo-workflows): Add support for sso filterGroupsRegex (#2379) According to https://argoproj.github.io/argo-workflows/argo-server-sso/#filtering-groups Resolves #2378 Signed-off-by: Neile Havens --- charts/argo-workflows/Chart.yaml | 6 +++--- charts/argo-workflows/README.md | 1 + .../controller/workflow-controller-config-map.yaml | 3 +++ charts/argo-workflows/values.yaml | 5 +++++ 4 files changed, 12 insertions(+), 3 deletions(-) diff --git a/charts/argo-workflows/Chart.yaml b/charts/argo-workflows/Chart.yaml index f5e725d3b..49cebfbc9 100644 --- a/charts/argo-workflows/Chart.yaml +++ b/charts/argo-workflows/Chart.yaml @@ -3,7 +3,7 @@ appVersion: v3.5.2 name: argo-workflows description: A Helm chart for Argo Workflows type: application -version: 0.39.7 +version: 0.39.8 icon: https://argoproj.github.io/argo-workflows/assets/logo.png home: https://github.com/argoproj/argo-helm sources: @@ -16,5 +16,5 @@ annotations: fingerprint: 2B8F22F57260EFA67BE1C5824B11F800CD9D2252 url: https://argoproj.github.io/argo-helm/pgp_keys.asc artifacthub.io/changes: | - - kind: fixed - description: Fixes OAuth redirect URL autoconfig. + - kind: changed + description: Add support for sso filterGroupsRegex according to https://argoproj.github.io/argo-workflows/argo-server-sso/#filtering-groups diff --git a/charts/argo-workflows/README.md b/charts/argo-workflows/README.md index c8e5f5f8c..2b24e2be8 100644 --- a/charts/argo-workflows/README.md +++ b/charts/argo-workflows/README.md @@ -326,6 +326,7 @@ Fields to note: | server.sso.clientSecret.name | string | `"argo-server-sso"` | Name of a secret to retrieve the app OIDC client secret | | server.sso.customGroupClaimName | string | `""` | Override claim name for OIDC groups | | server.sso.enabled | bool | `false` | Create SSO configuration. If you set `true` , please also set `.Values.server.authMode` as `sso`. | +| server.sso.filterGroupsRegex | list | `[]` | Filter the groups returned by the OIDC provider | | server.sso.insecureSkipVerify | bool | `false` | Skip TLS verification for the HTTP client | | server.sso.issuer | string | `"https://accounts.google.com"` | The root URL of the OIDC identity provider | | server.sso.issuerAlias | string | `""` | Alternate root URLs that can be included for some OIDC providers | diff --git a/charts/argo-workflows/templates/controller/workflow-controller-config-map.yaml b/charts/argo-workflows/templates/controller/workflow-controller-config-map.yaml index bff3e1218..d311441c3 100644 --- a/charts/argo-workflows/templates/controller/workflow-controller-config-map.yaml +++ b/charts/argo-workflows/templates/controller/workflow-controller-config-map.yaml @@ -162,6 +162,9 @@ data: {{- with .Values.server.sso.insecureSkipVerify }} insecureSkipVerify: {{ toYaml . }} {{- end }} + {{- with .Values.server.sso.filterGroupsRegex }} + filterGroupsRegex: {{ toYaml . | nindent 8 }} + {{- end }} {{- end }} {{- with .Values.controller.workflowRestrictions }} workflowRestrictions: {{- toYaml . | nindent 6 }} diff --git a/charts/argo-workflows/values.yaml b/charts/argo-workflows/values.yaml index 9a5fa8594..1624cc4e3 100644 --- a/charts/argo-workflows/values.yaml +++ b/charts/argo-workflows/values.yaml @@ -701,6 +701,11 @@ server: userInfoPath: "" # -- Skip TLS verification for the HTTP client insecureSkipVerify: false + # -- Filter the groups returned by the OIDC provider + ## A logical "OR" is used between each regex in the list + filterGroupsRegex: [] + # - ".*argo-wf.*" + # - ".*argo-workflow.*" # -- Extra containers to be added to the server deployment extraContainers: [] From 97c3589eec2374b3b88800918f1e9a650b46dae0 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Sat, 9 Dec 2023 15:40:06 +0100 Subject: [PATCH 331/373] chore(deps): bump actions/setup-python from 4.7.1 to 5.0.0 (#2382) Bumps [actions/setup-python](https://github.com/actions/setup-python) from 4.7.1 to 5.0.0. - [Release notes](https://github.com/actions/setup-python/releases) - [Commits](https://github.com/actions/setup-python/compare/65d7f2d534ac1bc67fcd62888c5f4f3d2cb2b236...0a5c61591373683505ea898e09a3ea4f39ef2b9c) --- updated-dependencies: - dependency-name: actions/setup-python dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> --- .github/workflows/lint-and-test.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/lint-and-test.yml b/.github/workflows/lint-and-test.yml index c2102b61d..797823744 100644 --- a/.github/workflows/lint-and-test.yml +++ b/.github/workflows/lint-and-test.yml @@ -32,7 +32,7 @@ jobs: version: v3.10.1 # Also update in publish.yaml - name: Set up python - uses: actions/setup-python@65d7f2d534ac1bc67fcd62888c5f4f3d2cb2b236 # v4.7.1 + uses: actions/setup-python@0a5c61591373683505ea898e09a3ea4f39ef2b9c # v5.0.0 with: python-version: 3.9 From eeffeb407d10e6e66d2c86115a139f1f1037fa8c Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Sat, 9 Dec 2023 11:35:53 -0600 Subject: [PATCH 332/373] chore(deps): bump actions/stale from 8.0.0 to 9.0.0 (#2380) --- .github/workflows/stale.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/stale.yml b/.github/workflows/stale.yml index b0356dc79..d0813423a 100644 --- a/.github/workflows/stale.yml +++ b/.github/workflows/stale.yml @@ -14,7 +14,7 @@ jobs: pull-requests: write # for actions/stale to close stale PRs runs-on: ubuntu-latest steps: - - uses: actions/stale@1160a2240286f5da8ec72b1c0816ce2481aabf84 # v8.0.0 + - uses: actions/stale@28ca1036281a5e5922ead5184a1bbf96e5fc984e # v9.0.0 with: repo-token: ${{ secrets.GITHUB_TOKEN }} # Number of days of inactivity before an issue becomes stale From da261d0a38c020a4fe37dd61b59a069678a14875 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Sat, 9 Dec 2023 20:45:04 +0100 Subject: [PATCH 333/373] chore(deps): bump actions/labeler from 4.3.0 to 5.0.0 (#2381) * chore(deps): bump actions/labeler from 4.3.0 to 5.0.0 Bumps [actions/labeler](https://github.com/actions/labeler) from 4.3.0 to 5.0.0. - [Release notes](https://github.com/actions/labeler/releases) - [Commits](https://github.com/actions/labeler/compare/ac9175f8a1f3625fd0d4fb234536d26811351594...8558fd74291d67161a8a78ce36a881fa63b766a9) --- updated-dependencies: - dependency-name: actions/labeler dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] * chore: Update labeler.yaml to work with v5 Signed-off-by: Marco Maurer * fix: Adapt glob for argo-cd chart Signed-off-by: Marco Maurer (-Kilchhofer) --------- Signed-off-by: dependabot[bot] Signed-off-by: Marco Maurer Signed-off-by: Marco Maurer (-Kilchhofer) Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Marco Maurer Co-authored-by: Jason Meridth --- .github/configs/labeler.yaml | 18 ++++++++++++------ .github/workflows/pr-sizing.yml | 2 +- 2 files changed, 13 insertions(+), 7 deletions(-) diff --git a/.github/configs/labeler.yaml b/.github/configs/labeler.yaml index acd6f2192..80b72ba81 100644 --- a/.github/configs/labeler.yaml +++ b/.github/configs/labeler.yaml @@ -1,17 +1,23 @@ argo-cd: - - charts/argo-cd/**/* + - changed-files: + - any-glob-to-any-file: charts/argo-cd/** argo-events: - - charts/argo-events/**/* + - changed-files: + - any-glob-to-any-file: charts/argo-events/** argo-rollouts: - - charts/argo-rollouts/**/* + - changed-files: + - any-glob-to-any-file: charts/argo-rollouts/** argo-workflows: - - charts/argo-workflows/**/* + - changed-files: + - any-glob-to-any-file: charts/argo-workflows/** argocd-image-updater: - - charts/argocd-image-updater/**/* + - changed-files: + - any-glob-to-any-file: charts/argocd-image-updater/** argocd-apps: - - charts/argocd-apps/**/* + - changed-files: + - any-glob-to-any-file: charts/argocd-apps/** diff --git a/.github/workflows/pr-sizing.yml b/.github/workflows/pr-sizing.yml index d22ac7503..01af9781e 100644 --- a/.github/workflows/pr-sizing.yml +++ b/.github/workflows/pr-sizing.yml @@ -16,7 +16,7 @@ jobs: triage: runs-on: ubuntu-latest steps: - - uses: actions/labeler@ac9175f8a1f3625fd0d4fb234536d26811351594 # v4.3.0 + - uses: actions/labeler@8558fd74291d67161a8a78ce36a881fa63b766a9 # v5.0.0 with: configuration-path: ".github/configs/labeler.yaml" repo-token: "${{ secrets.GITHUB_TOKEN }}" From e07f69fee66b214719acc032401e26d36f839c77 Mon Sep 17 00:00:00 2001 From: workwithprashant <60788667+workwithprashant@users.noreply.github.com> Date: Tue, 12 Dec 2023 00:27:39 -0600 Subject: [PATCH 334/373] fix(argo-workflows): fix helm lint error when extraObjects is defined (#2384) --- charts/argo-workflows/Chart.yaml | 4 ++-- charts/argo-workflows/templates/extra-manifests.yaml | 2 +- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/charts/argo-workflows/Chart.yaml b/charts/argo-workflows/Chart.yaml index 49cebfbc9..e0e1c1b91 100644 --- a/charts/argo-workflows/Chart.yaml +++ b/charts/argo-workflows/Chart.yaml @@ -3,7 +3,7 @@ appVersion: v3.5.2 name: argo-workflows description: A Helm chart for Argo Workflows type: application -version: 0.39.8 +version: 0.39.9 icon: https://argoproj.github.io/argo-workflows/assets/logo.png home: https://github.com/argoproj/argo-helm sources: @@ -17,4 +17,4 @@ annotations: url: https://argoproj.github.io/argo-helm/pgp_keys.asc artifacthub.io/changes: | - kind: changed - description: Add support for sso filterGroupsRegex according to https://argoproj.github.io/argo-workflows/argo-server-sso/#filtering-groups + description: "fix(argo-workflows): fix helm lint error when extraObjects is defined and same fix as one done for argo-cd #2116" diff --git a/charts/argo-workflows/templates/extra-manifests.yaml b/charts/argo-workflows/templates/extra-manifests.yaml index f17b1a93b..fc9a76b88 100644 --- a/charts/argo-workflows/templates/extra-manifests.yaml +++ b/charts/argo-workflows/templates/extra-manifests.yaml @@ -1,6 +1,6 @@ {{ range .Values.extraObjects }} --- -{{- if typeIs "string" . }} +{{ if typeIs "string" . }} {{- tpl . $ }} {{- else }} {{- tpl (toYaml .) $ }} From d9e5b727e3d11160c868213004ed0c0890c8166d Mon Sep 17 00:00:00 2001 From: "renovate[bot]" <29139614+renovate[bot]@users.noreply.github.com> Date: Wed, 13 Dec 2023 07:59:21 +0100 Subject: [PATCH 335/373] chore(argo-rollouts): Update dependency argoproj/argo-rollouts to v1.6.4 (#2385) --- charts/argo-rollouts/Chart.yaml | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/charts/argo-rollouts/Chart.yaml b/charts/argo-rollouts/Chart.yaml index c0f40f888..aaa143faf 100644 --- a/charts/argo-rollouts/Chart.yaml +++ b/charts/argo-rollouts/Chart.yaml @@ -1,8 +1,8 @@ apiVersion: v2 -appVersion: v1.6.3 +appVersion: v1.6.4 description: A Helm chart for Argo Rollouts name: argo-rollouts -version: 2.32.7 +version: 2.32.8 home: https://github.com/argoproj/argo-helm icon: https://argoproj.github.io/argo-rollouts/assets/logo.png keywords: @@ -19,4 +19,4 @@ annotations: url: https://argoproj.github.io/argo-helm/pgp_keys.asc artifacthub.io/changes: | - kind: changed - description: Bump argo-rollouts to v1.6.3 + description: Bump argo-rollouts to v1.6.4 From 9ca3f06dcf84a7bed3ee09032e33e1705b9edf48 Mon Sep 17 00:00:00 2001 From: Ilia Lazebnik Date: Thu, 14 Dec 2023 07:56:27 +0000 Subject: [PATCH 336/373] feat(argo-workflows): add hostAliases to server (#2387) * workflow server hostalises Signed-off-by: drfaust92 * Update Chart.yaml Signed-off-by: Ilia Lazebnik * workflow server hostalises Signed-off-by: drfaust92 --------- Signed-off-by: drfaust92 Signed-off-by: Ilia Lazebnik --- charts/argo-workflows/Chart.yaml | 4 ++-- charts/argo-workflows/README.md | 1 + .../argo-workflows/templates/server/server-deployment.yaml | 4 ++++ charts/argo-workflows/values.yaml | 6 ++++++ 4 files changed, 13 insertions(+), 2 deletions(-) diff --git a/charts/argo-workflows/Chart.yaml b/charts/argo-workflows/Chart.yaml index e0e1c1b91..acd175a7c 100644 --- a/charts/argo-workflows/Chart.yaml +++ b/charts/argo-workflows/Chart.yaml @@ -3,7 +3,7 @@ appVersion: v3.5.2 name: argo-workflows description: A Helm chart for Argo Workflows type: application -version: 0.39.9 +version: 0.40.0 icon: https://argoproj.github.io/argo-workflows/assets/logo.png home: https://github.com/argoproj/argo-helm sources: @@ -17,4 +17,4 @@ annotations: url: https://argoproj.github.io/argo-helm/pgp_keys.asc artifacthub.io/changes: | - kind: changed - description: "fix(argo-workflows): fix helm lint error when extraObjects is defined and same fix as one done for argo-cd #2116" + description: "feat(argo-workflows): add hostAliases to server" diff --git a/charts/argo-workflows/README.md b/charts/argo-workflows/README.md index 2b24e2be8..070bdbf2f 100644 --- a/charts/argo-workflows/README.md +++ b/charts/argo-workflows/README.md @@ -280,6 +280,7 @@ Fields to note: | server.extraContainers | list | `[]` | Extra containers to be added to the server deployment | | server.extraEnv | list | `[]` | Extra environment variables to provide to the argo-server container | | server.extraInitContainers | list | `[]` | Enables init containers to be added to the server deployment | +| server.hostAliases | list | `[]` | Mapping between IP and hostnames that will be injected as entries in the pod's hosts files | | server.image.registry | string | `"quay.io"` | Registry to use for the server | | server.image.repository | string | `"argoproj/argocli"` | Repository to use for the server | | server.image.tag | string | `""` | Image tag for the Argo Workflows server. Defaults to `.Values.images.tag`. | diff --git a/charts/argo-workflows/templates/server/server-deployment.yaml b/charts/argo-workflows/templates/server/server-deployment.yaml index f44fa57d1..b3aa37286 100644 --- a/charts/argo-workflows/templates/server/server-deployment.yaml +++ b/charts/argo-workflows/templates/server/server-deployment.yaml @@ -37,6 +37,10 @@ spec: securityContext: {{- toYaml . | nindent 8 }} {{- end }} + {{- with .Values.server.hostAliases }} + hostAliases: + {{- toYaml . | nindent 8 }} + {{- end }} {{- with .Values.server.extraInitContainers }} initContainers: {{- tpl (toYaml .) $ | nindent 8 }} diff --git a/charts/argo-workflows/values.yaml b/charts/argo-workflows/values.yaml index 1624cc4e3..e64404398 100644 --- a/charts/argo-workflows/values.yaml +++ b/charts/argo-workflows/values.yaml @@ -458,6 +458,12 @@ server: # -- Service port name servicePortName: "" # http + # -- Mapping between IP and hostnames that will be injected as entries in the pod's hosts files + hostAliases: [] + # - ip: 10.20.30.40 + # hostnames: + # - git.myhostname + serviceAccount: # -- Create a service account for the server create: true From bce77fa998d60cd30fc9b2c9c5c75f1c1208c45b Mon Sep 17 00:00:00 2001 From: Ilia Lazebnik Date: Thu, 14 Dec 2023 08:39:20 +0000 Subject: [PATCH 337/373] feat(argo-rollouts): allow setting log config for rollouts (#2386) * allow setting log config for rollouts Signed-off-by: drfaust92 * allow setting log config for rollouts Signed-off-by: drfaust92 * allow setting log config for rollouts Signed-off-by: drfaust92 * allow setting log config for rollouts Signed-off-by: drfaust92 * allow setting log config for rollouts Signed-off-by: drfaust92 * allow setting log config for rollouts Signed-off-by: drfaust92 * allow setting log config for rollouts Signed-off-by: drfaust92 * allow setting log config for rollouts Signed-off-by: drfaust92 --------- Signed-off-by: drfaust92 Co-authored-by: Tim Collins <45351296+tico24@users.noreply.github.com> --- charts/argo-rollouts/Chart.yaml | 4 ++-- charts/argo-rollouts/README.md | 3 +++ charts/argo-rollouts/templates/controller/deployment.yaml | 3 +++ charts/argo-rollouts/values.yaml | 7 +++++++ 4 files changed, 15 insertions(+), 2 deletions(-) diff --git a/charts/argo-rollouts/Chart.yaml b/charts/argo-rollouts/Chart.yaml index aaa143faf..d2a4a8982 100644 --- a/charts/argo-rollouts/Chart.yaml +++ b/charts/argo-rollouts/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v2 appVersion: v1.6.4 description: A Helm chart for Argo Rollouts name: argo-rollouts -version: 2.32.8 +version: 2.33.0 home: https://github.com/argoproj/argo-helm icon: https://argoproj.github.io/argo-rollouts/assets/logo.png keywords: @@ -19,4 +19,4 @@ annotations: url: https://argoproj.github.io/argo-helm/pgp_keys.asc artifacthub.io/changes: | - kind: changed - description: Bump argo-rollouts to v1.6.4 + description: Allow setting log config for rollouts diff --git a/charts/argo-rollouts/README.md b/charts/argo-rollouts/README.md index e74afaca6..9b368a5a2 100644 --- a/charts/argo-rollouts/README.md +++ b/charts/argo-rollouts/README.md @@ -90,6 +90,9 @@ For full list of changes please check ArtifactHub [changelog]. | controller.image.tag | string | `""` | Overrides the image tag (default is the chart appVersion) | | controller.initContainers | list | `[]` | Init containers to add to the rollouts controller pod | | controller.livenessProbe | object | See [values.yaml] | Configure liveness [probe] for the controller | +| controller.logging.format | string | `"text"` | Set the logging format (one of: `text`, `json`) | +| controller.logging.kloglevel | string | `"0"` | Set the klog logging level | +| controller.logging.level | string | `"info"` | Set the logging level (one of: `debug`, `info`, `warn`, `error`) | | controller.metricProviderPlugins | object | `{}` | Configures 3rd party metric providers for controller | | controller.metrics.enabled | bool | `false` | Deploy metrics service | | controller.metrics.service.annotations | object | `{}` | Service annotations | diff --git a/charts/argo-rollouts/templates/controller/deployment.yaml b/charts/argo-rollouts/templates/controller/deployment.yaml index 23dc14cbc..9b8f456e6 100644 --- a/charts/argo-rollouts/templates/controller/deployment.yaml +++ b/charts/argo-rollouts/templates/controller/deployment.yaml @@ -45,6 +45,9 @@ spec: args: - --healthzPort={{ .Values.controller.containerPorts.healthz }} - --metricsport={{ .Values.controller.containerPorts.metrics }} + - "--loglevel={{ .Values.controller.logging.level }}" + - "--logformat={{ .Values.controller.logging.format }}" + - "--kloglevel={{ .Values.controller.logging.kloglevel }}" {{- if not .Values.clusterInstall }} - --namespaced {{- end }} diff --git a/charts/argo-rollouts/values.yaml b/charts/argo-rollouts/values.yaml index 34c5a286f..6eb48b9c3 100644 --- a/charts/argo-rollouts/values.yaml +++ b/charts/argo-rollouts/values.yaml @@ -55,6 +55,13 @@ controller: tolerations: [] # -- Assign custom [affinity] rules to the deployment affinity: {} + logging: + # -- Set the logging level (one of: `debug`, `info`, `warn`, `error`) + level: info + # -- Set the klog logging level + kloglevel: "0" + # -- Set the logging format (one of: `text`, `json`) + format: "text" # -- Assign custom [TopologySpreadConstraints] rules to the controller ## Ref: https://kubernetes.io/docs/concepts/workloads/pods/pod-topology-spread-constraints/ From 77a4196fc31294b7abeb1d4d30df136f2b77a675 Mon Sep 17 00:00:00 2001 From: Neile Havens Date: Fri, 15 Dec 2023 01:45:22 -0600 Subject: [PATCH 338/373] fix(argo-workflows): Remove duplication in aggregated admin ClusterRole (#2389) Signed-off-by: Neile Havens --- charts/argo-workflows/Chart.yaml | 6 +++--- .../templates/controller/workflow-aggregate-roles.yaml | 2 -- 2 files changed, 3 insertions(+), 5 deletions(-) diff --git a/charts/argo-workflows/Chart.yaml b/charts/argo-workflows/Chart.yaml index acd175a7c..ddd48e247 100644 --- a/charts/argo-workflows/Chart.yaml +++ b/charts/argo-workflows/Chart.yaml @@ -3,7 +3,7 @@ appVersion: v3.5.2 name: argo-workflows description: A Helm chart for Argo Workflows type: application -version: 0.40.0 +version: 0.40.1 icon: https://argoproj.github.io/argo-workflows/assets/logo.png home: https://github.com/argoproj/argo-helm sources: @@ -16,5 +16,5 @@ annotations: fingerprint: 2B8F22F57260EFA67BE1C5824B11F800CD9D2252 url: https://argoproj.github.io/argo-helm/pgp_keys.asc artifacthub.io/changes: | - - kind: changed - description: "feat(argo-workflows): add hostAliases to server" + - kind: fixed + description: "Remove duplication in aggregated admin ClusterRole" diff --git a/charts/argo-workflows/templates/controller/workflow-aggregate-roles.yaml b/charts/argo-workflows/templates/controller/workflow-aggregate-roles.yaml index ca2ae93e3..2a407b1b5 100644 --- a/charts/argo-workflows/templates/controller/workflow-aggregate-roles.yaml +++ b/charts/argo-workflows/templates/controller/workflow-aggregate-roles.yaml @@ -83,8 +83,6 @@ rules: - workflows/finalizers - workfloweventbindings - workfloweventbindings/finalizers - - workflowtasksets - - workflowtasksets/finalizers - workflowtemplates - workflowtemplates/finalizers - cronworkflows From b13acd0814653ca4574c5053cc2e3b7e3b095599 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Sat, 16 Dec 2023 14:02:29 -0600 Subject: [PATCH 339/373] chore(deps): bump tj-actions/changed-files from 40.2.1 to 40.2.2 (#2391) --- .github/workflows/chart-version-bump.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/chart-version-bump.yml b/.github/workflows/chart-version-bump.yml index f8aa07b24..eeb38df96 100644 --- a/.github/workflows/chart-version-bump.yml +++ b/.github/workflows/chart-version-bump.yml @@ -23,7 +23,7 @@ jobs: - name: Get changed files id: changed-files - uses: tj-actions/changed-files@1c938490c880156b746568a518594309cfb3f66b # v40.2.1 + uses: tj-actions/changed-files@94549999469dbfa032becf298d95c87a14c34394 # v40.2.2 with: files: charts/{argo-workflows,argo-cd,argo-events,argo-rollouts,argocd-image-updater}/Chart.yaml From 7f1b25402bb23681c479dc20c6c69caf49a10159 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Sun, 17 Dec 2023 00:22:40 +0100 Subject: [PATCH 340/373] chore(deps): bump actions/upload-artifact from 3.1.3 to 4.0.0 (#2392) --- .github/workflows/scorecard.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/scorecard.yml b/.github/workflows/scorecard.yml index 3273e72d6..e86279fa5 100644 --- a/.github/workflows/scorecard.yml +++ b/.github/workflows/scorecard.yml @@ -60,7 +60,7 @@ jobs: # Upload the results as artifacts (optional). Commenting out will disable uploads of run results in SARIF # format to the repository Actions tab. - name: "Upload artifact" - uses: actions/upload-artifact@a8a3f3ad30e3422c9c7b888a15615d19a852ae32 # v3.1.3 + uses: actions/upload-artifact@c7d193f32edcb7bfad88892161225aeda64e9392 # v4.0.0 with: name: SARIF file path: results.sarif From f9e2a94bb6d1f20f42374c42c62f86e8e37b2ba9 Mon Sep 17 00:00:00 2001 From: Ilia Lazebnik Date: Fri, 22 Dec 2023 14:07:05 +0200 Subject: [PATCH 341/373] feat(argo-rollouts): add args for dashboard logs (#2388) --- charts/argo-rollouts/Chart.yaml | 4 ++-- charts/argo-rollouts/README.md | 2 ++ charts/argo-rollouts/templates/dashboard/deployment.yaml | 3 +++ charts/argo-rollouts/values.yaml | 5 +++++ 4 files changed, 12 insertions(+), 2 deletions(-) diff --git a/charts/argo-rollouts/Chart.yaml b/charts/argo-rollouts/Chart.yaml index d2a4a8982..a879e08c7 100644 --- a/charts/argo-rollouts/Chart.yaml +++ b/charts/argo-rollouts/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v2 appVersion: v1.6.4 description: A Helm chart for Argo Rollouts name: argo-rollouts -version: 2.33.0 +version: 2.34.0 home: https://github.com/argoproj/argo-helm icon: https://argoproj.github.io/argo-rollouts/assets/logo.png keywords: @@ -19,4 +19,4 @@ annotations: url: https://argoproj.github.io/argo-helm/pgp_keys.asc artifacthub.io/changes: | - kind: changed - description: Allow setting log config for rollouts + description: Allow setting log config for rollouts dashboard diff --git a/charts/argo-rollouts/README.md b/charts/argo-rollouts/README.md index 9b368a5a2..23f25df74 100644 --- a/charts/argo-rollouts/README.md +++ b/charts/argo-rollouts/README.md @@ -153,6 +153,8 @@ For full list of changes please check ArtifactHub [changelog]. | dashboard.ingress.pathType | string | `"Prefix"` | Dashboard ingress path type | | dashboard.ingress.paths | list | `["/"]` | Dashboard ingress paths | | dashboard.ingress.tls | list | `[]` | Dashboard ingress tls | +| dashboard.logging.kloglevel | string | `"0"` | Set the klog logging level | +| dashboard.logging.level | string | `"info"` | Set the logging level (one of: `debug`, `info`, `warn`, `error`) | | dashboard.nodeSelector | object | `{}` | [Node selector] | | dashboard.pdb.annotations | object | `{}` | Annotations to be added to dashboard [Pod Disruption Budget] | | dashboard.pdb.enabled | bool | `false` | Deploy a [Pod Disruption Budget] for the dashboard | diff --git a/charts/argo-rollouts/templates/dashboard/deployment.yaml b/charts/argo-rollouts/templates/dashboard/deployment.yaml index cae248881..de7f525b3 100644 --- a/charts/argo-rollouts/templates/dashboard/deployment.yaml +++ b/charts/argo-rollouts/templates/dashboard/deployment.yaml @@ -45,6 +45,9 @@ spec: - image: "{{ .Values.dashboard.image.registry }}/{{ .Values.dashboard.image.repository }}:{{ default .Chart.AppVersion .Values.dashboard.image.tag }}" imagePullPolicy: {{ .Values.dashboard.image.pullPolicy }} args: + - dashboard + - "--loglevel={{ .Values.dashboard.logging.level }}" + - "--kloglevel={{ .Values.dashboard.logging.kloglevel }}" {{- with .Values.dashboard.extraArgs }} {{- toYaml . | nindent 8 }} {{- end }} diff --git a/charts/argo-rollouts/values.yaml b/charts/argo-rollouts/values.yaml index 6eb48b9c3..e7a5f1339 100644 --- a/charts/argo-rollouts/values.yaml +++ b/charts/argo-rollouts/values.yaml @@ -289,6 +289,11 @@ dashboard: tolerations: [] # -- Assign custom [affinity] rules to the deployment affinity: {} + logging: + # -- Set the logging level (one of: `debug`, `info`, `warn`, `error`) + level: info + # -- Set the klog logging level + kloglevel: "0" # -- Assign custom [TopologySpreadConstraints] rules to the dashboard server ## Ref: https://kubernetes.io/docs/concepts/workloads/pods/pod-topology-spread-constraints/ From 91f48f37cdb84884dc100753fb1012d293a37800 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Sat, 23 Dec 2023 14:44:48 +0100 Subject: [PATCH 342/373] chore(deps): bump tj-actions/changed-files from 40.2.2 to 40.2.3 (#2398) --- .github/workflows/chart-version-bump.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/chart-version-bump.yml b/.github/workflows/chart-version-bump.yml index eeb38df96..22cf61a10 100644 --- a/.github/workflows/chart-version-bump.yml +++ b/.github/workflows/chart-version-bump.yml @@ -23,7 +23,7 @@ jobs: - name: Get changed files id: changed-files - uses: tj-actions/changed-files@94549999469dbfa032becf298d95c87a14c34394 # v40.2.2 + uses: tj-actions/changed-files@56284d80811fb5963a972b438f2870f175e5b7c8 # v40.2.3 with: files: charts/{argo-workflows,argo-cd,argo-events,argo-rollouts,argocd-image-updater}/Chart.yaml From c962ee500c06af4213d911a8947f3055949cd45b Mon Sep 17 00:00:00 2001 From: Josia Date: Sat, 23 Dec 2023 19:28:35 -0500 Subject: [PATCH 343/373] fix(argo-workflows): Prevent extra whitespace in controller ConfigMap (#2399) Signed-off-by: Josia --- charts/argo-workflows/Chart.yaml | 4 ++-- .../templates/controller/workflow-controller-config-map.yaml | 4 ++-- 2 files changed, 4 insertions(+), 4 deletions(-) diff --git a/charts/argo-workflows/Chart.yaml b/charts/argo-workflows/Chart.yaml index ddd48e247..69b84a11d 100644 --- a/charts/argo-workflows/Chart.yaml +++ b/charts/argo-workflows/Chart.yaml @@ -3,7 +3,7 @@ appVersion: v3.5.2 name: argo-workflows description: A Helm chart for Argo Workflows type: application -version: 0.40.1 +version: 0.40.2 icon: https://argoproj.github.io/argo-workflows/assets/logo.png home: https://github.com/argoproj/argo-helm sources: @@ -17,4 +17,4 @@ annotations: url: https://argoproj.github.io/argo-helm/pgp_keys.asc artifacthub.io/changes: | - kind: fixed - description: "Remove duplication in aggregated admin ClusterRole" + description: "Prevent extra whitespace in controller ConfigMap" diff --git a/charts/argo-workflows/templates/controller/workflow-controller-config-map.yaml b/charts/argo-workflows/templates/controller/workflow-controller-config-map.yaml index d311441c3..d3ad349b0 100644 --- a/charts/argo-workflows/templates/controller/workflow-controller-config-map.yaml +++ b/charts/argo-workflows/templates/controller/workflow-controller-config-map.yaml @@ -145,7 +145,7 @@ data: rbac: enabled: {{ .Values.server.sso.rbac.enabled }} {{- with .Values.server.sso.scopes }} - scopes: {{ toYaml . | nindent 8 }} + scopes: {{- toYaml . | nindent 8 }} {{- end }} {{- with .Values.server.sso.issuerAlias }} issuerAlias: {{ toYaml . }} @@ -163,7 +163,7 @@ data: insecureSkipVerify: {{ toYaml . }} {{- end }} {{- with .Values.server.sso.filterGroupsRegex }} - filterGroupsRegex: {{ toYaml . | nindent 8 }} + filterGroupsRegex: {{- toYaml . | nindent 8 }} {{- end }} {{- end }} {{- with .Values.controller.workflowRestrictions }} From 410e73af93a4aab3aad47614f8cac58d54ae798a Mon Sep 17 00:00:00 2001 From: Aikawa Date: Sun, 24 Dec 2023 15:13:52 +0900 Subject: [PATCH 344/373] chore(argo-workflows): Add instruction for SSO (#2401) --- charts/argo-workflows/Chart.yaml | 6 +++--- charts/argo-workflows/README.md | 6 ++++++ charts/argo-workflows/README.md.gotmpl | 6 ++++++ 3 files changed, 15 insertions(+), 3 deletions(-) diff --git a/charts/argo-workflows/Chart.yaml b/charts/argo-workflows/Chart.yaml index 69b84a11d..15950d667 100644 --- a/charts/argo-workflows/Chart.yaml +++ b/charts/argo-workflows/Chart.yaml @@ -3,7 +3,7 @@ appVersion: v3.5.2 name: argo-workflows description: A Helm chart for Argo Workflows type: application -version: 0.40.2 +version: 0.40.3 icon: https://argoproj.github.io/argo-workflows/assets/logo.png home: https://github.com/argoproj/argo-helm sources: @@ -16,5 +16,5 @@ annotations: fingerprint: 2B8F22F57260EFA67BE1C5824B11F800CD9D2252 url: https://argoproj.github.io/argo-helm/pgp_keys.asc artifacthub.io/changes: | - - kind: fixed - description: "Prevent extra whitespace in controller ConfigMap" + - kind: added + description: Add instruction for SSO diff --git a/charts/argo-workflows/README.md b/charts/argo-workflows/README.md index 070bdbf2f..81e653594 100644 --- a/charts/argo-workflows/README.md +++ b/charts/argo-workflows/README.md @@ -56,6 +56,11 @@ spec: args: [ "hello world" ] ``` +### Argo Workflows Server SSO +In order to enable SSO, please configure `.Values.server.sso` and `.Values.server.authMode`. + +In order to manage access levels, you can optionally add RBAC to SSO. Please refer [SSO RBAC] for more details. + ## Installing the Chart To install the chart with the release name `my-release`: @@ -387,3 +392,4 @@ Fields to note: [TopologySpreadConstraints]: https://kubernetes.io/docs/concepts/workloads/pods/pod-topology-spread-constraints/ [values.yaml]: values.yaml [changelog]: https://artifacthub.io/packages/helm/argo/argo-workflows?modal=changelog +[SSO RBAC]: https://argoproj.github.io/argo-workflows/argo-server-sso/#sso-rbac diff --git a/charts/argo-workflows/README.md.gotmpl b/charts/argo-workflows/README.md.gotmpl index 60aa62afa..aa296179f 100644 --- a/charts/argo-workflows/README.md.gotmpl +++ b/charts/argo-workflows/README.md.gotmpl @@ -56,6 +56,11 @@ spec: args: [ "hello world" ] ``` +### Argo Workflows Server SSO +In order to enable SSO, please configure `.Values.server.sso` and `.Values.server.authMode`. + +In order to manage access levels, you can optionally add RBAC to SSO. Please refer [SSO RBAC] for more details. + ## Installing the Chart To install the chart with the release name `my-release`: @@ -204,3 +209,4 @@ Fields to note: [TopologySpreadConstraints]: https://kubernetes.io/docs/concepts/workloads/pods/pod-topology-spread-constraints/ [values.yaml]: values.yaml [changelog]: https://artifacthub.io/packages/helm/argo/argo-workflows?modal=changelog +[SSO RBAC]: https://argoproj.github.io/argo-workflows/argo-server-sso/#sso-rbac From 29c7f27b3f8b529c6756f510553aaedf58f992e8 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Sat, 30 Dec 2023 09:29:42 -0600 Subject: [PATCH 345/373] chore(deps): bump tj-actions/changed-files from 40.2.3 to 41.0.1 (#2405) --- .github/workflows/chart-version-bump.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/chart-version-bump.yml b/.github/workflows/chart-version-bump.yml index 22cf61a10..30bd26ee8 100644 --- a/.github/workflows/chart-version-bump.yml +++ b/.github/workflows/chart-version-bump.yml @@ -23,7 +23,7 @@ jobs: - name: Get changed files id: changed-files - uses: tj-actions/changed-files@56284d80811fb5963a972b438f2870f175e5b7c8 # v40.2.3 + uses: tj-actions/changed-files@716b1e13042866565e00e85fd4ec490e186c4a2f # v41.0.1 with: files: charts/{argo-workflows,argo-cd,argo-events,argo-rollouts,argocd-image-updater}/Chart.yaml From 9b0c33fb496dccdfd98d27c9dfa700fd6c8ded46 Mon Sep 17 00:00:00 2001 From: Aikawa Date: Sun, 31 Dec 2023 02:02:10 +0900 Subject: [PATCH 346/373] feat(argo-cd): Use new Argo CD extension mechanism (#2406) --- charts/argo-cd/Chart.yaml | 4 +- charts/argo-cd/README.md | 13 ++- charts/argo-cd/README.md.gotmpl | 6 + charts/argo-cd/ci/extension-values.yaml | 14 +++ charts/argo-cd/templates/aggregate-roles.yaml | 9 -- .../templates/argocd-server/deployment.yaml | 26 +++-- .../argo-cd/templates/argocd-server/role.yaml | 3 - .../argo-cd/templates/crds/crd-extension.yaml | 107 ------------------ charts/argo-cd/values.yaml | 28 +++-- 9 files changed, 68 insertions(+), 142 deletions(-) create mode 100644 charts/argo-cd/ci/extension-values.yaml delete mode 100644 charts/argo-cd/templates/crds/crd-extension.yaml diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index 594dd1615..e955494cc 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -3,7 +3,7 @@ appVersion: v2.9.3 kubeVersion: ">=1.23.0-0" description: A Helm chart for Argo CD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 5.51.6 +version: 5.52.0 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png sources: @@ -27,4 +27,4 @@ annotations: url: https://argoproj.github.io/argo-helm/pgp_keys.asc artifacthub.io/changes: | - kind: changed - description: Upgrade Argo CD to v2.9.3 + description: Use new Argo CD extension mechanism diff --git a/charts/argo-cd/README.md b/charts/argo-cd/README.md index fa8699754..919149b51 100644 --- a/charts/argo-cd/README.md +++ b/charts/argo-cd/README.md @@ -105,6 +105,10 @@ For full list of changes please check ArtifactHub [changelog]. Highlighted versions provide information about additional steps that should be performed by user when upgrading to newer version. +### 5.52.0 +Because [Argo CD Extensions] is now deprecated and no further changes will be made, we switched to [Argo CD Extension Installer], adding an Argo CD Extension Installer to init-container in the Argo CD API server. +If you used old mechanism, please move to new mechanism. For more details, please refer `.Values.server.extensions` in values.yaml. + ### 5.35.0 This version supports Kubernetes version `>=1.23.0-0`. The current supported version of Kubernetes is v1.24 or later and we align with the Amazon EKS calendar, because many AWS users follow a conservative approach. @@ -718,10 +722,11 @@ NAME: my-release | server.env | list | `[]` | Environment variables to pass to Argo CD server | | server.envFrom | list | `[]` (See [values.yaml]) | envFrom to pass to Argo CD server | | server.extensions.containerSecurityContext | object | See [values.yaml] | Server UI extensions container-level security context | -| server.extensions.enabled | bool | `false` | Enable support for Argo UI extensions | +| server.extensions.enabled | bool | `false` | Enable support for Argo CD extensions | +| server.extensions.extensionList | list | `[]` (See [values.yaml]) | Extensions for Argo CD | | server.extensions.image.imagePullPolicy | string | `""` (defaults to global.image.imagePullPolicy) | Image pull policy for extensions | -| server.extensions.image.repository | string | `"ghcr.io/argoproj-labs/argocd-extensions"` | Repository to use for extensions image | -| server.extensions.image.tag | string | `"v0.2.1"` | Tag to use for extensions image | +| server.extensions.image.repository | string | `"quay.io/argoprojlabs/argocd-extension-installer"` | Repository to use for extension installer image | +| server.extensions.image.tag | string | `"v0.0.1"` | Tag to use for extension installer image | | server.extensions.resources | object | `{}` | Resource limits and requests for the argocd-extensions container | | server.extraArgs | list | `[]` | Additional command line arguments to pass to Argo CD server | | server.extraContainers | list | `[]` | Additional containers to be added to the server pod | @@ -1263,3 +1268,5 @@ Autogenerated from chart metadata using [helm-docs](https://github.com/norwoodj/ [EKS EoL]: https://endoflife.date/amazon-eks [Kubernetes Compatibility Matrix]: https://argo-cd.readthedocs.io/en/stable/operator-manual/installation/#supported-versions [Applications in any namespace]: https://argo-cd.readthedocs.io/en/stable/operator-manual/app-any-namespace/#applications-in-any-namespace +[Argo CD Extensions]: https://github.com/argoproj-labs/argocd-extensions?tab=readme-ov-file#deprecation-notice +[Argo CD Extension Installer]: https://github.com/argoproj-labs/argocd-extension-installer diff --git a/charts/argo-cd/README.md.gotmpl b/charts/argo-cd/README.md.gotmpl index 7df790782..ba94725f7 100644 --- a/charts/argo-cd/README.md.gotmpl +++ b/charts/argo-cd/README.md.gotmpl @@ -104,6 +104,10 @@ For full list of changes please check ArtifactHub [changelog]. Highlighted versions provide information about additional steps that should be performed by user when upgrading to newer version. +### 5.52.0 +Because [Argo CD Extensions] is now deprecated and no further changes will be made, we switched to [Argo CD Extension Installer], adding an Argo CD Extension Installer to init-container in the Argo CD API server. +If you used old mechanism, please move to new mechanism. For more details, please refer `.Values.server.extensions` in values.yaml. + ### 5.35.0 This version supports Kubernetes version `>=1.23.0-0`. The current supported version of Kubernetes is v1.24 or later and we align with the Amazon EKS calendar, because many AWS users follow a conservative approach. @@ -571,3 +575,5 @@ Autogenerated from chart metadata using [helm-docs](https://github.com/norwoodj/ [EKS EoL]: https://endoflife.date/amazon-eks [Kubernetes Compatibility Matrix]: https://argo-cd.readthedocs.io/en/stable/operator-manual/installation/#supported-versions [Applications in any namespace]: https://argo-cd.readthedocs.io/en/stable/operator-manual/app-any-namespace/#applications-in-any-namespace +[Argo CD Extensions]: https://github.com/argoproj-labs/argocd-extensions?tab=readme-ov-file#deprecation-notice +[Argo CD Extension Installer]: https://github.com/argoproj-labs/argocd-extension-installer diff --git a/charts/argo-cd/ci/extension-values.yaml b/charts/argo-cd/ci/extension-values.yaml new file mode 100644 index 000000000..0896ca4c3 --- /dev/null +++ b/charts/argo-cd/ci/extension-values.yaml @@ -0,0 +1,14 @@ +# Test Argo CD extension +crds: + keep: false +# Ref: https://github.com/argoproj-labs/argocd-extension-metrics?tab=readme-ov-file#install-ui-extension +server: + extensions: + enabled: true + extensionList: + - name: extension-metrics + env: + - name: EXTENSION_URL + value: https://github.com/argoproj-labs/argocd-extension-metrics/releases/download/v1.0.0/extension.tar.gz + - name: EXTENSION_CHECKSUM_URL + value: https://github.com/argoproj-labs/argocd-extension-metrics/releases/download/v1.0.0/extension_checksums.txt diff --git a/charts/argo-cd/templates/aggregate-roles.yaml b/charts/argo-cd/templates/aggregate-roles.yaml index b38939224..ba93d5484 100644 --- a/charts/argo-cd/templates/aggregate-roles.yaml +++ b/charts/argo-cd/templates/aggregate-roles.yaml @@ -14,9 +14,6 @@ rules: {{- if .Values.applicationSet.enabled }} - applicationsets {{- end }} - {{- if .Values.server.extensions.enabled }} - - argocdextensions - {{- end }} - appprojects verbs: - get @@ -39,9 +36,6 @@ rules: {{- if .Values.applicationSet.enabled }} - applicationsets {{- end }} - {{- if .Values.server.extensions.enabled }} - - argocdextensions - {{- end }} - appprojects verbs: - create @@ -69,9 +63,6 @@ rules: {{- if .Values.applicationSet.enabled }} - applicationsets {{- end }} - {{- if .Values.server.extensions.enabled }} - - argocdextensions - {{- end }} - appprojects verbs: - create diff --git a/charts/argo-cd/templates/argocd-server/deployment.yaml b/charts/argo-cd/templates/argocd-server/deployment.yaml index 983121a98..c56ea6808 100755 --- a/charts/argo-cd/templates/argocd-server/deployment.yaml +++ b/charts/argo-cd/templates/argocd-server/deployment.yaml @@ -357,13 +357,22 @@ spec: lifecycle: {{- toYaml . | nindent 10 }} {{- end }} + {{- with .Values.server.extraContainers }} + {{- tpl (toYaml .) $ | nindent 6 }} + {{- end }} + {{- if or .Values.server.initContainers (and .Values.server.extensions.enabled .Values.server.extensions.extensionList) }} + initContainers: + {{- with .Values.server.initContainers }} + {{- tpl (toYaml .) $ | nindent 6 }} + {{- end }} {{- if .Values.server.extensions.enabled }} - - name: argocd-extensions - image: {{ .Values.server.extensions.image.repository }}:{{ .Values.server.extensions.image.tag }} - imagePullPolicy: {{ .Values.server.extensions.image.imagePullPolicy }} + {{- range .Values.server.extensions.extensionList }} + - name: {{ .name }} + image: {{ $.Values.server.extensions.image.repository }}:{{ $.Values.server.extensions.image.tag }} + imagePullPolicy: {{ default $.Values.global.image.imagePullPolicy $.Values.server.extensions.image.imagePullPolicy }} resources: - {{- toYaml .Values.server.extensions.resources | nindent 10 }} - {{- with .Values.server.extensions.containerSecurityContext }} + {{- toYaml $.Values.server.extensions.resources | nindent 10 }} + {{- with $.Values.server.extensions.containerSecurityContext }} securityContext: {{- toYaml . | nindent 10 }} {{- end }} @@ -372,13 +381,10 @@ spec: mountPath: /tmp/extensions/ - name: tmp mountPath: /tmp + env: + {{- toYaml .env | nindent 10 }} {{- end }} - {{- with .Values.server.extraContainers }} - {{- tpl (toYaml .) $ | nindent 6 }} {{- end }} - {{- with .Values.server.initContainers }} - initContainers: - {{- tpl (toYaml .) $ | nindent 6 }} {{- end }} {{- with include "argo-cd.affinity" (dict "context" . "component" .Values.server) }} affinity: diff --git a/charts/argo-cd/templates/argocd-server/role.yaml b/charts/argo-cd/templates/argocd-server/role.yaml index 6bfe32a49..adc6f0142 100644 --- a/charts/argo-cd/templates/argocd-server/role.yaml +++ b/charts/argo-cd/templates/argocd-server/role.yaml @@ -27,9 +27,6 @@ rules: - applicationsets {{- end }} - appprojects - {{- if .Values.server.extensions.enabled }} - - argocdextensions - {{- end }} verbs: - create - get diff --git a/charts/argo-cd/templates/crds/crd-extension.yaml b/charts/argo-cd/templates/crds/crd-extension.yaml deleted file mode 100644 index 30fbce70b..000000000 --- a/charts/argo-cd/templates/crds/crd-extension.yaml +++ /dev/null @@ -1,107 +0,0 @@ -{{- if and .Values.crds.install .Values.server.extensions.enabled }} -apiVersion: apiextensions.k8s.io/v1 -kind: CustomResourceDefinition -metadata: - annotations: - {{- if .Values.crds.keep }} - "helm.sh/resource-policy": keep - {{- end }} - {{- with .Values.crds.annotations }} - {{- toYaml . | nindent 4 }} - {{- end }} - controller-gen.kubebuilder.io/version: v0.4.1 - labels: - app.kubernetes.io/name: argocdextensions.argoproj.io - app.kubernetes.io/part-of: argocd - {{- with .Values.crds.additionalLabels }} - {{- toYaml . | nindent 4}} - {{- end }} - name: argocdextensions.argoproj.io -spec: - group: argoproj.io - names: - kind: ArgoCDExtension - listKind: ArgoCDExtensionList - plural: argocdextensions - singular: argocdextension - scope: Namespaced - versions: - - name: v1alpha1 - schema: - openAPIV3Schema: - description: ArgoCDExtension is the Schema for the argocdextensions API - properties: - apiVersion: - description: 'APIVersion defines the versioned schema of this representation - of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' - type: string - kind: - description: 'Kind is a string value representing the REST resource this - object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - metadata: - type: object - spec: - description: ArgoCDExtensionSpec defines the desired state of ArgoCDExtension - properties: - sources: - description: Sources specifies where the extension should come from - items: - description: ExtensionSource specifies where the extension should - be sourced from - properties: - git: - description: Git is specified if the extension should be sourced - from a git repository - properties: - revision: - description: Revision specifies the revision of the Repository - to fetch - type: string - url: - description: URL specifies the Git repository URL to fetch - type: string - type: object - web: - description: Web is specified if the extension should be sourced - from a web file - properties: - url: - description: URK specifies the remote file URL - type: string - type: object - type: object - type: array - required: - - sources - type: object - status: - description: ArgoCDExtensionStatus defines the observed state of ArgoCDExtension - properties: - conditions: - items: - properties: - message: - description: Message contains human-readable message indicating - details about condition - type: string - status: - description: Boolean status describing if the condition is currently - true - type: string - type: - description: Type is an ArgoCDExtension condition type - type: string - required: - - message - - status - - type - type: object - type: array - type: object - type: object - served: true - storage: true -{{- end }} diff --git a/charts/argo-cd/values.yaml b/charts/argo-cd/values.yaml index c4480e6ce..bc93065ee 100644 --- a/charts/argo-cd/values.yaml +++ b/charts/argo-cd/values.yaml @@ -1574,29 +1574,41 @@ server: # -- Specify postStart and preStop lifecycle hooks for your argo-cd-server container lifecycle: {} - ## Argo UI extensions + ## Argo CD extensions ## This function in tech preview stage, do expect instability or breaking changes in newer versions. - ## Ref: https://github.com/argoproj-labs/argocd-extensions + ## Ref: https://github.com/argoproj-labs/argocd-extension-installer extensions: - # -- Enable support for Argo UI extensions + # -- Enable support for Argo CD extensions enabled: false - ## Argo UI extensions image + ## Argo CD extension installer image image: - # -- Repository to use for extensions image - repository: "ghcr.io/argoproj-labs/argocd-extensions" - # -- Tag to use for extensions image - tag: "v0.2.1" + # -- Repository to use for extension installer image + repository: "quay.io/argoprojlabs/argocd-extension-installer" + # -- Tag to use for extension installer image + tag: "v0.0.1" # -- Image pull policy for extensions # @default -- `""` (defaults to global.image.imagePullPolicy) imagePullPolicy: "" + # -- Extensions for Argo CD + # @default -- `[]` (See [values.yaml]) + ## Ref: https://github.com/argoproj-labs/argocd-extension-metrics#install-ui-extension + extensionList: [] + # - name: extension-metrics + # env: + # - name: EXTENSION_URL + # value: https://github.com/argoproj-labs/argocd-extension-metrics/releases/download/v1.0.0/extension.tar.gz + # - name: EXTENSION_CHECKSUM_URL + # value: https://github.com/argoproj-labs/argocd-extension-metrics/releases/download/v1.0.0/extension_checksums.txt + # -- Server UI extensions container-level security context # @default -- See [values.yaml] containerSecurityContext: runAsNonRoot: true readOnlyRootFilesystem: true allowPrivilegeEscalation: false + runAsUser: 1000 seccompProfile: type: RuntimeDefault capabilities: From 107bd3bc537eb4d611907c09809ebadea73936ed Mon Sep 17 00:00:00 2001 From: Petr Drastil Date: Fri, 5 Jan 2024 13:56:59 +0100 Subject: [PATCH 347/373] chore(argo-cd): DRY cleanup of ServiceAccounts (#2409) Signed-off-by: Petr Drastil --- charts/argo-cd/Chart.yaml | 4 ++-- charts/argo-cd/templates/_helpers.tpl | 14 +++++++------- .../clusterrolebinding.yaml | 2 +- .../argocd-application-controller/rolebinding.yaml | 8 ++++---- .../serviceaccount.yaml | 14 +++++++------- .../argocd-application-controller/statefulset.yaml | 2 +- .../argocd-applicationset/deployment.yaml | 2 +- .../argocd-applicationset/rolebinding.yaml | 6 +++--- .../argocd-applicationset/serviceaccount.yaml | 14 +++++++------- .../argocd-notifications/clusterrolebinding.yaml | 2 +- .../templates/argocd-notifications/deployment.yaml | 2 +- .../argocd-notifications/rolebinding.yaml | 6 +++--- .../argocd-notifications/serviceaccount.yaml | 14 +++++++------- .../argocd-repo-server/clusterrolebinding.yaml | 2 +- .../templates/argocd-repo-server/deployment.yaml | 2 +- .../templates/argocd-repo-server/rolebinding.yaml | 8 ++++---- .../argocd-repo-server/serviceaccount.yaml | 14 +++++++------- .../argocd-server/clusterrolebinding.yaml | 2 +- .../templates/argocd-server/deployment.yaml | 2 +- .../templates/argocd-server/rolebinding.yaml | 6 +++--- .../templates/argocd-server/serviceaccount.yaml | 14 +++++++------- charts/argo-cd/templates/dex/deployment.yaml | 2 +- charts/argo-cd/templates/dex/rolebinding.yaml | 8 ++++---- charts/argo-cd/templates/dex/serviceaccount.yaml | 8 ++++---- charts/argo-cd/templates/redis/deployment.yaml | 2 +- charts/argo-cd/templates/redis/serviceaccount.yaml | 8 ++++---- 26 files changed, 84 insertions(+), 84 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index e955494cc..91dcac84f 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -3,7 +3,7 @@ appVersion: v2.9.3 kubeVersion: ">=1.23.0-0" description: A Helm chart for Argo CD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 5.52.0 +version: 5.52.1 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png sources: @@ -27,4 +27,4 @@ annotations: url: https://argoproj.github.io/argo-helm/pgp_keys.asc artifacthub.io/changes: | - kind: changed - description: Use new Argo CD extension mechanism + description: DRY cleanup of ServiceAccounts diff --git a/charts/argo-cd/templates/_helpers.tpl b/charts/argo-cd/templates/_helpers.tpl index b5d62a6ab..97ba5c259 100644 --- a/charts/argo-cd/templates/_helpers.tpl +++ b/charts/argo-cd/templates/_helpers.tpl @@ -11,7 +11,7 @@ to 63 chars and it includes 10 chars of hash and a separating '-'. {{/* Create the name of the controller service account to use */}} -{{- define "argo-cd.controllerServiceAccountName" -}} +{{- define "argo-cd.controller.serviceAccountName" -}} {{- if .Values.controller.serviceAccount.create -}} {{ default (include "argo-cd.controller.fullname" .) .Values.controller.serviceAccount.name }} {{- else -}} @@ -40,7 +40,7 @@ Create Dex server endpoint {{/* Create the name of the dex service account to use */}} -{{- define "argo-cd.dexServiceAccountName" -}} +{{- define "argo-cd.dex.serviceAccountName" -}} {{- if .Values.dex.serviceAccount.create -}} {{ default (include "argo-cd.dex.fullname" .) .Values.dex.serviceAccount.name }} {{- else -}} @@ -78,7 +78,7 @@ Return Redis server endpoint {{/* Create the name of the redis service account to use */}} -{{- define "argo-cd.redisServiceAccountName" -}} +{{- define "argo-cd.redis.serviceAccountName" -}} {{- if .Values.redis.serviceAccount.create -}} {{ default (include "argo-cd.redis.fullname" .) .Values.redis.serviceAccount.name }} {{- else -}} @@ -96,7 +96,7 @@ Create argocd server name and version as used by the chart label. {{/* Create the name of the Argo CD server service account to use */}} -{{- define "argo-cd.serverServiceAccountName" -}} +{{- define "argo-cd.server.serviceAccountName" -}} {{- if .Values.server.serviceAccount.create -}} {{ default (include "argo-cd.server.fullname" .) .Values.server.serviceAccount.name }} {{- else -}} @@ -114,7 +114,7 @@ Create argocd repo-server name and version as used by the chart label. {{/* Create the name of the repo-server service account to use */}} -{{- define "argo-cd.repoServerServiceAccountName" -}} +{{- define "argo-cd.repoServer.serviceAccountName" -}} {{- if .Values.repoServer.serviceAccount.create -}} {{ default (include "argo-cd.repoServer.fullname" .) .Values.repoServer.serviceAccount.name }} {{- else -}} @@ -132,7 +132,7 @@ Create argocd application set name and version as used by the chart label. {{/* Create the name of the application set service account to use */}} -{{- define "argo-cd.applicationSetServiceAccountName" -}} +{{- define "argo-cd.applicationSet.serviceAccountName" -}} {{- if .Values.applicationSet.serviceAccount.create -}} {{ default (include "argo-cd.applicationSet.fullname" .) .Values.applicationSet.serviceAccount.name }} {{- else -}} @@ -150,7 +150,7 @@ Create argocd notifications name and version as used by the chart label. {{/* Create the name of the notifications service account to use */}} -{{- define "argo-cd.notificationsServiceAccountName" -}} +{{- define "argo-cd.notifications.serviceAccountName" -}} {{- if .Values.notifications.serviceAccount.create -}} {{ default (include "argo-cd.notifications.fullname" .) .Values.notifications.serviceAccount.name }} {{- else -}} diff --git a/charts/argo-cd/templates/argocd-application-controller/clusterrolebinding.yaml b/charts/argo-cd/templates/argocd-application-controller/clusterrolebinding.yaml index 39ee80a67..9ebe80ad1 100644 --- a/charts/argo-cd/templates/argocd-application-controller/clusterrolebinding.yaml +++ b/charts/argo-cd/templates/argocd-application-controller/clusterrolebinding.yaml @@ -12,6 +12,6 @@ roleRef: name: {{ include "argo-cd.controller.fullname" . }} subjects: - kind: ServiceAccount - name: {{ include "argo-cd.controllerServiceAccountName" . }} + name: {{ include "argo-cd.controller.serviceAccountName" . }} namespace: {{ .Release.Namespace }} {{- end }} diff --git a/charts/argo-cd/templates/argocd-application-controller/rolebinding.yaml b/charts/argo-cd/templates/argocd-application-controller/rolebinding.yaml index 5f07f1090..9a87f7711 100644 --- a/charts/argo-cd/templates/argocd-application-controller/rolebinding.yaml +++ b/charts/argo-cd/templates/argocd-application-controller/rolebinding.yaml @@ -1,15 +1,15 @@ apiVersion: rbac.authorization.k8s.io/v1 kind: RoleBinding metadata: - name: {{ template "argo-cd.controller.fullname" . }} + name: {{ include "argo-cd.controller.fullname" . }} namespace: {{ .Release.Namespace | quote }} labels: {{- include "argo-cd.labels" (dict "context" . "component" .Values.controller.name "name" .Values.controller.name) | nindent 4 }} roleRef: apiGroup: rbac.authorization.k8s.io kind: Role - name: {{ template "argo-cd.controller.fullname" . }} + name: {{ include "argo-cd.controller.fullname" . }} subjects: - kind: ServiceAccount - name: {{ template "argo-cd.controllerServiceAccountName" . }} - namespace: {{ .Release.Namespace }} \ No newline at end of file + name: {{ include "argo-cd.controller.serviceAccountName" . }} + namespace: {{ .Release.Namespace }} diff --git a/charts/argo-cd/templates/argocd-application-controller/serviceaccount.yaml b/charts/argo-cd/templates/argocd-application-controller/serviceaccount.yaml index fe56d3767..1b9619d6f 100644 --- a/charts/argo-cd/templates/argocd-application-controller/serviceaccount.yaml +++ b/charts/argo-cd/templates/argocd-application-controller/serviceaccount.yaml @@ -3,17 +3,17 @@ apiVersion: v1 kind: ServiceAccount automountServiceAccountToken: {{ .Values.controller.serviceAccount.automountServiceAccountToken }} metadata: - name: {{ template "argo-cd.controllerServiceAccountName" . }} + name: {{ include "argo-cd.controller.serviceAccountName" . }} namespace: {{ .Release.Namespace | quote }} -{{- if .Values.controller.serviceAccount.annotations }} + {{- with .Values.controller.serviceAccount.annotations }} annotations: - {{- range $key, $value := .Values.controller.serviceAccount.annotations }} + {{- range $key, $value := . }} {{ $key }}: {{ $value | quote }} + {{- end }} {{- end }} -{{- end }} labels: {{- include "argo-cd.labels" (dict "context" . "component" .Values.controller.name "name" .Values.controller.name) | nindent 4 }} - {{- range $key, $value := .Values.controller.serviceAccount.labels }} - {{ $key }}: {{ $value | quote }} - {{- end }} + {{- with .Values.controller.serviceAccount.labels }} + {{- toYaml . | nindent 4 }} + {{- end }} {{- end }} diff --git a/charts/argo-cd/templates/argocd-application-controller/statefulset.yaml b/charts/argo-cd/templates/argocd-application-controller/statefulset.yaml index 31bce2993..6d1d3e2f2 100644 --- a/charts/argo-cd/templates/argocd-application-controller/statefulset.yaml +++ b/charts/argo-cd/templates/argocd-application-controller/statefulset.yaml @@ -55,7 +55,7 @@ spec: {{- if .Values.controller.terminationGracePeriodSeconds }} terminationGracePeriodSeconds: {{ .Values.controller.terminationGracePeriodSeconds }} {{- end }} - serviceAccountName: {{ include "argo-cd.controllerServiceAccountName" . }} + serviceAccountName: {{ include "argo-cd.controller.serviceAccountName" . }} containers: - args: - /usr/local/bin/argocd-application-controller diff --git a/charts/argo-cd/templates/argocd-applicationset/deployment.yaml b/charts/argo-cd/templates/argocd-applicationset/deployment.yaml index b704650ae..655e8f196 100644 --- a/charts/argo-cd/templates/argocd-applicationset/deployment.yaml +++ b/charts/argo-cd/templates/argocd-applicationset/deployment.yaml @@ -55,7 +55,7 @@ spec: {{- if .Values.applicationSet.terminationGracePeriodSeconds }} terminationGracePeriodSeconds: {{ .Values.applicationSet.terminationGracePeriodSeconds }} {{- end }} - serviceAccountName: {{ include "argo-cd.applicationSetServiceAccountName" . }} + serviceAccountName: {{ include "argo-cd.applicationSet.serviceAccountName" . }} containers: - name: {{ .Values.applicationSet.name }} image: {{ default .Values.global.image.repository .Values.applicationSet.image.repository }}:{{ default (include "argo-cd.defaultTag" .) .Values.applicationSet.image.tag }} diff --git a/charts/argo-cd/templates/argocd-applicationset/rolebinding.yaml b/charts/argo-cd/templates/argocd-applicationset/rolebinding.yaml index 8a70526c6..a012f1ed1 100644 --- a/charts/argo-cd/templates/argocd-applicationset/rolebinding.yaml +++ b/charts/argo-cd/templates/argocd-applicationset/rolebinding.yaml @@ -2,16 +2,16 @@ apiVersion: rbac.authorization.k8s.io/v1 kind: RoleBinding metadata: - name: {{ template "argo-cd.applicationSet.fullname" . }} + name: {{ include "argo-cd.applicationSet.fullname" . }} namespace: {{ .Release.Namespace | quote }} labels: {{- include "argo-cd.labels" (dict "context" . "component" .Values.applicationSet.name "name" .Values.applicationSet.name) | nindent 4 }} roleRef: apiGroup: rbac.authorization.k8s.io kind: Role - name: {{ template "argo-cd.applicationSet.fullname" . }} + name: {{ include "argo-cd.applicationSet.fullname" . }} subjects: - kind: ServiceAccount - name: {{ template "argo-cd.applicationSetServiceAccountName" . }} + name: {{ include "argo-cd.applicationSet.serviceAccountName" . }} namespace: {{ .Release.Namespace }} {{- end }} diff --git a/charts/argo-cd/templates/argocd-applicationset/serviceaccount.yaml b/charts/argo-cd/templates/argocd-applicationset/serviceaccount.yaml index a196626eb..7c0cf0176 100644 --- a/charts/argo-cd/templates/argocd-applicationset/serviceaccount.yaml +++ b/charts/argo-cd/templates/argocd-applicationset/serviceaccount.yaml @@ -3,17 +3,17 @@ apiVersion: v1 kind: ServiceAccount automountServiceAccountToken: {{ .Values.applicationSet.serviceAccount.automountServiceAccountToken }} metadata: - name: {{ template "argo-cd.applicationSetServiceAccountName" . }} + name: {{ include "argo-cd.applicationSet.serviceAccountName" . }} namespace: {{ .Release.Namespace | quote }} -{{- if .Values.applicationSet.serviceAccount.annotations }} + {{- with .Values.applicationSet.serviceAccount.annotations }} annotations: - {{- range $key, $value := .Values.applicationSet.serviceAccount.annotations }} + {{- range $key, $value := . }} {{ $key }}: {{ $value | quote }} + {{- end }} {{- end }} -{{- end }} labels: {{- include "argo-cd.labels" (dict "context" . "component" .Values.applicationSet.name "name" .Values.applicationSet.name) | nindent 4 }} - {{- range $key, $value := .Values.applicationSet.serviceAccount.labels }} - {{ $key }}: {{ $value | quote }} - {{- end }} + {{- with .Values.applicationSet.serviceAccount.labels }} + {{- toYaml . | nindent 4 }} + {{- end }} {{- end }} diff --git a/charts/argo-cd/templates/argocd-notifications/clusterrolebinding.yaml b/charts/argo-cd/templates/argocd-notifications/clusterrolebinding.yaml index 3dba71a2f..cfdba38a9 100644 --- a/charts/argo-cd/templates/argocd-notifications/clusterrolebinding.yaml +++ b/charts/argo-cd/templates/argocd-notifications/clusterrolebinding.yaml @@ -11,6 +11,6 @@ roleRef: name: {{ include "argo-cd.notifications.fullname" . }} subjects: - kind: ServiceAccount - name: {{ include "argo-cd.notificationsServiceAccountName" . }} + name: {{ include "argo-cd.notifications.serviceAccountName" . }} namespace: {{ .Release.Namespace }} {{- end }} diff --git a/charts/argo-cd/templates/argocd-notifications/deployment.yaml b/charts/argo-cd/templates/argocd-notifications/deployment.yaml index edee786a4..2ed9f1e8e 100644 --- a/charts/argo-cd/templates/argocd-notifications/deployment.yaml +++ b/charts/argo-cd/templates/argocd-notifications/deployment.yaml @@ -54,7 +54,7 @@ spec: {{- if .Values.notifications.terminationGracePeriodSeconds }} terminationGracePeriodSeconds: {{ .Values.notifications.terminationGracePeriodSeconds }} {{- end }} - serviceAccountName: {{ include "argo-cd.notificationsServiceAccountName" . }} + serviceAccountName: {{ include "argo-cd.notifications.serviceAccountName" . }} containers: - name: {{ .Values.notifications.name }} image: {{ default .Values.global.image.repository .Values.notifications.image.repository }}:{{ default (include "argo-cd.defaultTag" .) .Values.notifications.image.tag }} diff --git a/charts/argo-cd/templates/argocd-notifications/rolebinding.yaml b/charts/argo-cd/templates/argocd-notifications/rolebinding.yaml index 7bc6e1d12..323241905 100644 --- a/charts/argo-cd/templates/argocd-notifications/rolebinding.yaml +++ b/charts/argo-cd/templates/argocd-notifications/rolebinding.yaml @@ -2,16 +2,16 @@ apiVersion: rbac.authorization.k8s.io/v1 kind: RoleBinding metadata: - name: {{ template "argo-cd.notifications.fullname" . }} + name: {{ include "argo-cd.notifications.fullname" . }} namespace: {{ .Release.Namespace | quote }} labels: {{- include "argo-cd.labels" (dict "context" . "component" .Values.notifications.name "name" .Values.notifications.name) | nindent 4 }} roleRef: apiGroup: rbac.authorization.k8s.io kind: Role - name: {{ template "argo-cd.notifications.fullname" . }} + name: {{ include "argo-cd.notifications.fullname" . }} subjects: - kind: ServiceAccount - name: {{ template "argo-cd.notificationsServiceAccountName" . }} + name: {{ include "argo-cd.notifications.serviceAccountName" . }} namespace: {{ .Release.Namespace }} {{- end }} diff --git a/charts/argo-cd/templates/argocd-notifications/serviceaccount.yaml b/charts/argo-cd/templates/argocd-notifications/serviceaccount.yaml index aa8242420..8f58ff8d1 100644 --- a/charts/argo-cd/templates/argocd-notifications/serviceaccount.yaml +++ b/charts/argo-cd/templates/argocd-notifications/serviceaccount.yaml @@ -3,17 +3,17 @@ apiVersion: v1 kind: ServiceAccount automountServiceAccountToken: {{ .Values.notifications.serviceAccount.automountServiceAccountToken }} metadata: - name: {{ template "argo-cd.notificationsServiceAccountName" . }} + name: {{ include "argo-cd.notifications.serviceAccountName" . }} namespace: {{ .Release.Namespace | quote }} -{{- if .Values.notifications.serviceAccount.annotations }} + {{- with .Values.notifications.serviceAccount.annotations }} annotations: - {{- range $key, $value := .Values.notifications.serviceAccount.annotations }} + {{- range $key, $value := . }} {{ $key }}: {{ $value | quote }} + {{- end }} {{- end }} -{{- end }} labels: {{- include "argo-cd.labels" (dict "context" . "component" .Values.notifications.name "name" .Values.notifications.name) | nindent 4 }} - {{- range $key, $value := .Values.notifications.serviceAccount.labels }} - {{ $key }}: {{ $value | quote }} - {{- end }} + {{- with .Values.notifications.serviceAccount.labels }} + {{- toYaml . | nindent 4 }} + {{- end }} {{- end }} diff --git a/charts/argo-cd/templates/argocd-repo-server/clusterrolebinding.yaml b/charts/argo-cd/templates/argocd-repo-server/clusterrolebinding.yaml index c3e21edbc..ba156d241 100644 --- a/charts/argo-cd/templates/argocd-repo-server/clusterrolebinding.yaml +++ b/charts/argo-cd/templates/argocd-repo-server/clusterrolebinding.yaml @@ -12,6 +12,6 @@ roleRef: name: {{ include "argo-cd.repoServer.fullname" . }} subjects: - kind: ServiceAccount - name: {{ include "argo-cd.repoServerServiceAccountName" . }} + name: {{ include "argo-cd.repoServer.serviceAccountName" . }} namespace: {{ .Release.Namespace }} {{- end }} diff --git a/charts/argo-cd/templates/argocd-repo-server/deployment.yaml b/charts/argo-cd/templates/argocd-repo-server/deployment.yaml index 90941428e..a9565a2e5 100755 --- a/charts/argo-cd/templates/argocd-repo-server/deployment.yaml +++ b/charts/argo-cd/templates/argocd-repo-server/deployment.yaml @@ -65,7 +65,7 @@ spec: {{- if .Values.repoServer.terminationGracePeriodSeconds }} terminationGracePeriodSeconds: {{ .Values.repoServer.terminationGracePeriodSeconds }} {{- end }} - serviceAccountName: {{ include "argo-cd.repoServerServiceAccountName" . }} + serviceAccountName: {{ include "argo-cd.repoServer.serviceAccountName" . }} containers: - name: {{ .Values.repoServer.name }} image: {{ default .Values.global.image.repository .Values.repoServer.image.repository }}:{{ default (include "argo-cd.defaultTag" .) .Values.repoServer.image.tag }} diff --git a/charts/argo-cd/templates/argocd-repo-server/rolebinding.yaml b/charts/argo-cd/templates/argocd-repo-server/rolebinding.yaml index 8834b7789..ea4baded7 100644 --- a/charts/argo-cd/templates/argocd-repo-server/rolebinding.yaml +++ b/charts/argo-cd/templates/argocd-repo-server/rolebinding.yaml @@ -2,16 +2,16 @@ apiVersion: rbac.authorization.k8s.io/v1 kind: RoleBinding metadata: - name: {{ template "argo-cd.repoServer.fullname" . }} + name: {{ include "argo-cd.repoServer.fullname" . }} namespace: {{ .Release.Namespace | quote }} labels: {{- include "argo-cd.labels" (dict "context" . "component" .Values.repoServer.name "name" .Values.repoServer.name) | nindent 4 }} roleRef: apiGroup: rbac.authorization.k8s.io kind: Role - name: {{ template "argo-cd.repoServer.fullname" . }} + name: {{ include "argo-cd.repoServer.fullname" . }} subjects: - kind: ServiceAccount - name: {{ template "argo-cd.repoServerServiceAccountName" . }} + name: {{ include "argo-cd.repoServer.serviceAccountName" . }} namespace: {{ .Release.Namespace }} -{{- end }} \ No newline at end of file +{{- end }} diff --git a/charts/argo-cd/templates/argocd-repo-server/serviceaccount.yaml b/charts/argo-cd/templates/argocd-repo-server/serviceaccount.yaml index 7b26928fa..945483fa3 100644 --- a/charts/argo-cd/templates/argocd-repo-server/serviceaccount.yaml +++ b/charts/argo-cd/templates/argocd-repo-server/serviceaccount.yaml @@ -3,17 +3,17 @@ apiVersion: v1 kind: ServiceAccount automountServiceAccountToken: {{ .Values.repoServer.serviceAccount.automountServiceAccountToken }} metadata: - name: {{ template "argo-cd.repoServerServiceAccountName" . }} + name: {{ include "argo-cd.repoServer.serviceAccountName" . }} namespace: {{ .Release.Namespace | quote }} -{{- if .Values.repoServer.serviceAccount.annotations }} + {{- with .Values.repoServer.serviceAccount.annotations }} annotations: - {{- range $key, $value := .Values.repoServer.serviceAccount.annotations }} + {{- range $key, $value := . }} {{ $key }}: {{ $value | quote }} + {{- end }} {{- end }} -{{- end }} labels: {{- include "argo-cd.labels" (dict "context" . "component" .Values.repoServer.name "name" .Values.repoServer.name) | nindent 4 }} - {{- range $key, $value := .Values.repoServer.serviceAccount.labels }} - {{ $key }}: {{ $value | quote }} - {{- end }} + {{- range $key, $value := .Values.repoServer.serviceAccount.labels }} + {{- toYaml . | nindent 4 }} + {{- end }} {{- end }} diff --git a/charts/argo-cd/templates/argocd-server/clusterrolebinding.yaml b/charts/argo-cd/templates/argocd-server/clusterrolebinding.yaml index 72e4d4504..27fd13d6d 100644 --- a/charts/argo-cd/templates/argocd-server/clusterrolebinding.yaml +++ b/charts/argo-cd/templates/argocd-server/clusterrolebinding.yaml @@ -12,6 +12,6 @@ roleRef: name: {{ include "argo-cd.server.fullname" . }} subjects: - kind: ServiceAccount - name: {{ include "argo-cd.serverServiceAccountName" . }} + name: {{ include "argo-cd.server.serviceAccountName" . }} namespace: {{ .Release.Namespace }} {{- end }} diff --git a/charts/argo-cd/templates/argocd-server/deployment.yaml b/charts/argo-cd/templates/argocd-server/deployment.yaml index c56ea6808..a09b56565 100755 --- a/charts/argo-cd/templates/argocd-server/deployment.yaml +++ b/charts/argo-cd/templates/argocd-server/deployment.yaml @@ -56,7 +56,7 @@ spec: {{- if .Values.server.terminationGracePeriodSeconds }} terminationGracePeriodSeconds: {{ .Values.server.terminationGracePeriodSeconds }} {{- end }} - serviceAccountName: {{ include "argo-cd.serverServiceAccountName" . }} + serviceAccountName: {{ include "argo-cd.server.serviceAccountName" . }} containers: - name: {{ .Values.server.name }} image: {{ default .Values.global.image.repository .Values.server.image.repository }}:{{ default (include "argo-cd.defaultTag" .) .Values.server.image.tag }} diff --git a/charts/argo-cd/templates/argocd-server/rolebinding.yaml b/charts/argo-cd/templates/argocd-server/rolebinding.yaml index 93b1fa948..61276d603 100644 --- a/charts/argo-cd/templates/argocd-server/rolebinding.yaml +++ b/charts/argo-cd/templates/argocd-server/rolebinding.yaml @@ -1,7 +1,7 @@ apiVersion: rbac.authorization.k8s.io/v1 kind: RoleBinding metadata: - name: {{ template "argo-cd.server.fullname" . }} + name: {{ include "argo-cd.server.fullname" . }} namespace: {{ .Release.Namespace | quote }} labels: {{- include "argo-cd.labels" (dict "context" . "component" .Values.server.name "name" .Values.server.name) | nindent 4 }} @@ -11,5 +11,5 @@ roleRef: name: {{ template "argo-cd.server.fullname" . }} subjects: - kind: ServiceAccount - name: {{ template "argo-cd.serverServiceAccountName" . }} - namespace: {{ .Release.Namespace }} \ No newline at end of file + name: {{ include "argo-cd.server.serviceAccountName" . }} + namespace: {{ .Release.Namespace }} diff --git a/charts/argo-cd/templates/argocd-server/serviceaccount.yaml b/charts/argo-cd/templates/argocd-server/serviceaccount.yaml index 5d03aaf60..12f571fde 100644 --- a/charts/argo-cd/templates/argocd-server/serviceaccount.yaml +++ b/charts/argo-cd/templates/argocd-server/serviceaccount.yaml @@ -3,17 +3,17 @@ apiVersion: v1 kind: ServiceAccount automountServiceAccountToken: {{ .Values.server.serviceAccount.automountServiceAccountToken }} metadata: - name: {{ template "argo-cd.serverServiceAccountName" . }} + name: {{ include "argo-cd.server.serviceAccountName" . }} namespace: {{ .Release.Namespace | quote }} -{{- if .Values.server.serviceAccount.annotations }} + {{- with .Values.server.serviceAccount.annotations }} annotations: - {{- range $key, $value := .Values.server.serviceAccount.annotations }} + {{- range $key, $value := . }} {{ $key }}: {{ $value | quote }} + {{- end }} {{- end }} -{{- end }} labels: {{- include "argo-cd.labels" (dict "context" . "component" .Values.server.name "name" .Values.server.name) | nindent 4 }} - {{- range $key, $value := .Values.server.serviceAccount.labels }} - {{ $key }}: {{ $value | quote }} - {{- end }} + {{- range $key, $value := .Values.server.serviceAccount.labels }} + {{- toYaml . | nindent 4 }} + {{- end }} {{- end }} diff --git a/charts/argo-cd/templates/dex/deployment.yaml b/charts/argo-cd/templates/dex/deployment.yaml index 9f782c8d6..c8e2c9293 100755 --- a/charts/argo-cd/templates/dex/deployment.yaml +++ b/charts/argo-cd/templates/dex/deployment.yaml @@ -58,7 +58,7 @@ spec: {{- if .Values.dex.terminationGracePeriodSeconds }} terminationGracePeriodSeconds: {{ .Values.dex.terminationGracePeriodSeconds }} {{- end }} - serviceAccountName: {{ template "argo-cd.dexServiceAccountName" . }} + serviceAccountName: {{ template "argo-cd.dex.serviceAccountName" . }} containers: - name: {{ .Values.dex.name }} image: {{ .Values.dex.image.repository }}:{{ .Values.dex.image.tag }} diff --git a/charts/argo-cd/templates/dex/rolebinding.yaml b/charts/argo-cd/templates/dex/rolebinding.yaml index 08da15442..30b92c06e 100644 --- a/charts/argo-cd/templates/dex/rolebinding.yaml +++ b/charts/argo-cd/templates/dex/rolebinding.yaml @@ -2,16 +2,16 @@ apiVersion: rbac.authorization.k8s.io/v1 kind: RoleBinding metadata: - name: {{ template "argo-cd.dex.fullname" . }} + name: {{ include "argo-cd.dex.fullname" . }} namespace: {{ .Release.Namespace | quote }} labels: {{- include "argo-cd.labels" (dict "context" . "component" .Values.dex.name "name" .Values.dex.name) | nindent 4 }} roleRef: apiGroup: rbac.authorization.k8s.io kind: Role - name: {{ template "argo-cd.dex.fullname" . }} + name: {{ include "argo-cd.dex.fullname" . }} subjects: - kind: ServiceAccount - name: {{ template "argo-cd.dexServiceAccountName" . }} + name: {{ include "argo-cd.dex.serviceAccountName" . }} namespace: {{ .Release.Namespace }} -{{- end }} \ No newline at end of file +{{- end }} diff --git a/charts/argo-cd/templates/dex/serviceaccount.yaml b/charts/argo-cd/templates/dex/serviceaccount.yaml index 65abd57cd..66bf30768 100644 --- a/charts/argo-cd/templates/dex/serviceaccount.yaml +++ b/charts/argo-cd/templates/dex/serviceaccount.yaml @@ -3,14 +3,14 @@ apiVersion: v1 kind: ServiceAccount automountServiceAccountToken: {{ .Values.dex.serviceAccount.automountServiceAccountToken }} metadata: - name: {{ template "argo-cd.dexServiceAccountName" . }} + name: {{ include "argo-cd.dex.serviceAccountName" . }} namespace: {{ .Release.Namespace | quote }} -{{- if .Values.dex.serviceAccount.annotations }} + {{- with .Values.dex.serviceAccount.annotations }} annotations: - {{- range $key, $value := .Values.dex.serviceAccount.annotations }} + {{- range $key, $value := . }} {{ $key }}: {{ $value | quote }} + {{- end }} {{- end }} -{{- end }} labels: {{- include "argo-cd.labels" (dict "context" . "component" .Values.dex.name "name" .Values.dex.name) | nindent 4 }} {{- end }} diff --git a/charts/argo-cd/templates/redis/deployment.yaml b/charts/argo-cd/templates/redis/deployment.yaml index 3f272d027..b3182245f 100755 --- a/charts/argo-cd/templates/redis/deployment.yaml +++ b/charts/argo-cd/templates/redis/deployment.yaml @@ -51,7 +51,7 @@ spec: {{- if .Values.redis.terminationGracePeriodSeconds }} terminationGracePeriodSeconds: {{ .Values.redis.terminationGracePeriodSeconds }} {{- end }} - serviceAccountName: {{ include "argo-cd.redisServiceAccountName" . }} + serviceAccountName: {{ include "argo-cd.redis.serviceAccountName" . }} containers: - name: {{ .Values.redis.name }} image: {{ .Values.redis.image.repository }}:{{ .Values.redis.image.tag }} diff --git a/charts/argo-cd/templates/redis/serviceaccount.yaml b/charts/argo-cd/templates/redis/serviceaccount.yaml index 503fb4347..f45ece132 100644 --- a/charts/argo-cd/templates/redis/serviceaccount.yaml +++ b/charts/argo-cd/templates/redis/serviceaccount.yaml @@ -3,14 +3,14 @@ apiVersion: v1 kind: ServiceAccount automountServiceAccountToken: {{ .Values.redis.serviceAccount.automountServiceAccountToken }} metadata: - name: {{ template "argo-cd.redisServiceAccountName" . }} + name: {{ include "argo-cd.redis.serviceAccountName" . }} namespace: {{ .Release.Namespace | quote }} -{{- if .Values.redis.serviceAccount.annotations }} + {{- with .Values.redis.serviceAccount.annotations }} annotations: - {{- range $key, $value := .Values.redis.serviceAccount.annotations }} + {{- range $key, $value := . }} {{ $key }}: {{ $value | quote }} + {{- end }} {{- end }} -{{- end }} labels: {{- include "argo-cd.labels" (dict "context" . "component" .Values.redis.name "name" .Values.redis.name) | nindent 4 }} {{- end }} From 51bb7f98069940ff6c053915f04b30bf5f546153 Mon Sep 17 00:00:00 2001 From: Aikawa Date: Sat, 6 Jan 2024 00:28:42 +0900 Subject: [PATCH 348/373] fix(argocd-image-updater): Update outdated link on README (#2414) * fixed(argocd-image-updater): Update outdated link on README Signed-off-by: yu-croco * fix: correct "ArgoCD" to "Argo CD" Signed-off-by: yu-croco --------- Signed-off-by: yu-croco --- charts/argocd-image-updater/Chart.yaml | 8 ++++-- charts/argocd-image-updater/README.md | 30 +++++++++++--------- charts/argocd-image-updater/README.md.gotmpl | 20 +++++++------ charts/argocd-image-updater/values.yaml | 10 +++---- 4 files changed, 39 insertions(+), 29 deletions(-) diff --git a/charts/argocd-image-updater/Chart.yaml b/charts/argocd-image-updater/Chart.yaml index 665f4badc..203c6206c 100644 --- a/charts/argocd-image-updater/Chart.yaml +++ b/charts/argocd-image-updater/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v2 name: argocd-image-updater description: A Helm chart for Argo CD Image Updater, a tool to automatically update the container images of Kubernetes workloads which are managed by Argo CD type: application -version: 0.9.1 +version: 0.9.2 appVersion: v0.12.2 home: https://github.com/argoproj-labs/argocd-image-updater icon: https://argocd-image-updater.readthedocs.io/en/stable/assets/logo.png @@ -18,5 +18,7 @@ annotations: fingerprint: 2B8F22F57260EFA67BE1C5824B11F800CD9D2252 url: https://argoproj.github.io/argo-helm/pgp_keys.asc artifacthub.io/changes: | - - kind: added - description: Introduce chart signing + - kind: fixed + description: Update outdated link on README + - kind: changed + description: Refactor README diff --git a/charts/argocd-image-updater/README.md b/charts/argocd-image-updater/README.md index 5d5c72537..148a5073b 100644 --- a/charts/argocd-image-updater/README.md +++ b/charts/argocd-image-updater/README.md @@ -14,7 +14,7 @@ helm repo add argo https://argoproj.github.io/argo-helm helm install argocd-image-updater argo/argocd-image-updater ``` -You will also need to run through the [secret setup documentation](https://argocd-image-updater.readthedocs.io/en/stable/install/start/#connect-using-argo-cd-api-server) so ArgoCD ImageUpdater can talk to the ArgoCD API (until its automated in this chart). +You will also need to run through the [secret setup documentation] so Argo CD Image Updater can talk to the Argo CD API (until its automated in this chart). ## Prerequisites @@ -22,9 +22,9 @@ You will also need to run through the [secret setup documentation](https://argoc ## Configuration options -In order for your deployment of ArgoCD Image Updater to be successful, you will need to make sure you set the correct configuration options described in detail on the [argocd-image-updater flags page](https://argocd-image-updater.readthedocs.io/en/stable/install/running/#flags). +In order for your deployment of Argo CD Image Updater to be successful, you will need to make sure you set the correct configuration options described in detail on the [argocd-image-updater flags page]. -All of the `argocd-` prefixed flags, which tell `argocd-image-updater` how your ArgoCD instance is setup, are set in the `config.argocd` values block. For instance: +All of the `argocd-` prefixed flags, which tell `argocd-image-updater` how your Argo CD instance is setup, are set in the `config.argocd` values block. For instance: ```yaml config: @@ -35,12 +35,12 @@ config: plaintext: true ``` -Any additional arguments mentioned on the [argocd-image-updater flags page](https://argocd-image-updater.readthedocs.io/en/stable/install/running/#flags) can be configured using the `extraArgs` value, like so. +Any additional arguments mentioned on the [argocd-image-updater flags page] can be configured using the `extraArgs` value, like so. -### ArgoCD API key +### Argo CD API key If you are unable to install Argo CD Image Updater into the same Kubernetes cluster you might configure it to use API of your Argo CD installation. -Please also read [the documentation](https://argocd-image-updater.readthedocs.io/en/stable/configuration/registries/). +Please also read [Configuration of Container Registries]. ```yaml config: @@ -52,7 +52,7 @@ If you specify a token value the secret will be created. ### Registries -ArgoCD Image Updater natively supports the following registries (as mentioned in [the documentation](https://argocd-image-updater.readthedocs.io/en/stable/configuration/registries/)): +Argo CD Image Updater natively supports the following registries (as mentioned in [Configuration of Container Registries]): - Docker Hub - Google Container Registry @@ -60,7 +60,7 @@ ArgoCD Image Updater natively supports the following registries (as mentioned in - GitHub Container Registry - GitHub Docker Packages -If you need support for ECR, you can reference [this issue](https://github.com/argoproj-labs/argocd-image-updater/issues/112) for configuration. You can use the `authScripts` values to configure the scripts that are needed to authenticate with ECR. +If you need support for ECR, you can reference this issue, [Support ECR authentication], for configuration. You can use the `authScripts` values to configure the scripts that are needed to authenticate with ECR. The `config.registries` value can be used exactly as it looks in the documentation as it gets dumped directly into a configmap in this chart. @@ -74,16 +74,16 @@ The `config.registries` value can be used exactly as it looks in the documentati | config.applicationsAPIKind | string | `""` | API kind that is used to manage Argo CD applications (`kubernetes` or `argocd`) | | config.argocd.grpcWeb | bool | `true` | Use the gRPC-web protocol to connect to the Argo CD API | | config.argocd.insecure | bool | `false` | If specified, the certificate of the Argo CD API server is not verified. | -| config.argocd.plaintext | bool | `false` | If specified, use an unencrypted HTTP connection to the ArgoCD API instead of TLS. | +| config.argocd.plaintext | bool | `false` | If specified, use an unencrypted HTTP connection to the Argo CD API instead of TLS. | | config.argocd.serverAddress | string | `""` | Connect to the Argo CD API server at server address | -| config.argocd.token | string | `""` | If specified, the secret with ArgoCD API key will be created. | +| config.argocd.token | string | `""` | If specified, the secret with Argo CD API key will be created. | | config.disableKubeEvents | bool | `false` | Disable kubernetes events | | config.gitCommitMail | string | `""` | E-Mail address to use for Git commits | | config.gitCommitTemplate | string | `""` | Changing the Git commit message | | config.gitCommitUser | string | `""` | Username to use for Git commits | -| config.logLevel | string | `"info"` | ArgoCD Image Update log level | -| config.registries | list | `[]` | ArgoCD Image Updater registries list configuration. More information [here](https://argocd-image-updater.readthedocs.io/en/stable/configuration/registries/) | -| config.sshConfig | object | `{}` | ArgoCD Image Updater ssh client parameter configuration. | +| config.logLevel | string | `"info"` | Argo CD Image Update log level | +| config.registries | list | `[]` | Argo CD Image Updater registries list configuration. More information [here](https://argocd-image-updater.readthedocs.io/en/stable/configuration/registries/) | +| config.sshConfig | object | `{}` | Argo CD Image Updater ssh client parameter configuration. | | extraArgs | list | `[]` | Extra arguments for argocd-image-updater not defined in `config.argocd`. If a flag contains both key and value, they need to be split to a new entry | | extraEnv | list | `[]` | Extra environment variables for argocd-image-updater | | fullnameOverride | string | `""` | Global fullname (argocd-image-updater.fullname in _helpers.tpl) override | @@ -125,3 +125,7 @@ Autogenerated from chart metadata using [helm-docs](https://github.com/norwoodj/ [MetricRelabelConfigs]: https://prometheus.io/docs/prometheus/latest/configuration/configuration/#metric_relabel_configs [RelabelConfigs]: https://prometheus.io/docs/prometheus/latest/configuration/configuration/#relabel_config +[secret setup documentation]: https://argocd-image-updater.readthedocs.io/en/stable/install/installation/#method-2-connect-using-argo-cd-api-server +[argocd-image-updater flags page]: https://argocd-image-updater.readthedocs.io/en/stable/install/reference/#flags +[Configuration of Container Registries]: https://argocd-image-updater.readthedocs.io/en/stable/configuration/registries/ +[Support ECR authentication]: https://github.com/argoproj-labs/argocd-image-updater/issues/112 diff --git a/charts/argocd-image-updater/README.md.gotmpl b/charts/argocd-image-updater/README.md.gotmpl index bbd2e1b5d..68ddd8149 100644 --- a/charts/argocd-image-updater/README.md.gotmpl +++ b/charts/argocd-image-updater/README.md.gotmpl @@ -14,7 +14,7 @@ helm repo add argo https://argoproj.github.io/argo-helm helm install argocd-image-updater argo/argocd-image-updater ``` -You will also need to run through the [secret setup documentation](https://argocd-image-updater.readthedocs.io/en/stable/install/start/#connect-using-argo-cd-api-server) so ArgoCD ImageUpdater can talk to the ArgoCD API (until its automated in this chart). +You will also need to run through the [secret setup documentation] so Argo CD Image Updater can talk to the Argo CD API (until its automated in this chart). ## Prerequisites @@ -22,9 +22,9 @@ You will also need to run through the [secret setup documentation](https://argoc ## Configuration options -In order for your deployment of ArgoCD Image Updater to be successful, you will need to make sure you set the correct configuration options described in detail on the [argocd-image-updater flags page](https://argocd-image-updater.readthedocs.io/en/stable/install/running/#flags). +In order for your deployment of Argo CD Image Updater to be successful, you will need to make sure you set the correct configuration options described in detail on the [argocd-image-updater flags page]. -All of the `argocd-` prefixed flags, which tell `argocd-image-updater` how your ArgoCD instance is setup, are set in the `config.argocd` values block. For instance: +All of the `argocd-` prefixed flags, which tell `argocd-image-updater` how your Argo CD instance is setup, are set in the `config.argocd` values block. For instance: ```yaml config: @@ -35,12 +35,12 @@ config: plaintext: true ``` -Any additional arguments mentioned on the [argocd-image-updater flags page](https://argocd-image-updater.readthedocs.io/en/stable/install/running/#flags) can be configured using the `extraArgs` value, like so. +Any additional arguments mentioned on the [argocd-image-updater flags page] can be configured using the `extraArgs` value, like so. -### ArgoCD API key +### Argo CD API key If you are unable to install Argo CD Image Updater into the same Kubernetes cluster you might configure it to use API of your Argo CD installation. -Please also read [the documentation](https://argocd-image-updater.readthedocs.io/en/stable/configuration/registries/). +Please also read [Configuration of Container Registries]. ```yaml config: @@ -52,7 +52,7 @@ If you specify a token value the secret will be created. ### Registries -ArgoCD Image Updater natively supports the following registries (as mentioned in [the documentation](https://argocd-image-updater.readthedocs.io/en/stable/configuration/registries/)): +Argo CD Image Updater natively supports the following registries (as mentioned in [Configuration of Container Registries]): - Docker Hub - Google Container Registry @@ -60,7 +60,7 @@ ArgoCD Image Updater natively supports the following registries (as mentioned in - GitHub Container Registry - GitHub Docker Packages -If you need support for ECR, you can reference [this issue](https://github.com/argoproj-labs/argocd-image-updater/issues/112) for configuration. You can use the `authScripts` values to configure the scripts that are needed to authenticate with ECR. +If you need support for ECR, you can reference this issue, [Support ECR authentication], for configuration. You can use the `authScripts` values to configure the scripts that are needed to authenticate with ECR. The `config.registries` value can be used exactly as it looks in the documentation as it gets dumped directly into a configmap in this chart. @@ -71,3 +71,7 @@ Autogenerated from chart metadata using [helm-docs](https://github.com/norwoodj/ [MetricRelabelConfigs]: https://prometheus.io/docs/prometheus/latest/configuration/configuration/#metric_relabel_configs [RelabelConfigs]: https://prometheus.io/docs/prometheus/latest/configuration/configuration/#relabel_config +[secret setup documentation]: https://argocd-image-updater.readthedocs.io/en/stable/install/installation/#method-2-connect-using-argo-cd-api-server +[argocd-image-updater flags page]: https://argocd-image-updater.readthedocs.io/en/stable/install/reference/#flags +[Configuration of Container Registries]: https://argocd-image-updater.readthedocs.io/en/stable/configuration/registries/ +[Support ECR authentication]: https://github.com/argoproj-labs/argocd-image-updater/issues/112 diff --git a/charts/argocd-image-updater/values.yaml b/charts/argocd-image-updater/values.yaml index 90498e269..4d4905726 100644 --- a/charts/argocd-image-updater/values.yaml +++ b/charts/argocd-image-updater/values.yaml @@ -77,9 +77,9 @@ config: serverAddress: "" # -- If specified, the certificate of the Argo CD API server is not verified. insecure: false - # -- If specified, use an unencrypted HTTP connection to the ArgoCD API instead of TLS. + # -- If specified, use an unencrypted HTTP connection to the Argo CD API instead of TLS. plaintext: false - # -- If specified, the secret with ArgoCD API key will be created. + # -- If specified, the secret with Argo CD API key will be created. token: "" # -- Disable kubernetes events @@ -94,10 +94,10 @@ config: # -- Changing the Git commit message gitCommitTemplate: "" - # -- ArgoCD Image Update log level + # -- Argo CD Image Update log level logLevel: "info" - # -- ArgoCD Image Updater registries list configuration. More information [here](https://argocd-image-updater.readthedocs.io/en/stable/configuration/registries/) + # -- Argo CD Image Updater registries list configuration. More information [here](https://argocd-image-updater.readthedocs.io/en/stable/configuration/registries/) registries: [] # - name: Docker Hub # api_url: https://registry-1.docker.io @@ -122,7 +122,7 @@ config: # credentials: ext:/scripts/auth1.sh # credsexpire: 10h - # -- ArgoCD Image Updater ssh client parameter configuration. + # -- Argo CD Image Updater ssh client parameter configuration. sshConfig: {} # config: | From d1389a90b9906c5ad419b53ced3250ed4208f7ca Mon Sep 17 00:00:00 2001 From: Aikawa Date: Sat, 6 Jan 2024 13:17:33 +0900 Subject: [PATCH 349/373] chore(argo-workflows): Update doc for Argo Workflows server authentication (#2411) --- charts/argo-workflows/Chart.yaml | 6 +++--- charts/argo-workflows/README.md | 15 +++++++-------- charts/argo-workflows/README.md.gotmpl | 16 ++++++++-------- 3 files changed, 18 insertions(+), 19 deletions(-) diff --git a/charts/argo-workflows/Chart.yaml b/charts/argo-workflows/Chart.yaml index 15950d667..2bfb706d8 100644 --- a/charts/argo-workflows/Chart.yaml +++ b/charts/argo-workflows/Chart.yaml @@ -3,7 +3,7 @@ appVersion: v3.5.2 name: argo-workflows description: A Helm chart for Argo Workflows type: application -version: 0.40.3 +version: 0.40.4 icon: https://argoproj.github.io/argo-workflows/assets/logo.png home: https://github.com/argoproj/argo-helm sources: @@ -16,5 +16,5 @@ annotations: fingerprint: 2B8F22F57260EFA67BE1C5824B11F800CD9D2252 url: https://argoproj.github.io/argo-helm/pgp_keys.asc artifacthub.io/changes: | - - kind: added - description: Add instruction for SSO + - kind: changed + description: Update doc for Argo Workflows server authentication diff --git a/charts/argo-workflows/README.md b/charts/argo-workflows/README.md index 81e653594..3a2a91d7e 100644 --- a/charts/argo-workflows/README.md +++ b/charts/argo-workflows/README.md @@ -56,11 +56,6 @@ spec: args: [ "hello world" ] ``` -### Argo Workflows Server SSO -In order to enable SSO, please configure `.Values.server.sso` and `.Values.server.authMode`. - -In order to manage access levels, you can optionally add RBAC to SSO. Please refer [SSO RBAC] for more details. - ## Installing the Chart To install the chart with the release name `my-release`: @@ -89,9 +84,12 @@ Please see the upstream [Operator Manual's High Availability page](https://argop This chart defaults to setting the `controller.instanceID.enabled` to `false` now, which means the deployed controller will act upon any workflow deployed to the cluster. If you would like to limit the behavior and deploy multiple workflow controllers, please use the `controller.instanceID.enabled` attribute along with one of its configuration options to set the `instanceID` of the workflow controller to be properly scoped for your needs. -### Workflow server authentication +### Argo Workflows server authentication + +Argo Workflows server provides some choices for authentication mechanism and you can configure `.Values.server.authModes`. By default, authentication mode is `[server]`, for local development purposes or cases where your gateway authentication is covered by some other means. +Please refer to [Argo Server Auth Mode] for more details. -By default, the chart requires some kind of authentication mechanism. This adopts the [default behaviour from the Argo project](https://github.com/argoproj/argo-workflows/pull/5211) itself. However, for local development purposes, or cases where your gateway authentication is covered by some other means, you can set the authentication mode for the Argo server by setting the `server.extraArgs: [--auth-mode=server]`. There are a few additional comments in the values.yaml file itself, including commented-out settings to disable authentication on the server UI itself using the same `--auth-mode=server` setting. +Argo Workflows server also supports SSO and you can enable it to configure `.Values.server.sso` and `.Values.server.authModes`. In order to manage access levels, you can optionally add RBAC to SSO. Please refer to [SSO RBAC] for more details. ## Values @@ -392,4 +390,5 @@ Fields to note: [TopologySpreadConstraints]: https://kubernetes.io/docs/concepts/workloads/pods/pod-topology-spread-constraints/ [values.yaml]: values.yaml [changelog]: https://artifacthub.io/packages/helm/argo/argo-workflows?modal=changelog -[SSO RBAC]: https://argoproj.github.io/argo-workflows/argo-server-sso/#sso-rbac +[SSO RBAC]: https://argo-workflows.readthedocs.io/en/latest/argo-server-sso/ +[Argo Server Auth Mode]: https://argo-workflows.readthedocs.io/en/latest/argo-server-auth-mode/ diff --git a/charts/argo-workflows/README.md.gotmpl b/charts/argo-workflows/README.md.gotmpl index aa296179f..4d1ec4d5c 100644 --- a/charts/argo-workflows/README.md.gotmpl +++ b/charts/argo-workflows/README.md.gotmpl @@ -56,11 +56,6 @@ spec: args: [ "hello world" ] ``` -### Argo Workflows Server SSO -In order to enable SSO, please configure `.Values.server.sso` and `.Values.server.authMode`. - -In order to manage access levels, you can optionally add RBAC to SSO. Please refer [SSO RBAC] for more details. - ## Installing the Chart To install the chart with the release name `my-release`: @@ -89,9 +84,13 @@ Please see the upstream [Operator Manual's High Availability page](https://argop This chart defaults to setting the `controller.instanceID.enabled` to `false` now, which means the deployed controller will act upon any workflow deployed to the cluster. If you would like to limit the behavior and deploy multiple workflow controllers, please use the `controller.instanceID.enabled` attribute along with one of its configuration options to set the `instanceID` of the workflow controller to be properly scoped for your needs. -### Workflow server authentication +### Argo Workflows server authentication + +Argo Workflows server provides some choices for authentication mechanism and you can configure `.Values.server.authModes`. By default, authentication mode is `[server]`, for local development purposes or cases where your gateway authentication is covered by some other means. +Please refer to [Argo Server Auth Mode] for more details. + +Argo Workflows server also supports SSO and you can enable it to configure `.Values.server.sso` and `.Values.server.authModes`. In order to manage access levels, you can optionally add RBAC to SSO. Please refer to [SSO RBAC] for more details. -By default, the chart requires some kind of authentication mechanism. This adopts the [default behaviour from the Argo project](https://github.com/argoproj/argo-workflows/pull/5211) itself. However, for local development purposes, or cases where your gateway authentication is covered by some other means, you can set the authentication mode for the Argo server by setting the `server.extraArgs: [--auth-mode=server]`. There are a few additional comments in the values.yaml file itself, including commented-out settings to disable authentication on the server UI itself using the same `--auth-mode=server` setting. ## Values @@ -209,4 +208,5 @@ Fields to note: [TopologySpreadConstraints]: https://kubernetes.io/docs/concepts/workloads/pods/pod-topology-spread-constraints/ [values.yaml]: values.yaml [changelog]: https://artifacthub.io/packages/helm/argo/argo-workflows?modal=changelog -[SSO RBAC]: https://argoproj.github.io/argo-workflows/argo-server-sso/#sso-rbac +[SSO RBAC]: https://argo-workflows.readthedocs.io/en/latest/argo-server-sso/ +[Argo Server Auth Mode]: https://argo-workflows.readthedocs.io/en/latest/argo-server-auth-mode/ From 9892e505f17a24fd13e1aef8248222e141887201 Mon Sep 17 00:00:00 2001 From: Brian Gottfried Date: Sat, 6 Jan 2024 22:30:45 -0600 Subject: [PATCH 350/373] feat(argo-rollouts): Add rollout plugin gloo platform rbac (#2404) * feat(argo-rollouts): Add rollout plugin gloo platform rbac Signed-off-by: Brian Gottfried * feat(argo-rollouts): Add rollout plugin gloo platform rbac information to README Signed-off-by: Brian Gottfried --------- Signed-off-by: Brian Gottfried Co-authored-by: Aikawa --- charts/argo-rollouts/Chart.yaml | 6 +++--- charts/argo-rollouts/README.md | 1 + .../argo-rollouts/templates/controller/clusterrole.yaml | 9 +++++++++ charts/argo-rollouts/templates/controller/role.yaml | 9 +++++++++ charts/argo-rollouts/values.yaml | 2 ++ 5 files changed, 24 insertions(+), 3 deletions(-) diff --git a/charts/argo-rollouts/Chart.yaml b/charts/argo-rollouts/Chart.yaml index a879e08c7..caf26b587 100644 --- a/charts/argo-rollouts/Chart.yaml +++ b/charts/argo-rollouts/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v2 appVersion: v1.6.4 description: A Helm chart for Argo Rollouts name: argo-rollouts -version: 2.34.0 +version: 2.34.1 home: https://github.com/argoproj/argo-helm icon: https://argoproj.github.io/argo-rollouts/assets/logo.png keywords: @@ -18,5 +18,5 @@ annotations: fingerprint: 2B8F22F57260EFA67BE1C5824B11F800CD9D2252 url: https://argoproj.github.io/argo-helm/pgp_keys.asc artifacthub.io/changes: | - - kind: changed - description: Allow setting log config for rollouts dashboard + - kind: added + description: Added Gloo Platform provider RBAC rules diff --git a/charts/argo-rollouts/README.md b/charts/argo-rollouts/README.md index 23f25df74..3627de838 100644 --- a/charts/argo-rollouts/README.md +++ b/charts/argo-rollouts/README.md @@ -66,6 +66,7 @@ For full list of changes please check ArtifactHub [changelog]. | providerRBAC.providers.awsAppMesh | bool | `true` | Adds RBAC rules for the AWS App Mesh provider | | providerRBAC.providers.awsLoadBalancerController | bool | `true` | Adds RBAC rules for the AWS Load Balancer Controller provider | | providerRBAC.providers.contour | bool | `true` | Adds RBAC rules for the Contour provider, see `https://github.com/argoproj-labs/rollouts-plugin-trafficrouter-contour/blob/main/README.md` | +| providerRBAC.providers.glooPlatform | bool | `true` | Adds RBAC rules for the Gloo Platform provider, see `https://github.com/argoproj-labs/rollouts-plugin-trafficrouter-glooplatform/blob/main/README.md` | | providerRBAC.providers.istio | bool | `true` | Adds RBAC rules for the Istio provider | | providerRBAC.providers.smi | bool | `true` | Adds RBAC rules for the SMI provider | | providerRBAC.providers.traefik | bool | `true` | Adds RBAC rules for the Traefik provider | diff --git a/charts/argo-rollouts/templates/controller/clusterrole.yaml b/charts/argo-rollouts/templates/controller/clusterrole.yaml index 56afb5cb9..35fd82158 100644 --- a/charts/argo-rollouts/templates/controller/clusterrole.yaml +++ b/charts/argo-rollouts/templates/controller/clusterrole.yaml @@ -267,5 +267,14 @@ rules: - watch - update {{- end }} +{{- if .Values.providerRBAC.providers.glooPlatform }} + # Access needed when using the Gloo Platform provider +- apiGroups: + - networking.gloo.solo.io + resources: + - routetables + verbs: + - '*' +{{- end }} {{- end }} {{- end }} diff --git a/charts/argo-rollouts/templates/controller/role.yaml b/charts/argo-rollouts/templates/controller/role.yaml index eb69db628..dc656cdee 100644 --- a/charts/argo-rollouts/templates/controller/role.yaml +++ b/charts/argo-rollouts/templates/controller/role.yaml @@ -256,5 +256,14 @@ rules: - get - update {{- end }} +{{- if .Values.providerRBAC.providers.glooPlatform }} + # Access needed when using the Gloo Platform provider +- apiGroups: + - networking.gloo.solo.io + resources: + - routetables + verbs: + - '*' +{{- end }} {{- end }} {{- end }} diff --git a/charts/argo-rollouts/values.yaml b/charts/argo-rollouts/values.yaml index e7a5f1339..19ab340e2 100644 --- a/charts/argo-rollouts/values.yaml +++ b/charts/argo-rollouts/values.yaml @@ -271,6 +271,8 @@ providerRBAC: apisix: true # -- Adds RBAC rules for the Contour provider, see `https://github.com/argoproj-labs/rollouts-plugin-trafficrouter-contour/blob/main/README.md` contour: true + # -- Adds RBAC rules for the Gloo Platform provider, see `https://github.com/argoproj-labs/rollouts-plugin-trafficrouter-glooplatform/blob/main/README.md` + glooPlatform: true dashboard: # -- Deploy dashboard server From 3a2645782ceaac12a19d630cd870dcf202cee9a2 Mon Sep 17 00:00:00 2001 From: "renovate[bot]" <29139614+renovate[bot]@users.noreply.github.com> Date: Tue, 9 Jan 2024 10:14:11 +0000 Subject: [PATCH 351/373] chore(argo-events): Update dependency argoproj/argo-events to v1.9.0 (#2417) * chore(argo-events): Update dependency argoproj/argo-events to v1.9.0 * Apply automatic changes Signed-off-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com> --------- Signed-off-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com> Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com> Co-authored-by: renovate[bot] --- charts/argo-events/Chart.yaml | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/charts/argo-events/Chart.yaml b/charts/argo-events/Chart.yaml index b9f441fe8..d219afc71 100644 --- a/charts/argo-events/Chart.yaml +++ b/charts/argo-events/Chart.yaml @@ -1,8 +1,8 @@ apiVersion: v2 -appVersion: v1.8.1 +appVersion: v1.9.0 description: A Helm chart for Argo Events, the event-driven workflow automation framework name: argo-events -version: 2.4.1 +version: 2.4.2 home: https://github.com/argoproj/argo-helm icon: https://avatars.githubusercontent.com/u/30269780?s=200&v=4 keywords: @@ -19,4 +19,4 @@ annotations: url: https://argoproj.github.io/argo-helm/pgp_keys.asc artifacthub.io/changes: | - kind: changed - description: Upgrade Argo Events to v1.8.1 + description: Bump argo-events to v1.9.0 From 5aaa79be36e9a283a75a148d85ee44b41858e768 Mon Sep 17 00:00:00 2001 From: "renovate[bot]" <29139614+renovate[bot]@users.noreply.github.com> Date: Thu, 11 Jan 2024 16:20:25 +0900 Subject: [PATCH 352/373] chore(argo-workflows): Update dependency argoproj/argo-workflows to v3.5.3 (#2419) * chore(argo-workflows): Update dependency argoproj/argo-workflows to v3.5.3 * Apply automatic changes Signed-off-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com> --------- Signed-off-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com> Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com> Co-authored-by: renovate[bot] --- charts/argo-workflows/Chart.yaml | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/charts/argo-workflows/Chart.yaml b/charts/argo-workflows/Chart.yaml index 2bfb706d8..54b893cf2 100644 --- a/charts/argo-workflows/Chart.yaml +++ b/charts/argo-workflows/Chart.yaml @@ -1,9 +1,9 @@ apiVersion: v2 -appVersion: v3.5.2 +appVersion: v3.5.3 name: argo-workflows description: A Helm chart for Argo Workflows type: application -version: 0.40.4 +version: 0.40.5 icon: https://argoproj.github.io/argo-workflows/assets/logo.png home: https://github.com/argoproj/argo-helm sources: @@ -17,4 +17,4 @@ annotations: url: https://argoproj.github.io/argo-helm/pgp_keys.asc artifacthub.io/changes: | - kind: changed - description: Update doc for Argo Workflows server authentication + description: Bump argo-workflows to v3.5.3 From 1cc80bfe107ccf24379ba71cf024311c8240ee89 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Sat, 13 Jan 2024 09:09:25 -0600 Subject: [PATCH 353/373] chore(deps): bump actions/upload-artifact from 4.0.0 to 4.1.0 (#2421) --- .github/workflows/scorecard.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/scorecard.yml b/.github/workflows/scorecard.yml index e86279fa5..76b0264ce 100644 --- a/.github/workflows/scorecard.yml +++ b/.github/workflows/scorecard.yml @@ -60,7 +60,7 @@ jobs: # Upload the results as artifacts (optional). Commenting out will disable uploads of run results in SARIF # format to the repository Actions tab. - name: "Upload artifact" - uses: actions/upload-artifact@c7d193f32edcb7bfad88892161225aeda64e9392 # v4.0.0 + uses: actions/upload-artifact@1eb3cb2b3e0f29609092a73eb033bb759a334595 # v4.1.0 with: name: SARIF file path: results.sarif From 524089b9dfbcd78b26ec78a502dbe9ce1e1f6df7 Mon Sep 17 00:00:00 2001 From: "renovate[bot]" <29139614+renovate[bot]@users.noreply.github.com> Date: Sun, 14 Jan 2024 17:10:59 +0900 Subject: [PATCH 354/373] chore(argo-workflows): Update dependency argoproj/argo-workflows to v3.5.4 (#2422) * chore(argo-workflows): Update dependency argoproj/argo-workflows to v3.5.4 * Apply automatic changes Signed-off-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com> --------- Signed-off-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com> Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com> Co-authored-by: renovate[bot] --- charts/argo-workflows/Chart.yaml | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/charts/argo-workflows/Chart.yaml b/charts/argo-workflows/Chart.yaml index 54b893cf2..ed2e3048f 100644 --- a/charts/argo-workflows/Chart.yaml +++ b/charts/argo-workflows/Chart.yaml @@ -1,9 +1,9 @@ apiVersion: v2 -appVersion: v3.5.3 +appVersion: v3.5.4 name: argo-workflows description: A Helm chart for Argo Workflows type: application -version: 0.40.5 +version: 0.40.6 icon: https://argoproj.github.io/argo-workflows/assets/logo.png home: https://github.com/argoproj/argo-helm sources: @@ -17,4 +17,4 @@ annotations: url: https://argoproj.github.io/argo-helm/pgp_keys.asc artifacthub.io/changes: | - kind: changed - description: Bump argo-workflows to v3.5.3 + description: Bump argo-workflows to v3.5.4 From e6de8c47b9afaeb55aee532f35f9ed01c1323abb Mon Sep 17 00:00:00 2001 From: Aman Gupta Date: Mon, 15 Jan 2024 14:42:39 +0530 Subject: [PATCH 355/373] docs(argo-cd): Fix policy.csv block (#2423) * Minor Changes to policy.csv block Added Missing ':' Signed-off-by: Aman Gupta * Update Chart.yaml Signed-off-by: Aman Gupta * Update Changelog Signed-off-by: Aman Gupta --------- Signed-off-by: Aman Gupta --- charts/argo-cd/Chart.yaml | 6 +++--- charts/argo-cd/values.yaml | 2 +- 2 files changed, 4 insertions(+), 4 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index 91dcac84f..42cfbcc25 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -3,7 +3,7 @@ appVersion: v2.9.3 kubeVersion: ">=1.23.0-0" description: A Helm chart for Argo CD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 5.52.1 +version: 5.52.2 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png sources: @@ -26,5 +26,5 @@ annotations: fingerprint: 2B8F22F57260EFA67BE1C5824B11F800CD9D2252 url: https://argoproj.github.io/argo-helm/pgp_keys.asc artifacthub.io/changes: | - - kind: changed - description: DRY cleanup of ServiceAccounts + - kind: fixed + description: Missing colon for policy.csv block diff --git a/charts/argo-cd/values.yaml b/charts/argo-cd/values.yaml index bc93065ee..8b7253753 100644 --- a/charts/argo-cd/values.yaml +++ b/charts/argo-cd/values.yaml @@ -291,7 +291,7 @@ configs: # p, subject, resource, action, object, effect # Role definitions and bindings are in the form: # g, subject, inherited-subject - # policy.csv | + # policy.csv: | # p, role:org-admin, applications, *, */*, allow # p, role:org-admin, clusters, get, *, allow # p, role:org-admin, repositories, *, *, allow From d5b942a873af4fe0826d099895efa4fed476ecce Mon Sep 17 00:00:00 2001 From: Lucas Fernando Cardoso Nunes Date: Wed, 17 Jan 2024 04:56:17 -0300 Subject: [PATCH 356/373] docs(argo-workflows): fix wrong `artifactRepository` identations on values.yaml (#2426) * fix: wrong `artifactRepository` identations on values.yaml on `artifactRepository.gcs` the following 3 keys were in the same level: - `.serviceAccountKeySecret` - `.name` - `.key` Signed-off-by: Lucas Fernando Cardoso Nunes * Update Chart.yaml Signed-off-by: Lucas Fernando Cardoso Nunes --------- Signed-off-by: Lucas Fernando Cardoso Nunes --- charts/argo-workflows/Chart.yaml | 6 ++-- charts/argo-workflows/values.yaml | 58 +++++++++++++++---------------- 2 files changed, 32 insertions(+), 32 deletions(-) diff --git a/charts/argo-workflows/Chart.yaml b/charts/argo-workflows/Chart.yaml index ed2e3048f..f529072b8 100644 --- a/charts/argo-workflows/Chart.yaml +++ b/charts/argo-workflows/Chart.yaml @@ -3,7 +3,7 @@ appVersion: v3.5.4 name: argo-workflows description: A Helm chart for Argo Workflows type: application -version: 0.40.6 +version: 0.40.7 icon: https://argoproj.github.io/argo-workflows/assets/logo.png home: https://github.com/argoproj/argo-helm sources: @@ -16,5 +16,5 @@ annotations: fingerprint: 2B8F22F57260EFA67BE1C5824B11F800CD9D2252 url: https://argoproj.github.io/argo-helm/pgp_keys.asc artifacthub.io/changes: | - - kind: changed - description: Bump argo-workflows to v3.5.4 + - kind: fixed + description: Wrong identation in artifactRepository block diff --git a/charts/argo-workflows/values.yaml b/charts/argo-workflows/values.yaml index e64404398..570f59861 100644 --- a/charts/argo-workflows/values.yaml +++ b/charts/argo-workflows/values.yaml @@ -769,41 +769,41 @@ artifactRepository: # roleARN: # useSDKCreds: true # encryptionOptions: - # enableEncryption: true + # enableEncryption: true # -- Store artifact in a GCS object store # @default -- `{}` (See [values.yaml]) gcs: {} - # bucket: -argo - # keyFormat: "{{ \"{{workflow.namespace}}/{{workflow.name}}/{{pod.name}}\" }}" - # serviceAccountKeySecret is a secret selector. - # It references the k8s secret named 'my-gcs-credentials'. - # This secret is expected to have have the key 'serviceAccountKey', - # containing the base64 encoded credentials - # to the bucket. - # - # If it's running on GKE and Workload Identity is used, - # serviceAccountKeySecret is not needed. - # serviceAccountKeySecret: - # name: my-gcs-credentials - # key: serviceAccountKey + # bucket: -argo + # keyFormat: "{{ \"{{workflow.namespace}}/{{workflow.name}}/{{pod.name}}\" }}" + # # serviceAccountKeySecret is a secret selector. + # # It references the k8s secret named 'my-gcs-credentials'. + # # This secret is expected to have have the key 'serviceAccountKey', + # # containing the base64 encoded credentials + # # to the bucket. + # # + # # If it's running on GKE and Workload Identity is used, + # # serviceAccountKeySecret is not needed. + # serviceAccountKeySecret: + # name: my-gcs-credentials + # key: serviceAccountKey # -- Store artifact in Azure Blob Storage # @default -- `{}` (See [values.yaml]) azure: {} - # endpoint: https://mystorageaccountname.blob.core.windows.net - # container: my-container-name - # blobNameFormat: path/in/container - ## accountKeySecret is a secret selector. - ## It references the k8s secret named 'my-azure-storage-credentials'. - ## This secret is expected to have have the key 'account-access-key', - ## containing the base64 encoded credentials to the storage account. - ## If a managed identity has been assigned to the machines running the - ## workflow (e.g., https://docs.microsoft.com/en-us/azure/aks/use-managed-identity) - ## then accountKeySecret is not needed, and useSDKCreds should be - ## set to true instead: - # useSDKCreds: true - # accountKeySecret: - # name: my-azure-storage-credentials - # key: account-access-key + # endpoint: https://mystorageaccountname.blob.core.windows.net + # container: my-container-name + # blobNameFormat: path/in/container + # # accountKeySecret is a secret selector. + # # It references the k8s secret named 'my-azure-storage-credentials'. + # # This secret is expected to have have the key 'account-access-key', + # # containing the base64 encoded credentials to the storage account. + # # If a managed identity has been assigned to the machines running the + # # workflow (e.g., https://docs.microsoft.com/en-us/azure/aks/use-managed-identity) + # # then accountKeySecret is not needed, and useSDKCreds should be + # # set to true instead: + # useSDKCreds: true + # accountKeySecret: + # name: my-azure-storage-credentials + # key: account-access-key # -- The section of custom artifact repository. # Utilize a custom artifact repository that is not one of the current base ones (s3, gcs, azure) From e37093f273b1843a78e01268ca55777670f6b8a8 Mon Sep 17 00:00:00 2001 From: Aikawa Date: Thu, 18 Jan 2024 15:21:37 +0900 Subject: [PATCH 357/373] feat(argocd-image-updater): Support extra K8s manifests (#2429) * feat(argocd-image-updater): Support extra K8s manifests Signed-off-by: yu-croco * chore(argocd-image-updater): add CI for extraObjects Signed-off-by: yu-croco --------- Signed-off-by: yu-croco --- charts/argocd-image-updater/Chart.yaml | 8 ++--- charts/argocd-image-updater/README.md | 1 + .../ci/enable-extra-objects-values.yaml | 14 +++++++++ .../templates/extra-manifests.yaml | 8 +++++ charts/argocd-image-updater/values.yaml | 29 +++++++++++++++++++ 5 files changed, 55 insertions(+), 5 deletions(-) create mode 100644 charts/argocd-image-updater/ci/enable-extra-objects-values.yaml create mode 100644 charts/argocd-image-updater/templates/extra-manifests.yaml diff --git a/charts/argocd-image-updater/Chart.yaml b/charts/argocd-image-updater/Chart.yaml index 203c6206c..613f76aa7 100644 --- a/charts/argocd-image-updater/Chart.yaml +++ b/charts/argocd-image-updater/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v2 name: argocd-image-updater description: A Helm chart for Argo CD Image Updater, a tool to automatically update the container images of Kubernetes workloads which are managed by Argo CD type: application -version: 0.9.2 +version: 0.9.3 appVersion: v0.12.2 home: https://github.com/argoproj-labs/argocd-image-updater icon: https://argocd-image-updater.readthedocs.io/en/stable/assets/logo.png @@ -18,7 +18,5 @@ annotations: fingerprint: 2B8F22F57260EFA67BE1C5824B11F800CD9D2252 url: https://argoproj.github.io/argo-helm/pgp_keys.asc artifacthub.io/changes: | - - kind: fixed - description: Update outdated link on README - - kind: changed - description: Refactor README + - kind: added + description: Support extra K8s manifests diff --git a/charts/argocd-image-updater/README.md b/charts/argocd-image-updater/README.md index 148a5073b..c62e480fc 100644 --- a/charts/argocd-image-updater/README.md +++ b/charts/argocd-image-updater/README.md @@ -86,6 +86,7 @@ The `config.registries` value can be used exactly as it looks in the documentati | config.sshConfig | object | `{}` | Argo CD Image Updater ssh client parameter configuration. | | extraArgs | list | `[]` | Extra arguments for argocd-image-updater not defined in `config.argocd`. If a flag contains both key and value, they need to be split to a new entry | | extraEnv | list | `[]` | Extra environment variables for argocd-image-updater | +| extraObjects | list | `[]` | Extra K8s manifests to deploy for argocd-image-updater | | fullnameOverride | string | `""` | Global fullname (argocd-image-updater.fullname in _helpers.tpl) override | | image.pullPolicy | string | `"Always"` | Default image pull policy | | image.repository | string | `"quay.io/argoprojlabs/argocd-image-updater"` | Default image repository | diff --git a/charts/argocd-image-updater/ci/enable-extra-objects-values.yaml b/charts/argocd-image-updater/ci/enable-extra-objects-values.yaml new file mode 100644 index 000000000..8d18ecd30 --- /dev/null +++ b/charts/argocd-image-updater/ci/enable-extra-objects-values.yaml @@ -0,0 +1,14 @@ +# Test with extraObjects enabled +# Do not deploy the CRDs as they are already present from the previous test +installCRDs: false + +extraObjects: + - apiVersion: v1 + kind: Secret + metadata: + name: datadog + type: Opaque + data: + address: aHR0cHM6Ly9hcGkuZGF0YWRvZ2hxLmNvbQo= # https://api.datadoghq.com + api-key: dGVzdC1hcGkta2V5Cg== # test-api-key + app-key: dGVzdC1hcHAta2V5Cg== # test-app-key diff --git a/charts/argocd-image-updater/templates/extra-manifests.yaml b/charts/argocd-image-updater/templates/extra-manifests.yaml new file mode 100644 index 000000000..fc9a76b88 --- /dev/null +++ b/charts/argocd-image-updater/templates/extra-manifests.yaml @@ -0,0 +1,8 @@ +{{ range .Values.extraObjects }} +--- +{{ if typeIs "string" . }} + {{- tpl . $ }} +{{- else }} + {{- tpl (toYaml .) $ }} +{{- end }} +{{ end }} diff --git a/charts/argocd-image-updater/values.yaml b/charts/argocd-image-updater/values.yaml index 4d4905726..f06edf3b4 100644 --- a/charts/argocd-image-updater/values.yaml +++ b/charts/argocd-image-updater/values.yaml @@ -42,6 +42,35 @@ extraEnv: [] # - name: AWS_REGION # value: "us-west-1" +# -- Extra K8s manifests to deploy for argocd-image-updater +## Note: Supports use of custom Helm templates +extraObjects: [] + # - apiVersion: secrets-store.csi.x-k8s.io/v1 + # kind: SecretProviderClass + # metadata: + # name: argocd-image-updater-secrets-store + # spec: + # provider: aws + # parameters: + # objects: | + # - objectName: "argocd-image-updater" + # objectType: "secretsmanager" + # jmesPath: + # - path: "client_id" + # objectAlias: "client_id" + # - path: "client_secret" + # objectAlias: "client_secret" + # secretObjects: + # - data: + # - key: client_id + # objectName: client_id + # - key: client_secret + # objectName: client_secret + # secretName: argocd-image-updater-secrets-store + # type: Opaque + # labels: + # app.kubernetes.io/part-of: argocd + # -- Init containers to add to the image updater pod initContainers: [] # - name: download-tools From 508162f1cc9852ccfbac6fb46b8e7c180d95d298 Mon Sep 17 00:00:00 2001 From: Michele Sacchetti Date: Thu, 18 Jan 2024 14:56:33 +0100 Subject: [PATCH 358/373] feat(argo-cd): Add optional mapping of argocd-repo-server emptydir to custom volumes (#2410) * Add optional volumes to replace emptydir Provide user-driven option to replace emptydir volumes with desired solution Signed-off-by: Michele Sacchetti * existingVolumes default values provide default values with empy object to ensure default behavior is backward-compatible Signed-off-by: Michele Sacchetti * Update Chart.yaml bump version Signed-off-by: Michele Sacchetti * Update Chart.yaml add changelog Signed-off-by: Michele Sacchetti * fix docs fix docs on new entry Signed-off-by: Michele Sacchetti * fix readme Signed-off-by: Michele Sacchetti * Update README.md.gotmpl Signoff commit Signed-off-by: Michele Sacchetti * fix readme Signed-off-by: Michele Sacchetti * fixCamelCase Signed-off-by: Michele Sacchetti --------- Signed-off-by: Michele Sacchetti --- charts/argo-cd/Chart.yaml | 6 +++--- charts/argo-cd/README.md | 5 +++++ charts/argo-cd/README.md.gotmpl | 4 ++++ .../argocd-repo-server/deployment.yaml | 20 +++++++++++++++++++ charts/argo-cd/values.yaml | 18 +++++++++++++++++ 5 files changed, 50 insertions(+), 3 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index 42cfbcc25..6986775fe 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -3,7 +3,7 @@ appVersion: v2.9.3 kubeVersion: ">=1.23.0-0" description: A Helm chart for Argo CD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 5.52.2 +version: 5.53.0 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png sources: @@ -26,5 +26,5 @@ annotations: fingerprint: 2B8F22F57260EFA67BE1C5824B11F800CD9D2252 url: https://argoproj.github.io/argo-helm/pgp_keys.asc artifacthub.io/changes: | - - kind: fixed - description: Missing colon for policy.csv block + - kind: added + description: Optionally map argocd-repo-server emptydir volumes on custom volumes diff --git a/charts/argo-cd/README.md b/charts/argo-cd/README.md index 919149b51..ed421bb48 100644 --- a/charts/argo-cd/README.md +++ b/charts/argo-cd/README.md @@ -105,6 +105,10 @@ For full list of changes please check ArtifactHub [changelog]. Highlighted versions provide information about additional steps that should be performed by user when upgrading to newer version. +### 5.53.0 + +Argocd-repo-server can now optionally use Persistent Volumes for its mountpoints instead of only emptydir() + ### 5.52.0 Because [Argo CD Extensions] is now deprecated and no further changes will be made, we switched to [Argo CD Extension Installer], adding an Argo CD Extension Installer to init-container in the Argo CD API server. If you used old mechanism, please move to new mechanism. For more details, please refer `.Values.server.extensions` in values.yaml. @@ -609,6 +613,7 @@ NAME: my-release | repoServer.dnsPolicy | string | `"ClusterFirst"` | Alternative DNS policy for Repo server pods | | repoServer.env | list | `[]` | Environment variables to pass to repo server | | repoServer.envFrom | list | `[]` (See [values.yaml]) | envFrom to pass to repo server | +| repoServer.existingVolumes | object | `{}` | Volumes to be used in replacement of emptydir on default volumes | | repoServer.extraArgs | list | `[]` | Additional command line arguments to pass to repo server | | repoServer.extraContainers | list | `[]` | Additional containers to be added to the repo server pod | | repoServer.hostNetwork | bool | `false` | Host Network for Repo server pods | diff --git a/charts/argo-cd/README.md.gotmpl b/charts/argo-cd/README.md.gotmpl index ba94725f7..bb296e6a3 100644 --- a/charts/argo-cd/README.md.gotmpl +++ b/charts/argo-cd/README.md.gotmpl @@ -104,6 +104,10 @@ For full list of changes please check ArtifactHub [changelog]. Highlighted versions provide information about additional steps that should be performed by user when upgrading to newer version. +### 5.53.0 + +Argocd-repo-server can now optionally use Persistent Volumes for its mountpoints instead of only emptydir() + ### 5.52.0 Because [Argo CD Extensions] is now deprecated and no further changes will be made, we switched to [Argo CD Extension Installer], adding an Argo CD Extension Installer to init-container in the Argo CD API server. If you used old mechanism, please move to new mechanism. For more details, please refer `.Values.server.extensions` in values.yaml. diff --git a/charts/argo-cd/templates/argocd-repo-server/deployment.yaml b/charts/argo-cd/templates/argocd-repo-server/deployment.yaml index a9565a2e5..2a18df6c8 100755 --- a/charts/argo-cd/templates/argocd-repo-server/deployment.yaml +++ b/charts/argo-cd/templates/argocd-repo-server/deployment.yaml @@ -373,14 +373,30 @@ spec: {{- end }} {{- if .Values.repoServer.useEphemeralHelmWorkingDir }} - name: helm-working-dir + {{- if .Values.repoServer.existingVolumes.helmWorkingDir -}} + {{ toYaml .Values.repoServer.existingVolumes.helmWorkingDir | nindent 8 }} + {{- else }} emptyDir: {} + {{- end }} {{- end }} - name: plugins + {{- if .Values.repoServer.existingVolumes.plugins -}} + {{ toYaml .Values.repoServer.existingVolumes.plugins | nindent 8 }} + {{- else }} emptyDir: {} + {{- end }} - name: var-files + {{- if .Values.repoServer.existingVolumes.varFiles -}} + {{ toYaml .Values.repoServer.existingVolumes.varFiles | nindent 8 }} + {{- else }} emptyDir: {} + {{- end }} - name: tmp + {{- if .Values.repoServer.existingVolumes.tmp -}} + {{ toYaml .Values.repoServer.existingVolumes.tmp | nindent 8 }} + {{- else }} emptyDir: {} + {{- end }} - name: ssh-known-hosts configMap: name: argocd-ssh-known-hosts-cm @@ -391,7 +407,11 @@ spec: configMap: name: argocd-gpg-keys-cm - name: gpg-keyring + {{- if .Values.repoServer.existingVolumes.gpgKeyring -}} + {{ toYaml .Values.repoServer.existingVolumes.gpgKeyring | nindent 8 }} + {{- else }} emptyDir: {} + {{- end }} - name: argocd-repo-server-tls secret: secretName: argocd-repo-server-tls diff --git a/charts/argo-cd/values.yaml b/charts/argo-cd/values.yaml index 8b7253753..ab8c7d0af 100644 --- a/charts/argo-cd/values.yaml +++ b/charts/argo-cd/values.yaml @@ -2217,6 +2217,24 @@ repoServer: # - name: cmp-tmp # emptyDir: {} + # -- Volumes to be used in replacement of emptydir on default volumes + existingVolumes: {} + # gpgKeyring: + # persistentVolumeClaim: + # claimName: pvc-argocd-repo-server-keyring + # helmWorkingDir: + # persistentVolumeClaim: + # claimName: pvc-argocd-repo-server-workdir + # tmp: + # persistentVolumeClaim: + # claimName: pvc-argocd-repo-server-tmp + # varFiles: + # persistentVolumeClaim: + # claimName: pvc-argocd-repo-server-varfiles + # plugins: + # persistentVolumeClaim: + # claimName: pvc-argocd-repo-server-plugins + # -- Toggle the usage of a ephemeral Helm working directory useEphemeralHelmWorkingDir: true From 0a851b87efd35640084a5aae09dc1103b0b3aad8 Mon Sep 17 00:00:00 2001 From: "renovate[bot]" <29139614+renovate[bot]@users.noreply.github.com> Date: Fri, 19 Jan 2024 06:48:24 +0100 Subject: [PATCH 359/373] chore(argo-cd): Update dependency argoproj/argo-cd to v2.9.4 (#2434) --- charts/argo-cd/Chart.yaml | 8 ++++---- .../templates/argocd-application-controller/role.yaml | 10 +++++++++- 2 files changed, 13 insertions(+), 5 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index 6986775fe..38cdee651 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -1,9 +1,9 @@ apiVersion: v2 -appVersion: v2.9.3 +appVersion: v2.9.4 kubeVersion: ">=1.23.0-0" description: A Helm chart for Argo CD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 5.53.0 +version: 5.53.1 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png sources: @@ -26,5 +26,5 @@ annotations: fingerprint: 2B8F22F57260EFA67BE1C5824B11F800CD9D2252 url: https://argoproj.github.io/argo-helm/pgp_keys.asc artifacthub.io/changes: | - - kind: added - description: Optionally map argocd-repo-server emptydir volumes on custom volumes + - kind: changed + description: Bump argo-cd to v2.9.4 diff --git a/charts/argo-cd/templates/argocd-application-controller/role.yaml b/charts/argo-cd/templates/argocd-application-controller/role.yaml index 56ef17b5d..ea550e1fe 100644 --- a/charts/argo-cd/templates/argocd-application-controller/role.yaml +++ b/charts/argo-cd/templates/argocd-application-controller/role.yaml @@ -34,4 +34,12 @@ rules: - events verbs: - create - - list \ No newline at end of file + - list +- apiGroups: + - apps + resources: + - deployments + verbs: + - get + - list + - watch From f2fa2ce9cb5e031225c360e53d32775ca9966a1d Mon Sep 17 00:00:00 2001 From: "renovate[bot]" <29139614+renovate[bot]@users.noreply.github.com> Date: Fri, 19 Jan 2024 20:19:53 +0000 Subject: [PATCH 360/373] chore(argo-cd): Update dependency argoproj/argo-cd to v2.9.5 (#2436) --- charts/argo-cd/Chart.yaml | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index 38cdee651..bd8560da0 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -1,9 +1,9 @@ apiVersion: v2 -appVersion: v2.9.4 +appVersion: v2.9.5 kubeVersion: ">=1.23.0-0" description: A Helm chart for Argo CD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 5.53.1 +version: 5.53.2 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png sources: @@ -27,4 +27,4 @@ annotations: url: https://argoproj.github.io/argo-helm/pgp_keys.asc artifacthub.io/changes: | - kind: changed - description: Bump argo-cd to v2.9.4 + description: Bump argo-cd to v2.9.5 From cc5b21f9adf064b1a60ee466ec727106f092badc Mon Sep 17 00:00:00 2001 From: Aikawa Date: Sat, 20 Jan 2024 21:07:38 +0900 Subject: [PATCH 361/373] docs(argo-cd): Add reference for Argo CD extensions (#2438) Signed-off-by: yu-croco --- charts/argo-cd/Chart.yaml | 6 +++--- charts/argo-cd/values.yaml | 2 ++ 2 files changed, 5 insertions(+), 3 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index bd8560da0..33fc7c719 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -3,7 +3,7 @@ appVersion: v2.9.5 kubeVersion: ">=1.23.0-0" description: A Helm chart for Argo CD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 5.53.2 +version: 5.53.3 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png sources: @@ -26,5 +26,5 @@ annotations: fingerprint: 2B8F22F57260EFA67BE1C5824B11F800CD9D2252 url: https://argoproj.github.io/argo-helm/pgp_keys.asc artifacthub.io/changes: | - - kind: changed - description: Bump argo-cd to v2.9.5 + - kind: added + description: Add reference for Argo CD extensions. diff --git a/charts/argo-cd/values.yaml b/charts/argo-cd/values.yaml index ab8c7d0af..3863513df 100644 --- a/charts/argo-cd/values.yaml +++ b/charts/argo-cd/values.yaml @@ -1577,6 +1577,8 @@ server: ## Argo CD extensions ## This function in tech preview stage, do expect instability or breaking changes in newer versions. ## Ref: https://github.com/argoproj-labs/argocd-extension-installer + ## When you enable extensions, you need to configure RBAC of logged in Argo CD user. + ## Ref: https://argo-cd.readthedocs.io/en/stable/operator-manual/rbac/#the-extensions-resource extensions: # -- Enable support for Argo CD extensions enabled: false From 1b5f7874227c3d4cd66f540cd471860a4a0e8003 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Sat, 20 Jan 2024 06:49:38 -0600 Subject: [PATCH 362/373] chore(deps): bump actions/upload-artifact from 4.1.0 to 4.2.0 (#2441) --- .github/workflows/scorecard.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/scorecard.yml b/.github/workflows/scorecard.yml index 76b0264ce..ebce033bb 100644 --- a/.github/workflows/scorecard.yml +++ b/.github/workflows/scorecard.yml @@ -60,7 +60,7 @@ jobs: # Upload the results as artifacts (optional). Commenting out will disable uploads of run results in SARIF # format to the repository Actions tab. - name: "Upload artifact" - uses: actions/upload-artifact@1eb3cb2b3e0f29609092a73eb033bb759a334595 # v4.1.0 + uses: actions/upload-artifact@694cdabd8bdb0f10b2cea11669e1bf5453eed0a6 # v4.2.0 with: name: SARIF file path: results.sarif From be7ed3d232e6369e03c8600a44fea6fcb32aa0be Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Sat, 20 Jan 2024 06:52:58 -0600 Subject: [PATCH 363/373] chore(deps): bump tj-actions/changed-files from 41.0.1 to 42.0.0 (#2440) --- .github/workflows/chart-version-bump.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/chart-version-bump.yml b/.github/workflows/chart-version-bump.yml index 30bd26ee8..3f62f59bd 100644 --- a/.github/workflows/chart-version-bump.yml +++ b/.github/workflows/chart-version-bump.yml @@ -23,7 +23,7 @@ jobs: - name: Get changed files id: changed-files - uses: tj-actions/changed-files@716b1e13042866565e00e85fd4ec490e186c4a2f # v41.0.1 + uses: tj-actions/changed-files@ae82ed4ae04587b665efad2f206578aa6f0e8539 # v42.0.0 with: files: charts/{argo-workflows,argo-cd,argo-events,argo-rollouts,argocd-image-updater}/Chart.yaml From 9e31be4a603eabab31df4b570df6e727c9ff9991 Mon Sep 17 00:00:00 2001 From: Aikawa Date: Sun, 21 Jan 2024 22:35:46 +0900 Subject: [PATCH 364/373] feat(argo-cd): Support Azure DevOps webhook Secret (#2439) Signed-off-by: yu-croco --- charts/argo-cd/Chart.yaml | 4 ++-- charts/argo-cd/README.md | 2 ++ charts/argo-cd/templates/argocd-configs/argocd-secret.yaml | 4 ++++ charts/argo-cd/values.yaml | 6 ++++++ 4 files changed, 14 insertions(+), 2 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index 33fc7c719..7bd023e12 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -3,7 +3,7 @@ appVersion: v2.9.5 kubeVersion: ">=1.23.0-0" description: A Helm chart for Argo CD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 5.53.3 +version: 5.53.4 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png sources: @@ -27,4 +27,4 @@ annotations: url: https://argoproj.github.io/argo-helm/pgp_keys.asc artifacthub.io/changes: | - kind: added - description: Add reference for Argo CD extensions. + description: Support Azure DevOps webhook Secret diff --git a/charts/argo-cd/README.md b/charts/argo-cd/README.md index ed421bb48..22218736f 100644 --- a/charts/argo-cd/README.md +++ b/charts/argo-cd/README.md @@ -493,6 +493,8 @@ NAME: my-release | configs.secret.annotations | object | `{}` | Annotations to be added to argocd-secret | | configs.secret.argocdServerAdminPassword | string | `""` | Bcrypt hashed admin password | | configs.secret.argocdServerAdminPasswordMtime | string | `""` (defaults to current time) | Admin password modification time. Eg. `"2006-01-02T15:04:05Z"` | +| configs.secret.azureDevops.password | string | `""` | Shared secret password for authenticating Azure DevOps webhook events | +| configs.secret.azureDevops.username | string | `""` | Shared secret username for authenticating Azure DevOps webhook events | | configs.secret.bitbucketServerSecret | string | `""` | Shared secret for authenticating BitbucketServer webhook events | | configs.secret.bitbucketUUID | string | `""` | UUID for authenticating Bitbucket webhook events | | configs.secret.createSecret | bool | `true` | Create the argocd-secret | diff --git a/charts/argo-cd/templates/argocd-configs/argocd-secret.yaml b/charts/argo-cd/templates/argocd-configs/argocd-secret.yaml index 1e69bcead..3011904a0 100644 --- a/charts/argo-cd/templates/argocd-configs/argocd-secret.yaml +++ b/charts/argo-cd/templates/argocd-configs/argocd-secret.yaml @@ -34,6 +34,10 @@ data: {{- with .Values.configs.secret.gogsSecret }} webhook.gogs.secret: {{ . | b64enc }} {{- end }} + {{- with .Values.configs.secret.azureDevops }} + webhook.azuredevops.username: {{ .username }} + webhook.azuredevops.password: {{ .password | b64enc }} + {{- end }} {{- with .Values.configs.secret.argocdServerTlsConfig }} tls.key: {{ .key | b64enc }} tls.crt: {{ .crt | b64enc }} diff --git a/charts/argo-cd/values.yaml b/charts/argo-cd/values.yaml index 3863513df..df03a58fa 100644 --- a/charts/argo-cd/values.yaml +++ b/charts/argo-cd/values.yaml @@ -516,6 +516,12 @@ configs: bitbucketUUID: "" # -- Shared secret for authenticating Gogs webhook events gogsSecret: "" + ## Azure DevOps + azureDevops: + # -- Shared secret username for authenticating Azure DevOps webhook events + username: "" + # -- Shared secret password for authenticating Azure DevOps webhook events + password: "" # -- add additional secrets to be added to argocd-secret ## Custom secrets. Useful for injecting SSO secrets into environment variables. From 53620e31022d27d0580e23ad600304e6be616130 Mon Sep 17 00:00:00 2001 From: Aikawa Date: Mon, 22 Jan 2024 19:14:32 +0900 Subject: [PATCH 365/373] fix(argo-cd): Fix fail to render `.Values.configs.secret.azureDevops` (#2443) * fix(argo-cd): Fix fail to render `.Values.configs.secret.azureDevops` Signed-off-by: yu-croco * chore(argo-cd): Remove unnecessary comment Signed-off-by: yu-croco * fix(argo-cd): base64 username Signed-off-by: yu-croco * fix(argo-cd): correct syntax Signed-off-by: yu-croco --------- Signed-off-by: yu-croco --- charts/argo-cd/Chart.yaml | 6 +++--- .../argo-cd/templates/argocd-configs/argocd-secret.yaml | 8 ++++---- 2 files changed, 7 insertions(+), 7 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index 7bd023e12..bf53fe4f9 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -3,7 +3,7 @@ appVersion: v2.9.5 kubeVersion: ">=1.23.0-0" description: A Helm chart for Argo CD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 5.53.4 +version: 5.53.5 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png sources: @@ -26,5 +26,5 @@ annotations: fingerprint: 2B8F22F57260EFA67BE1C5824B11F800CD9D2252 url: https://argoproj.github.io/argo-helm/pgp_keys.asc artifacthub.io/changes: | - - kind: added - description: Support Azure DevOps webhook Secret + - kind: fixed + description: Fix fail to render `.Values.configs.secret.azureDevops` diff --git a/charts/argo-cd/templates/argocd-configs/argocd-secret.yaml b/charts/argo-cd/templates/argocd-configs/argocd-secret.yaml index 3011904a0..4561440a7 100644 --- a/charts/argo-cd/templates/argocd-configs/argocd-secret.yaml +++ b/charts/argo-cd/templates/argocd-configs/argocd-secret.yaml @@ -16,7 +16,7 @@ metadata: {{- end }} {{- end }} type: Opaque -{{- if or .Values.configs.secret.githubSecret (or .Values.configs.secret.gitlabSecret .Values.configs.secret.bitbucketUUID .Values.configs.secret.bitbucketServerSecret .Values.configs.secret.gogsSecret .Values.configs.secret.argocdServerAdminPassword .Values.configs.secret.argocdServerTlsConfig .Values.configs.secret.extra) }} +{{- if or .Values.configs.secret.githubSecret (or .Values.configs.secret.gitlabSecret .Values.configs.secret.bitbucketUUID .Values.configs.secret.bitbucketServerSecret .Values.configs.secret.gogsSecret (and .Values.configs.secret.azureDevops.username .Values.configs.secret.azureDevops.password) .Values.configs.secret.argocdServerAdminPassword .Values.configs.secret.argocdServerTlsConfig .Values.configs.secret.extra) }} # Setting a blank data again will wipe admin password/key/cert data: {{- with .Values.configs.secret.githubSecret }} @@ -34,9 +34,9 @@ data: {{- with .Values.configs.secret.gogsSecret }} webhook.gogs.secret: {{ . | b64enc }} {{- end }} - {{- with .Values.configs.secret.azureDevops }} - webhook.azuredevops.username: {{ .username }} - webhook.azuredevops.password: {{ .password | b64enc }} + {{- if and .Values.configs.secret.azureDevops.username .Values.configs.secret.azureDevops.password }} + webhook.azuredevops.username: {{ .Values.configs.secret.azureDevops.username | b64enc }} + webhook.azuredevops.password: {{ .Values.configs.secret.azureDevops.password | b64enc }} {{- end }} {{- with .Values.configs.secret.argocdServerTlsConfig }} tls.key: {{ .key | b64enc }} From 5ac542fabb7db08f52f1551ccbcfc99f274596a6 Mon Sep 17 00:00:00 2001 From: Aikawa Date: Mon, 22 Jan 2024 22:09:08 +0900 Subject: [PATCH 366/373] chore(argo-cd): Provide Casbin matcher explicitly (#2445) Signed-off-by: yu-croco --- charts/argo-cd/Chart.yaml | 6 +++--- charts/argo-cd/README.md | 1 + charts/argo-cd/values.yaml | 3 +++ 3 files changed, 7 insertions(+), 3 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index bf53fe4f9..c204c098f 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -3,7 +3,7 @@ appVersion: v2.9.5 kubeVersion: ">=1.23.0-0" description: A Helm chart for Argo CD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 5.53.5 +version: 5.53.6 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png sources: @@ -26,5 +26,5 @@ annotations: fingerprint: 2B8F22F57260EFA67BE1C5824B11F800CD9D2252 url: https://argoproj.github.io/argo-helm/pgp_keys.asc artifacthub.io/changes: | - - kind: fixed - description: Fix fail to render `.Values.configs.secret.azureDevops` + - kind: added + description: Provide Casbin matcher explicitly diff --git a/charts/argo-cd/README.md b/charts/argo-cd/README.md index 22218736f..cab5f0544 100644 --- a/charts/argo-cd/README.md +++ b/charts/argo-cd/README.md @@ -485,6 +485,7 @@ NAME: my-release | configs.params.create | bool | `true` | Create the argocd-cmd-params-cm configmap If false, it is expected the configmap will be created by something else. | | configs.rbac."policy.csv" | string | `''` (See [values.yaml]) | File containing user-defined policies and role definitions. | | configs.rbac."policy.default" | string | `""` | The name of the default role which Argo CD will falls back to, when authorizing API requests (optional). If omitted or empty, users may be still be able to login, but will see no apps, projects, etc... | +| configs.rbac."policy.matchMode" | string | `"glob"` | Matcher function for Casbin, `glob` for glob matcher and `regex` for regex matcher. | | configs.rbac.annotations | object | `{}` | Annotations to be added to argocd-rbac-cm configmap | | configs.rbac.create | bool | `true` | Create the argocd-rbac-cm configmap with ([Argo CD RBAC policy]) definitions. If false, it is expected the configmap will be created by something else. Argo CD will not work if there is no configmap created with the name above. | | configs.rbac.scopes | string | `"[groups]"` | OIDC scopes to examine during rbac enforcement (in addition to `sub` scope). The scope value can be a string, or a list of strings. | diff --git a/charts/argo-cd/values.yaml b/charts/argo-cd/values.yaml index df03a58fa..84da62d2d 100644 --- a/charts/argo-cd/values.yaml +++ b/charts/argo-cd/values.yaml @@ -303,6 +303,9 @@ configs: # The scope value can be a string, or a list of strings. scopes: "[groups]" + # -- Matcher function for Casbin, `glob` for glob matcher and `regex` for regex matcher. + policy.matchMode: "glob" + # GnuPG public keys for commit verification ## Ref: https://argo-cd.readthedocs.io/en/stable/user-guide/gpg-verification/ gpg: From c734875b81faa0e07bd567ebef4bb345d67a7d8a Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Jo=C3=A3o=20Estrela?= <6763969+joaoestrela@users.noreply.github.com> Date: Mon, 22 Jan 2024 23:54:49 +0000 Subject: [PATCH 367/373] chore(argo-cd): Change redis repository to public.ecr.aws (#2446) MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: João Estrela --- charts/argo-cd/Chart.yaml | 6 +++--- charts/argo-cd/README.md | 2 +- charts/argo-cd/values.yaml | 2 +- 3 files changed, 5 insertions(+), 5 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index c204c098f..10451acf6 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -3,7 +3,7 @@ appVersion: v2.9.5 kubeVersion: ">=1.23.0-0" description: A Helm chart for Argo CD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 5.53.6 +version: 5.53.7 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png sources: @@ -26,5 +26,5 @@ annotations: fingerprint: 2B8F22F57260EFA67BE1C5824B11F800CD9D2252 url: https://argoproj.github.io/argo-helm/pgp_keys.asc artifacthub.io/changes: | - - kind: added - description: Provide Casbin matcher explicitly + - kind: changed + description: Change redis repository to public.ecr.aws diff --git a/charts/argo-cd/README.md b/charts/argo-cd/README.md index cab5f0544..0fe0c9660 100644 --- a/charts/argo-cd/README.md +++ b/charts/argo-cd/README.md @@ -1041,7 +1041,7 @@ The main options are listed here: | redis-ha.haproxy.metrics.enabled | bool | `true` | HAProxy enable prometheus metric scraping | | redis-ha.haproxy.tolerations | list | `[]` | [Tolerations] for use with node taints for haproxy pods. | | redis-ha.hardAntiAffinity | bool | `true` | Whether the Redis server pods should be forced to run on separate nodes. | -| redis-ha.image.repository | string | `"redis"` | Redis repository | +| redis-ha.image.repository | string | `"public.ecr.aws/docker/library/redis"` | Redis repository | | redis-ha.image.tag | string | `"7.0.13-alpine"` | Redis tag | | redis-ha.persistentVolume.enabled | bool | `false` | Configures persistence on Redis nodes | | redis-ha.redis.config | object | See [values.yaml] | Any valid redis config options in this section will be applied to each server (see `redis-ha` chart) | diff --git a/charts/argo-cd/values.yaml b/charts/argo-cd/values.yaml index 84da62d2d..6ad0d4bfe 100644 --- a/charts/argo-cd/values.yaml +++ b/charts/argo-cd/values.yaml @@ -1404,7 +1404,7 @@ redis-ha: ## Redis image image: # -- Redis repository - repository: redis + repository: public.ecr.aws/docker/library/redis # -- Redis tag tag: 7.0.13-alpine ## Prometheus redis-exporter sidecar From 9e70f24c64ee5fda44ce6c2edeeaa5bd73b8d7da Mon Sep 17 00:00:00 2001 From: Matt Dainty Date: Tue, 23 Jan 2024 01:07:30 +0000 Subject: [PATCH 368/373] docs(argo-cd): Update docs with the correct default for application.instanceLabelKey (#2447) docs: Update docs with the correct default for application.instanceLabelKey Signed-off-by: Matt Dainty --- charts/argo-cd/Chart.yaml | 4 ++-- charts/argo-cd/README.md | 2 +- charts/argo-cd/values.yaml | 1 - 3 files changed, 3 insertions(+), 4 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index 10451acf6..ab8d07cd3 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -3,7 +3,7 @@ appVersion: v2.9.5 kubeVersion: ">=1.23.0-0" description: A Helm chart for Argo CD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 5.53.7 +version: 5.53.8 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png sources: @@ -27,4 +27,4 @@ annotations: url: https://argoproj.github.io/argo-helm/pgp_keys.asc artifacthub.io/changes: | - kind: changed - description: Change redis repository to public.ecr.aws + description: Updated documented default value for application.instanceLabelKey. diff --git a/charts/argo-cd/README.md b/charts/argo-cd/README.md index 0fe0c9660..88280075b 100644 --- a/charts/argo-cd/README.md +++ b/charts/argo-cd/README.md @@ -450,7 +450,7 @@ NAME: my-release |-----|------|---------|-------------| | configs.clusterCredentials | list | `[]` (See [values.yaml]) | Provide one or multiple [external cluster credentials] | | configs.cm."admin.enabled" | bool | `true` | Enable local admin user | -| configs.cm."application.instanceLabelKey" | string | Defaults to app.kubernetes.io/instance | The name of tracking label used by Argo CD for resource pruning | +| configs.cm."application.instanceLabelKey" | string | `"argocd.argoproj.io/instance"` | The name of tracking label used by Argo CD for resource pruning | | configs.cm."exec.enabled" | bool | `false` | Enable exec feature in Argo UI | | configs.cm."server.rbac.log.enforce.enable" | bool | `false` | Enable logs RBAC enforcement | | configs.cm."timeout.hard.reconciliation" | string | `"0s"` | Timeout to refresh application data as well as target manifests cache | diff --git a/charts/argo-cd/values.yaml b/charts/argo-cd/values.yaml index 6ad0d4bfe..58560eb59 100644 --- a/charts/argo-cd/values.yaml +++ b/charts/argo-cd/values.yaml @@ -161,7 +161,6 @@ configs: url: "" # -- The name of tracking label used by Argo CD for resource pruning - # @default -- Defaults to app.kubernetes.io/instance application.instanceLabelKey: argocd.argoproj.io/instance # -- Enable logs RBAC enforcement From 03c26fc21f804060559ee78f9b21459d6a513667 Mon Sep 17 00:00:00 2001 From: James Slater <844263+SlaterByte@users.noreply.github.com> Date: Wed, 24 Jan 2024 18:57:56 -0500 Subject: [PATCH 369/373] fix(argo-workflows): Fix trailing whitespace in controller ConfigMap (#2451) This commit addresses two places where trailing whitespace may be generated in the workflow-controller ConfigMap. When the value `.resourceRateLimit` is not null, a trailing whitespace is added after "resourceRateLimit:". This commit trims that whitespace. When the value `.sso.redirectUrl` is left as the default of empty string, a trailing whitespace is left after "redirectUrl:" as this value is not quoted. This commit pipes this value through `quote` to ensure this whitespace is no longer trailing and instead followed by `"` pair. The main motivation of this commit is to generate a workflow-controller ConfigMap that is properly pretty-printed, which trailing whitespace prevents. Signed-off-by: James Slater Co-authored-by: James Slater --- charts/argo-workflows/Chart.yaml | 4 ++-- .../templates/controller/workflow-controller-config-map.yaml | 4 ++-- 2 files changed, 4 insertions(+), 4 deletions(-) diff --git a/charts/argo-workflows/Chart.yaml b/charts/argo-workflows/Chart.yaml index f529072b8..50f603296 100644 --- a/charts/argo-workflows/Chart.yaml +++ b/charts/argo-workflows/Chart.yaml @@ -3,7 +3,7 @@ appVersion: v3.5.4 name: argo-workflows description: A Helm chart for Argo Workflows type: application -version: 0.40.7 +version: 0.40.8 icon: https://argoproj.github.io/argo-workflows/assets/logo.png home: https://github.com/argoproj/argo-helm sources: @@ -17,4 +17,4 @@ annotations: url: https://argoproj.github.io/argo-helm/pgp_keys.asc artifacthub.io/changes: | - kind: fixed - description: Wrong identation in artifactRepository block + description: Remove trailing whitespace from `.resourceRateLimit` when value is set and `.sso.redirectUrl` when value is an empty string. diff --git a/charts/argo-workflows/templates/controller/workflow-controller-config-map.yaml b/charts/argo-workflows/templates/controller/workflow-controller-config-map.yaml index d3ad349b0..2d5ebdd04 100644 --- a/charts/argo-workflows/templates/controller/workflow-controller-config-map.yaml +++ b/charts/argo-workflows/templates/controller/workflow-controller-config-map.yaml @@ -19,7 +19,7 @@ data: parallelism: {{ .Values.controller.parallelism }} {{- end }} {{- if .Values.controller.resourceRateLimit }} - resourceRateLimit: {{ toYaml .Values.controller.resourceRateLimit | nindent 6 }} + resourceRateLimit: {{- toYaml .Values.controller.resourceRateLimit | nindent 6 }} {{- end }} {{- with .Values.controller.namespaceParallelism }} namespaceParallelism: {{ . }} @@ -141,7 +141,7 @@ data: clientSecret: name: {{ .Values.server.sso.clientSecret.name }} key: {{ .Values.server.sso.clientSecret.key }} - redirectUrl: {{ .Values.server.sso.redirectUrl }} + redirectUrl: {{ .Values.server.sso.redirectUrl | quote }} rbac: enabled: {{ .Values.server.sso.rbac.enabled }} {{- with .Values.server.sso.scopes }} From bc89bb5dd6b4c71e5eea38bffe808307ea76ea28 Mon Sep 17 00:00:00 2001 From: Aikawa Date: Thu, 25 Jan 2024 16:07:29 +0900 Subject: [PATCH 370/373] docs(argocd-apps): Add deprecated note for Argo CD Extensions (#2449) * docs(argocd-apps): Add deprecated note for Argo CD Extensions Signed-off-by: yu-croco * fix(argocd-apps): Remove broken CI Signed-off-by: yu-croco * chore(argocd-apps): Bump minor version due to deprecation Signed-off-by: yu-croco --------- Signed-off-by: yu-croco --- charts/argocd-apps/Chart.yaml | 6 +++--- charts/argocd-apps/README.md | 2 +- charts/argocd-apps/ci/extensions-values.yaml | 12 ------------ charts/argocd-apps/values.yaml | 2 +- 4 files changed, 5 insertions(+), 17 deletions(-) delete mode 100644 charts/argocd-apps/ci/extensions-values.yaml diff --git a/charts/argocd-apps/Chart.yaml b/charts/argocd-apps/Chart.yaml index 5494db993..ecc79c3e7 100644 --- a/charts/argocd-apps/Chart.yaml +++ b/charts/argocd-apps/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v2 name: argocd-apps description: A Helm chart for managing additional Argo CD Applications and Projects type: application -version: 1.4.1 +version: 1.5.0 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png keywords: @@ -17,5 +17,5 @@ annotations: fingerprint: 2B8F22F57260EFA67BE1C5824B11F800CD9D2252 url: https://argoproj.github.io/argo-helm/pgp_keys.asc artifacthub.io/changes: | - - kind: fixed - description: syncOptions for applications + - kind: deprecated + description: Add deprecated note for Argo CD Extensions diff --git a/charts/argocd-apps/README.md b/charts/argocd-apps/README.md index 0e5bbbe25..2cc1541f1 100644 --- a/charts/argocd-apps/README.md +++ b/charts/argocd-apps/README.md @@ -30,7 +30,7 @@ $ helm install my-release argo/argocd-apps |-----|------|---------|-------------| | applications | list | `[]` (See [values.yaml]) | Deploy Argo CD Applications within this helm release | | applicationsets | list | `[]` (See [values.yaml]) | Deploy Argo CD ApplicationSets within this helm release | -| extensions | list | `[]` (See [values.yaml]) | Deploy Argo UI Extensions within this helm release | +| extensions | list | `[]` (See [values.yaml]) | DEPRECATED - Please refer [Deprecation Notice](https://github.com/argoproj-labs/argocd-extensions?tab=readme-ov-file#deprecation-notice) for more info. | | itemTemplates | list | `[]` (See [values.yaml]) | Deploy Argo CD Applications/ApplicationSets/Projects within this helm release | | projects | list | `[]` (See [values.yaml]) | Deploy Argo CD Projects within this helm release | diff --git a/charts/argocd-apps/ci/extensions-values.yaml b/charts/argocd-apps/ci/extensions-values.yaml deleted file mode 100644 index 15a9fa73b..000000000 --- a/charts/argocd-apps/ci/extensions-values.yaml +++ /dev/null @@ -1,12 +0,0 @@ -# Test with extensions - -extensions: - - name: example - namespace: default - additionalLabels: {} - additionalAnnotations: {} - sources: - - git: - url: https://github.com/argoproj-labs/argocd-example-extension.git - - web: - url: https://github.com/argoproj-labs/argocd-example-extension/releases/download/v0.1.0/extension.tar diff --git a/charts/argocd-apps/values.yaml b/charts/argocd-apps/values.yaml index a79963692..fb31bde19 100644 --- a/charts/argocd-apps/values.yaml +++ b/charts/argocd-apps/values.yaml @@ -219,7 +219,7 @@ itemTemplates: [] # server: '{{`{{cluster}}`}}' # namespace: guestbook -# -- Deploy Argo UI Extensions within this helm release +# -- DEPRECATED - Please refer [Deprecation Notice](https://github.com/argoproj-labs/argocd-extensions?tab=readme-ov-file#deprecation-notice) for more info. # @default -- `[]` (See [values.yaml]) ## This function in tech preview stage, do expect unstability or breaking changes in newer versions. Bump image.tag if necessary. ## Ref: https://github.com/argoproj-labs/argocd-extensions From 9bb5330eb8157c55fd34371c5056b5532fccb753 Mon Sep 17 00:00:00 2001 From: "renovate[bot]" <29139614+renovate[bot]@users.noreply.github.com> Date: Fri, 26 Jan 2024 00:31:11 -0600 Subject: [PATCH 371/373] chore(argo-rollouts): Update dependency argoproj/argo-rollouts to v1.6.5 (#2453) --- charts/argo-rollouts/Chart.yaml | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/charts/argo-rollouts/Chart.yaml b/charts/argo-rollouts/Chart.yaml index caf26b587..38882433e 100644 --- a/charts/argo-rollouts/Chart.yaml +++ b/charts/argo-rollouts/Chart.yaml @@ -1,8 +1,8 @@ apiVersion: v2 -appVersion: v1.6.4 +appVersion: v1.6.5 description: A Helm chart for Argo Rollouts name: argo-rollouts -version: 2.34.1 +version: 2.34.2 home: https://github.com/argoproj/argo-helm icon: https://argoproj.github.io/argo-rollouts/assets/logo.png keywords: @@ -18,5 +18,5 @@ annotations: fingerprint: 2B8F22F57260EFA67BE1C5824B11F800CD9D2252 url: https://argoproj.github.io/argo-helm/pgp_keys.asc artifacthub.io/changes: | - - kind: added - description: Added Gloo Platform provider RBAC rules + - kind: changed + description: Bump argo-rollouts to v1.6.5 From 1de9659d1c3f8086a9c130d4bd80647e2ac556bf Mon Sep 17 00:00:00 2001 From: Ishan Sharma <38211728+ishuar@users.noreply.github.com> Date: Fri, 26 Jan 2024 08:35:45 +0100 Subject: [PATCH 372/373] fix(argo-cd): Fix Repo server `serviceaccount` label template (#2454) Signed-off-by: ishuar Co-authored-by: Aikawa --- charts/argo-cd/Chart.yaml | 6 +++--- charts/argo-cd/templates/argocd-server/serviceaccount.yaml | 2 +- 2 files changed, 4 insertions(+), 4 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index ab8d07cd3..5cb85cc29 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -3,7 +3,7 @@ appVersion: v2.9.5 kubeVersion: ">=1.23.0-0" description: A Helm chart for Argo CD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 5.53.8 +version: 5.53.9 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png sources: @@ -26,5 +26,5 @@ annotations: fingerprint: 2B8F22F57260EFA67BE1C5824B11F800CD9D2252 url: https://argoproj.github.io/argo-helm/pgp_keys.asc artifacthub.io/changes: | - - kind: changed - description: Updated documented default value for application.instanceLabelKey. + - kind: fixed + description: Fixed labels template for ArgoCD server service account. diff --git a/charts/argo-cd/templates/argocd-server/serviceaccount.yaml b/charts/argo-cd/templates/argocd-server/serviceaccount.yaml index 12f571fde..a8efe1e5a 100644 --- a/charts/argo-cd/templates/argocd-server/serviceaccount.yaml +++ b/charts/argo-cd/templates/argocd-server/serviceaccount.yaml @@ -13,7 +13,7 @@ metadata: {{- end }} labels: {{- include "argo-cd.labels" (dict "context" . "component" .Values.server.name "name" .Values.server.name) | nindent 4 }} - {{- range $key, $value := .Values.server.serviceAccount.labels }} + {{- with .Values.server.serviceAccount.labels }} {{- toYaml . | nindent 4 }} {{- end }} {{- end }} From a2c964045a81b81477804b38f38be20c3c1af185 Mon Sep 17 00:00:00 2001 From: Aikawa Date: Sat, 27 Jan 2024 06:02:37 +0900 Subject: [PATCH 373/373] docs(argo-workflows): Add MySQL persistence support explicitly on README (#2448) --- charts/argo-workflows/Chart.yaml | 6 +++--- charts/argo-workflows/README.md | 2 +- charts/argo-workflows/values.yaml | 14 +++++++++++++- 3 files changed, 17 insertions(+), 5 deletions(-) diff --git a/charts/argo-workflows/Chart.yaml b/charts/argo-workflows/Chart.yaml index 50f603296..778b83f7f 100644 --- a/charts/argo-workflows/Chart.yaml +++ b/charts/argo-workflows/Chart.yaml @@ -3,7 +3,7 @@ appVersion: v3.5.4 name: argo-workflows description: A Helm chart for Argo Workflows type: application -version: 0.40.8 +version: 0.40.9 icon: https://argoproj.github.io/argo-workflows/assets/logo.png home: https://github.com/argoproj/argo-helm sources: @@ -16,5 +16,5 @@ annotations: fingerprint: 2B8F22F57260EFA67BE1C5824B11F800CD9D2252 url: https://argoproj.github.io/argo-helm/pgp_keys.asc artifacthub.io/changes: | - - kind: fixed - description: Remove trailing whitespace from `.resourceRateLimit` when value is set and `.sso.redirectUrl` when value is an empty string. + - kind: added + description: Add MySQL persistence support explicitly on README diff --git a/charts/argo-workflows/README.md b/charts/argo-workflows/README.md index 3a2a91d7e..fa730ddce 100644 --- a/charts/argo-workflows/README.md +++ b/charts/argo-workflows/README.md @@ -186,7 +186,7 @@ Fields to note: | controller.nodeSelector | object | `{"kubernetes.io/os":"linux"}` | [Node selector] | | controller.parallelism | string | `nil` | parallelism dictates how many workflows can be running at the same time | | controller.pdb.enabled | bool | `false` | Configure [Pod Disruption Budget] for the controller pods | -| controller.persistence | object | `{}` | enable persistence using postgres | +| controller.persistence | object | `{}` | enable Workflow Archive to store the status of workflows. Postgres and MySQL (>= 5.7.8) are available. | | controller.podAnnotations | object | `{}` | podAnnotations is an optional map of annotations to be applied to the controller Pods | | controller.podCleanupWorkers | string | `nil` | Number of pod cleanup workers | | controller.podGCDeleteDelayDuration | string | `5s` (Argo Workflows default) | The duration in seconds before the pods in the GC queue get deleted. A zero value indicates that the pods will be deleted immediately. | diff --git a/charts/argo-workflows/values.yaml b/charts/argo-workflows/values.yaml index 570f59861..101aafba8 100644 --- a/charts/argo-workflows/values.yaml +++ b/charts/argo-workflows/values.yaml @@ -146,7 +146,8 @@ controller: capabilities: drop: - ALL - # -- enable persistence using postgres + # -- enable Workflow Archive to store the status of workflows. Postgres and MySQL (>= 5.7.8) are available. + ## Ref: https://argo-workflows.readthedocs.io/en/latest/workflow-archive/ persistence: {} # connectionPool: # maxIdleConns: 100 @@ -171,6 +172,17 @@ controller: # # sslMode must be one of: disable, require, verify-ca, verify-full # # you can find more information about those ssl options here: https://godoc.org/github.com/lib/pq # sslMode: require + # mysql: + # host: localhost + # port: 3306 + # database: argo + # tableName: argo_workflows + # userNameSecret: + # name: argo-mysql-config + # key: username + # passwordSecret: + # name: argo-mysql-config + # key: password # -- Default values that will apply to all Workflows from this controller, unless overridden on the Workflow-level. # Only valid for 2.7+