From 1a55354bb80b59fc295e35e4cf2715eaab104c24 Mon Sep 17 00:00:00 2001 From: Ilia Medvedev Date: Sun, 25 Dec 2022 10:35:21 +0200 Subject: [PATCH 001/356] initialize argo-cd --- .github/configs/ct-install.yaml | 5 ++--- .github/configs/ct-lint.yaml | 5 ++--- .github/workflows/lint-and-test.yml | 17 ++++------------- charts/argo-cd/Chart.yaml | 2 +- 4 files changed, 9 insertions(+), 20 deletions(-) diff --git a/.github/configs/ct-install.yaml b/.github/configs/ct-install.yaml index df00bb1ef..d1b3cd36e 100644 --- a/.github/configs/ct-install.yaml +++ b/.github/configs/ct-install.yaml @@ -2,9 +2,8 @@ # Don't add the 'debug' attribute, otherwise the workflow won't work anymore # Only Used for the CT Install Stage remote: origin -target-branch: main -chart-dirs: - - charts +charts: +- charts/argo-cd chart-repos: - dandydeveloper=https://dandydeveloper.github.io/charts/ helm-extra-args: "--timeout 600s" diff --git a/.github/configs/ct-lint.yaml b/.github/configs/ct-lint.yaml index 1e66067aa..9af3431d5 100644 --- a/.github/configs/ct-lint.yaml +++ b/.github/configs/ct-lint.yaml @@ -2,9 +2,8 @@ # Don't add the 'debug' attribute, otherwise the workflow won't work anymore # Only Used for the CT Lint Stage remote: origin -target-branch: main -chart-dirs: - - charts +charts: +- charts/argo-cd chart-repos: - dandydeveloper=https://dandydeveloper.github.io/charts/ helm-extra-args: "--timeout 600s" diff --git a/.github/workflows/lint-and-test.yml b/.github/workflows/lint-and-test.yml index 605c9f9ee..5a7e2596e 100644 --- a/.github/workflows/lint-and-test.yml +++ b/.github/workflows/lint-and-test.yml @@ -35,14 +35,14 @@ jobs: id: list-changed run: | ## If executed with debug this won't work anymore. - changed=$(ct --config ./.github/configs/ct-lint.yaml list-changed) + changed=$(ct --config ./.github/configs/ct-lint.yaml --target-branch ${{ github.base_ref }} list-changed) charts=$(echo "$changed" | tr '\n' ' ' | xargs) if [[ -n "$changed" ]]; then echo "::set-output name=changed::true" echo "::set-output name=changed_charts::$charts" fi - name: Run chart-testing (lint) - run: ct lint --debug --config ./.github/configs/ct-lint.yaml --lint-conf ./.github/configs/lintconf.yaml + run: ct lint --debug --config ./.github/configs/ct-lint.yaml --target-branch ${{ github.base_ref }} --lint-conf ./.github/configs/lintconf.yaml - name: Run docs-testing (helm-docs) id: helm-docs @@ -62,15 +62,6 @@ jobs: with: config: .github/configs/kind-config.yaml - - name: Deploy latest ArgoCD CRDs when testing ArgoCD extensions - if: | - contains(steps.list-changed.outputs.changed_charts, 'argocd-image-updater') || - contains(steps.list-changed.outputs.changed_charts, 'argocd-apps') - run: | - helm repo add dandydeveloper https://dandydeveloper.github.io/charts/ - helm dependency build charts/argo-cd/ - helm template charts/argo-cd/ -s templates/crds/* | kubectl apply -f - - - name: Skip HPA tests of ArgoCD if: contains(steps.list-changed.outputs.changed_charts, 'argo-cd') run: | @@ -85,5 +76,5 @@ jobs: helm install redis bitnami/redis --wait --namespace redis --set auth.password=argocd --set architecture=standalone - name: Run chart-testing (install) - run: ct install --config ./.github/configs/ct-install.yaml - if: steps.list-changed.outputs.changed == 'true' + run: ct install --config ./.github/configs/ct-install.yaml --target-branch ${{ github.base_ref }} + if: steps.list-changed.outputs.changed == 'true' \ No newline at end of file diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index 581189155..39f131cb0 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v2 appVersion: v2.4.15 description: A Helm chart for Argo CD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 5.7.0 +version: 5.7.0-cf-init home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png sources: From 2a20c44088bb0c5676f36032e6301e157763f1f8 Mon Sep 17 00:00:00 2001 From: Ilia Medvedev Date: Sun, 25 Dec 2022 12:09:04 +0200 Subject: [PATCH 002/356] test --- charts/argo-cd/Chart.yaml | 2 +- charts/argo-cd/templates/argocd-server/deployment.yaml | 1 + charts/argo-events/templates/argo-events-controller/config.yaml | 1 + 3 files changed, 3 insertions(+), 1 deletion(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index 39f131cb0..9247be914 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v2 appVersion: v2.4.15 description: A Helm chart for Argo CD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 5.7.0-cf-init +version: 5.7.0-cf-test1 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png sources: diff --git a/charts/argo-cd/templates/argocd-server/deployment.yaml b/charts/argo-cd/templates/argocd-server/deployment.yaml index 10c215410..cecc83f0a 100755 --- a/charts/argo-cd/templates/argocd-server/deployment.yaml +++ b/charts/argo-cd/templates/argocd-server/deployment.yaml @@ -1,3 +1,4 @@ +# TEST apiVersion: apps/v1 kind: Deployment metadata: diff --git a/charts/argo-events/templates/argo-events-controller/config.yaml b/charts/argo-events/templates/argo-events-controller/config.yaml index 486fa3645..4fc95b9bc 100644 --- a/charts/argo-events/templates/argo-events-controller/config.yaml +++ b/charts/argo-events/templates/argo-events-controller/config.yaml @@ -1,3 +1,4 @@ +# Test1 apiVersion: v1 kind: ConfigMap metadata: From 0bd029838efe9c963f436f471e460c0238fe1803 Mon Sep 17 00:00:00 2001 From: Ilia Medvedev Date: Sun, 25 Dec 2022 12:11:45 +0200 Subject: [PATCH 003/356] changes to pipelines --- .github/workflows/publish.yml | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/.github/workflows/publish.yml b/.github/workflows/publish.yml index 901c2f63e..d709bbd67 100644 --- a/.github/workflows/publish.yml +++ b/.github/workflows/publish.yml @@ -3,7 +3,7 @@ name: Chart Publish on: push: branches: - - main + - argo-cd permissions: contents: read @@ -42,5 +42,6 @@ jobs: uses: helm/chart-releaser-action@v1.4.0 with: config: "./.github/configs/cr.yaml" + charts_dir: "charts/argo-cd" env: CR_TOKEN: "${{ secrets.GITHUB_TOKEN }}" From 2fdb695799c557eae03cadfd0a319f0f0f317d31 Mon Sep 17 00:00:00 2001 From: Ilia Medvedev Date: Sun, 25 Dec 2022 12:34:24 +0200 Subject: [PATCH 004/356] change to cf images --- charts/argo-cd/Chart.yaml | 4 ++-- charts/argo-cd/templates/argocd-server/deployment.yaml | 1 - charts/argo-cd/values.yaml | 10 +++++----- .../templates/argo-events-controller/config.yaml | 1 - 4 files changed, 7 insertions(+), 9 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index 9247be914..f6b430082 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -1,8 +1,8 @@ apiVersion: v2 -appVersion: v2.4.15 +appVersion: v2.4.15-cap-CR-15677-rollout-rollback description: A Helm chart for Argo CD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 5.7.0-cf-test1 +version: 5.7.0-cf-initial home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png sources: diff --git a/charts/argo-cd/templates/argocd-server/deployment.yaml b/charts/argo-cd/templates/argocd-server/deployment.yaml index cecc83f0a..10c215410 100755 --- a/charts/argo-cd/templates/argocd-server/deployment.yaml +++ b/charts/argo-cd/templates/argocd-server/deployment.yaml @@ -1,4 +1,3 @@ -# TEST apiVersion: apps/v1 kind: Deployment metadata: diff --git a/charts/argo-cd/values.yaml b/charts/argo-cd/values.yaml index 11b6d568b..707679c24 100755 --- a/charts/argo-cd/values.yaml +++ b/charts/argo-cd/values.yaml @@ -43,7 +43,7 @@ crds: global: image: # -- If defined, a repository applied to all Argo CD deployments - repository: quay.io/argoproj/argocd + repository: quay.io/codefresh/argocd # -- Overrides the global Argo CD image tag whose default is the chart appVersion tag: "" # -- If defined, a imagePullPolicy applied to all Argo CD deployments @@ -980,9 +980,9 @@ redis: ## Redis image image: # -- Redis repository - repository: public.ecr.aws/docker/library/redis + repository: quay.io/codefresh/redis # -- Redis tag - tag: 7.0.5-alpine + tag: 7.0.4-alpine # -- Redis imagePullPolicy imagePullPolicy: IfNotPresent @@ -2046,10 +2046,10 @@ applicationSet: image: # -- Repository to use for the application set controller # @default -- `""` (defaults to global.image.repository) - repository: "" + repository: "quay.io/codefresh/applicationset" # -- Tag to use for the application set controller # @default -- `""` (defaults to global.image.tag) - tag: "" + tag: "v0.4.2-CR-13254-remove-private-logs" # -- Image pull policy for the application set controller # @default -- `""` (defaults to global.image.imagePullPolicy) imagePullPolicy: "" diff --git a/charts/argo-events/templates/argo-events-controller/config.yaml b/charts/argo-events/templates/argo-events-controller/config.yaml index 4fc95b9bc..486fa3645 100644 --- a/charts/argo-events/templates/argo-events-controller/config.yaml +++ b/charts/argo-events/templates/argo-events-controller/config.yaml @@ -1,4 +1,3 @@ -# Test1 apiVersion: v1 kind: ConfigMap metadata: From 26d1950138278ae44492affb6fc0e9422e223a59 Mon Sep 17 00:00:00 2001 From: Ilia Medvedev Date: Sun, 25 Dec 2022 12:37:48 +0200 Subject: [PATCH 005/356] fix doc --- charts/argo-cd/README.md | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/charts/argo-cd/README.md b/charts/argo-cd/README.md index f4a238ac9..19d4e5c1d 100644 --- a/charts/argo-cd/README.md +++ b/charts/argo-cd/README.md @@ -354,7 +354,7 @@ NAME: my-release | global.additionalLabels | object | `{}` | Additional labels to add to all resources | | global.hostAliases | list | `[]` | Mapping between IP and hostnames that will be injected as entries in the pod's hosts files | | global.image.imagePullPolicy | string | `"IfNotPresent"` | If defined, a imagePullPolicy applied to all Argo CD deployments | -| global.image.repository | string | `"quay.io/argoproj/argocd"` | If defined, a repository applied to all Argo CD deployments | +| global.image.repository | string | `"quay.io/codefresh/argocd"` | If defined, a repository applied to all Argo CD deployments | | global.image.tag | string | `""` | Overrides the global Argo CD image tag whose default is the chart appVersion | | global.imagePullSecrets | list | `[]` | Secrets with credentials to pull images from a private registry | | global.logging.format | string | `"text"` | Set the global logging format. Either: `text` or `json` | @@ -816,8 +816,8 @@ server: | redis.extraArgs | list | `[]` | Additional command line arguments to pass to redis-server | | redis.extraContainers | list | `[]` | Additional containers to be added to the redis pod | | redis.image.imagePullPolicy | string | `"IfNotPresent"` | Redis imagePullPolicy | -| redis.image.repository | string | `"public.ecr.aws/docker/library/redis"` | Redis repository | -| redis.image.tag | string | `"7.0.5-alpine"` | Redis tag | +| redis.image.repository | string | `"quay.io/codefresh/redis"` | Redis repository | +| redis.image.tag | string | `"7.0.4-alpine"` | Redis tag | | redis.imagePullSecrets | list | `[]` (defaults to global.imagePullSecrets) | Secrets with credentials to pull images from a private registry | | redis.initContainers | list | `[]` | Init containers to add to the redis pod | | redis.metrics.containerPort | int | `9121` | Port to use for redis-exporter sidecar | From 8c9f38a2572c11ec6b631cef23cafbe516f04976 Mon Sep 17 00:00:00 2001 From: Ilia Medvedev Date: Sun, 25 Dec 2022 12:55:50 +0200 Subject: [PATCH 006/356] disabled notifications controller --- charts/argo-cd/values.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/charts/argo-cd/values.yaml b/charts/argo-cd/values.yaml index 707679c24..b0f47019c 100755 --- a/charts/argo-cd/values.yaml +++ b/charts/argo-cd/values.yaml @@ -2259,7 +2259,7 @@ applicationSet: ## Notifications controller notifications: # -- Enable notifications controller - enabled: true + enabled: false # -- Notifications controller name string name: notifications-controller From d208bfd51a7c3ae3026bc955cd1b988c46724df8 Mon Sep 17 00:00:00 2001 From: Ilia Medvedev Date: Sun, 25 Dec 2022 12:57:02 +0200 Subject: [PATCH 007/356] disabled notifications controller --- charts/argo-cd/README.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/charts/argo-cd/README.md b/charts/argo-cd/README.md index 19d4e5c1d..b71caef2e 100644 --- a/charts/argo-cd/README.md +++ b/charts/argo-cd/README.md @@ -1010,7 +1010,7 @@ If you want to use an existing Redis (eg. a managed service from a cloud provide | notifications.cm.create | bool | `true` | Whether helm chart creates controller config map | | notifications.containerSecurityContext | object | `{}` | Container Security Context | | notifications.context | object | `{}` | Define user-defined context | -| notifications.enabled | bool | `true` | Enable notifications controller | +| notifications.enabled | bool | `false` | Enable notifications controller | | notifications.extraArgs | list | `[]` | Extra arguments to provide to the controller | | notifications.extraEnv | list | `[]` | Additional container environment variables | | notifications.extraEnvFrom | list | `[]` (See [values.yaml]) | envFrom to pass to the controller | From 37484603eb7462258506545da678054d460892f3 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Sun, 25 Dec 2022 20:06:09 +0900 Subject: [PATCH 008/356] chore(github): bump actions/stale from 6 to 7 (#1729) chore(deps): bump actions/stale from 6 to 7 Bumps [actions/stale](https://github.com/actions/stale) from 6 to 7. - [Release notes](https://github.com/actions/stale/releases) - [Changelog](https://github.com/actions/stale/blob/main/CHANGELOG.md) - [Commits](https://github.com/actions/stale/compare/v6...v7) --- updated-dependencies: - dependency-name: actions/stale dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Aikawa --- .github/workflows/stale.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/stale.yml b/.github/workflows/stale.yml index 3637ed8f4..3a8e77d1f 100644 --- a/.github/workflows/stale.yml +++ b/.github/workflows/stale.yml @@ -14,7 +14,7 @@ jobs: pull-requests: write # for actions/stale to close stale PRs runs-on: ubuntu-latest steps: - - uses: actions/stale@v6 + - uses: actions/stale@v7 with: repo-token: ${{ secrets.GITHUB_TOKEN }} # Number of days of inactivity before an issue becomes stale From 833359e415b91afb1172ccaf8279e1757c63ea9b Mon Sep 17 00:00:00 2001 From: Ilia Medvedev Date: Sun, 25 Dec 2022 13:54:04 +0200 Subject: [PATCH 009/356] adjust appset controller --- charts/argo-cd/templates/argocd-applicationset/deployment.yaml | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/charts/argo-cd/templates/argocd-applicationset/deployment.yaml b/charts/argo-cd/templates/argocd-applicationset/deployment.yaml index 2dbc5b70f..9b69d61d4 100644 --- a/charts/argo-cd/templates/argocd-applicationset/deployment.yaml +++ b/charts/argo-cd/templates/argocd-applicationset/deployment.yaml @@ -37,7 +37,8 @@ spec: imagePullPolicy: {{ default .Values.global.image.imagePullPolicy .Values.applicationSet.image.imagePullPolicy }} command: - entrypoint.sh - - argocd-applicationset-controller + {{/* Codefresh - change argocd-applicationset-controller to applicationset-controller*/}} + - applicationset-controller - --logformat - {{ default .Values.global.logging.format .Values.applicationSet.logFormat }} - --loglevel From c4d8b37fe49cfcfd09cbd693032ba54a0bc21403 Mon Sep 17 00:00:00 2001 From: Aikawa Date: Sun, 25 Dec 2022 22:56:33 +0900 Subject: [PATCH 010/356] chore(argocd-apps): Add changelog link on README (#1731) Signed-off-by: yu-croco --- charts/argocd-apps/Chart.yaml | 4 ++-- charts/argocd-apps/README.md | 6 ++++++ charts/argocd-apps/README.md.gotmpl | 6 ++++++ 3 files changed, 14 insertions(+), 2 deletions(-) diff --git a/charts/argocd-apps/Chart.yaml b/charts/argocd-apps/Chart.yaml index 7a5840b72..4f2d82bef 100644 --- a/charts/argocd-apps/Chart.yaml +++ b/charts/argocd-apps/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v2 name: argocd-apps description: A Helm chart for managing additional Argo CD Applications and Projects type: application -version: 0.0.5 +version: 0.0.6 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png keywords: @@ -14,4 +14,4 @@ maintainers: url: https://argoproj.github.io/ annotations: artifacthub.io/changes: | - - "[Added]: Support sourceNamespaces for AppProject" + - "[Added]: Changelog link on README" diff --git a/charts/argocd-apps/README.md b/charts/argocd-apps/README.md index fc994888a..bc0d0685d 100644 --- a/charts/argocd-apps/README.md +++ b/charts/argocd-apps/README.md @@ -13,6 +13,10 @@ docker run --rm --volume "$(pwd):/helm-docs" -u $(id -u) jnorwood/helm-docs:late - CRDs (Application and AppProject) - You need to install them via [argo-cd Helm chart](../argo-cd) or upstream. +## Changelog + +For full list of changes, please check ArtifactHub [changelog]. + ## Installation ```console @@ -31,3 +35,5 @@ $ helm install my-release argo/argocd-apps ---------------------------------------------- Autogenerated from chart metadata using [helm-docs](https://github.com/norwoodj/helm-docs) + +[changelog]: https://artifacthub.io/packages/helm/argo/argocd-apps?modal=changelog diff --git a/charts/argocd-apps/README.md.gotmpl b/charts/argocd-apps/README.md.gotmpl index 8d628693a..e8cb1c178 100644 --- a/charts/argocd-apps/README.md.gotmpl +++ b/charts/argocd-apps/README.md.gotmpl @@ -13,6 +13,10 @@ docker run --rm --volume "$(pwd):/helm-docs" -u $(id -u) jnorwood/helm-docs:late - CRDs (Application and AppProject) - You need to install them via [argo-cd Helm chart](../argo-cd) or upstream. +## Changelog + +For full list of changes, please check ArtifactHub [changelog]. + ## Installation ```console @@ -24,3 +28,5 @@ $ helm install my-release argo/argocd-apps ---------------------------------------------- Autogenerated from chart metadata using [helm-docs](https://github.com/norwoodj/helm-docs) + +[changelog]: https://artifacthub.io/packages/helm/argo/argocd-apps?modal=changelog From 7db4963d6a8974c4836f060f754afb6ff6da0183 Mon Sep 17 00:00:00 2001 From: Ilia Medvedev Date: Sun, 25 Dec 2022 18:42:56 +0200 Subject: [PATCH 011/356] init --- charts/argo-cd/Chart.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index f6b430082..88a3a59c3 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v2 appVersion: v2.4.15-cap-CR-15677-rollout-rollback description: A Helm chart for Argo CD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 5.7.0-cf-initial +version: 5.7.0-cf-init home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png sources: From 94287673363eff7c6003c2ae3e06f37766db9d1a Mon Sep 17 00:00:00 2001 From: Ilia Medvedev Date: Sun, 25 Dec 2022 18:43:30 +0200 Subject: [PATCH 012/356] init --- .github/workflows/publish.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/publish.yml b/.github/workflows/publish.yml index d709bbd67..63fe31cd7 100644 --- a/.github/workflows/publish.yml +++ b/.github/workflows/publish.yml @@ -42,6 +42,6 @@ jobs: uses: helm/chart-releaser-action@v1.4.0 with: config: "./.github/configs/cr.yaml" - charts_dir: "charts/argo-cd" + #charts_dir: "charts/argo-cd" env: CR_TOKEN: "${{ secrets.GITHUB_TOKEN }}" From d6f3465fb625dfb9f5559288d6e9e2de5881c072 Mon Sep 17 00:00:00 2001 From: Ilia Medvedev Date: Mon, 26 Dec 2022 09:28:37 +0200 Subject: [PATCH 013/356] release specific chart only --- .github/workflows/publish.yml | 11 ++++++----- 1 file changed, 6 insertions(+), 5 deletions(-) diff --git a/.github/workflows/publish.yml b/.github/workflows/publish.yml index 63fe31cd7..a7ba4081c 100644 --- a/.github/workflows/publish.yml +++ b/.github/workflows/publish.yml @@ -33,15 +33,16 @@ jobs: git config user.name "$GITHUB_ACTOR" git config user.email "$GITHUB_ACTOR@users.noreply.github.com" - ## This is required to consider the old Circle-CI Index and to stay compatible with all the old releases. - - name: Fetch current Chart Index + - name: Package chart run: | - git checkout origin/gh-pages index.yaml + rm -rf .cr-release-packages + mkdir .cr-release-packages + helm package charts/argo-cd -u -d .cr-release-packages/ - name: Run chart-releaser - uses: helm/chart-releaser-action@v1.4.0 + uses: helm/chart-releaser-action@main with: config: "./.github/configs/cr.yaml" - #charts_dir: "charts/argo-cd" + skip_packaging: true env: CR_TOKEN: "${{ secrets.GITHUB_TOKEN }}" From 0694db8b41ed3ad2f6dec2f28f33e975c708fb08 Mon Sep 17 00:00:00 2001 From: Ilia Medvedev Date: Mon, 26 Dec 2022 10:33:05 +0200 Subject: [PATCH 014/356] vers --- charts/argo-cd/Chart.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index 88a3a59c3..ab174773d 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v2 appVersion: v2.4.15-cap-CR-15677-rollout-rollback description: A Helm chart for Argo CD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 5.7.0-cf-init +version: 5.7.0-1-cf-init home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png sources: From 2204f028b9ff0a17be888c923bbf7892f0458343 Mon Sep 17 00:00:00 2001 From: Aikawa Date: Tue, 27 Dec 2022 21:12:04 +0900 Subject: [PATCH 015/356] chore(argo-cd): Update redis-ha to v4.22.4 (#1732) Signed-off-by: yu-croco --- charts/argo-cd/Chart.lock | 6 +++--- charts/argo-cd/Chart.yaml | 6 +++--- 2 files changed, 6 insertions(+), 6 deletions(-) diff --git a/charts/argo-cd/Chart.lock b/charts/argo-cd/Chart.lock index 7a069ce95..a2a5011e3 100644 --- a/charts/argo-cd/Chart.lock +++ b/charts/argo-cd/Chart.lock @@ -1,6 +1,6 @@ dependencies: - name: redis-ha repository: https://dandydeveloper.github.io/charts/ - version: 4.22.3 -digest: sha256:ef6269e4e073dad10c230ccfb069fc013608111c895c5e7568450bb3967cf195 -generated: "2022-11-03T12:04:33.673857+09:00" + version: 4.22.4 +digest: sha256:5df60910862b364ebfb82cba2b2f0951c39ad36446647fb3f501bdeadc92fbd7 +generated: "2022-12-26T22:58:11.561184+09:00" diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index bd3982a79..e8695ca38 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -3,7 +3,7 @@ appVersion: v2.5.5 kubeVersion: ">=1.22.0-0" description: A Helm chart for Argo CD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 5.16.9 +version: 5.16.10 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png sources: @@ -18,9 +18,9 @@ maintainers: url: https://argoproj.github.io/ dependencies: - name: redis-ha - version: 4.22.3 + version: 4.22.4 repository: https://dandydeveloper.github.io/charts/ condition: redis-ha.enabled annotations: artifacthub.io/changes: | - - "[Added]: Support relabelings and metricRelabelings to Notification's ServiceMonitor" + - "[Changed]: Update redis-ha to v4.22.4" From fbc8cb263c7b6f53bb73fcab908a13c67b09b617 Mon Sep 17 00:00:00 2001 From: Boris Gershanik Date: Thu, 29 Dec 2022 13:49:10 +0200 Subject: [PATCH 016/356] feat(argo-cd): Add hostAliases to ApplicationSet Deployment (#1737) Signed-off-by: Boris Gershanik Signed-off-by: Boris Gershanik --- charts/argo-cd/Chart.yaml | 4 ++-- .../argo-cd/templates/argocd-applicationset/deployment.yaml | 4 ++++ 2 files changed, 6 insertions(+), 2 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index e8695ca38..236c39c68 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -3,7 +3,7 @@ appVersion: v2.5.5 kubeVersion: ">=1.22.0-0" description: A Helm chart for Argo CD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 5.16.10 +version: 5.16.11 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png sources: @@ -23,4 +23,4 @@ dependencies: condition: redis-ha.enabled annotations: artifacthub.io/changes: | - - "[Changed]: Update redis-ha to v4.22.4" + - "[Added]: Added HostAliases to ApplicationSet Deployment" diff --git a/charts/argo-cd/templates/argocd-applicationset/deployment.yaml b/charts/argo-cd/templates/argocd-applicationset/deployment.yaml index 6c48fefb4..ce4cd8214 100644 --- a/charts/argo-cd/templates/argocd-applicationset/deployment.yaml +++ b/charts/argo-cd/templates/argocd-applicationset/deployment.yaml @@ -40,6 +40,10 @@ spec: {{- toYaml . | nindent 8 }} {{- end }} serviceAccountName: {{ include "argo-cd.applicationSetServiceAccountName" . }} + {{- with .Values.global.hostAliases }} + hostAliases: + {{- toYaml . | nindent 6 }} + {{- end }} containers: - name: {{ .Values.applicationSet.name }} image: {{ default .Values.global.image.repository .Values.applicationSet.image.repository }}:{{ default (include "argo-cd.defaultTag" .) .Values.applicationSet.image.tag }} From f6c884a0969ebe07e81b1204811dc1b4efc1511d Mon Sep 17 00:00:00 2001 From: Petr Drastil Date: Thu, 29 Dec 2022 16:47:29 +0100 Subject: [PATCH 017/356] chore(argo-cd): Remove legacy API versions for PDBs (#1740) Signed-off-by: Petr Drastil --- charts/argo-cd/Chart.yaml | 4 ++-- charts/argo-cd/README.md | 1 - charts/argo-cd/templates/_versions.tpl | 13 ------------- .../argocd-application-controller/pdb.yaml | 2 +- .../templates/argocd-applicationset/pdb.yaml | 2 +- .../argocd-notifications/bots/slack/pdb.yaml | 2 +- .../argo-cd/templates/argocd-notifications/pdb.yaml | 2 +- .../argo-cd/templates/argocd-repo-server/pdb.yaml | 2 +- charts/argo-cd/templates/argocd-server/pdb.yaml | 2 +- charts/argo-cd/templates/dex/pdb.yaml | 2 +- charts/argo-cd/templates/redis/pdb.yaml | 2 +- charts/argo-cd/values.yaml | 2 -- 12 files changed, 10 insertions(+), 26 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index 236c39c68..7e7b4d500 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -3,7 +3,7 @@ appVersion: v2.5.5 kubeVersion: ">=1.22.0-0" description: A Helm chart for Argo CD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 5.16.11 +version: 5.16.12 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png sources: @@ -23,4 +23,4 @@ dependencies: condition: redis-ha.enabled annotations: artifacthub.io/changes: | - - "[Added]: Added HostAliases to ApplicationSet Deployment" + - "[Removed]: API override for PDB" diff --git a/charts/argo-cd/README.md b/charts/argo-cd/README.md index 02a3a9a88..495277544 100644 --- a/charts/argo-cd/README.md +++ b/charts/argo-cd/README.md @@ -360,7 +360,6 @@ NAME: my-release | apiVersionOverrides.certmanager | string | `""` | String to override apiVersion of cert-manager resources rendered by this helm chart | | apiVersionOverrides.cloudgoogle | string | `""` | String to override apiVersion of GKE resources rendered by this helm chart | | apiVersionOverrides.ingress | string | `""` | String to override apiVersion of ingresses rendered by this helm chart | -| apiVersionOverrides.pdb | string | `""` | String to override apiVersion of pod disruption budgets rendered by this helm chart | | crds.annotations | object | `{}` | Annotations to be added to all CRDs | | crds.install | bool | `true` | Install and upgrade CRDs | | crds.keep | bool | `true` | Keep CRDs on chart uninstall | diff --git a/charts/argo-cd/templates/_versions.tpl b/charts/argo-cd/templates/_versions.tpl index 2f2c61f9f..b3aa6a417 100644 --- a/charts/argo-cd/templates/_versions.tpl +++ b/charts/argo-cd/templates/_versions.tpl @@ -34,19 +34,6 @@ Return the appropriate apiVersion for ingress {{- end -}} {{- end -}} -{{/* -Return the appropriate apiVersion for pod disruption budget -*/}} -{{- define "argo-cd.apiVersion.pdb" -}} -{{- if .Values.apiVersionOverrides.pdb -}} -{{- print .Values.apiVersionOverrides.pdb -}} -{{- else if semverCompare "<1.21-0" (include "argo-cd.kubeVersion" .) -}} -{{- print "policy/v1beta1" -}} -{{- else -}} -{{- print "policy/v1" -}} -{{- end -}} -{{- end -}} - {{/* Return the appropriate apiVersion for cert-manager */}} diff --git a/charts/argo-cd/templates/argocd-application-controller/pdb.yaml b/charts/argo-cd/templates/argocd-application-controller/pdb.yaml index 8f2531ff3..b6804c549 100644 --- a/charts/argo-cd/templates/argocd-application-controller/pdb.yaml +++ b/charts/argo-cd/templates/argocd-application-controller/pdb.yaml @@ -1,5 +1,5 @@ {{- if .Values.controller.pdb.enabled }} -apiVersion: {{ include "argo-cd.apiVersion.pdb" . }} +apiVersion: policy/v1 kind: PodDisruptionBudget metadata: name: {{ include "argo-cd.controller.fullname" . }} diff --git a/charts/argo-cd/templates/argocd-applicationset/pdb.yaml b/charts/argo-cd/templates/argocd-applicationset/pdb.yaml index d101d5768..51974356d 100644 --- a/charts/argo-cd/templates/argocd-applicationset/pdb.yaml +++ b/charts/argo-cd/templates/argocd-applicationset/pdb.yaml @@ -1,5 +1,5 @@ {{- if and .Values.applicationSet.enabled .Values.applicationSet.pdb.enabled }} -apiVersion: {{ include "argo-cd.apiVersion.pdb" . }} +apiVersion: policy/v1 kind: PodDisruptionBudget metadata: name: {{ include "argo-cd.applicationSet.fullname" . }} diff --git a/charts/argo-cd/templates/argocd-notifications/bots/slack/pdb.yaml b/charts/argo-cd/templates/argocd-notifications/bots/slack/pdb.yaml index 458af6f7e..60df983e8 100644 --- a/charts/argo-cd/templates/argocd-notifications/bots/slack/pdb.yaml +++ b/charts/argo-cd/templates/argocd-notifications/bots/slack/pdb.yaml @@ -1,5 +1,5 @@ {{- if and .Values.notifications.enabled .Values.notifications.bots.slack.enabled .Values.notifications.bots.slack.pdb.enabled }} -apiVersion: {{ include "argo-cd.apiVersion.pdb" . }} +apiVersion: policy/v1 kind: PodDisruptionBudget metadata: name: {{ include "argo-cd.notifications.fullname" . }}-bot diff --git a/charts/argo-cd/templates/argocd-notifications/pdb.yaml b/charts/argo-cd/templates/argocd-notifications/pdb.yaml index 711495a24..f1f32715c 100644 --- a/charts/argo-cd/templates/argocd-notifications/pdb.yaml +++ b/charts/argo-cd/templates/argocd-notifications/pdb.yaml @@ -1,5 +1,5 @@ {{- if and .Values.notifications.enabled .Values.notifications.pdb.enabled }} -apiVersion: {{ include "argo-cd.apiVersion.pdb" . }} +apiVersion: policy/v1 kind: PodDisruptionBudget metadata: name: {{ include "argo-cd.notifications.fullname" . }} diff --git a/charts/argo-cd/templates/argocd-repo-server/pdb.yaml b/charts/argo-cd/templates/argocd-repo-server/pdb.yaml index 7202bd392..318671f02 100644 --- a/charts/argo-cd/templates/argocd-repo-server/pdb.yaml +++ b/charts/argo-cd/templates/argocd-repo-server/pdb.yaml @@ -1,5 +1,5 @@ {{- if .Values.repoServer.pdb.enabled }} -apiVersion: {{ include "argo-cd.apiVersion.pdb" . }} +apiVersion: policy/v1 kind: PodDisruptionBudget metadata: name: {{ include "argo-cd.repoServer.fullname" . }} diff --git a/charts/argo-cd/templates/argocd-server/pdb.yaml b/charts/argo-cd/templates/argocd-server/pdb.yaml index 81d3367be..89c54c65b 100644 --- a/charts/argo-cd/templates/argocd-server/pdb.yaml +++ b/charts/argo-cd/templates/argocd-server/pdb.yaml @@ -1,5 +1,5 @@ {{- if .Values.server.pdb.enabled }} -apiVersion: {{ include "argo-cd.apiVersion.pdb" . }} +apiVersion: policy/v1 kind: PodDisruptionBudget metadata: name: {{ include "argo-cd.server.fullname" . }} diff --git a/charts/argo-cd/templates/dex/pdb.yaml b/charts/argo-cd/templates/dex/pdb.yaml index caa2ab299..45bd00500 100644 --- a/charts/argo-cd/templates/dex/pdb.yaml +++ b/charts/argo-cd/templates/dex/pdb.yaml @@ -1,5 +1,5 @@ {{- if and .Values.dex.enabled .Values.dex.pdb.enabled }} -apiVersion: {{ include "argo-cd.apiVersion.pdb" . }} +apiVersion: policy/v1 kind: PodDisruptionBudget metadata: name: {{ include "argo-cd.dex.fullname" . }} diff --git a/charts/argo-cd/templates/redis/pdb.yaml b/charts/argo-cd/templates/redis/pdb.yaml index 57fb94b32..8be05f938 100644 --- a/charts/argo-cd/templates/redis/pdb.yaml +++ b/charts/argo-cd/templates/redis/pdb.yaml @@ -1,6 +1,6 @@ {{- $redisHa := index .Values "redis-ha" -}} {{- if and .Values.redis.enabled (not $redisHa.enabled) .Values.redis.pdb.enabled }} -apiVersion: {{ include "argo-cd.apiVersion.pdb" . }} +apiVersion: policy/v1 kind: PodDisruptionBudget metadata: name: {{ include "argo-cd.redis.fullname" . }} diff --git a/charts/argo-cd/values.yaml b/charts/argo-cd/values.yaml index fbf429323..063f215b6 100755 --- a/charts/argo-cd/values.yaml +++ b/charts/argo-cd/values.yaml @@ -20,8 +20,6 @@ apiVersionOverrides: autoscaling: "" # autoscaling/v2 # -- String to override apiVersion of ingresses rendered by this helm chart ingress: "" # networking.k8s.io/v1beta1 - # -- String to override apiVersion of pod disruption budgets rendered by this helm chart - pdb: "" # policy/v1 # -- Create clusterroles that extend existing clusterroles to interact with argo-cd crds ## Ref: https://kubernetes.io/docs/reference/access-authn-authz/rbac/#aggregated-clusterroles From 9c71f1cbabae17b365212377f7148b1484716d03 Mon Sep 17 00:00:00 2001 From: Petr Drastil Date: Thu, 29 Dec 2022 16:54:28 +0100 Subject: [PATCH 018/356] chore(argo-cd): Add pdrastil as Argo CD codeowner (#1743) Add pdrastil as Argo CD codeowner Signed-off-by: Petr Drastil Signed-off-by: Petr Drastil --- CODEOWNERS | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/CODEOWNERS b/CODEOWNERS index c161dac36..aea8942f7 100644 --- a/CODEOWNERS +++ b/CODEOWNERS @@ -7,7 +7,7 @@ /charts/argo-workflows/ @stefansedich @paguos @vladlosev @yann-soubeyrand @jmeridth @yu-croco # Argo CD -/charts/argo-cd/ @davidkarlsen @mr-sour @yann-soubeyrand @mbevc1 @mkilchhofer @yu-croco @jmeridth +/charts/argo-cd/ @davidkarlsen @mr-sour @yann-soubeyrand @mbevc1 @mkilchhofer @yu-croco @jmeridth @pdrastil # Argo Events /charts/argo-events/ @jbehling @VaibhavPage @pdrastil From def1e657dabec9ed32704306354a209ee2044d83 Mon Sep 17 00:00:00 2001 From: Petr Drastil Date: Thu, 29 Dec 2022 17:26:36 +0100 Subject: [PATCH 019/356] chore(argo-cd): Remove legacy API versions for Ingresses (#1742) Signed-off-by: Petr Drastil --- charts/argo-cd/Chart.yaml | 4 +- charts/argo-cd/README.md | 1 - charts/argo-cd/templates/_versions.tpl | 15 ----- .../webhook-ingress.yaml | 53 ++++++--------- .../templates/argocd-server/ingress-grpc.yaml | 57 ++++++----------- .../templates/argocd-server/ingress.yaml | 64 ++++++------------- charts/argo-cd/values.yaml | 30 ++------- 7 files changed, 66 insertions(+), 158 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index 7e7b4d500..4867e68c2 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -3,7 +3,7 @@ appVersion: v2.5.5 kubeVersion: ">=1.22.0-0" description: A Helm chart for Argo CD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 5.16.12 +version: 5.16.13 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png sources: @@ -23,4 +23,4 @@ dependencies: condition: redis-ha.enabled annotations: artifacthub.io/changes: | - - "[Removed]: API override for PDB" + - "[Removed]: Legacy API versions for Ingresses" diff --git a/charts/argo-cd/README.md b/charts/argo-cd/README.md index 495277544..03d9e7f7d 100644 --- a/charts/argo-cd/README.md +++ b/charts/argo-cd/README.md @@ -359,7 +359,6 @@ NAME: my-release | apiVersionOverrides.autoscaling | string | `""` | String to override apiVersion of autoscaling rendered by this helm chart | | apiVersionOverrides.certmanager | string | `""` | String to override apiVersion of cert-manager resources rendered by this helm chart | | apiVersionOverrides.cloudgoogle | string | `""` | String to override apiVersion of GKE resources rendered by this helm chart | -| apiVersionOverrides.ingress | string | `""` | String to override apiVersion of ingresses rendered by this helm chart | | crds.annotations | object | `{}` | Annotations to be added to all CRDs | | crds.install | bool | `true` | Install and upgrade CRDs | | crds.keep | bool | `true` | Keep CRDs on chart uninstall | diff --git a/charts/argo-cd/templates/_versions.tpl b/charts/argo-cd/templates/_versions.tpl index b3aa6a417..8240c4b09 100644 --- a/charts/argo-cd/templates/_versions.tpl +++ b/charts/argo-cd/templates/_versions.tpl @@ -19,21 +19,6 @@ Return the appropriate apiVersion for autoscaling {{- end -}} {{- end -}} -{{/* -Return the appropriate apiVersion for ingress -*/}} -{{- define "argo-cd.apiVersion.ingress" -}} -{{- if .Values.apiVersionOverrides.ingress -}} -{{- print .Values.apiVersionOverrides.ingress -}} -{{- else if semverCompare "<1.14-0" (include "argo-cd.kubeVersion" .) -}} -{{- print "extensions/v1beta1" -}} -{{- else if semverCompare "<1.19-0" (include "argo-cd.kubeVersion" .) -}} -{{- print "networking.k8s.io/v1beta1" -}} -{{- else -}} -{{- print "networking.k8s.io/v1" -}} -{{- end -}} -{{- end -}} - {{/* Return the appropriate apiVersion for cert-manager */}} diff --git a/charts/argo-cd/templates/argocd-applicationset/webhook-ingress.yaml b/charts/argo-cd/templates/argocd-applicationset/webhook-ingress.yaml index affeec867..5285c6f2d 100644 --- a/charts/argo-cd/templates/argocd-applicationset/webhook-ingress.yaml +++ b/charts/argo-cd/templates/argocd-applicationset/webhook-ingress.yaml @@ -1,89 +1,72 @@ {{- if and .Values.applicationSet.enabled .Values.applicationSet.webhook.ingress.enabled -}} -{{- $serviceName := include "argo-cd.applicationSet.fullname" . -}} {{- $servicePort := .Values.applicationSet.service.portName -}} {{- $paths := .Values.applicationSet.webhook.ingress.paths -}} {{- $extraPaths := .Values.applicationSet.webhook.ingress.extraPaths -}} {{- $pathType := .Values.applicationSet.webhook.ingress.pathType -}} -apiVersion: {{ include "argo-cd.apiVersion.ingress" . }} +apiVersion: networking.k8s.io/v1 kind: Ingress metadata: -{{- if .Values.applicationSet.webhook.ingress.annotations }} - annotations: - {{- range $key, $value := .Values.applicationSet.webhook.ingress.annotations }} - {{ $key }}: {{ $value | quote }} - {{- end }} -{{- end }} - name: {{ template "argo-cd.applicationSet.fullname" . }} + name: {{ include "argo-cd.applicationSet.fullname" . }} labels: {{- include "argo-cd.labels" (dict "context" . "component" .Values.applicationSet.name "name" .Values.applicationSet.name) | nindent 4 }} - {{- if .Values.applicationSet.webhook.ingress.labels }} - {{- toYaml .Values.applicationSet.webhook.ingress.labels | nindent 4 }} + {{- with .Values.applicationSet.webhook.ingress.labels }} + {{- toYaml . | nindent 4 }} + {{- end }} + {{- with .Values.applicationSet.webhook.ingress.annotations }} + annotations: + {{- range $key, $value := . }} + {{ $key }}: {{ $value | quote }} {{- end }} + {{- end }} spec: - {{- if eq (include "argo-cd.apiVersion.ingress" $) "networking.k8s.io/v1" }} {{- with .Values.applicationSet.webhook.ingress.ingressClassName }} ingressClassName: {{ . }} {{- end }} - {{- end }} rules: {{- if .Values.applicationSet.webhook.ingress.hosts }} {{- range $host := .Values.applicationSet.webhook.ingress.hosts }} - host: {{ $host }} http: paths: - {{- if $extraPaths }} - {{- toYaml $extraPaths | nindent 10 }} + {{- with $extraPaths }} + {{- toYaml . | nindent 10 }} {{- end }} {{- range $p := $paths }} - path: {{ $p }} - {{- if eq (include "argo-cd.apiVersion.ingress" $) "networking.k8s.io/v1" }} pathType: {{ $pathType }} - {{- end }} backend: - {{- if eq (include "argo-cd.apiVersion.ingress" $) "networking.k8s.io/v1" }} service: - name: {{ $serviceName }} + name: {{ include "argo-cd.applicationSet.fullname" $ }} port: {{- if kindIs "float64" $servicePort }} number: {{ $servicePort }} {{- else }} name: {{ $servicePort }} {{- end }} - {{- else }} - serviceName: {{ $serviceName }} - servicePort: {{ $servicePort }} - {{- end }} {{- end -}} {{- end -}} {{- else }} - http: paths: - {{- if $extraPaths }} - {{- toYaml $extraPaths | nindent 10 }} + {{- with $extraPaths }} + {{- toYaml . | nindent 10 }} {{- end }} {{- range $p := $paths }} - path: {{ $p }} - {{- if eq (include "argo-cd.apiVersion.ingress" $) "networking.k8s.io/v1" }} pathType: {{ $pathType }} - {{- end }} backend: - {{- if eq (include "argo-cd.apiVersion.ingress" $) "networking.k8s.io/v1" }} service: - name: {{ $serviceName }} + name: {{ include "argo-cd.applicationSet.fullname" $ }} port: {{- if kindIs "float64" $servicePort }} number: {{ $servicePort }} {{- else }} name: {{ $servicePort }} {{- end }} - {{- else }} - serviceName: {{ $serviceName }} - servicePort: {{ $servicePort }} - {{- end }} {{- end -}} {{- end -}} - {{- if .Values.applicationSet.webhook.ingress.tls }} + {{- with .Values.applicationSet.webhook.ingress.tls }} tls: - {{- toYaml .Values.applicationSet.webhook.ingress.tls | nindent 4 }} + {{- toYaml . | nindent 4 }} {{- end -}} {{- end -}} diff --git a/charts/argo-cd/templates/argocd-server/ingress-grpc.yaml b/charts/argo-cd/templates/argocd-server/ingress-grpc.yaml index 543040075..b728a11ba 100644 --- a/charts/argo-cd/templates/argocd-server/ingress-grpc.yaml +++ b/charts/argo-cd/templates/argocd-server/ingress-grpc.yaml @@ -1,89 +1,72 @@ {{- if and .Values.server.ingressGrpc.enabled (not .Values.server.ingressGrpc.isAWSALB) -}} -{{- $serviceName := include "argo-cd.server.fullname" . -}} {{- $servicePort := ternary .Values.server.service.servicePortHttps .Values.server.service.servicePortHttp .Values.server.ingressGrpc.https -}} {{- $paths := .Values.server.ingressGrpc.paths -}} {{- $extraPaths := .Values.server.ingressGrpc.extraPaths -}} {{- $pathType := .Values.server.ingressGrpc.pathType -}} -apiVersion: {{ include "argo-cd.apiVersion.ingress" . }} +apiVersion: networking.k8s.io/v1 kind: Ingress metadata: -{{- if .Values.server.ingressGrpc.annotations }} - annotations: - {{- range $key, $value := .Values.server.ingressGrpc.annotations }} - {{ $key }}: {{ $value | quote }} - {{- end }} -{{- end }} - name: {{ template "argo-cd.server.fullname" . }}-grpc + name: {{ include "argo-cd.server.fullname" . }}-grpc labels: {{- include "argo-cd.labels" (dict "context" . "component" .Values.server.name "name" .Values.server.name) | nindent 4 }} - {{- if .Values.server.ingressGrpc.labels }} - {{- toYaml .Values.server.ingressGrpc.labels | nindent 4 }} + {{- with .Values.server.ingressGrpc.labels }} + {{- toYaml . | nindent 4 }} + {{- end }} + {{- with .Values.server.ingressGrpc.annotations }} + annotations: + {{- range $key, $value := . }} + {{ $key }}: {{ $value | quote }} {{- end }} + {{- end }} spec: - {{- if eq (include "argo-cd.apiVersion.ingress" $) "networking.k8s.io/v1" }} {{- with .Values.server.ingressGrpc.ingressClassName }} ingressClassName: {{ . }} {{- end }} - {{- end }} rules: {{- if .Values.server.ingressGrpc.hosts }} {{- range $host := .Values.server.ingressGrpc.hosts }} - host: {{ $host }} http: paths: - {{- if $extraPaths }} - {{- toYaml $extraPaths | nindent 10 }} - {{- end -}} + {{- with $extraPaths }} + {{- toYaml . | nindent 10 }} + {{- end }} {{- range $p := $paths }} - path: {{ $p }} - {{- if eq (include "argo-cd.apiVersion.ingress" $) "networking.k8s.io/v1" }} pathType: {{ $pathType }} - {{- end }} backend: - {{- if eq (include "argo-cd.apiVersion.ingress" $) "networking.k8s.io/v1" }} service: - name: {{ $serviceName }} + name: {{ include "argo-cd.server.fullname" $ }} port: {{- if kindIs "float64" $servicePort }} number: {{ $servicePort }} {{- else }} name: {{ $servicePort }} {{- end }} - {{- else }} - serviceName: {{ $serviceName }} - servicePort: {{ $servicePort }} - {{- end }} {{- end -}} {{- end -}} {{- else }} - http: paths: - {{- if $extraPaths }} - {{- toYaml $extraPaths | nindent 10 }} - {{- end -}} + {{- with $extraPaths }} + {{- toYaml . | nindent 10 }} + {{- end }} {{- range $p := $paths }} - path: {{ $p }} - {{- if eq (include "argo-cd.apiVersion.ingress" $) "networking.k8s.io/v1" }} pathType: {{ $pathType }} - {{- end }} backend: - {{- if eq (include "argo-cd.apiVersion.ingress" $) "networking.k8s.io/v1" }} service: - name: {{ $serviceName }} + name: {{ include "argo-cd.server.fullname" $ }} port: {{- if kindIs "float64" $servicePort }} number: {{ $servicePort }} {{- else }} name: {{ $servicePort }} {{- end }} - {{- else }} - serviceName: {{ $serviceName }} - servicePort: {{ $servicePort }} - {{- end }} {{- end -}} {{- end -}} - {{- if .Values.server.ingressGrpc.tls }} + {{- with .Values.server.ingressGrpc.tls }} tls: - {{- toYaml .Values.server.ingressGrpc.tls | nindent 4 }} + {{- toYaml . | nindent 4 }} {{- end -}} {{- end -}} diff --git a/charts/argo-cd/templates/argocd-server/ingress.yaml b/charts/argo-cd/templates/argocd-server/ingress.yaml index aeb60d242..52269d0a1 100644 --- a/charts/argo-cd/templates/argocd-server/ingress.yaml +++ b/charts/argo-cd/templates/argocd-server/ingress.yaml @@ -1,51 +1,45 @@ {{- if .Values.server.ingress.enabled -}} -{{- $serviceName := include "argo-cd.server.fullname" . -}} {{- $servicePort := ternary .Values.server.service.servicePortHttps .Values.server.service.servicePortHttp .Values.server.ingress.https -}} {{- $paths := .Values.server.ingress.paths -}} {{- $extraPaths := .Values.server.ingress.extraPaths -}} {{- $pathType := .Values.server.ingress.pathType -}} -apiVersion: {{ include "argo-cd.apiVersion.ingress" . }} +apiVersion: networking.k8s.io/v1 kind: Ingress metadata: -{{- if .Values.server.ingress.annotations }} + name: {{ include "argo-cd.server.fullname" . }} + labels: + {{- include "argo-cd.labels" (dict "context" . "component" .Values.server.name "name" .Values.server.name) | nindent 4 }} + {{- with .Values.server.ingress.labels }} + {{- toYaml . | nindent 4 }} + {{- end }} + {{- if .Values.server.ingress.annotations }} annotations: - {{- range $key, $value := .Values.server.ingress.annotations }} + {{- range $key, $value := .Values.server.ingress.annotations }} {{ $key }}: {{ $value | quote }} - {{- end }} - {{- if and .Values.server.ingressGrpc.isAWSALB .Values.server.ingressGrpc.enabled }} + {{- end }} + {{- if and .Values.server.ingressGrpc.isAWSALB .Values.server.ingressGrpc.enabled }} alb.ingress.kubernetes.io/conditions.{{ template "argo-cd.server.fullname" . }}-grpc: | [{"field":"http-header","httpHeaderConfig":{"httpHeaderName": "Content-Type", "values":["application/grpc"]}}] - {{- end }} -{{- end }} - name: {{ template "argo-cd.server.fullname" . }} - labels: - {{- include "argo-cd.labels" (dict "context" . "component" .Values.server.name "name" .Values.server.name) | nindent 4 }} - {{- if .Values.server.ingress.labels }} - {{- toYaml .Values.server.ingress.labels | nindent 4 }} {{- end }} + {{- end }} spec: - {{- if eq (include "argo-cd.apiVersion.ingress" $) "networking.k8s.io/v1" }} {{- with .Values.server.ingress.ingressClassName }} ingressClassName: {{ . }} {{- end }} - {{- end }} rules: {{- if .Values.server.ingress.hosts }} {{- range $host := .Values.server.ingress.hosts }} - host: {{ $host }} http: paths: - {{- if $extraPaths }} - {{- toYaml $extraPaths | nindent 10 }} + {{- with $extraPaths }} + {{- toYaml . | nindent 10 }} {{- end }} {{- range $p := $paths }} {{- if and $.Values.server.ingressGrpc.isAWSALB $.Values.server.ingressGrpc.enabled }} - path: {{ $p }} - {{- if eq (include "argo-cd.apiVersion.ingress" $) "networking.k8s.io/v1" }} pathType: Prefix - {{- end }} backend: - {{- if eq (include "argo-cd.apiVersion.ingress" $) "networking.k8s.io/v1" }} service: name: {{ template "argo-cd.server.fullname" $ }}-grpc port: @@ -54,60 +48,42 @@ spec: {{- else }} name: {{ $servicePort }} {{- end }} - {{- else }} - serviceName: {{ template "argo-cd.server.fullname" $ }}-grpc - servicePort: {{ $servicePort }} - {{- end }} {{- end }} - path: {{ $p }} - {{- if eq (include "argo-cd.apiVersion.ingress" $) "networking.k8s.io/v1" }} pathType: {{ $pathType }} - {{- end }} backend: - {{- if eq (include "argo-cd.apiVersion.ingress" $) "networking.k8s.io/v1" }} service: - name: {{ $serviceName }} + name: {{ include "argo-cd.server.fullname" $ }} port: {{- if kindIs "float64" $servicePort }} number: {{ $servicePort }} {{- else }} name: {{ $servicePort }} {{- end }} - {{- else }} - serviceName: {{ $serviceName }} - servicePort: {{ $servicePort }} - {{- end }} {{- end -}} {{- end -}} {{- else }} - http: paths: - {{- if $extraPaths }} - {{- toYaml $extraPaths | nindent 10 }} + {{- with $extraPaths }} + {{- toYaml . | nindent 10 }} {{- end }} {{- range $p := $paths }} - path: {{ $p }} - {{- if eq (include "argo-cd.apiVersion.ingress" $) "networking.k8s.io/v1" }} pathType: {{ $pathType }} - {{- end }} backend: - {{- if eq (include "argo-cd.apiVersion.ingress" $) "networking.k8s.io/v1" }} service: - name: {{ $serviceName }} + name: {{ include "argo-cd.server.fullname" $ }} port: {{- if kindIs "float64" $servicePort }} number: {{ $servicePort }} {{- else }} name: {{ $servicePort }} {{- end }} - {{- else }} - serviceName: {{ $serviceName }} - servicePort: {{ $servicePort }} - {{- end }} {{- end -}} {{- end -}} - {{- if .Values.server.ingress.tls }} + {{- with .Values.server.ingress.tls }} tls: - {{- toYaml .Values.server.ingress.tls | nindent 4 }} + {{- toYaml . | nindent 4 }} {{- end -}} {{- end -}} diff --git a/charts/argo-cd/values.yaml b/charts/argo-cd/values.yaml index 063f215b6..8228f29e2 100755 --- a/charts/argo-cd/values.yaml +++ b/charts/argo-cd/values.yaml @@ -18,8 +18,6 @@ apiVersionOverrides: cloudgoogle: "" # cloud.google.com/v1 # -- String to override apiVersion of autoscaling rendered by this helm chart autoscaling: "" # autoscaling/v2 - # -- String to override apiVersion of ingresses rendered by this helm chart - ingress: "" # networking.k8s.io/v1beta1 # -- Create clusterroles that extend existing clusterroles to interact with argo-cd crds ## Ref: https://kubernetes.io/docs/reference/access-authn-authz/rbac/#aggregated-clusterroles @@ -1590,8 +1588,7 @@ server: ## Argo Ingress. ## Hostnames must be provided if Ingress is enabled. ## Secrets must be manually created in the namespace - hosts: - [] + hosts: [] # - argocd.example.com # -- List of ingress paths @@ -1600,13 +1597,7 @@ server: # -- Ingress path type. One of `Exact`, `Prefix` or `ImplementationSpecific` pathType: Prefix # -- Additional ingress paths - extraPaths: - [] - # - path: /* - # backend: - # serviceName: ssl-redirect - # servicePort: use-annotation - ## for Kubernetes >=1.19 (when "networking.k8s.io/v1" is used) + extraPaths: [] # - path: /* # pathType: Prefix # backend: @@ -1616,8 +1607,7 @@ server: # name: use-annotation # -- Ingress TLS configuration - tls: - [] + tls: [] # - secretName: your-certificate-name # hosts: # - argocd.example.com @@ -1656,8 +1646,7 @@ server: ## Hostnames must be provided if Ingress is enabled. ## Secrets must be manually created in the namespace ## - hosts: - [] + hosts: [] # - argocd.example.com # -- List of ingress paths for dedicated [gRPC-ingress] @@ -1666,13 +1655,7 @@ server: # -- Ingress path type for dedicated [gRPC-ingress]. One of `Exact`, `Prefix` or `ImplementationSpecific` pathType: Prefix # -- Additional ingress paths for dedicated [gRPC-ingress] - extraPaths: - [] - # - path: /* - # backend: - # serviceName: ssl-redirect - # servicePort: use-annotation - ## for Kubernetes >=1.19 (when "networking.k8s.io/v1" is used) + extraPaths: [] # - path: /* # pathType: Prefix # backend: @@ -1682,8 +1665,7 @@ server: # name: use-annotation # -- Ingress TLS configuration for dedicated [gRPC-ingress] - tls: - [] + tls: [] # - secretName: your-certificate-name # hosts: # - argocd.example.com From 10e3af1bcfea41c12e6894400e8f098a98f45c1c Mon Sep 17 00:00:00 2001 From: Aikawa Date: Fri, 30 Dec 2022 01:31:39 +0900 Subject: [PATCH 020/356] chore(argo-workflows): Remove legacy API versions for PDBs (#1741) Signed-off-by: yu-croco Co-authored-by: Petr Drastil --- charts/argo-workflows/Chart.yaml | 4 ++-- charts/argo-workflows/templates/_helpers.tpl | 11 ----------- .../workflow-controller-deployment-pdb.yaml | 2 +- .../templates/server/server-deployment-pdb.yaml | 2 +- 4 files changed, 4 insertions(+), 15 deletions(-) diff --git a/charts/argo-workflows/Chart.yaml b/charts/argo-workflows/Chart.yaml index c775ebc51..32108003c 100644 --- a/charts/argo-workflows/Chart.yaml +++ b/charts/argo-workflows/Chart.yaml @@ -3,7 +3,7 @@ appVersion: v3.4.4 name: argo-workflows description: A Helm chart for Argo Workflows type: application -version: 0.22.4 +version: 0.22.5 icon: https://raw.githubusercontent.com/argoproj/argo-workflows/master/docs/assets/argo.png home: https://github.com/argoproj/argo-helm sources: @@ -13,4 +13,4 @@ maintainers: url: https://argoproj.github.io/ annotations: artifacthub.io/changes: | - - "[Added]: Changelog link on README" + - "[Removed]: legacy API versions for PDBs" diff --git a/charts/argo-workflows/templates/_helpers.tpl b/charts/argo-workflows/templates/_helpers.tpl index a3ce89349..057ed5f9c 100644 --- a/charts/argo-workflows/templates/_helpers.tpl +++ b/charts/argo-workflows/templates/_helpers.tpl @@ -129,17 +129,6 @@ Return the appropriate apiVersion for ingress {{- end -}} {{- end -}} -{{/* -Return the appropriate apiVersion for pod disruption budget -*/}} -{{- define "argo-workflows.podDisruptionBudget.apiVersion" -}} -{{- if semverCompare "<1.21-0" (include "argo-workflows.kubeVersion" $) -}} -{{- print "policy/v1beta1" -}} -{{- else -}} -{{- print "policy/v1" -}} -{{- end -}} -{{- end -}} - {{/* Return the target Kubernetes version */}} diff --git a/charts/argo-workflows/templates/controller/workflow-controller-deployment-pdb.yaml b/charts/argo-workflows/templates/controller/workflow-controller-deployment-pdb.yaml index deef3de14..4e7545c73 100644 --- a/charts/argo-workflows/templates/controller/workflow-controller-deployment-pdb.yaml +++ b/charts/argo-workflows/templates/controller/workflow-controller-deployment-pdb.yaml @@ -1,5 +1,5 @@ {{- if .Values.controller.pdb.enabled }} -apiVersion: {{ include "argo-workflows.podDisruptionBudget.apiVersion" . }} +apiVersion: policy/v1 kind: PodDisruptionBudget metadata: name: {{ template "argo-workflows.controller.fullname" . }} diff --git a/charts/argo-workflows/templates/server/server-deployment-pdb.yaml b/charts/argo-workflows/templates/server/server-deployment-pdb.yaml index 47be0dd16..d92a40830 100644 --- a/charts/argo-workflows/templates/server/server-deployment-pdb.yaml +++ b/charts/argo-workflows/templates/server/server-deployment-pdb.yaml @@ -1,5 +1,5 @@ {{- if and .Values.server.enabled .Values.server.pdb.enabled -}} -apiVersion: {{ include "argo-workflows.podDisruptionBudget.apiVersion" . }} +apiVersion: policy/v1 kind: PodDisruptionBudget metadata: name: {{ template "argo-workflows.server.fullname" . }} From daba66b68c69d37db2fe878f9df4a902978ff479 Mon Sep 17 00:00:00 2001 From: Ramin A Date: Thu, 29 Dec 2022 09:55:31 -0800 Subject: [PATCH 021/356] fix(argo-events): Added missing NATS version in values.yaml (#1735) Signed-off-by: Ramin Akhbari Co-authored-by: Petr Drastil --- charts/argo-events/Chart.yaml | 4 ++-- charts/argo-events/README.md | 2 +- charts/argo-events/values.yaml | 4 ++++ 3 files changed, 7 insertions(+), 3 deletions(-) diff --git a/charts/argo-events/Chart.yaml b/charts/argo-events/Chart.yaml index 91b748004..ece10ef88 100644 --- a/charts/argo-events/Chart.yaml +++ b/charts/argo-events/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v2 appVersion: v1.7.4 description: A Helm chart for Argo Events, the event-driven workflow automation framework name: argo-events -version: 2.0.10 +version: 2.0.11 home: https://github.com/argoproj/argo-helm icon: https://argoproj.github.io/argo-events/assets/logo.png keywords: @@ -15,4 +15,4 @@ maintainers: url: https://argoproj.github.io/ annotations: artifacthub.io/changes: | - - "[Changed]: Upgrade Argo events controller to v1.7.4" + - "[Fixed]: Added missing NATS version in values.yaml" diff --git a/charts/argo-events/README.md b/charts/argo-events/README.md index 30f26f30c..39b46bf55 100644 --- a/charts/argo-events/README.md +++ b/charts/argo-events/README.md @@ -57,7 +57,7 @@ done | configs.jetstream.versions[0].natsImage | string | `"nats:latest"` | | | configs.jetstream.versions[0].startCommand | string | `"/nats-server"` | | | configs.jetstream.versions[0].version | string | `"latest"` | | -| configs.nats.versions | list | `[{"metricsExporterImage":"natsio/prometheus-nats-exporter:latest","natsStreamingImage":"nats-streaming:latest","version":"latest"}]` | Supported versions of NATS event bus | +| configs.nats.versions | list | See [values.yaml] | Supported versions of NATS event bus | | crds.annotations | object | `{}` | Annotations to be added to all CRDs | | crds.install | bool | `true` | Install and upgrade CRDs | | crds.keep | bool | `true` | Keep CRDs on chart uninstall | diff --git a/charts/argo-events/values.yaml b/charts/argo-events/values.yaml index 094a3638b..c24368512 100644 --- a/charts/argo-events/values.yaml +++ b/charts/argo-events/values.yaml @@ -62,10 +62,14 @@ configs: ## NATS event bus nats: # -- Supported versions of NATS event bus + # @default -- See [values.yaml] versions: - version: latest natsStreamingImage: nats-streaming:latest metricsExporterImage: natsio/prometheus-nats-exporter:latest + - version: 0.22.1 + natsStreamingImage: nats-streaming:0.22.1 + metricsExporterImage: natsio/prometheus-nats-exporter:0.8.0 ## JetStream event bus jetstream: From 5bd70fbd24f7303c58e388370144a5cb8f64964d Mon Sep 17 00:00:00 2001 From: huiwq1990 Date: Fri, 30 Dec 2022 13:20:47 +0800 Subject: [PATCH 022/356] feat(argo-workflows): add envFrom for main container (#1736) Signed-off-by: huiwq1990 Signed-off-by: huiwq1990 --- charts/argo-workflows/Chart.yaml | 4 ++-- charts/argo-workflows/README.md | 1 + .../templates/controller/workflow-controller-config-map.yaml | 5 ++++- charts/argo-workflows/values.yaml | 2 ++ 4 files changed, 9 insertions(+), 3 deletions(-) diff --git a/charts/argo-workflows/Chart.yaml b/charts/argo-workflows/Chart.yaml index 32108003c..c317d0539 100644 --- a/charts/argo-workflows/Chart.yaml +++ b/charts/argo-workflows/Chart.yaml @@ -3,7 +3,7 @@ appVersion: v3.4.4 name: argo-workflows description: A Helm chart for Argo Workflows type: application -version: 0.22.5 +version: 0.22.6 icon: https://raw.githubusercontent.com/argoproj/argo-workflows/master/docs/assets/argo.png home: https://github.com/argoproj/argo-helm sources: @@ -13,4 +13,4 @@ maintainers: url: https://argoproj.github.io/ annotations: artifacthub.io/changes: | - - "[Removed]: legacy API versions for PDBs" + - "[Added]: Suuport envFrom for main container" diff --git a/charts/argo-workflows/README.md b/charts/argo-workflows/README.md index 4c172f297..42a1e51c8 100644 --- a/charts/argo-workflows/README.md +++ b/charts/argo-workflows/README.md @@ -153,6 +153,7 @@ Fields to note: | Key | Type | Default | Description | |-----|------|---------|-------------| | mainContainer.env | list | `[]` | Adds environment variables for the Workflow main container | +| mainContainer.envFrom | list | `[]` | Adds reference environment variables for the Workflow main container | | mainContainer.imagePullPolicy | string | `""` | imagePullPolicy to apply to Workflow main container. Defaults to `.Values.images.pullPolicy`. | | mainContainer.resources | object | `{}` | Resource limits and requests for the Workflow main container | | mainContainer.securityContext | object | `{}` | sets security context for the Workflow main container | diff --git a/charts/argo-workflows/templates/controller/workflow-controller-config-map.yaml b/charts/argo-workflows/templates/controller/workflow-controller-config-map.yaml index ea4660e0c..1193163af 100644 --- a/charts/argo-workflows/templates/controller/workflow-controller-config-map.yaml +++ b/charts/argo-workflows/templates/controller/workflow-controller-config-map.yaml @@ -25,7 +25,7 @@ data: {{- with .Values.controller.initialDelay }} initialDelay: {{ . }} {{- end }} - {{- if or .Values.mainContainer.resources .Values.mainContainer.env .Values.mainContainer.securityContext}} + {{- if or .Values.mainContainer.resources .Values.mainContainer.env .Values.mainContainer.envFrom .Values.mainContainer.securityContext}} mainContainer: imagePullPolicy: {{ default (.Values.images.pullPolicy) .Values.mainContainer.imagePullPolicy }} {{- with .Values.mainContainer.resources }} @@ -34,6 +34,9 @@ data: {{- with .Values.mainContainer.env }} env: {{- toYaml . | nindent 8 }} {{- end }} + {{- with .Values.mainContainer.envFrom }} + envFrom: {{- toYaml . | nindent 8 }} + {{- end }} {{- with .Values.mainContainer.securityContext }} securityContext: {{- toYaml . | nindent 8 }} {{- end }} diff --git a/charts/argo-workflows/values.yaml b/charts/argo-workflows/values.yaml index 3f643906a..034c662af 100644 --- a/charts/argo-workflows/values.yaml +++ b/charts/argo-workflows/values.yaml @@ -324,6 +324,8 @@ mainContainer: resources: {} # -- Adds environment variables for the Workflow main container env: [] + # -- Adds reference environment variables for the Workflow main container + envFrom: [] # -- sets security context for the Workflow main container securityContext: {} From 4b8703db7571b4131262640be1e0fa3efbfcffb6 Mon Sep 17 00:00:00 2001 From: Aikawa Date: Tue, 3 Jan 2023 10:46:01 +0900 Subject: [PATCH 023/356] chore(argo-workflows): Support podGCDeleteDelayDuration and podGCGracePeriodSeconds (#1728) Signed-off-by: yu-croco --- charts/argo-workflows/Chart.yaml | 4 ++-- charts/argo-workflows/README.md | 2 ++ .../controller/workflow-controller-config-map.yaml | 6 ++++++ charts/argo-workflows/values.yaml | 8 ++++++++ 4 files changed, 18 insertions(+), 2 deletions(-) diff --git a/charts/argo-workflows/Chart.yaml b/charts/argo-workflows/Chart.yaml index c317d0539..61c78e11b 100644 --- a/charts/argo-workflows/Chart.yaml +++ b/charts/argo-workflows/Chart.yaml @@ -3,7 +3,7 @@ appVersion: v3.4.4 name: argo-workflows description: A Helm chart for Argo Workflows type: application -version: 0.22.6 +version: 0.22.7 icon: https://raw.githubusercontent.com/argoproj/argo-workflows/master/docs/assets/argo.png home: https://github.com/argoproj/argo-helm sources: @@ -13,4 +13,4 @@ maintainers: url: https://argoproj.github.io/ annotations: artifacthub.io/changes: | - - "[Added]: Suuport envFrom for main container" + - "[Added]: Support podGCDeleteDelayDuration and podGCGracePeriodSeconds" diff --git a/charts/argo-workflows/README.md b/charts/argo-workflows/README.md index 42a1e51c8..19bc0ee21 100644 --- a/charts/argo-workflows/README.md +++ b/charts/argo-workflows/README.md @@ -111,6 +111,8 @@ Fields to note: | controller.pdb.enabled | bool | `false` | Configure [Pod Disruption Budget] for the controller pods | | controller.persistence | object | `{}` | enable persistence using postgres | | controller.podAnnotations | object | `{}` | podAnnotations is an optional map of annotations to be applied to the controller Pods | +| controller.podGCDeleteDelayDuration | string | `5s` (Argo Workflows default) | The duration in seconds before the pods in the GC queue get deleted. A zero value indicates that the pods will be deleted immediately. | +| controller.podGCGracePeriodSeconds | string | `30` seconds (Kubernetes default) | Specifies the duration in seconds before a terminating pod is forcefully killed. A zero value indicates that the pod will be forcefully terminated immediately. | | controller.podLabels | object | `{}` | Optional labels to add to the controller pods | | controller.podSecurityContext | object | `{}` | SecurityContext to set on the controller pods | | controller.priorityClassName | string | `""` | Leverage a PriorityClass to ensure your pods survive resource shortages. | diff --git a/charts/argo-workflows/templates/controller/workflow-controller-config-map.yaml b/charts/argo-workflows/templates/controller/workflow-controller-config-map.yaml index 1193163af..125f48d37 100644 --- a/charts/argo-workflows/templates/controller/workflow-controller-config-map.yaml +++ b/charts/argo-workflows/templates/controller/workflow-controller-config-map.yaml @@ -181,3 +181,9 @@ data: {{- with .Values.controller.kubeConfig }} kubeConfig: {{- toYaml . | nindent 6 }} {{- end }} + {{- with .Values.controller.podGCGracePeriodSeconds }} + podGCGracePeriodSeconds: {{ . }} + {{- end }} + {{- with .Values.controller.podGCDeleteDelayDuration }} + podGCDeleteDelayDuration: {{ . }} + {{- end }} diff --git a/charts/argo-workflows/values.yaml b/charts/argo-workflows/values.yaml index 034c662af..bb102c8be 100644 --- a/charts/argo-workflows/values.yaml +++ b/charts/argo-workflows/values.yaml @@ -316,6 +316,14 @@ controller: # # volume name when mounting the secret, default to kubeconfig # volumeName: kube-config-volume + # -- Specifies the duration in seconds before a terminating pod is forcefully killed. A zero value indicates that the pod will be forcefully terminated immediately. + # @default -- `30` seconds (Kubernetes default) + podGCGracePeriodSeconds: + + # -- The duration in seconds before the pods in the GC queue get deleted. A zero value indicates that the pods will be deleted immediately. + # @default -- `5s` (Argo Workflows default) + podGCDeleteDelayDuration: "" + # mainContainer adds default config for main container that could be overriden in workflows template mainContainer: # -- imagePullPolicy to apply to Workflow main container. Defaults to `.Values.images.pullPolicy`. From 45861fadb78bc79456b97f636a5ab05bf1b8890a Mon Sep 17 00:00:00 2001 From: Petr Drastil Date: Wed, 4 Jan 2023 10:49:30 +0100 Subject: [PATCH 024/356] docs(argo-cd): Improve documentation for extra containers (#1747) Signed-off-by: Petr Drastil Signed-off-by: Petr Drastil --- charts/argo-cd/Chart.yaml | 6 +- charts/argo-cd/README.md | 2 +- charts/argo-cd/values.yaml | 725 +++++++++++++++++-------------------- 3 files changed, 343 insertions(+), 390 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index 4867e68c2..a3f338f0c 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -3,7 +3,7 @@ appVersion: v2.5.5 kubeVersion: ">=1.22.0-0" description: A Helm chart for Argo CD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 5.16.13 +version: 5.16.14 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png sources: @@ -23,4 +23,6 @@ dependencies: condition: redis-ha.enabled annotations: artifacthub.io/changes: | - - "[Removed]: Legacy API versions for Ingresses" + - "[Docs]: Added sample how to provide K8s credentials plugin" + - "[Docs]: Added sample how to provide Argo config management plugin" + - "[Docs]: Removed samples that injects tools into incorrect controllers" diff --git a/charts/argo-cd/README.md b/charts/argo-cd/README.md index 03d9e7f7d..f71184f36 100644 --- a/charts/argo-cd/README.md +++ b/charts/argo-cd/README.md @@ -639,7 +639,7 @@ NAME: my-release | server.envFrom | list | `[]` (See [values.yaml]) | envFrom to pass to Argo CD server | | server.extensions.containerSecurityContext | object | See [values.yaml] | Server UI extensions container-level security context | | server.extensions.enabled | bool | `false` | Enable support for Argo UI extensions | -| server.extensions.image.imagePullPolicy | string | `"IfNotPresent"` | Image pull policy for extensions | +| server.extensions.image.imagePullPolicy | string | `""` (defaults to global.image.imagePullPolicy) | Image pull policy for extensions | | server.extensions.image.repository | string | `"ghcr.io/argoproj-labs/argocd-extensions"` | Repository to use for extensions image | | server.extensions.image.tag | string | `"v0.1.0"` | Tag to use for extensions image | | server.extensions.resources | object | `{}` | Resource limits and requests for the argocd-extensions container | diff --git a/charts/argo-cd/values.yaml b/charts/argo-cd/values.yaml index 8228f29e2..010d7cbe0 100755 --- a/charts/argo-cd/values.yaml +++ b/charts/argo-cd/values.yaml @@ -520,14 +520,6 @@ controller: # # -- define the application controller `--repo-server-timeout-seconds` # repoServerTimeoutSeconds: "60" - # DEPRECATED - Use configs.params to override - # -- Application controller log format. Either `text` or `json` - # @default -- `""` (defaults to global.logging.format) - # logFormat: "" - # -- Application controller log level. One of: `debug`, `info`, `warn` or `error` - # @default -- `""` (defaults to global.logging.level) - # logLevel: "" - # -- Additional command line arguments to pass to application controller extraArgs: [] @@ -542,6 +534,35 @@ controller: # - secretRef: # name: secret-name + # -- Additional containers to be added to the application controller pod + extraContainers: [] + + # -- Init containers to add to the application controller pod + ## If your target Kubernetes cluster(s) require a custom credential (exec) plugin + ## you could use this (and the same in the server pod) to provide such executable + ## Ref: https://kubernetes.io/docs/reference/access-authn-authz/authentication/#client-go-credential-plugins + initContainers: [] + # - name: download-tools + # image: alpine:3 + # command: [sh, -c] + # args: + # - wget -qO kubelogin.zip https://github.com/Azure/kubelogin/releases/download/v0.0.25/kubelogin-linux-amd64.zip && + # unzip kubelogin.zip && mv bin/linux_amd64/kubelogin /custom-tools/ + # volumeMounts: + # - mountPath: /custom-tools + # name: custom-tools + + # -- Additional volumeMounts to the application controller main container + volumeMounts: [] + # - mountPath: /usr/local/bin/kubelogin + # name: custom-tools + # subPath: kubelogin + + # -- Additional volumes to the application controller pod + volumes: [] + # - name: custom-tools + # emptyDir: {} + # -- Annotations for the application controller StatefulSet statefulsetAnnotations: {} @@ -551,6 +572,15 @@ controller: # -- Labels to be added to application controller pods podLabels: {} + # -- Resource limits and requests for the application controller pods + resources: {} + # limits: + # cpu: 500m + # memory: 512Mi + # requests: + # cpu: 250m + # memory: 256Mi + # -- Application controller container-level security context # @default -- See [values.yaml] containerSecurityContext: @@ -580,12 +610,6 @@ controller: # -- Number of seconds after which the [probe] times out timeoutSeconds: 1 - # -- Additional volumeMounts to the application controller main container - volumeMounts: [] - - # -- Additional volumes to the application controller pod - volumes: [] - # -- [Node selector] nodeSelector: {} @@ -606,15 +630,6 @@ controller: # -- Priority class for the application controller pods priorityClassName: "" - # -- Resource limits and requests for the application controller pods - resources: {} - # limits: - # cpu: 500m - # memory: 512Mi - # requests: - # cpu: 250m - # memory: 256Mi - serviceAccount: # -- Create a service account for the application controller create: true @@ -716,28 +731,6 @@ controller: # -- List of custom rules for the application controller's ClusterRole resource rules: [] - # -- Additional containers to be added to the application controller pod - extraContainers: [] - - # -- Init containers to add to the application controller pod - ## If your target Kubernetes cluster(s) require a custom auth provider executable - ## you could use this (and the same in the server pod) to bootstrap - ## that executable into your Argo CD container - initContainers: [] - # - name: download-tools - # image: alpine:3.8 - # command: [sh, -c] - # args: - # - wget -qO- https://get.helm.sh/helm-v2.16.1-linux-amd64.tar.gz | tar -xvzf - && - # mv linux-amd64/helm /custom-tools/ - # volumeMounts: - # - mountPath: /custom-tools - # name: custom-tools - # volumeMounts: - # - mountPath: /usr/local/bin/helm - # name: custom-tools - # subPath: helm - ## Dex dex: # -- Enable dex @@ -835,6 +828,18 @@ dex: # - secretRef: # name: secret-name + # -- Additional containers to be added to the dex pod + extraContainers: [] + + # -- Init containers to add to the dex pod + initContainers: [] + + # -- Additional volumeMounts to the dex main container + volumeMounts: [] + + # -- Additional volumes to the dex pod + volumes: [] + # TLS certificate configuration via Secret ## Ref: https://argo-cd.readthedocs.io/en/stable/operator-manual/tls/#configuring-tls-to-argocd-dex-server ## Note: Issuing certificates via cert-manager in not supported right now because it's not possible to restart Dex automatically without extra controllers. @@ -861,6 +866,15 @@ dex: # -- Labels to be added to the Dex server pods podLabels: {} + # -- Resource limits and requests for dex + resources: {} + # limits: + # cpu: 50m + # memory: 64Mi + # requests: + # cpu: 10m + # memory: 32Mi + # -- Dex container-level security context # @default -- See [values.yaml] containerSecurityContext: @@ -912,12 +926,6 @@ dex: # -- Automount API credentials for the Service Account automountServiceAccountToken: true - # -- Additional volumeMounts to the dex main container - volumeMounts: [] - - # -- Additional volumes to the dex pod - volumes: [] - # -- Container port for HTTP access containerPortHttp: 5556 # -- Service port for HTTP access @@ -953,34 +961,6 @@ dex: # -- Priority class for dex priorityClassName: "" - # -- Resource limits and requests for dex - resources: {} - # limits: - # cpu: 50m - # memory: 64Mi - # requests: - # cpu: 10m - # memory: 32Mi - - # -- Additional containers to be added to the dex pod - extraContainers: [] - - # -- Init containers to add to the dex pod - initContainers: [] - # - name: download-tools - # image: alpine:3.8 - # command: [sh, -c] - # args: - # - wget -qO- https://get.helm.sh/helm-v2.16.1-linux-amd64.tar.gz | tar -xvzf - && - # mv linux-amd64/helm /custom-tools/ - # volumeMounts: - # - mountPath: /custom-tools - # name: custom-tools - # volumeMounts: - # - mountPath: /usr/local/bin/helm - # name: custom-tools - # subPath: helm - ## Redis redis: # -- Enable redis @@ -1022,11 +1002,6 @@ redis: # - --bind # - "0.0.0.0" - # -- Redis container port - containerPort: 6379 - # -- Redis service port - servicePort: 6379 - # -- Environment variables to pass to the Redis server env: [] @@ -1038,6 +1013,18 @@ redis: # - secretRef: # name: secret-name + # -- Additional containers to be added to the redis pod + extraContainers: [] + + # -- Init containers to add to the redis pod + initContainers: [] + + # -- Additional volumeMounts to the redis container + volumeMounts: [] + + # -- Additional volumes to the redis pod + volumes: [] + # -- Annotations to be added to the Redis server Deployment deploymentAnnotations: {} @@ -1047,6 +1034,15 @@ redis: # -- Labels to be added to the Redis server pods podLabels: {} + # -- Resource limits and requests for redis + resources: {} + # limits: + # cpu: 200m + # memory: 128Mi + # requests: + # cpu: 100m + # memory: 64Mi + # -- Redis pod-level security context # @default -- See [values.yaml] securityContext: @@ -1063,10 +1059,17 @@ redis: drop: - ALL + # -- Redis container port + containerPort: 6379 + # -- Redis service port + servicePort: 6379 + # -- [Node selector] nodeSelector: {} + # -- [Tolerations] for use with node taints tolerations: [] + # -- Assign custom [affinity] rules to the deployment affinity: {} @@ -1091,39 +1094,6 @@ redis: # -- Automount API credentials for the Service Account automountServiceAccountToken: false - # -- Resource limits and requests for redis - resources: {} - # limits: - # cpu: 200m - # memory: 128Mi - # requests: - # cpu: 100m - # memory: 64Mi - - # -- Additional volumeMounts to the redis container - volumeMounts: [] - # -- Additional volumes to the redis pod - volumes: [] - - # -- Additional containers to be added to the redis pod - extraContainers: [] - - # -- Init containers to add to the redis pod - initContainers: [] - # - name: download-tools - # image: alpine:3.8 - # command: [sh, -c] - # args: - # - wget -qO- https://get.helm.sh/helm-v2.16.1-linux-amd64.tar.gz | tar -xvzf - && - # mv linux-amd64/helm /custom-tools/ - # volumeMounts: - # - mountPath: /custom-tools - # name: custom-tools - # volumeMounts: - # - mountPath: /usr/local/bin/helm - # name: custom-tools - # subPath: helm - service: # -- Redis service annotations annotations: {} @@ -1200,7 +1170,6 @@ redis: # -- Prometheus ServiceMonitor annotations annotations: {} - # This key configures Redis-HA subchart and when enabled (redis-ha.enabled=true) # the custom redis deployment is omitted # Check the redis-ha chart for more properties @@ -1347,13 +1316,93 @@ server: # -- Specify postStart and preStop lifecycle hooks for your argo-cd-server container lifecycle: {} - # DEPRECATED - Use configs.params to override - # -- Argo CD server log format: Either `text` or `json` - # @default -- `""` (defaults to global.logging.format) - # logFormat: "" - # -- Argo CD server log level. One of: `debug`, `info`, `warn` or `error` - # @default -- `""` (defaults to global.logging.level) - # logLevel: "" + ## Argo UI extensions + ## This function in tech preview stage, do expect unstability or breaking changes in newer versions. + ## Ref: https://github.com/argoproj-labs/argocd-extensions + extensions: + # -- Enable support for Argo UI extensions + enabled: false + + ## Argo UI extensions image + image: + # -- Repository to use for extensions image + repository: "ghcr.io/argoproj-labs/argocd-extensions" + # -- Tag to use for extensions image + tag: "v0.1.0" + # -- Image pull policy for extensions + # @default -- `""` (defaults to global.image.imagePullPolicy) + imagePullPolicy: "" + + # -- Server UI extensions container-level security context + # @default -- See [values.yaml] + containerSecurityContext: + runAsNonRoot: true + readOnlyRootFilesystem: true + allowPrivilegeEscalation: false + seccompProfile: + type: RuntimeDefault + capabilities: + drop: + - ALL + + # -- Resource limits and requests for the argocd-extensions container + resources: {} + # limits: + # cpu: 50m + # memory: 128Mi + # requests: + # cpu: 10m + # memory: 64Mi + + # -- Additional containers to be added to the server pod + ## See https://github.com/lemonldap-ng-controller/lemonldap-ng-controller as example. + extraContainers: [] + # - name: my-sidecar + # image: nginx:latest + # - name: lemonldap-ng-controller + # image: lemonldapng/lemonldap-ng-controller:0.2.0 + # args: + # - /lemonldap-ng-controller + # - --alsologtostderr + # - --configmap=$(POD_NAMESPACE)/lemonldap-ng-configuration + # env: + # - name: POD_NAME + # valueFrom: + # fieldRef: + # fieldPath: metadata.name + # - name: POD_NAMESPACE + # valueFrom: + # fieldRef: + # fieldPath: metadata.namespace + # volumeMounts: + # - name: copy-portal-skins + # mountPath: /srv/var/lib/lemonldap-ng/portal/skins + + # -- Init containers to add to the server pod + ## If your target Kubernetes cluster(s) require a custom credential (exec) plugin + ## you could use this (and the same in the application controller pod) to provide such executable + ## Ref: https://kubernetes.io/docs/reference/access-authn-authz/authentication/#client-go-credential-plugins + initContainers: [] + # - name: download-tools + # image: alpine:3 + # command: [sh, -c] + # args: + # - wget -qO kubelogin.zip https://github.com/Azure/kubelogin/releases/download/v0.0.25/kubelogin-linux-amd64.zip && + # unzip kubelogin.zip && mv bin/linux_amd64/kubelogin /custom-tools/ + # volumeMounts: + # - mountPath: /custom-tools + # name: custom-tools + + # -- Additional volumeMounts to the server main container + volumeMounts: [] + # - mountPath: /usr/local/bin/kubelogin + # name: custom-tools + # subPath: kubelogin + + # -- Additional volumes to the server pod + volumes: [] + # - name: custom-tools + # emptyDir: {} # -- Annotations to be added to server Deployment deploymentAnnotations: {} @@ -1364,6 +1413,15 @@ server: # -- Labels to be added to server pods podLabels: {} + # -- Resource limits and requests for the Argo CD server + resources: {} + # limits: + # cpu: 100m + # memory: 128Mi + # requests: + # cpu: 50m + # memory: 64Mi + # -- Configures the server port containerPort: 8080 @@ -1392,12 +1450,6 @@ server: # -- Number of seconds after which the [probe] times out timeoutSeconds: 1 - # -- Additional volumeMounts to the server main container - volumeMounts: [] - - # -- Additional volumes to the server pod - volumes: [] - # -- [Node selector] nodeSelector: {} # -- [Tolerations] for use with node taints @@ -1428,15 +1480,6 @@ server: drop: - ALL - # -- Resource limits and requests for the Argo CD server - resources: {} - # limits: - # cpu: 100m - # memory: 128Mi - # requests: - # cpu: 50m - # memory: 64Mi - # TLS certificate configuration via cert-manager ## Ref: https://argo-cd.readthedocs.io/en/stable/operator-manual/tls/#tls-certificates-used-by-argocd-server certificate: @@ -1700,112 +1743,32 @@ server: enabled: false # -- [BackendConfigSpec] spec: {} - # spec: - # iap: - # enabled: true - # oauthclientCredentials: - # secretName: argocd-secret - - ## Create a Google Managed Certificate for use with the GKE Ingress Controller - ## https://cloud.google.com/kubernetes-engine/docs/how-to/managed-certs - GKEmanagedCertificate: - # -- Enable ManagedCertificate custom resource for Google Kubernetes Engine. - enabled: false - # -- Domains for the Google Managed Certificate - domains: - - argocd.example.com - - ## Create a Google FrontendConfig Custom Resource, for use with the GKE Ingress Controller - ## https://cloud.google.com/kubernetes-engine/docs/how-to/ingress-features#configuring_ingress_features_through_frontendconfig_parameters - GKEfrontendConfig: - # -- Enable FrontConfig custom resource for Google Kubernetes Engine - enabled: false - # -- [FrontendConfigSpec] - spec: {} - # spec: - # redirectToHttps: - # enabled: true - # responseCodeName: RESPONSE_CODE - - # -- Additional containers to be added to the server pod - ## See https://github.com/lemonldap-ng-controller/lemonldap-ng-controller as example. - extraContainers: [] - # - name: my-sidecar - # image: nginx:latest - # - name: lemonldap-ng-controller - # image: lemonldapng/lemonldap-ng-controller:0.2.0 - # args: - # - /lemonldap-ng-controller - # - --alsologtostderr - # - --configmap=$(POD_NAMESPACE)/lemonldap-ng-configuration - # env: - # - name: POD_NAME - # valueFrom: - # fieldRef: - # fieldPath: metadata.name - # - name: POD_NAMESPACE - # valueFrom: - # fieldRef: - # fieldPath: metadata.namespace - # volumeMounts: - # - name: copy-portal-skins - # mountPath: /srv/var/lib/lemonldap-ng/portal/skins - - # -- Init containers to add to the server pod - ## If your target Kubernetes cluster(s) require a custom auth provider executable - ## you could use this (and the same in the application controller pod) to bootstrap - ## that executable into your Argo CD container - initContainers: [] - # - name: download-tools - # image: alpine:3.8 - # command: [sh, -c] - # args: - # - wget -qO- https://get.helm.sh/helm-v2.16.1-linux-amd64.tar.gz | tar -xvzf - && - # mv linux-amd64/helm /custom-tools/ - # volumeMounts: - # - mountPath: /custom-tools - # name: custom-tools - # volumeMounts: - # - mountPath: /usr/local/bin/helm - # name: custom-tools - # subPath: helm - - ## Argo UI extensions - ## This function in tech preview stage, do expect unstability or breaking changes in newer versions. - ## Ref: https://github.com/argoproj-labs/argocd-extensions - extensions: - # -- Enable support for Argo UI extensions - enabled: false - - ## Argo UI extensions image - image: - # -- Repository to use for extensions image - repository: "ghcr.io/argoproj-labs/argocd-extensions" - # -- Tag to use for extensions image - tag: "v0.1.0" - # -- Image pull policy for extensions - imagePullPolicy: IfNotPresent - - # -- Server UI extensions container-level security context - # @default -- See [values.yaml] - containerSecurityContext: - runAsNonRoot: true - readOnlyRootFilesystem: true - allowPrivilegeEscalation: false - seccompProfile: - type: RuntimeDefault - capabilities: - drop: - - ALL + # spec: + # iap: + # enabled: true + # oauthclientCredentials: + # secretName: argocd-secret - # -- Resource limits and requests for the argocd-extensions container - resources: {} - # limits: - # cpu: 50m - # memory: 128Mi - # requests: - # cpu: 10m - # memory: 64Mi + ## Create a Google Managed Certificate for use with the GKE Ingress Controller + ## https://cloud.google.com/kubernetes-engine/docs/how-to/managed-certs + GKEmanagedCertificate: + # -- Enable ManagedCertificate custom resource for Google Kubernetes Engine. + enabled: false + # -- Domains for the Google Managed Certificate + domains: + - argocd.example.com + + ## Create a Google FrontendConfig Custom Resource, for use with the GKE Ingress Controller + ## https://cloud.google.com/kubernetes-engine/docs/how-to/ingress-features#configuring_ingress_features_through_frontendconfig_parameters + GKEfrontendConfig: + # -- Enable FrontConfig custom resource for Google Kubernetes Engine + enabled: false + # -- [FrontendConfigSpec] + spec: {} + # spec: + # redirectToHttps: + # enabled: true + # responseCodeName: RESPONSE_CODE ## Repo Server repoServer: @@ -1863,13 +1826,13 @@ repoServer: image: # -- Repository to use for the repo server # @default -- `""` (defaults to global.image.repository) - repository: "" # defaults to global.image.repository + repository: "" # -- Tag to use for the repo server # @default -- `""` (defaults to global.image.tag) - tag: "" # defaults to global.image.tag + tag: "" # -- Image pull policy for the repo server # @default -- `""` (defaults to global.image.imagePullPolicy) - imagePullPolicy: "" # IfNotPresent + imagePullPolicy: "" # -- Secrets with credentials to pull images from a private registry # @default -- `[]` (defaults to global.imagePullSecrets) @@ -1889,13 +1852,43 @@ repoServer: # - secretRef: # name: secret-name - # DEPRECATED - Use configs.params to override - # -- Repo server log format: Either `text` or `json` - # @default -- `""` (defaults to global.logging.level) - # logFormat: "" - # -- Repo server log level. One of: `debug`, `info`, `warn` or `error` - # @default -- `""` (defaults to global.logging.format) - # logLevel: "" + # -- Additional containers to be added to the repo server pod + ## Ref: https://argo-cd.readthedocs.io/en/stable/user-guide/config-management-plugins/ + extraContainers: [] + # - name: cmp + # # Entrypoint should be Argo CD lightweight CMP server i.e. argocd-cmp-server + # command: [/var/run/argocd/argocd-cmp-server] + # image: busybox # This can be off-the-shelf or custom-built image + # securityContext: + # runAsNonRoot: true + # runAsUser: 999 + # volumeMounts: + # - mountPath: /var/run/argocd + # name: var-files + # - mountPath: /home/argocd/cmp-server/plugins + # name: plugins + # # Remove this volumeMount if you've chosen to bake the config file into the sidecar image. + # - mountPath: /home/argocd/cmp-server/config/plugin.yaml + # subPath: plugin.yaml + # name: cmp-plugin + # # Starting with v2.4, do NOT mount the same tmp volume as the repo-server container. The filesystem separation helps + # # mitigate path traversal attacks. + # - mountPath: /tmp + # name: cmp-tmp + + # -- Init containers to add to the repo server pods + initContainers: [] + + # -- Additional volumeMounts to the repo server main container + volumeMounts: [] + + # -- Additional volumes to the repo server pod + volumes: [] + # - name: cmp-plugin + # configMap: + # name: cmp-plugin + # - name: cmp-tmp + # emptyDir: {} # -- Annotations to be added to repo server Deployment deploymentAnnotations: {} @@ -1906,6 +1899,15 @@ repoServer: # -- Labels to be added to repo server pods podLabels: {} + # -- Resource limits and requests for the repo server pods + resources: {} + # limits: + # cpu: 50m + # memory: 128Mi + # requests: + # cpu: 10m + # memory: 64Mi + # -- Configures the repo server port containerPort: 8081 @@ -1934,17 +1936,6 @@ repoServer: # -- Number of seconds after which the [probe] times out timeoutSeconds: 1 - # -- Additional volumeMounts to the repo server main container - volumeMounts: [] - - # -- Additional volumes to the repo server pod - volumes: [] - ## Use init containers to configure custom tooling - ## https://argo-cd.readthedocs.io/en/stable/operator-manual/custom_tools/ - ## When using the volumes & volumeMounts section bellow, please comment out those above. - # - name: custom-tools - # emptyDir: {} - # -- [Node selector] nodeSelector: {} # -- [Tolerations] for use with node taints @@ -1975,15 +1966,6 @@ repoServer: drop: - ALL - # -- Resource limits and requests for the repo server pods - resources: {} - # limits: - # cpu: 50m - # memory: 128Mi - # requests: - # cpu: 10m - # memory: 64Mi - # TLS certificate configuration via Secret ## Ref: https://argo-cd.readthedocs.io/en/stable/operator-manual/tls/#configuring-tls-to-argocd-repo-server ## Note: Issuing certificates via cert-manager in not supported right now because it's not possible to restart repo server automatically without extra controllers. @@ -2077,9 +2059,6 @@ repoServer: # -- Automount API credentials for the Service Account automountServiceAccountToken: true - # -- Additional containers to be added to the repo server pod - extraContainers: [] - # -- Repo server rbac rules rbac: [] # - apiGroups: @@ -2091,22 +2070,6 @@ repoServer: # - list # - watch - # -- Init containers to add to the repo server pods - initContainers: [] - # - name: download-tools - # image: alpine:3.8 - # command: [sh, -c] - # args: - # - wget -qO- https://get.helm.sh/helm-v2.16.1-linux-amd64.tar.gz | tar -xvzf - && - # mv linux-amd64/helm /custom-tools/ - # volumeMounts: - # - mountPath: /custom-tools - # name: custom-tools - # volumeMounts: - # - mountPath: /usr/local/bin/helm - # name: custom-tools - # subPath: helm - ## ApplicationSet controller applicationSet: # -- Enable ApplicationSet controller @@ -2150,6 +2113,13 @@ applicationSet: # @default -- `[]` (defaults to global.imagePullSecrets) imagePullSecrets: [] + # -- ApplicationSet controller log format. Either `text` or `json` + # @default -- `""` (defaults to global.logging.format) + logFormat: "" + # -- ApplicationSet controller log level. One of: `debug`, `info`, `warn`, `error` + # @default -- `""` (defaults to global.logging.level) + logLevel: "" + args: # -- The default metric address metricsAddr: :8080 @@ -2160,16 +2130,31 @@ applicationSet: # -- Enable dry run mode dryRun: false - # -- ApplicationSet controller log format. Either `text` or `json` - # @default -- `""` (defaults to global.logging.format) - logFormat: "" - # -- ApplicationSet controller log level. One of: `debug`, `info`, `warn`, `error` - # @default -- `""` (defaults to global.logging.level) - logLevel: "" + # -- List of extra cli args to add + extraArgs: [] + + # -- Environment variables to pass to the ApplicationSet controller + extraEnv: [] + # - name: "MY_VAR" + # value: "value" + + # -- envFrom to pass to the ApplicationSet controller + # @default -- `[]` (See [values.yaml]) + extraEnvFrom: [] + # - configMapRef: + # name: config-map-name + # - secretRef: + # name: secret-name # -- Additional containers to be added to the ApplicationSet controller pod extraContainers: [] + # -- List of extra mounts to add (normally used with extraVolumes) + extraVolumeMounts: [] + + # -- List of extra volumes to add + extraVolumes: [] + ## Metrics service configuration metrics: # -- Deploy metrics service @@ -2238,6 +2223,15 @@ applicationSet: # -- Labels for the ApplicationSet controller pods podLabels: {} + # -- Resource limits and requests for the ApplicationSet controller pods. + resources: {} + # limits: + # cpu: 100m + # memory: 128Mi + # requests: + # cpu: 100m + # memory: 128Mi + # -- ApplicationSet controller container-level security context # @default -- See [values.yaml] containerSecurityContext: @@ -2280,19 +2274,6 @@ applicationSet: # -- Minimum consecutive failures for the [probe] to be considered failed after having succeeded failureThreshold: 3 - # -- Resource limits and requests for the ApplicationSet controller pods. - resources: {} - # We usually recommend not to specify default resources and to leave this as a conscious - # choice for the user. This also increases chances charts run on environments with little - # resources, such as Minikube. If you do want to specify resources, uncomment the following - # lines, adjust them as necessary, and remove the curly braces after 'resources:'. - # limits: - # cpu: 100m - # memory: 128Mi - # requests: - # cpu: 100m - # memory: 128Mi - # -- [Node selector] nodeSelector: {} @@ -2305,32 +2286,6 @@ applicationSet: # -- If specified, indicates the pod's priority. If not specified, the pod priority will be default or zero if there is no default. priorityClassName: "" - # -- List of extra mounts to add (normally used with extraVolumes) - extraVolumeMounts: [] - # - mountPath: /tmp/foobar - # name: foobar - - # -- List of extra volumes to add - extraVolumes: [] - # - name: foobar - # emptyDir: {} - - # -- List of extra cli args to add - extraArgs: [] - - # -- Environment variables to pass to the ApplicationSet controller - extraEnv: [] - # - name: "MY_VAR" - # value: "value" - - # -- envFrom to pass to the ApplicationSet controller - # @default -- `[]` (See [values.yaml]) - extraEnvFrom: [] - # - configMapRef: - # name: config-map-name - # - secretRef: - # name: secret-name - ## Webhook for the Git Generator ## Ref: https://argocd-applicationset.readthedocs.io/en/master/Generators-Git/#webhook-configuration) webhook: @@ -2384,9 +2339,6 @@ notifications: # -- Notifications controller name string name: notifications-controller - # -- Assign custom [affinity] rules - affinity: {} - # -- Argo CD dashboard url; used in place of {{.context.argocdUrl}} in templates argocdUrl: @@ -2422,8 +2374,32 @@ notifications: # @default -- `[]` (defaults to global.imagePullSecrets) imagePullSecrets: [] - # -- [Node selector] - nodeSelector: {} + # -- Notifications controller log format. Either `text` or `json` + # @default -- `""` (defaults to global.logging.format) + logFormat: "" + # -- Notifications controller log level. One of: `debug`, `info`, `warn`, `error` + # @default -- `""` (defaults to global.logging.level) + logLevel: "" + + # -- Extra arguments to provide to the notifications controller + extraArgs: [] + + # -- Additional container environment variables + extraEnv: [] + + # -- envFrom to pass to the notifications controller + # @default -- `[]` (See [values.yaml]) + extraEnvFrom: [] + # - configMapRef: + # name: config-map-name + # - secretRef: + # name: secret-name + + # -- List of extra mounts to add (normally used with extraVolumes) + extraVolumeMounts: [] + + # -- List of extra volumes to add + extraVolumes: [] # -- Define user-defined context ## For more information: https://argocd-notifications.readthedocs.io/en/stable/templates/#defining-user-defined-context @@ -2454,37 +2430,6 @@ notifications: # email-password: # For more information: https://argocd-notifications.readthedocs.io/en/stable/services/email/ - # -- Notifications controller log format. Either `text` or `json` - # @default -- `""` (defaults to global.logging.format) - logFormat: "" - # -- Notifications controller log level. One of: `debug`, `info`, `warn`, `error` - # @default -- `""` (defaults to global.logging.level) - logLevel: "" - - # -- Extra arguments to provide to the notifications controller - extraArgs: [] - - # -- Additional container environment variables - extraEnv: [] - - # -- envFrom to pass to the notifications controller - # @default -- `[]` (See [values.yaml]) - extraEnvFrom: [] - # - configMapRef: - # name: config-map-name - # - secretRef: - # name: secret-name - - # -- List of extra mounts to add (normally used with extraVolumes) - extraVolumeMounts: [] - # - mountPath: /tmp/foobar - # name: foobar - - # -- List of extra volumes to add - extraVolumes: [] - # - name: foobar - # emptyDir: {} - metrics: # -- Enables prometheus metrics server enabled: false @@ -2535,6 +2480,15 @@ notifications: # -- Labels to be applied to the notifications controller Pods podLabels: {} + # -- Resource limits and requests for the notifications controller + resources: {} + # limits: + # cpu: 100m + # memory: 128Mi + # requests: + # cpu: 100m + # memory: 128Mi + # -- Notification controller container-level security Context # @default -- See [values.yaml] containerSecurityContext: @@ -2547,18 +2501,18 @@ notifications: drop: - ALL + # -- [Node selector] + nodeSelector: {} + + # -- [Tolerations] for use with node taints + tolerations: [] + + # -- Assign custom [affinity] rules + affinity: {} + # -- Priority class for the notifications controller pods priorityClassName: "" - # -- Resource limits and requests for the notifications controller - resources: {} - # limits: - # cpu: 100m - # memory: 128Mi - # requests: - # cpu: 100m - # memory: 128Mi - serviceAccount: # -- Specifies whether a service account should be created create: true @@ -2809,9 +2763,6 @@ notifications: # ] # }] - # -- [Tolerations] for use with node taints - tolerations: [] - # -- The trigger defines the condition when the notification should be sent ## For more information: https://argocd-notifications.readthedocs.io/en/stable/triggers/ triggers: {} From 7992b5d04b9ea0d13a3ae7799e042cf9056eb6cd Mon Sep 17 00:00:00 2001 From: Jason Meridth Date: Mon, 9 Jan 2023 18:03:26 -0600 Subject: [PATCH 025/356] feat(argo-workflows): Add helper function to determine image value, minus tag (#1754) We have a situation where we want to exclude the registry so that images can be pulled from in-network mirrors. Currently when you exclude the registry, you get stuck with a prefixing forward slash. Had to keep the tags in the manifest files because helm template requires a colon in the image value. Otherwise I'd move it into the helper function. image entries changed: server, controller, executor Signed-off-by: jmeridth Signed-off-by: jmeridth --- charts/argo-workflows/Chart.yaml | 4 ++-- charts/argo-workflows/templates/_helpers.tpl | 11 +++++++++++ .../controller/workflow-controller-deployment.yaml | 4 ++-- .../templates/server/server-deployment.yaml | 2 +- 4 files changed, 16 insertions(+), 5 deletions(-) diff --git a/charts/argo-workflows/Chart.yaml b/charts/argo-workflows/Chart.yaml index 61c78e11b..25aa9fd67 100644 --- a/charts/argo-workflows/Chart.yaml +++ b/charts/argo-workflows/Chart.yaml @@ -3,7 +3,7 @@ appVersion: v3.4.4 name: argo-workflows description: A Helm chart for Argo Workflows type: application -version: 0.22.7 +version: 0.22.8 icon: https://raw.githubusercontent.com/argoproj/argo-workflows/master/docs/assets/argo.png home: https://github.com/argoproj/argo-helm sources: @@ -13,4 +13,4 @@ maintainers: url: https://argoproj.github.io/ annotations: artifacthub.io/changes: | - - "[Added]: Support podGCDeleteDelayDuration and podGCGracePeriodSeconds" + - "[Added]: Helm helper function to allow image registry to be absent" diff --git a/charts/argo-workflows/templates/_helpers.tpl b/charts/argo-workflows/templates/_helpers.tpl index 057ed5f9c..7719052d1 100644 --- a/charts/argo-workflows/templates/_helpers.tpl +++ b/charts/argo-workflows/templates/_helpers.tpl @@ -142,3 +142,14 @@ Return the default Argo Workflows app version {{- define "argo-workflows.defaultTag" -}} {{- default .Chart.AppVersion .Values.images.tag }} {{- end -}} + +{{/* +Return full image name including or excluding registry based on existence +*/}} +{{- define "argo-workflows.image" -}} +{{- if and .image.registry .image.repository -}} + {{ .image.registry }}/{{ .image.repository }} +{{- else -}} + {{ .image.repository }} +{{- end -}} +{{- end -}} diff --git a/charts/argo-workflows/templates/controller/workflow-controller-deployment.yaml b/charts/argo-workflows/templates/controller/workflow-controller-deployment.yaml index 7ce171556..b90122ca2 100644 --- a/charts/argo-workflows/templates/controller/workflow-controller-deployment.yaml +++ b/charts/argo-workflows/templates/controller/workflow-controller-deployment.yaml @@ -34,14 +34,14 @@ spec: {{- end }} containers: - name: controller - image: "{{ .Values.controller.image.registry }}/{{ .Values.controller.image.repository }}:{{ default (include "argo-workflows.defaultTag" .) .Values.controller.image.tag }}" + image: "{{- include "argo-workflows.image" (dict "context" . "image" .Values.controller.image) }}:{{ default (include "argo-workflows.defaultTag" .) .Values.controller.image.tag }}" imagePullPolicy: {{ .Values.images.pullPolicy }} command: [ "workflow-controller" ] args: - "--configmap" - "{{ template "argo-workflows.controller.fullname" . }}-configmap" - "--executor-image" - - "{{ .Values.executor.image.registry }}/{{ .Values.executor.image.repository }}:{{ default (include "argo-workflows.defaultTag" .) .Values.executor.image.tag }}" + - "{{- include "argo-workflows.image" (dict "context" . "image" .Values.executor.image) }}:{{ default (include "argo-workflows.defaultTag" .) .Values.executor.image.tag }}" - "--loglevel" - "{{ .Values.controller.logging.level }}" - "--gloglevel" diff --git a/charts/argo-workflows/templates/server/server-deployment.yaml b/charts/argo-workflows/templates/server/server-deployment.yaml index e1e9b680d..70b1495c8 100644 --- a/charts/argo-workflows/templates/server/server-deployment.yaml +++ b/charts/argo-workflows/templates/server/server-deployment.yaml @@ -35,7 +35,7 @@ spec: {{- end }} containers: - name: argo-server - image: "{{ .Values.server.image.registry }}/{{ .Values.server.image.repository }}:{{ default (include "argo-workflows.defaultTag" .) .Values.server.image.tag }}" + image: "{{- include "argo-workflows.image" (dict "context" . "image" .Values.server.image) }}:{{ default (include "argo-workflows.defaultTag" .) .Values.server.image.tag }}" imagePullPolicy: {{ .Values.images.pullPolicy }} securityContext: {{- toYaml .Values.server.securityContext | nindent 12 }} From c5648d5c9f1e5c8a08690618f8ab0b76e4d8bacd Mon Sep 17 00:00:00 2001 From: Petr Drastil Date: Tue, 10 Jan 2023 09:58:45 +0100 Subject: [PATCH 026/356] chore(argo-cd): Consolidate cluster-wide RBAC (#1597) Signed-off-by: Petr Drastil --- charts/argo-cd/Chart.yaml | 9 ++++--- charts/argo-cd/README.md | 6 ++--- charts/argo-cd/templates/NOTES.txt | 12 +++++++++ .../clusterrole.yaml | 27 ++++++++++--------- .../clusterrolebinding.yaml | 11 ++++---- .../argocd-repo-server/clusterrole.yaml | 27 ++++++++++--------- .../clusterrolebinding.yaml | 9 ++++--- .../templates/argocd-server/clusterrole.yaml | 3 ++- .../argocd-server/clusterrolebinding.yaml | 11 ++++---- charts/argo-cd/values.yaml | 21 +++------------ 10 files changed, 70 insertions(+), 66 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index a3f338f0c..912ffeff7 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -3,7 +3,7 @@ appVersion: v2.5.5 kubeVersion: ">=1.22.0-0" description: A Helm chart for Argo CD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 5.16.14 +version: 5.16.15 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png sources: @@ -23,6 +23,7 @@ dependencies: condition: redis-ha.enabled annotations: artifacthub.io/changes: | - - "[Docs]: Added sample how to provide K8s credentials plugin" - - "[Docs]: Added sample how to provide Argo config management plugin" - - "[Docs]: Removed samples that injects tools into incorrect controllers" + - "[Added]: Option createClusterRoles to enable cluster roles from one place" + - "[Deprecated]: Option controller.clusterAdminAccess.enabled" + - "[Deprecated]: Option server.clusterAdminAccess.enabled" + - "[Deprecated]: Option repoServer.clusterAdminAccess.enabled" diff --git a/charts/argo-cd/README.md b/charts/argo-cd/README.md index f71184f36..ec1213f84 100644 --- a/charts/argo-cd/README.md +++ b/charts/argo-cd/README.md @@ -362,7 +362,8 @@ NAME: my-release | crds.annotations | object | `{}` | Annotations to be added to all CRDs | | crds.install | bool | `true` | Install and upgrade CRDs | | crds.keep | bool | `true` | Keep CRDs on chart uninstall | -| createAggregateRoles | bool | `false` | Create clusterroles that extend existing clusterroles to interact with argo-cd crds | +| createAggregateRoles | bool | `false` | Create aggregated roles that extend existing cluster roles to interact with argo-cd resources | +| createClusterRoles | bool | `true` | Create cluster roles for cluster-wide installation. | | extraObjects | list | `[]` | Array of extra K8s manifests to deploy | | fullnameOverride | string | `""` | String to fully override `"argo-cd.fullname"` | | kubeVersionOverride | string | `""` | Override the Kubernetes version, which is used to evaluate certain manifests | @@ -451,7 +452,6 @@ NAME: my-release |-----|------|---------|-------------| | controller.affinity | object | `{}` | Assign custom [affinity] rules to the deployment | | controller.args | object | `{}` | DEPRECATED - Application controller commandline flags | -| controller.clusterAdminAccess.enabled | bool | `true` | Enable RBAC for local cluster deployments | | controller.clusterRoleRules.enabled | bool | `false` | Enable custom rules for the application controller's ClusterRole resource | | controller.clusterRoleRules.rules | list | `[]` | List of custom rules for the application controller's ClusterRole resource | | controller.containerPort | int | `8082` | Application controller listening port | @@ -529,7 +529,6 @@ NAME: my-release | repoServer.certificateSecret.enabled | bool | `false` | Create argocd-repo-server-tls secret | | repoServer.certificateSecret.key | string | `""` | Certificate private key | | repoServer.certificateSecret.labels | object | `{}` | Labels to be added to argocd-repo-server-tls secret | -| repoServer.clusterAdminAccess.enabled | bool | `false` | Enable RBAC for local cluster deployments | | repoServer.clusterRoleRules.enabled | bool | `false` | Enable custom rules for the Repo server's Cluster Role resource | | repoServer.clusterRoleRules.rules | list | `[]` | List of custom rules for the Repo server's Cluster Role resource | | repoServer.containerPort | int | `8081` | Configures the repo server port | @@ -631,7 +630,6 @@ NAME: my-release | server.certificateSecret.enabled | bool | `false` | Create argocd-server-tls secret | | server.certificateSecret.key | string | `""` | Private Key of the certificate | | server.certificateSecret.labels | object | `{}` | Labels to be added to argocd-server-tls secret | -| server.clusterAdminAccess.enabled | bool | `true` | Enable RBAC for local cluster deployments | | server.containerPort | int | `8080` | Configures the server port | | server.containerSecurityContext | object | See [values.yaml] | Server container-level security context | | server.deploymentAnnotations | object | `{}` | Annotations to be added to server Deployment | diff --git a/charts/argo-cd/templates/NOTES.txt b/charts/argo-cd/templates/NOTES.txt index 98bbb96a3..30138ee4e 100644 --- a/charts/argo-cd/templates/NOTES.txt +++ b/charts/argo-cd/templates/NOTES.txt @@ -52,6 +52,18 @@ DEPRECATED option configs.gpgKeys - Use config.gpg.keys {{- if .Values.configs.gpgKeysAnnotations }} DEPRECATED option configs.gpgKeysAnnotations - Use config.gpg.annotations {{- end }} +{{- if hasKey .Values "createAggregateRoles" }} +DEPRECATED option createAggregateRoles - Use global.rbac.aggregatedRoles +{{- end }} +{{- if hasKey (.Values.controller.clusterAdminAccess | default dict) "enabled" }} +DEPRECATED option .controller.clusterAdminAccess.enabled - Use createClusterRoles +{{- end }} +{{- if hasKey (.Values.server.clusterAdminAccess | default dict) "enabled" }} +DEPRECATED option .server.clusterAdminAccess.enabled - Use createClusterRoles +{{- end }} +{{- if hasKey (.Values.repoServer.clusterAdminAccess | default dict) "enabled" }} +DEPRECATED option .server.clusterAdminAccess.enabled - Use createClusterRoles +{{- end }} {{- if .Values.controller.service }} REMOVED option controller.service - Use controller.metrics {{- end }} diff --git a/charts/argo-cd/templates/argocd-application-controller/clusterrole.yaml b/charts/argo-cd/templates/argocd-application-controller/clusterrole.yaml index 0aa82961b..5ebe00b3f 100644 --- a/charts/argo-cd/templates/argocd-application-controller/clusterrole.yaml +++ b/charts/argo-cd/templates/argocd-application-controller/clusterrole.yaml @@ -1,23 +1,24 @@ -{{- if .Values.controller.clusterAdminAccess.enabled }} +{{- $config := .Values.controller.clusterAdminAccess | default dict -}} +{{- if hasKey $config "enabled" | ternary $config.enabled .Values.createClusterRoles }} apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRole metadata: - name: {{ template "argo-cd.controller.fullname" . }} + name: {{ include "argo-cd.controller.fullname" . }} labels: {{- include "argo-cd.labels" (dict "context" . "component" .Values.controller.name "name" .Values.controller.name) | nindent 4 }} rules: {{- if .Values.controller.clusterRoleRules.enabled }} - {{- toYaml .Values.controller.clusterRoleRules.rules | nindent 0 }} + {{- toYaml .Values.controller.clusterRoleRules.rules | nindent 2 }} {{- else }} -- apiGroups: - - '*' - resources: - - '*' - verbs: - - '*' -- nonResourceURLs: - - '*' - verbs: - - '*' + - apiGroups: + - '*' + resources: + - '*' + verbs: + - '*' + - nonResourceURLs: + - '*' + verbs: + - '*' {{- end }} {{- end }} diff --git a/charts/argo-cd/templates/argocd-application-controller/clusterrolebinding.yaml b/charts/argo-cd/templates/argocd-application-controller/clusterrolebinding.yaml index 86d7c8839..39ee80a67 100644 --- a/charts/argo-cd/templates/argocd-application-controller/clusterrolebinding.yaml +++ b/charts/argo-cd/templates/argocd-application-controller/clusterrolebinding.yaml @@ -1,16 +1,17 @@ -{{- if .Values.controller.clusterAdminAccess.enabled }} +{{- $config := .Values.controller.clusterAdminAccess | default dict -}} +{{- if hasKey $config "enabled" | ternary $config.enabled .Values.createClusterRoles }} apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRoleBinding metadata: - name: {{ template "argo-cd.controller.fullname" . }} + name: {{ include "argo-cd.controller.fullname" . }} labels: {{- include "argo-cd.labels" (dict "context" . "component" .Values.controller.name "name" .Values.controller.name) | nindent 4 }} roleRef: apiGroup: rbac.authorization.k8s.io kind: ClusterRole - name: {{ template "argo-cd.controller.fullname" . }} + name: {{ include "argo-cd.controller.fullname" . }} subjects: - kind: ServiceAccount - name: {{ template "argo-cd.controllerServiceAccountName" . }} + name: {{ include "argo-cd.controllerServiceAccountName" . }} namespace: {{ .Release.Namespace }} -{{- end }} \ No newline at end of file +{{- end }} diff --git a/charts/argo-cd/templates/argocd-repo-server/clusterrole.yaml b/charts/argo-cd/templates/argocd-repo-server/clusterrole.yaml index 4ea41da32..21dff1a92 100644 --- a/charts/argo-cd/templates/argocd-repo-server/clusterrole.yaml +++ b/charts/argo-cd/templates/argocd-repo-server/clusterrole.yaml @@ -1,23 +1,24 @@ -{{- if and .Values.repoServer.serviceAccount.create .Values.repoServer.clusterAdminAccess.enabled }} +{{- $config := .Values.repoServer.clusterAdminAccess | default dict -}} +{{- if hasKey $config "enabled" | ternary $config.enabled .Values.createClusterRoles }} apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRole metadata: - name: {{ template "argo-cd.repoServer.fullname" . }} + name: {{ include "argo-cd.repoServer.fullname" . }} labels: {{- include "argo-cd.labels" (dict "context" . "component" .Values.repoServer.name "name" .Values.repoServer.name) | nindent 4 }} rules: {{- if .Values.repoServer.clusterRoleRules.enabled }} - {{- toYaml .Values.repoServer.clusterRoleRules.rules | nindent 0 }} + {{- toYaml .Values.repoServer.clusterRoleRules.rules | nindent 2 }} {{- else }} -- apiGroups: - - '*' - resources: - - '*' - verbs: - - '*' -- nonResourceURLs: - - '*' - verbs: - - '*' + - apiGroups: + - '*' + resources: + - '*' + verbs: + - '*' + - nonResourceURLs: + - '*' + verbs: + - '*' {{- end }} {{- end }} diff --git a/charts/argo-cd/templates/argocd-repo-server/clusterrolebinding.yaml b/charts/argo-cd/templates/argocd-repo-server/clusterrolebinding.yaml index 9757912e1..c3e21edbc 100644 --- a/charts/argo-cd/templates/argocd-repo-server/clusterrolebinding.yaml +++ b/charts/argo-cd/templates/argocd-repo-server/clusterrolebinding.yaml @@ -1,16 +1,17 @@ -{{- if and .Values.repoServer.serviceAccount.create .Values.repoServer.clusterAdminAccess.enabled }} +{{- $config := .Values.repoServer.clusterAdminAccess | default dict -}} +{{- if hasKey $config "enabled" | ternary $config.enabled .Values.createClusterRoles }} apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRoleBinding metadata: - name: {{ template "argo-cd.repoServer.fullname" . }} + name: {{ include "argo-cd.repoServer.fullname" . }} labels: {{- include "argo-cd.labels" (dict "context" . "component" .Values.repoServer.name "name" .Values.repoServer.name) | nindent 4 }} roleRef: apiGroup: rbac.authorization.k8s.io kind: ClusterRole - name: {{ template "argo-cd.repoServer.fullname" . }} + name: {{ include "argo-cd.repoServer.fullname" . }} subjects: - kind: ServiceAccount - name: {{ template "argo-cd.repoServerServiceAccountName" . }} + name: {{ include "argo-cd.repoServerServiceAccountName" . }} namespace: {{ .Release.Namespace }} {{- end }} diff --git a/charts/argo-cd/templates/argocd-server/clusterrole.yaml b/charts/argo-cd/templates/argocd-server/clusterrole.yaml index 2caa4dd04..0f26d4707 100644 --- a/charts/argo-cd/templates/argocd-server/clusterrole.yaml +++ b/charts/argo-cd/templates/argocd-server/clusterrole.yaml @@ -1,4 +1,5 @@ -{{- if .Values.server.clusterAdminAccess.enabled }} +{{- $config := .Values.server.clusterAdminAccess | default dict -}} +{{- if hasKey $config "enabled" | ternary $config.enabled .Values.createClusterRoles }} apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRole metadata: diff --git a/charts/argo-cd/templates/argocd-server/clusterrolebinding.yaml b/charts/argo-cd/templates/argocd-server/clusterrolebinding.yaml index 9f5a960db..72e4d4504 100644 --- a/charts/argo-cd/templates/argocd-server/clusterrolebinding.yaml +++ b/charts/argo-cd/templates/argocd-server/clusterrolebinding.yaml @@ -1,16 +1,17 @@ -{{- if .Values.server.clusterAdminAccess.enabled }} +{{- $config := .Values.server.clusterAdminAccess | default dict -}} +{{- if hasKey $config "enabled" | ternary $config.enabled .Values.createClusterRoles }} apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRoleBinding metadata: - name: {{ template "argo-cd.server.fullname" . }} + name: {{ include "argo-cd.server.fullname" . }} labels: {{- include "argo-cd.labels" (dict "context" . "component" .Values.server.name "name" .Values.server.name) | nindent 4 }} roleRef: apiGroup: rbac.authorization.k8s.io kind: ClusterRole - name: {{ template "argo-cd.server.fullname" . }} + name: {{ include "argo-cd.server.fullname" . }} subjects: - kind: ServiceAccount - name: {{ template "argo-cd.serverServiceAccountName" . }} + name: {{ include "argo-cd.serverServiceAccountName" . }} namespace: {{ .Release.Namespace }} -{{- end }} \ No newline at end of file +{{- end }} diff --git a/charts/argo-cd/values.yaml b/charts/argo-cd/values.yaml index 010d7cbe0..d799dcb90 100755 --- a/charts/argo-cd/values.yaml +++ b/charts/argo-cd/values.yaml @@ -19,9 +19,12 @@ apiVersionOverrides: # -- String to override apiVersion of autoscaling rendered by this helm chart autoscaling: "" # autoscaling/v2 -# -- Create clusterroles that extend existing clusterroles to interact with argo-cd crds +# -- Create aggregated roles that extend existing cluster roles to interact with argo-cd resources ## Ref: https://kubernetes.io/docs/reference/access-authn-authz/rbac/#aggregated-clusterroles createAggregateRoles: false +# -- Create cluster roles for cluster-wide installation. +## Used when you manage applications in the same cluster where Argo CD runs +createClusterRoles: true openshift: # -- enables using arbitrary uid for argo repo server @@ -718,11 +721,6 @@ controller: # additionalLabels: {} # annotations: {} - ## Enable if you would like to grant rights to Argo CD to deploy to the local Kubernetes cluster. - clusterAdminAccess: - # -- Enable RBAC for local cluster deployments - enabled: true - ## Enable this and set the rules: to whatever custom rules you want for the Cluster Role resource. ## Defaults to off clusterRoleRules: @@ -1732,12 +1730,6 @@ server: # -- Termination policy of Openshift Route termination_policy: None - ## Enable Admin ClusterRole resources. - ## Enable if you would like to grant rights to Argo CD to deploy to the local Kubernetes cluster. - clusterAdminAccess: - # -- Enable RBAC for local cluster deployments - enabled: true - GKEbackendConfig: # -- Enable BackendConfig custom resource for Google Kubernetes Engine enabled: false @@ -2031,11 +2023,6 @@ repoServer: # -- Prometheus ServiceMonitor annotations annotations: {} - ## Enable Admin ClusterRole resources. - ## Enable if you would like to grant cluster rights to Argo CD repo server. - clusterAdminAccess: - # -- Enable RBAC for local cluster deployments - enabled: false ## Enable Custom Rules for the Repo server's Cluster Role resource ## Enable this and set the rules: to whatever custom rules you want for the Cluster Role resource. ## Defaults to off From 31242020c44e75815945aed42a8244a7c13d9dd7 Mon Sep 17 00:00:00 2001 From: Petr Drastil Date: Tue, 10 Jan 2023 13:31:57 +0100 Subject: [PATCH 027/356] feat(argo-cd): Allow templated values for init and extra containers (#1749) --- charts/argo-cd/Chart.yaml | 9 ++-- charts/argo-cd/README.md | 3 ++ .../statefulset.yaml | 10 ++-- .../argocd-applicationset/deployment.yaml | 6 ++- .../argocd-notifications/deployment.yaml | 51 +++++++++++-------- .../argocd-repo-server/deployment.yaml | 48 ++++++++--------- .../templates/argocd-server/deployment.yaml | 14 ++--- charts/argo-cd/templates/dex/deployment.yaml | 44 ++++++++-------- .../argo-cd/templates/redis/deployment.yaml | 10 ++-- charts/argo-cd/values.yaml | 26 +++++++++- 10 files changed, 128 insertions(+), 93 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index 912ffeff7..45ff44466 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -3,7 +3,7 @@ appVersion: v2.5.5 kubeVersion: ">=1.22.0-0" description: A Helm chart for Argo CD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 5.16.15 +version: 5.17.0 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png sources: @@ -23,7 +23,6 @@ dependencies: condition: redis-ha.enabled annotations: artifacthub.io/changes: | - - "[Added]: Option createClusterRoles to enable cluster roles from one place" - - "[Deprecated]: Option controller.clusterAdminAccess.enabled" - - "[Deprecated]: Option server.clusterAdminAccess.enabled" - - "[Deprecated]: Option repoServer.clusterAdminAccess.enabled" + - "[Added]: Support for extraContainers and initContainers for applicationSet and notifications" + - "[Added]: Support for use of Helm templates for extraContainers and initContainers" + - "[Docs]: Added notes about custom Helm template support" diff --git a/charts/argo-cd/README.md b/charts/argo-cd/README.md index ec1213f84..dabacfe76 100644 --- a/charts/argo-cd/README.md +++ b/charts/argo-cd/README.md @@ -970,6 +970,7 @@ If you want to use an existing Redis (eg. a managed service from a cloud provide | applicationSet.image.repository | string | `""` (defaults to global.image.repository) | Repository to use for the ApplicationSet controller | | applicationSet.image.tag | string | `""` (defaults to global.image.tag) | Tag to use for the ApplicationSet controller | | applicationSet.imagePullSecrets | list | `[]` (defaults to global.imagePullSecrets) | If defined, uses a Secret to pull an image from a private Docker registry or repository. | +| applicationSet.initContainers | list | `[]` | Init containers to add to the ApplicationSet controller pod | | applicationSet.livenessProbe.enabled | bool | `false` | Enable Kubernetes liveness probe for ApplicationSet controller | | applicationSet.livenessProbe.failureThreshold | int | `3` | Minimum consecutive failures for the [probe] to be considered failed after having succeeded | | applicationSet.livenessProbe.initialDelaySeconds | int | `10` | Number of seconds after the container has started before [probe] is initiated | @@ -1063,6 +1064,7 @@ If you want to use an existing Redis (eg. a managed service from a cloud provide | notifications.deploymentAnnotations | object | `{}` | Annotations to be applied to the notifications controller Deployment | | notifications.enabled | bool | `true` | Enable notifications controller | | notifications.extraArgs | list | `[]` | Extra arguments to provide to the notifications controller | +| notifications.extraContainers | list | `[]` | Additional containers to be added to the notifications controller pod | | notifications.extraEnv | list | `[]` | Additional container environment variables | | notifications.extraEnvFrom | list | `[]` (See [values.yaml]) | envFrom to pass to the notifications controller | | notifications.extraVolumeMounts | list | `[]` | List of extra mounts to add (normally used with extraVolumes) | @@ -1071,6 +1073,7 @@ If you want to use an existing Redis (eg. a managed service from a cloud provide | notifications.image.repository | string | `""` (defaults to global.image.repository) | Repository to use for the notifications controller | | notifications.image.tag | string | `""` (defaults to global.image.tag) | Tag to use for the notifications controller | | notifications.imagePullSecrets | list | `[]` (defaults to global.imagePullSecrets) | Secrets with credentials to pull images from a private registry | +| notifications.initContainers | list | `[]` | Init containers to add to the notifications controller pod | | notifications.logFormat | string | `""` (defaults to global.logging.format) | Notifications controller log format. Either `text` or `json` | | notifications.logLevel | string | `""` (defaults to global.logging.level) | Notifications controller log level. One of: `debug`, `info`, `warn`, `error` | | notifications.metrics.enabled | bool | `false` | Enables prometheus metrics server | diff --git a/charts/argo-cd/templates/argocd-application-controller/statefulset.yaml b/charts/argo-cd/templates/argocd-application-controller/statefulset.yaml index 66486b535..208545e08 100644 --- a/charts/argo-cd/templates/argocd-application-controller/statefulset.yaml +++ b/charts/argo-cd/templates/argocd-application-controller/statefulset.yaml @@ -257,7 +257,11 @@ spec: - mountPath: /home/argocd name: argocd-home {{- with .Values.controller.extraContainers }} - {{- toYaml . | nindent 6 }} + {{- tpl (toYaml .) $ | nindent 6 }} + {{- end }} + {{- with .Values.controller.initContainers }} + initContainers: + {{- tpl (toYaml .) $ | nindent 6 }} {{- end }} {{- with .Values.controller.nodeSelector }} nodeSelector: @@ -304,10 +308,6 @@ spec: path: tls.key - key: ca.crt path: ca.crt - {{- with .Values.controller.initContainers }} - initContainers: - {{- toYaml . | nindent 6 }} - {{- end }} {{- with .Values.controller.priorityClassName }} priorityClassName: {{ . }} {{- end }} diff --git a/charts/argo-cd/templates/argocd-applicationset/deployment.yaml b/charts/argo-cd/templates/argocd-applicationset/deployment.yaml index ce4cd8214..0c3862de3 100644 --- a/charts/argo-cd/templates/argocd-applicationset/deployment.yaml +++ b/charts/argo-cd/templates/argocd-applicationset/deployment.yaml @@ -125,8 +125,12 @@ spec: - mountPath: /tmp name: tmp {{- with .Values.applicationSet.extraContainers }} - {{- toYaml . | nindent 8 }} + {{- tpl (toYaml .) $ | nindent 8 }} {{- end }} + {{- with .Values.applicationSet.initContainers }} + initContainers: + {{- tpl (toYaml .) $ | nindent 6 }} + {{- end }} {{- with .Values.applicationSet.nodeSelector }} nodeSelector: {{- toYaml . | nindent 8 }} diff --git a/charts/argo-cd/templates/argocd-notifications/deployment.yaml b/charts/argo-cd/templates/argocd-notifications/deployment.yaml index 2be14fdd0..7ee9f8f47 100644 --- a/charts/argo-cd/templates/argocd-notifications/deployment.yaml +++ b/charts/argo-cd/templates/argocd-notifications/deployment.yaml @@ -81,12 +81,39 @@ spec: {{- with .Values.notifications.extraVolumeMounts }} {{- toYaml . | nindent 12 }} {{- end }} + {{- with .Values.notifications.extraContainers }} + {{- tpl (toYaml . ) $ | nindent 8 }} + {{- end }} + {{- with .Values.notifications.initContainers }} + initContainers: + {{- tpl (toYaml . ) $ | nindent 8 }} + {{- end }} + {{- with .Values.notifications.nodeSelector }} + nodeSelector: + {{- toYaml . | nindent 8 }} + {{- end }} + {{- with .Values.notifications.affinity }} + affinity: + {{- toYaml . | nindent 8 }} + {{- end }} + {{- with .Values.notifications.tolerations }} + tolerations: + {{- toYaml . | nindent 8 }} + {{- end }} + {{- with .Values.notifications.priorityClassName }} + priorityClassName: {{ . }} + {{- end }} volumes: - - configMap: + {{- with .Values.notifications.extraVolumes }} + {{- toYaml . | nindent 8 }} + {{- end }} + - name: tls-certs + configMap: name: argocd-tls-certs-cm - name: tls-certs - name: argocd-repo-server-tls secret: + secretName: argocd-repo-server-tls + optional: true items: - key: tls.crt path: tls.crt @@ -94,24 +121,4 @@ spec: path: tls.key - key: ca.crt path: ca.crt - optional: true - secretName: argocd-repo-server-tls - {{- with .Values.notifications.extraVolumes }} - {{- toYaml . | nindent 8 }} - {{- end }} - {{- with .Values.notifications.nodeSelector }} - nodeSelector: - {{- toYaml . | nindent 8 }} - {{- end }} - {{- with .Values.notifications.affinity }} - affinity: - {{- toYaml . | nindent 8 }} - {{- end }} - {{- with .Values.notifications.tolerations }} - tolerations: - {{- toYaml . | nindent 8 }} - {{- end }} - {{- with .Values.notifications.priorityClassName }} - priorityClassName: {{ . }} - {{- end }} {{- end }} diff --git a/charts/argo-cd/templates/argocd-repo-server/deployment.yaml b/charts/argo-cd/templates/argocd-repo-server/deployment.yaml index d8cbb97dd..04117ba36 100755 --- a/charts/argo-cd/templates/argocd-repo-server/deployment.yaml +++ b/charts/argo-cd/templates/argocd-repo-server/deployment.yaml @@ -264,7 +264,30 @@ spec: securityContext: {{- toYaml .Values.repoServer.containerSecurityContext | nindent 10 }} {{- with .Values.repoServer.extraContainers }} - {{- toYaml . | nindent 6 }} + {{- tpl (toYaml .) $ | nindent 6 }} + {{- end }} + initContainers: + - command: + - cp + - -n + - /usr/local/bin/argocd + - /var/run/argocd/argocd-cmp-server + image: {{ default .Values.global.image.repository .Values.repoServer.image.repository }}:{{ default (include "argo-cd.defaultTag" .) .Values.repoServer.image.tag }} + imagePullPolicy: {{ default .Values.global.image.imagePullPolicy .Values.repoServer.image.imagePullPolicy }} + name: copyutil + {{- with .Values.repoServer.resources }} + resources: + {{- toYaml . | nindent 10 }} + {{- end }} + {{- with .Values.repoServer.containerSecurityContext }} + securityContext: + {{- toYaml . | nindent 10 }} + {{- end }} + volumeMounts: + - mountPath: /var/run/argocd + name: var-files + {{- with .Values.repoServer.initContainers }} + {{- tpl (toYaml .) $ | nindent 6 }} {{- end }} {{- with .Values.repoServer.nodeSelector }} nodeSelector: @@ -328,29 +351,6 @@ spec: path: tls.key - key: ca.crt path: ca.crt - initContainers: - - command: - - cp - - -n - - /usr/local/bin/argocd - - /var/run/argocd/argocd-cmp-server - image: {{ default .Values.global.image.repository .Values.repoServer.image.repository }}:{{ default (include "argo-cd.defaultTag" .) .Values.repoServer.image.tag }} - imagePullPolicy: {{ default .Values.global.image.imagePullPolicy .Values.repoServer.image.imagePullPolicy }} - name: copyutil - {{- with .Values.repoServer.resources }} - resources: - {{- toYaml . | nindent 10 }} - {{- end }} - {{- with .Values.repoServer.containerSecurityContext }} - securityContext: - {{- toYaml . | nindent 10 }} - {{- end }} - volumeMounts: - - mountPath: /var/run/argocd - name: var-files - {{- with .Values.repoServer.initContainers }} - {{- toYaml . | nindent 6 }} - {{- end }} {{- with .Values.repoServer.priorityClassName }} priorityClassName: {{ . }} {{- end }} diff --git a/charts/argo-cd/templates/argocd-server/deployment.yaml b/charts/argo-cd/templates/argocd-server/deployment.yaml index 7793b11ac..c38d9348f 100755 --- a/charts/argo-cd/templates/argocd-server/deployment.yaml +++ b/charts/argo-cd/templates/argocd-server/deployment.yaml @@ -319,9 +319,6 @@ spec: lifecycle: {{- toYaml . | nindent 10 }} {{- end }} - {{- with .Values.server.extraContainers }} - {{- toYaml . | nindent 6 }} - {{- end }} {{- if .Values.server.extensions.enabled }} - name: argocd-extensions image: {{ .Values.server.extensions.image.repository }}:{{ .Values.server.extensions.image.tag }} @@ -336,6 +333,13 @@ spec: - name: tmp mountPath: /tmp {{- end }} + {{- with .Values.server.extraContainers }} + {{- tpl (toYaml .) $ | nindent 6 }} + {{- end }} + {{- with .Values.server.initContainers }} + initContainers: + {{- tpl (toYaml .) $ | nindent 6 }} + {{- end }} {{- with .Values.server.nodeSelector }} nodeSelector: {{- toYaml . | nindent 8 }} @@ -406,10 +410,6 @@ spec: path: tls.crt - key: ca.crt path: ca.crt - {{- with .Values.server.initContainers }} - initContainers: - {{- toYaml . | nindent 6 }} - {{- end }} {{- with .Values.server.priorityClassName }} priorityClassName: {{ . }} {{- end }} diff --git a/charts/argo-cd/templates/dex/deployment.yaml b/charts/argo-cd/templates/dex/deployment.yaml index 5900070f1..bd0362b3c 100755 --- a/charts/argo-cd/templates/dex/deployment.yaml +++ b/charts/argo-cd/templates/dex/deployment.yaml @@ -43,27 +43,6 @@ spec: securityContext: {{- toYaml . | nindent 8 }} {{- end }} - initContainers: - - name: copyutil - image: {{ default .Values.global.image.repository .Values.dex.initImage.repository }}:{{ default (include "argo-cd.defaultTag" .) .Values.dex.initImage.tag }} - imagePullPolicy: {{ default .Values.global.image.imagePullPolicy .Values.dex.initImage.imagePullPolicy }} - command: - - cp - - -n - - /usr/local/bin/argocd - - /shared/argocd-dex - volumeMounts: - - mountPath: /shared - name: static-files - - mountPath: /tmp - name: dexconfig - resources: - {{- toYaml .Values.dex.resources | nindent 10 }} - securityContext: - {{- toYaml .Values.dex.containerSecurityContext | nindent 10 }} - {{- with .Values.dex.initContainers }} - {{- toYaml . | nindent 6 }} - {{- end }} containers: - name: {{ .Values.dex.name }} image: {{ .Values.dex.image.repository }}:{{ .Values.dex.image.tag }} @@ -136,7 +115,28 @@ spec: - name: argocd-dex-server-tls mountPath: /tls {{- with .Values.dex.extraContainers }} - {{- toYaml . | nindent 6 }} + {{- tpl (toYaml .) $ | nindent 6 }} + {{- end }} + initContainers: + - name: copyutil + image: {{ default .Values.global.image.repository .Values.dex.initImage.repository }}:{{ default (include "argo-cd.defaultTag" .) .Values.dex.initImage.tag }} + imagePullPolicy: {{ default .Values.global.image.imagePullPolicy .Values.dex.initImage.imagePullPolicy }} + command: + - cp + - -n + - /usr/local/bin/argocd + - /shared/argocd-dex + volumeMounts: + - mountPath: /shared + name: static-files + - mountPath: /tmp + name: dexconfig + resources: + {{- toYaml .Values.dex.resources | nindent 10 }} + securityContext: + {{- toYaml .Values.dex.containerSecurityContext | nindent 10 }} + {{- with .Values.dex.initContainers }} + {{- tpl (toYaml .) $ | nindent 6 }} {{- end }} {{- with .Values.dex.nodeSelector }} nodeSelector: diff --git a/charts/argo-cd/templates/redis/deployment.yaml b/charts/argo-cd/templates/redis/deployment.yaml index 38ba73bea..6c6a4dbe5 100755 --- a/charts/argo-cd/templates/redis/deployment.yaml +++ b/charts/argo-cd/templates/redis/deployment.yaml @@ -41,10 +41,6 @@ spec: {{- toYaml . | nindent 8 }} {{- end }} serviceAccountName: {{ include "argo-cd.redisServiceAccountName" . }} - {{- with .Values.redis.initContainers }} - initContainers: - {{- toYaml . | nindent 6 }} - {{- end }} containers: - name: {{ .Values.redis.name }} image: {{ .Values.redis.image.repository }}:{{ .Values.redis.image.tag }} @@ -96,7 +92,11 @@ spec: {{- toYaml .Values.redis.metrics.containerSecurityContext | nindent 10 }} {{- end }} {{- with .Values.redis.extraContainers }} - {{- toYaml . | nindent 6 }} + {{- tpl (toYaml .) $ | nindent 6 }} + {{- end }} + {{- with .Values.redis.initContainers }} + initContainers: + {{- tpl (toYaml .) $ | nindent 6 }} {{- end }} {{- with .Values.redis.nodeSelector }} nodeSelector: diff --git a/charts/argo-cd/values.yaml b/charts/argo-cd/values.yaml index d799dcb90..9fad462e5 100755 --- a/charts/argo-cd/values.yaml +++ b/charts/argo-cd/values.yaml @@ -439,6 +439,7 @@ configs: # } # -- Array of extra K8s manifests to deploy +## Note: Supports use of custom Helm templates extraObjects: [] # - apiVersion: secrets-store.csi.x-k8s.io/v1 # kind: SecretProviderClass @@ -538,12 +539,14 @@ controller: # name: secret-name # -- Additional containers to be added to the application controller pod + ## Note: Supports use of custom Helm templates extraContainers: [] # -- Init containers to add to the application controller pod ## If your target Kubernetes cluster(s) require a custom credential (exec) plugin ## you could use this (and the same in the server pod) to provide such executable ## Ref: https://kubernetes.io/docs/reference/access-authn-authz/authentication/#client-go-credential-plugins + ## Note: Supports use of custom Helm templates initContainers: [] # - name: download-tools # image: alpine:3 @@ -827,9 +830,11 @@ dex: # name: secret-name # -- Additional containers to be added to the dex pod + ## Note: Supports use of custom Helm templates extraContainers: [] # -- Init containers to add to the dex pod + ## Note: Supports use of custom Helm templates initContainers: [] # -- Additional volumeMounts to the dex main container @@ -1012,9 +1017,11 @@ redis: # name: secret-name # -- Additional containers to be added to the redis pod + ## Note: Supports use of custom Helm templates extraContainers: [] # -- Init containers to add to the redis pod + ## Note: Supports use of custom Helm templates initContainers: [] # -- Additional volumeMounts to the redis container @@ -1353,7 +1360,7 @@ server: # memory: 64Mi # -- Additional containers to be added to the server pod - ## See https://github.com/lemonldap-ng-controller/lemonldap-ng-controller as example. + ## Note: Supports use of custom Helm templates extraContainers: [] # - name: my-sidecar # image: nginx:latest @@ -1846,11 +1853,13 @@ repoServer: # -- Additional containers to be added to the repo server pod ## Ref: https://argo-cd.readthedocs.io/en/stable/user-guide/config-management-plugins/ + ## Note: Supports use of custom Helm templates extraContainers: [] # - name: cmp # # Entrypoint should be Argo CD lightweight CMP server i.e. argocd-cmp-server # command: [/var/run/argocd/argocd-cmp-server] - # image: busybox # This can be off-the-shelf or custom-built image + # # This can be off-the-shelf or custom-built image + # image: busybox # securityContext: # runAsNonRoot: true # runAsUser: 999 @@ -2134,8 +2143,13 @@ applicationSet: # name: secret-name # -- Additional containers to be added to the ApplicationSet controller pod + ## Note: Supports use of custom Helm templates extraContainers: [] + # -- Init containers to add to the ApplicationSet controller pod + ## Note: Supports use of custom Helm templates + initContainers: [] + # -- List of extra mounts to add (normally used with extraVolumes) extraVolumeMounts: [] @@ -2382,6 +2396,14 @@ notifications: # - secretRef: # name: secret-name + # -- Additional containers to be added to the notifications controller pod + ## Note: Supports use of custom Helm templates + extraContainers: [] + + # -- Init containers to add to the notifications controller pod + ## Note: Supports use of custom Helm templates + initContainers: [] + # -- List of extra mounts to add (normally used with extraVolumes) extraVolumeMounts: [] From 136d8c4fca96cfad3736ba44ea4df17195c343da Mon Sep 17 00:00:00 2001 From: Aikawa Date: Wed, 11 Jan 2023 15:33:30 +0900 Subject: [PATCH 028/356] chore(argo-cd): Update Argo CD to v2.5.6 (#1757) Signed-off-by: yu-croco --- charts/argo-cd/Chart.yaml | 8 +++----- 1 file changed, 3 insertions(+), 5 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index 45ff44466..7e45a5871 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -1,9 +1,9 @@ apiVersion: v2 -appVersion: v2.5.5 +appVersion: v2.5.6 kubeVersion: ">=1.22.0-0" description: A Helm chart for Argo CD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 5.17.0 +version: 5.17.1 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png sources: @@ -23,6 +23,4 @@ dependencies: condition: redis-ha.enabled annotations: artifacthub.io/changes: | - - "[Added]: Support for extraContainers and initContainers for applicationSet and notifications" - - "[Added]: Support for use of Helm templates for extraContainers and initContainers" - - "[Docs]: Added notes about custom Helm template support" + - "[Changed]: Update Argo CD to v2.5.6" From 5c6ad38b15fccd082da657bc577d23a803808d09 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Wed, 11 Jan 2023 07:39:58 +0100 Subject: [PATCH 029/356] chore(deps): bump helm/chart-releaser-action from 1.4.1 to 1.5.0 (#1752) Bumps [helm/chart-releaser-action](https://github.com/helm/chart-releaser-action) from 1.4.1 to 1.5.0. - [Release notes](https://github.com/helm/chart-releaser-action/releases) - [Commits](https://github.com/helm/chart-releaser-action/compare/v1.4.1...v1.5.0) --- updated-dependencies: - dependency-name: helm/chart-releaser-action dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Marco Kilchhofer --- .github/workflows/publish.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/publish.yml b/.github/workflows/publish.yml index ac6f01373..cb56596bc 100644 --- a/.github/workflows/publish.yml +++ b/.github/workflows/publish.yml @@ -39,7 +39,7 @@ jobs: git checkout origin/gh-pages index.yaml - name: Run chart-releaser - uses: helm/chart-releaser-action@v1.4.1 + uses: helm/chart-releaser-action@v1.5.0 with: config: "./.github/configs/cr.yaml" env: From 2777121707ccb8a9cdc45e84b496fea2568db483 Mon Sep 17 00:00:00 2001 From: Kiyoshi Muranaka Date: Wed, 18 Jan 2023 11:38:50 +0900 Subject: [PATCH 030/356] feat(argo-rollouts): Add support for topologySpreadConstraints (#1755) --- charts/argo-rollouts/Chart.yaml | 4 ++-- charts/argo-rollouts/README.md | 3 +++ charts/argo-rollouts/README.md.gotmpl | 1 + .../templates/controller/deployment.yaml | 12 ++++++++++++ .../templates/dashboard/deployment.yaml | 12 ++++++++++++ charts/argo-rollouts/values.yaml | 18 ++++++++++++++++++ 6 files changed, 48 insertions(+), 2 deletions(-) diff --git a/charts/argo-rollouts/Chart.yaml b/charts/argo-rollouts/Chart.yaml index 6688d9b0b..913a190a9 100644 --- a/charts/argo-rollouts/Chart.yaml +++ b/charts/argo-rollouts/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v2 appVersion: v1.3.1 description: A Helm chart for Argo Rollouts name: argo-rollouts -version: 2.21.1 +version: 2.21.2 home: https://github.com/argoproj/argo-helm icon: https://argoproj.github.io/argo-rollouts/assets/logo.png keywords: @@ -15,4 +15,4 @@ maintainers: url: https://argoproj.github.io/ annotations: artifacthub.io/changes: | - - "[Changed]: Upgrade ArgoRollouts to v1.3.1" + - "[Added]: Add support for topologySpreadConstraints" diff --git a/charts/argo-rollouts/README.md b/charts/argo-rollouts/README.md index e471d2841..43f68a05e 100644 --- a/charts/argo-rollouts/README.md +++ b/charts/argo-rollouts/README.md @@ -88,6 +88,7 @@ If dashboard is installed by `--set dashboard.enabled=true`, checkout the argo-r | controller.replicas | int | `2` | The number of controller pods to run | | controller.resources | object | `{}` | Resource limits and requests for the controller pods. | | controller.tolerations | list | `[]` | [Tolerations] for use with node taints | +| controller.topologySpreadConstraints | list | `[]` | Assign custom [TopologySpreadConstraints] rules to the controller | | podAnnotations | object | `{}` | Annotations to be added to the Rollout pods | | podLabels | object | `{}` | Labels to be added to the Rollout pods | | podSecurityContext | object | `{"runAsNonRoot":true}` | Security Context to set on pod level | @@ -145,6 +146,7 @@ If dashboard is installed by `--set dashboard.enabled=true`, checkout the argo-r | dashboard.serviceAccount.create | bool | `true` | Specifies whether a dashboard service account should be created | | dashboard.serviceAccount.name | string | `""` | The name of the service account to use. If not set and create is true, a name is generated using the fullname template | | dashboard.tolerations | list | `[]` | [Tolerations] for use with node taints | +| dashboard.topologySpreadConstraints | list | `[]` | Assign custom [TopologySpreadConstraints] rules to the dashboard server | ## Upgrading @@ -174,6 +176,7 @@ Autogenerated from chart metadata using [helm-docs](https://github.com/norwoodj/ [Node selector]: https://kubernetes.io/docs/user-guide/node-selection/ [probe]: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle/#container-probes [Tolerations]: https://kubernetes.io/docs/concepts/configuration/taint-and-toleration/ +[TopologySpreadConstraints]: https://kubernetes.io/docs/concepts/workloads/pods/pod-topology-spread-constraints/ [priorityClassName]: https://kubernetes.io/docs/concepts/scheduling-eviction/pod-priority-preemption/ [Pod Disruption Budget]: https://kubernetes.io/docs/concepts/workloads/pods/disruptions/#pod-disruption-budgets [values.yaml]: values.yaml diff --git a/charts/argo-rollouts/README.md.gotmpl b/charts/argo-rollouts/README.md.gotmpl index 445c84dbd..1a587350f 100644 --- a/charts/argo-rollouts/README.md.gotmpl +++ b/charts/argo-rollouts/README.md.gotmpl @@ -96,6 +96,7 @@ Autogenerated from chart metadata using [helm-docs](https://github.com/norwoodj/ [Node selector]: https://kubernetes.io/docs/user-guide/node-selection/ [probe]: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle/#container-probes [Tolerations]: https://kubernetes.io/docs/concepts/configuration/taint-and-toleration/ +[TopologySpreadConstraints]: https://kubernetes.io/docs/concepts/workloads/pods/pod-topology-spread-constraints/ [priorityClassName]: https://kubernetes.io/docs/concepts/scheduling-eviction/pod-priority-preemption/ [Pod Disruption Budget]: https://kubernetes.io/docs/concepts/workloads/pods/disruptions/#pod-disruption-budgets [values.yaml]: values.yaml diff --git a/charts/argo-rollouts/templates/controller/deployment.yaml b/charts/argo-rollouts/templates/controller/deployment.yaml index d06c0c920..d6adf9cfa 100644 --- a/charts/argo-rollouts/templates/controller/deployment.yaml +++ b/charts/argo-rollouts/templates/controller/deployment.yaml @@ -83,6 +83,18 @@ spec: affinity: {{- toYaml .Values.controller.affinity | nindent 8 }} {{- end }} + {{- with .Values.controller.topologySpreadConstraints }} + topologySpreadConstraints: + {{- range $constraint := . }} + - {{ toYaml $constraint | nindent 8 | trim }} + {{- if not $constraint.labelSelector }} + labelSelector: + matchLabels: + app.kubernetes.io/component: {{ $.Values.controller.component }} + {{- include "argo-rollouts.selectorLabels" $ | nindent 12 }} + {{- end }} + {{- end }} + {{- end }} {{- with .Values.controller.priorityClassName }} priorityClassName: {{ . }} {{- end }} diff --git a/charts/argo-rollouts/templates/dashboard/deployment.yaml b/charts/argo-rollouts/templates/dashboard/deployment.yaml index a84d4bbff..ebf9ce8b2 100644 --- a/charts/argo-rollouts/templates/dashboard/deployment.yaml +++ b/charts/argo-rollouts/templates/dashboard/deployment.yaml @@ -65,6 +65,18 @@ spec: affinity: {{- toYaml .Values.dashboard.affinity | nindent 8 }} {{- end }} + {{- with .Values.dashboard.topologySpreadConstraints }} + topologySpreadConstraints: + {{- range $constraint := . }} + - {{ toYaml $constraint | nindent 8 | trim }} + {{- if not $constraint.labelSelector }} + labelSelector: + matchLabels: + {{- include "argo-rollouts.selectorLabels" $ | nindent 12 }} + app.kubernetes.io/component: {{ $.Values.dashboard.component }} + {{- end }} + {{- end }} + {{- end }} {{- with .Values.dashboard.priorityClassName }} priorityClassName: {{ . }} {{- end }} diff --git a/charts/argo-rollouts/values.yaml b/charts/argo-rollouts/values.yaml index f74ed7a15..43d322c24 100644 --- a/charts/argo-rollouts/values.yaml +++ b/charts/argo-rollouts/values.yaml @@ -47,6 +47,15 @@ controller: tolerations: [] # -- Assign custom [affinity] rules to the deployment affinity: {} + + # -- Assign custom [TopologySpreadConstraints] rules to the controller + ## Ref: https://kubernetes.io/docs/concepts/workloads/pods/pod-topology-spread-constraints/ + ## If labelSelector is left out, it will default to the labelSelector configuration of the deployment + topologySpreadConstraints: [] + # - maxSkew: 1 + # topologyKey: topology.kubernetes.io/zone + # whenUnsatisfiable: DoNotSchedule + # -- [priorityClassName] for the controller priorityClassName: "" # -- The number of controller pods to run @@ -194,6 +203,15 @@ dashboard: tolerations: [] # -- Assign custom [affinity] rules to the deployment affinity: {} + + # -- Assign custom [TopologySpreadConstraints] rules to the dashboard server + ## Ref: https://kubernetes.io/docs/concepts/workloads/pods/pod-topology-spread-constraints/ + ## If labelSelector is left out, it will default to the labelSelector configuration of the deployment + topologySpreadConstraints: [] + # - maxSkew: 1 + # topologyKey: topology.kubernetes.io/zone + # whenUnsatisfiable: DoNotSchedule + # -- [priorityClassName] for the dashboard server priorityClassName: "" From 0d57f6ec17d24ae0786ceb85615991bf1d6a24b7 Mon Sep 17 00:00:00 2001 From: Aikawa Date: Wed, 18 Jan 2023 15:44:21 +0900 Subject: [PATCH 031/356] chore(argo-cd): Update Argo CD to v2.5.7 (#1769) Signed-off-by: yu-croco --- charts/argo-cd/Chart.yaml | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index 7e45a5871..0f294c96c 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -1,9 +1,9 @@ apiVersion: v2 -appVersion: v2.5.6 +appVersion: v2.5.7 kubeVersion: ">=1.22.0-0" description: A Helm chart for Argo CD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 5.17.1 +version: 5.17.2 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png sources: @@ -23,4 +23,4 @@ dependencies: condition: redis-ha.enabled annotations: artifacthub.io/changes: | - - "[Changed]: Update Argo CD to v2.5.6" + - "[Changed]: Update Argo CD to v2.5.7" From f3888bc99609cb82e1bda47a30dfc8c88c3cefb6 Mon Sep 17 00:00:00 2001 From: Victor Login Date: Wed, 18 Jan 2023 19:00:59 +0600 Subject: [PATCH 032/356] chore(argo-cd): Update Argo CD extensions to v0.2.1 (#1770) Signed-off-by: Victor Login Signed-off-by: Victor Login --- charts/argo-cd/Chart.yaml | 4 ++-- charts/argo-cd/README.md | 2 +- charts/argo-cd/values.yaml | 2 +- 3 files changed, 4 insertions(+), 4 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index 0f294c96c..bc3ac6d1e 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -3,7 +3,7 @@ appVersion: v2.5.7 kubeVersion: ">=1.22.0-0" description: A Helm chart for Argo CD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 5.17.2 +version: 5.17.4 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png sources: @@ -23,4 +23,4 @@ dependencies: condition: redis-ha.enabled annotations: artifacthub.io/changes: | - - "[Changed]: Update Argo CD to v2.5.7" + - "[Changed]: Update Argo CD extensions to v0.2.1" diff --git a/charts/argo-cd/README.md b/charts/argo-cd/README.md index dabacfe76..d1ad8c146 100644 --- a/charts/argo-cd/README.md +++ b/charts/argo-cd/README.md @@ -639,7 +639,7 @@ NAME: my-release | server.extensions.enabled | bool | `false` | Enable support for Argo UI extensions | | server.extensions.image.imagePullPolicy | string | `""` (defaults to global.image.imagePullPolicy) | Image pull policy for extensions | | server.extensions.image.repository | string | `"ghcr.io/argoproj-labs/argocd-extensions"` | Repository to use for extensions image | -| server.extensions.image.tag | string | `"v0.1.0"` | Tag to use for extensions image | +| server.extensions.image.tag | string | `"v0.2.1"` | Tag to use for extensions image | | server.extensions.resources | object | `{}` | Resource limits and requests for the argocd-extensions container | | server.extraArgs | list | `[]` | Additional command line arguments to pass to Argo CD server | | server.extraContainers | list | `[]` | Additional containers to be added to the server pod | diff --git a/charts/argo-cd/values.yaml b/charts/argo-cd/values.yaml index 9fad462e5..cd0bee81f 100755 --- a/charts/argo-cd/values.yaml +++ b/charts/argo-cd/values.yaml @@ -1333,7 +1333,7 @@ server: # -- Repository to use for extensions image repository: "ghcr.io/argoproj-labs/argocd-extensions" # -- Tag to use for extensions image - tag: "v0.1.0" + tag: "v0.2.1" # -- Image pull policy for extensions # @default -- `""` (defaults to global.image.imagePullPolicy) imagePullPolicy: "" From 206d4922bfdf0b757ea9885204cc3f4cfc56a7e1 Mon Sep 17 00:00:00 2001 From: Pedro Date: Thu, 19 Jan 2023 04:37:18 -0600 Subject: [PATCH 033/356] fix(argo-rollouts): avoid label exceeding maximum length (#1694) * fix(argo-rollouts): generated value for app.kubernetes.io/version label for argo-rollouts will not exceed maximum length and support passing a SHA digest. Signed-off-by: Pedro Salgado * fix: Add missing double quote in changelog Signed-off-by: Marco Kilchhofer Signed-off-by: Pedro Salgado Signed-off-by: Marco Kilchhofer Co-authored-by: Marco Kilchhofer --- charts/argo-rollouts/Chart.yaml | 5 +++-- charts/argo-rollouts/templates/_helpers.tpl | 16 +++++++++++++++- 2 files changed, 18 insertions(+), 3 deletions(-) diff --git a/charts/argo-rollouts/Chart.yaml b/charts/argo-rollouts/Chart.yaml index 913a190a9..a15ecf9b5 100644 --- a/charts/argo-rollouts/Chart.yaml +++ b/charts/argo-rollouts/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v2 appVersion: v1.3.1 description: A Helm chart for Argo Rollouts name: argo-rollouts -version: 2.21.2 +version: 2.21.3 home: https://github.com/argoproj/argo-helm icon: https://argoproj.github.io/argo-rollouts/assets/logo.png keywords: @@ -15,4 +15,5 @@ maintainers: url: https://argoproj.github.io/ annotations: artifacthub.io/changes: | - - "[Added]: Add support for topologySpreadConstraints" + - "[Fixed]: avoid app.kubernetes.io/version kubernetes label from exceeding maximum length (63)" + - "[Fixed]: generated value for app.kubernetes.io/version label is now valid even when defining a controller.image.tag with a SHA digest" diff --git a/charts/argo-rollouts/templates/_helpers.tpl b/charts/argo-rollouts/templates/_helpers.tpl index 94733603d..46ebaea51 100644 --- a/charts/argo-rollouts/templates/_helpers.tpl +++ b/charts/argo-rollouts/templates/_helpers.tpl @@ -31,6 +31,20 @@ Create chart name and version as used by the chart label. {{- printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 63 | trimSuffix "-" -}} {{- end -}} +{{/* +Create kubernetes friendly chart version label. + +Examples: +image.tag = v1.3.1 +output = v1.3.1 + +image.tag = v1.3.1@sha256:38828e693b02e6f858d89fa22a9d9811d3d7a2430a1d4c7d687b6f509775c6ce +output = v1.3.1 +*/}} +{{- define "argo-rollouts.chart_version_label" -}} +{{- regexReplaceAll "[^a-zA-Z0-9-_.]+" (regexReplaceAll "@sha256:[a-f0-9]+" (default .Chart.AppVersion $.Values.controller.image.tag) "") "" | trunc 63 | quote -}} +{{- end -}} + {{/* Common labels */}} @@ -38,7 +52,7 @@ Common labels helm.sh/chart: {{ include "argo-rollouts.chart" . }} {{ include "argo-rollouts.selectorLabels" . }} {{- if .Chart.AppVersion }} -app.kubernetes.io/version: {{ default .Chart.AppVersion $.Values.controller.image.tag | quote }} +app.kubernetes.io/version: {{ include "argo-rollouts.chart_version_label" . }} {{- end }} app.kubernetes.io/managed-by: {{ .Release.Service }} app.kubernetes.io/part-of: argo-rollouts From 132449caccd9cbb65499c7b1ac625fbc5dc76809 Mon Sep 17 00:00:00 2001 From: Jason Meridth Date: Thu, 19 Jan 2023 15:14:02 -0600 Subject: [PATCH 034/356] chore(argo-rollouts): Upgrade argo-rollouts to 1.4.0 (#1774) Fixes #1763 Signed-off-by: jmeridth Signed-off-by: jmeridth --- charts/argo-rollouts/Chart.yaml | 7 +- .../templates/controller/clusterrole.yaml | 22 ++++- .../templates/controller/role.yaml | 99 +++++++++++++++++-- .../templates/crds/analysis-run-crd.yaml | 3 + .../templates/crds/analysis-template-crd.yaml | 3 + .../crds/cluster-analysis-template-crd.yaml | 3 + .../templates/crds/rollout-crd.yaml | 39 ++++++++ .../templates/dashboard/clusterrole.yaml | 7 +- 8 files changed, 166 insertions(+), 17 deletions(-) diff --git a/charts/argo-rollouts/Chart.yaml b/charts/argo-rollouts/Chart.yaml index a15ecf9b5..89ff80efd 100644 --- a/charts/argo-rollouts/Chart.yaml +++ b/charts/argo-rollouts/Chart.yaml @@ -1,8 +1,8 @@ apiVersion: v2 -appVersion: v1.3.1 +appVersion: v1.4.0 description: A Helm chart for Argo Rollouts name: argo-rollouts -version: 2.21.3 +version: 2.22.0 home: https://github.com/argoproj/argo-helm icon: https://argoproj.github.io/argo-rollouts/assets/logo.png keywords: @@ -15,5 +15,4 @@ maintainers: url: https://argoproj.github.io/ annotations: artifacthub.io/changes: | - - "[Fixed]: avoid app.kubernetes.io/version kubernetes label from exceeding maximum length (63)" - - "[Fixed]: generated value for app.kubernetes.io/version label is now valid even when defining a controller.image.tag with a SHA digest" + - "[Changed]: Upgrade ArgoRollouts to v1.4.0" diff --git a/charts/argo-rollouts/templates/controller/clusterrole.yaml b/charts/argo-rollouts/templates/controller/clusterrole.yaml index b8fdf475a..eaaadd240 100644 --- a/charts/argo-rollouts/templates/controller/clusterrole.yaml +++ b/charts/argo-rollouts/templates/controller/clusterrole.yaml @@ -89,7 +89,7 @@ rules: - create - get - update -# secret access to run analysis templates which reference secrets, allow init containers to manipulate secrets +# secret read access to run analysis templates which reference secrets - apiGroups: - "" resources: @@ -99,9 +99,6 @@ rules: - get - list - watch - - create - - patch - - update # pod list/update needed for updating ephemeral data - apiGroups: - "" @@ -110,6 +107,7 @@ rules: verbs: - list - update + - watch # pods eviction needed for restart - apiGroups: - "" @@ -223,4 +221,20 @@ rules: - list - update - patch +- apiGroups: + - traefik.containo.us + resources: + - traefikservices + verbs: + - watch + - get + - update +- apiGroups: + - apisix.apache.org + resources: + - apisixroutes + verbs: + - watch + - get + - update {{- end }} diff --git a/charts/argo-rollouts/templates/controller/role.yaml b/charts/argo-rollouts/templates/controller/role.yaml index 81ce85420..8c7aa9d47 100644 --- a/charts/argo-rollouts/templates/controller/role.yaml +++ b/charts/argo-rollouts/templates/controller/role.yaml @@ -56,7 +56,19 @@ rules: - update - patch - delete +# deployments and podtemplates read access needed for workload reference support +- apiGroups: + - "" + - apps + resources: + - deployments + - podtemplates + verbs: + - get + - list + - watch # services patch needed to update selector of canary/stable/active/preview services +# services create needed to create and delete services for experiments - apiGroups: - "" resources: @@ -66,8 +78,18 @@ rules: - list - watch - patch -# secret access to run analysis templates which reference secrets -# configmap access to read notification-engine configuration + - create + - delete +# leases create/get/update needed for leader election +- apiGroups: + - coordination.k8s.io + resources: + - leases + verbs: + - create + - get + - update +# secret read access to run analysis templates which reference secrets - apiGroups: - "" resources: @@ -77,9 +99,6 @@ rules: - get - list - watch - - create - - patch - - update # pod list/update needed for updating ephemeral data - apiGroups: - "" @@ -88,6 +107,7 @@ rules: verbs: - list - update + - watch # pods eviction needed for restart - apiGroups: - "" @@ -129,15 +149,17 @@ rules: - update - patch - delete -# virtualservice access needed for using the Istio provider +# virtualservice/destinationrule access needed for using the Istio provider - apiGroups: - networking.istio.io resources: - virtualservices + - destinationrules verbs: - watch - get - update + - patch - list # trafficsplit access needed for using the SMI provider - apiGroups: @@ -150,4 +172,69 @@ rules: - get - update - patch +# ambassador access needed for Ambassador provider +- apiGroups: + - getambassador.io + - x.getambassador.io + resources: + - mappings + - ambassadormappings + verbs: + - create + - watch + - get + - update + - list + - delete +# Endpoints and TargetGroupBindings needed for ALB target group verification +- apiGroups: + - "" + resources: + - endpoints + verbs: + - get +- apiGroups: + - elbv2.k8s.aws + resources: + - targetgroupbindings + verbs: + - list + - get +# AppMesh virtualservices/virtualrouter CRD read-only access needed for using the App Mesh provider +- apiGroups: + - appmesh.k8s.aws + resources: + - virtualservices + verbs: + - watch + - get + - list +# AppMesh virtualnode CRD r/w access needed for using the App Mesh provider +- apiGroups: + - appmesh.k8s.aws + resources: + - virtualnodes + - virtualrouters + verbs: + - watch + - get + - list + - update + - patch +- apiGroups: + - traefik.containo.us + resources: + - traefikservices + verbs: + - watch + - get + - update +- apiGroups: + - apisix.apache.org + resources: + - apisixroutes + verbs: + - watch + - get + - update {{- end }} diff --git a/charts/argo-rollouts/templates/crds/analysis-run-crd.yaml b/charts/argo-rollouts/templates/crds/analysis-run-crd.yaml index 0d95f6f53..70187985c 100644 --- a/charts/argo-rollouts/templates/crds/analysis-run-crd.yaml +++ b/charts/argo-rollouts/templates/crds/analysis-run-crd.yaml @@ -2742,6 +2742,9 @@ spec: type: array insecure: type: boolean + jsonBody: + type: object + x-kubernetes-preserve-unknown-fields: true jsonPath: type: string method: diff --git a/charts/argo-rollouts/templates/crds/analysis-template-crd.yaml b/charts/argo-rollouts/templates/crds/analysis-template-crd.yaml index 862af976d..c28461860 100644 --- a/charts/argo-rollouts/templates/crds/analysis-template-crd.yaml +++ b/charts/argo-rollouts/templates/crds/analysis-template-crd.yaml @@ -2738,6 +2738,9 @@ spec: type: array insecure: type: boolean + jsonBody: + type: object + x-kubernetes-preserve-unknown-fields: true jsonPath: type: string method: diff --git a/charts/argo-rollouts/templates/crds/cluster-analysis-template-crd.yaml b/charts/argo-rollouts/templates/crds/cluster-analysis-template-crd.yaml index 60604611c..a00f68fe0 100644 --- a/charts/argo-rollouts/templates/crds/cluster-analysis-template-crd.yaml +++ b/charts/argo-rollouts/templates/crds/cluster-analysis-template-crd.yaml @@ -2738,6 +2738,9 @@ spec: type: array insecure: type: boolean + jsonBody: + type: object + x-kubernetes-preserve-unknown-fields: true jsonPath: type: string method: diff --git a/charts/argo-rollouts/templates/crds/rollout-crd.yaml b/charts/argo-rollouts/templates/crds/rollout-crd.yaml index ec58d318a..3f6ea7496 100644 --- a/charts/argo-rollouts/templates/crds/rollout-crd.yaml +++ b/charts/argo-rollouts/templates/crds/rollout-crd.yaml @@ -89,6 +89,12 @@ spec: revisionHistoryLimit: format: int32 type: integer + rollbackWindow: + properties: + revisions: + format: int32 + type: integer + type: object selector: properties: matchExpressions: @@ -397,6 +403,9 @@ spec: - type: integer - type: string x-kubernetes-int-or-string: true + minPodsPerReplicaSet: + format: int32 + type: integer pingPong: properties: pingService: @@ -713,6 +722,20 @@ spec: required: - mappings type: object + apisix: + properties: + route: + properties: + name: + type: string + rules: + items: + type: string + type: array + required: + - name + type: object + type: object appMesh: properties: virtualNodeGroup: @@ -770,6 +793,14 @@ spec: items: type: string type: array + tcpRoutes: + items: + properties: + port: + format: int64 + type: integer + type: object + type: array tlsRoutes: items: properties: @@ -794,6 +825,14 @@ spec: items: type: string type: array + tcpRoutes: + items: + properties: + port: + format: int64 + type: integer + type: object + type: array tlsRoutes: items: properties: diff --git a/charts/argo-rollouts/templates/dashboard/clusterrole.yaml b/charts/argo-rollouts/templates/dashboard/clusterrole.yaml index 6a84102d3..5f05d6e6e 100644 --- a/charts/argo-rollouts/templates/dashboard/clusterrole.yaml +++ b/charts/argo-rollouts/templates/dashboard/clusterrole.yaml @@ -44,17 +44,18 @@ rules: - get - list - watch - # deployments and podtemplates read access needed for workload reference support - apiGroups: - - "" - apps resources: - deployments - - podtemplates verbs: - get - list - watch + {{- if not .Values.dashboard.readonly }} + - update + - patch + {{- end }} - apiGroups: - apps resources: From 45c1534eeb03ee2a6cf89d2a2f10de2a00d206f3 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?carlos=20gonz=C3=A1lez?= Date: Thu, 19 Jan 2023 23:14:49 +0100 Subject: [PATCH 035/356] feat(argo-cd): Add labels for argocd-secret (#1779) MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit * feat(argo-cd): add secret labels field (#1778) Signed-off-by: carlos gonzález Co-authored-by: Petr Drastil --- charts/argo-cd/Chart.yaml | 4 ++-- charts/argo-cd/README.md | 1 + charts/argo-cd/templates/argocd-configs/argocd-secret.yaml | 3 +++ charts/argo-cd/values.yaml | 2 ++ 4 files changed, 8 insertions(+), 2 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index bc3ac6d1e..0b495196b 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -3,7 +3,7 @@ appVersion: v2.5.7 kubeVersion: ">=1.22.0-0" description: A Helm chart for Argo CD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 5.17.4 +version: 5.18.0 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png sources: @@ -23,4 +23,4 @@ dependencies: condition: redis-ha.enabled annotations: artifacthub.io/changes: | - - "[Changed]: Update Argo CD extensions to v0.2.1" + - "[Added]: Extra secret labels with .Values.configs.secret.labels" diff --git a/charts/argo-cd/README.md b/charts/argo-cd/README.md index d1ad8c146..278f1680d 100644 --- a/charts/argo-cd/README.md +++ b/charts/argo-cd/README.md @@ -442,6 +442,7 @@ NAME: my-release | configs.secret.githubSecret | string | `""` | Shared secret for authenticating GitHub webhook events | | configs.secret.gitlabSecret | string | `""` | Shared secret for authenticating GitLab webhook events | | configs.secret.gogsSecret | string | `""` | Shared secret for authenticating Gogs webhook events | +| configs.secret.labels | object | `{}` | Labels to be added to argocd-secret | | configs.styles | string | `""` (See [values.yaml]) | Define custom [CSS styles] for your argo instance. This setting will automatically mount the provided CSS and reference it in the argo configuration. | | configs.tlsCerts | object | See [values.yaml] | TLS certificate | | configs.tlsCertsAnnotations | object | `{}` | TLS certificate configmap annotations | diff --git a/charts/argo-cd/templates/argocd-configs/argocd-secret.yaml b/charts/argo-cd/templates/argocd-configs/argocd-secret.yaml index f289480d1..84a51197c 100644 --- a/charts/argo-cd/templates/argocd-configs/argocd-secret.yaml +++ b/charts/argo-cd/templates/argocd-configs/argocd-secret.yaml @@ -5,6 +5,9 @@ metadata: name: argocd-secret labels: {{- include "argo-cd.labels" (dict "context" . "component" .Values.server.name "name" "secret") | nindent 4 }} + {{- with .Values.configs.secret.labels }} + {{- toYaml . | nindent 4 }} + {{- end }} {{- with .Values.configs.secret.annotations }} annotations: {{- range $key, $value := . }} diff --git a/charts/argo-cd/values.yaml b/charts/argo-cd/values.yaml index cd0bee81f..98b62c1ea 100755 --- a/charts/argo-cd/values.yaml +++ b/charts/argo-cd/values.yaml @@ -392,6 +392,8 @@ configs: secret: # -- Create the argocd-secret createSecret: true + # -- Labels to be added to argocd-secret + labels: {} # -- Annotations to be added to argocd-secret annotations: {} From 9905dcca8eae8f2499c18c31475ad117b12611ad Mon Sep 17 00:00:00 2001 From: Jason Meridth Date: Fri, 20 Jan 2023 08:33:55 -0600 Subject: [PATCH 036/356] fix(argo-cd): Update CONTRIBUTING docs (#1782) * Update CONTRIBUTING - [x] versioning details - [x] remove broken links - [x] fix markdown linting errors - [x] README.md updating clarification * Rename variable in helm-docs script * Update argo-cd README * Add blurb about mandatory Chart versioning * Reword artifacthub changes section in CONTRIBUTING * Reorder/restructure CONTRIBUTING.md * Update argo-cd chart version * Add section in CONTRIBUTING about semantic title linting Signed-off-by: jmeridth Co-authored-by: Josh Soref <2119212+jsoref@users.noreply.github.com> --- CONTRIBUTING.md | 125 +++++++++++++++++++------------- charts/argo-cd/Chart.yaml | 4 +- charts/argo-cd/README.md | 5 +- charts/argo-cd/README.md.gotmpl | 5 +- scripts/helm-docs.sh | 6 +- 5 files changed, 85 insertions(+), 60 deletions(-) diff --git a/CONTRIBUTING.md b/CONTRIBUTING.md index 49c0577bc..f8753d60b 100644 --- a/CONTRIBUTING.md +++ b/CONTRIBUTING.md @@ -2,38 +2,87 @@ Argo Helm is a collection of **community maintained** charts. Therefore we rely on you to test your changes sufficiently. - -# Pull Requests +## Pull Requests All submissions, including submissions by project members, require review. We use GitHub pull requests for this purpose. Consult [GitHub Help](https://help.github.com/articles/about-pull-requests/) for more information on using pull requests. See the above stated requirements for PR on this project. +### Pull Request Title Linting + +We lint the title of your pull request to ensure it follows the [Conventional Commits](https://www.conventionalcommits.org/en/v1.0.0/) specification. This is done using GitHub actions and the [action-semantic-pull-request](.github/workflows/pr-title.yml) workflow. We require the scope of the change to be included in the title. The scope should be the name of the chart you are changing. For example, if you are changing the `argo-cd` chart, the title of your pull request should be `fix(argo-cd): Fix typo in values.yaml`. + +## Documentation + +The documentation for each chart is generated with [helm-docs](https://github.com/norwoodj/helm-docs). This way we can ensure that values are consistent with the chart documentation. + +We have a script on the repository which will execute the helm-docs docker container, so that you don't have to worry about downloading the binary etc. Simply execute the script (Bash compatible, might require sudo privileges): + +```shell +./scripts/helm-docs.sh +``` + +> **Note** +> When creating your own `README.md.gotmpl`, don't forget to add it to your `.helmignore` file. + +### Updating a chart README.md + +When updating the `README.md.gotmpl` inside a chart directory you must to run the `helm-docs` script to generate the updated `README.md` file. To reiterate, you should not edit the `README.md` file manually. It will be generated by the following command: + +```shell +./scripts/helm-docs.sh +``` + +> **Note** +> If you see changes to unrelated chart `README.md` files you may have accidentally updated a `README.md.gotmpl` file in another chart's folder unintentionally or someone else failed to run this script. Please revert those changes if you do not intend them to be a part of your pull request. + ## Versioning -Each chart's version follows the [semver standard](https://semver.org/). New charts should start at version `1.0.0`, if it's considered stable. If it's not considered stable, it must be released as [prerelease](#prerelease). +Each chart's version follows the [semver standard](https://semver.org/). + +New charts should start at version `1.0.0`, if it's considered stable. If it isn't considered stable, it must be released as `prerelease`. Any breaking changes to a chart (backwards incompatible) require: - * Bump of the current Major version of the chart - * State possible manual changes for this chart version in the `Upgrading` section of the chart's `README.md.gotmpl` ([See Upgrade](#upgrades)) +* Bump of the current Major version of the chart +* State possible manual changes for this chart version in the `Upgrading` section of the chart's `README.md.gotmpl` + +### New Application Versions + +When selecting new application versions ensure you make the following changes: + +* `values.yaml`: Bump all instances of the container image version +* `Chart.yaml`: Ensure `appVersion` matches the above container image and bump `version` + +Please ensure chart version changes adhere to semantic versioning standards: + +* Major: Large chart rewrites, major non-backwards compatible or destructive changes +* Minor: New chart functionality (sidecars), major application updates or minor non-backwards compatible changes +* Patch: App version patch updates, backwards compatible optional chart features ### Immutability Each release for each chart must be immutable. Any change to a chart (even just documentation) requires a version bump. Trying to release the same version twice will result in an error. +### Chart Versioning + +Currently we require a chart version bump for every change to a chart, including updating information for older verions. This may change in the future. ### Artifact Hub Annotations Since we release our charts on Artifact Hub we encourage making use of the provided chart annotations for Artifact Hub. - * [https://artifacthub.io/docs/topics/annotations/helm/](https://artifacthub.io/docs/topics/annotations/helm/) +* [https://artifacthub.io/docs/topics/annotations/helm/](https://artifacthub.io/docs/topics/annotations/helm/) #### Changelog We want to deliver transparent chart releases for our chart consumers. Therefore we require a changelog per new chart release. -Changes on a chart must be documented in a chart specific changelog in the `Chart.yaml` [Annotation Section](https://helm.sh/docs/topics/charts/#the-chartyaml-file). For every new release the entire `artifacthub.io/changes` needs to be rewritten. Each change requires a new bullet point following the pattern `- "[{type}]: {description}"`. You can use the following template: +Changes on a chart must be documented in a chart specific changelog in the `Chart.yaml` [Annotation Section](https://helm.sh/docs/topics/charts/#the-chartyaml-file). -``` +A new `artifacthub.io/changes` needs to be written covering only the changes since the previous release. + +Each change requires a new bullet point following the pattern `- "[{type}]: {description}"`. You can use the following template: + +```yaml name: argo-cd version: 3.4.1 ... @@ -45,67 +94,54 @@ annotations: - "[Deprecated]: Something deprecated" - "[Removed]: Something was removed" - "[Fixed]: Something was fixed" - - "[Security]": Some Security Patch was included" + - "[Security]: Some Security Patch was included" ``` -## Documentation - -The documentation for each chart is done with [helm-docs](https://github.com/norwoodj/helm-docs). This way we can ensure that values are consistent with the chart documentation. +## Testing -We have a script on the repository which will execute the helm-docs docker container, so that you don't have to worry about downloading the binary etc. Simply execute the script (Bash compatible, might require sudo privileges): - -``` -bash scripts/helm-docs.sh -``` - -**NOTE**: When creating your own `README.md.gotmpl`, don't forget to add it to your `.helmignore` file. - - - -# Testing - -## Testing Argo Workflows Changes +### Testing Argo Workflows Changes Minimally: -``` +```shell helm install charts/argo-workflows -n argo argo version ``` Follow this instructions for running a hello world workflow. -## Testing Argo CD Changes +### Testing Argo CD Changes Clean-up: -``` +```shell helm delete argo-cd --purge kubectl delete crd -l app.kubernetes.io/part-of=argocd ``` Pre-requisites: -``` + +```shell helm repo add redis-ha https://dandydeveloper.github.io/charts/ helm dependency update ``` Minimally: -``` +```shell helm install argocd argo/argo-cd -n argocd --create-namespace kubectl port-forward service/argo-cd-argocd-server -n argocd 8080:443 ``` In a new terminal: -``` +```shell argocd version --server localhost:8080 --insecure # reset password to 'Password1!' kubectl -n argocd patch secret argocd-secret \ -p '{"stringData": { - "admin.password": "$2a$10$hDj12Tw9xVmvybSahN1Y0.f9DZixxN8oybyA32Uy/eqWklFU4Mo8O", - "admin.passwordMtime": "'$(date +%FT%T%Z)'" + "admin.password": "$2a$10$hDj12Tw9xVmvybSahN1Y0.f9DZixxN8oybyA32Uy/eqWklFU4Mo8O", + "admin.passwordMtime": "'$(date +%FT%T%Z)'" }}' argocd login localhost:8080 --username admin --password 'Password1!' @@ -114,38 +150,25 @@ argocd login localhost:8080 --username admin --password 'Password1!' Create and sync app: -``` +```shell argocd app create guestbook --dest-namespace default --dest-server https://kubernetes.default.svc --path guestbook --project default --repo https://github.com/argoproj/argocd-example-apps.git argocd app sync guestbook ``` -## New Application Versions - -When raising application versions ensure you make the following changes: - -- `values.yaml`: Bump all instances of the container image version -- `Chart.yaml`: Ensure `appVersion` matches the above container image and bump `version` - -Please ensure chart version changes adhere to semantic versioning standards: - -- Patch: App version patch updates, backwards compatible optional chart features -- Minor: New chart functionality (sidecars), major application updates or minor non-backwards compatible changes -- Major: Large chart rewrites, major non-backwards compatible or destructive changes - -## Testing Charts +### Testing Charts As part of the Continuous Integration system we run Helm's [Chart Testing](https://github.com/helm/chart-testing) tool. -The checks for this tool are stricter than the standard Helm requirements, where fields normally considered optional like `maintainer` are required in the standard spec and must be valid GitHub usernames. +The checks for Chart Testing are stricter than the standard Helm requirements. For example, fields normally considered optional like `maintainer` are required in the standard spec and must be valid GitHub usernames. Linting configuration can be found in [ct-lint.yaml](./.github/configs/ct-lint.yaml) The linting can be invoked manually with the following command: -``` +```shell ./scripts/lint.sh ``` ## Publishing Changes -Changes are automatically publish whenever a commit is merged to main. The CI job (see `./.github/workflows/publish.yml`). +Changes are automatically publish whenever a commit is merged to the `main` branch by the CI job (see `./.github/workflows/publish.yml`). diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index 0b495196b..df9f69edb 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -3,7 +3,7 @@ appVersion: v2.5.7 kubeVersion: ">=1.22.0-0" description: A Helm chart for Argo CD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 5.18.0 +version: 5.18.1 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png sources: @@ -23,4 +23,4 @@ dependencies: condition: redis-ha.enabled annotations: artifacthub.io/changes: | - - "[Added]: Extra secret labels with .Values.configs.secret.labels" + - "[Fixed]: README information about 5.12.0 TLS changes" diff --git a/charts/argo-cd/README.md b/charts/argo-cd/README.md index 278f1680d..ec342a3d5 100644 --- a/charts/argo-cd/README.md +++ b/charts/argo-cd/README.md @@ -111,8 +111,9 @@ This version reduces history limit for Argo CD deployment replicas to 3 to provi ### 5.12.0 -This version deprecates the `configs.secret.argocdServerTlsConfig` option. Use `server.certificate` or `server.certificateSecret` to provide custom TLS configuration for Argo CD server. -If you terminate TLS on ingress please use `argocd-server-tls` secret instead of `argocd-secret` secret. +If Argo CD is managing termination of TLS and you are using `configs.secret.argocdServerTlsConfig` option to provide custom TLS configuration for this chart, please use `server.certificate` or `server.certificateSecret` instead. +For the secrets for tls termination, please use a secret named `argocd-server-tls` instead of `argocd-secret`. +For the technical details please check the [Argo CD documentation](https://argo-cd.readthedocs.io/en/stable/operator-manual/tls/#tls-certificates-used-by-argocd-server). When transitioning from the one secret to the other pay attention to `tls.key` and `tls.crt` keys. ### 5.10.0 diff --git a/charts/argo-cd/README.md.gotmpl b/charts/argo-cd/README.md.gotmpl index a844449af..b41f82c0f 100644 --- a/charts/argo-cd/README.md.gotmpl +++ b/charts/argo-cd/README.md.gotmpl @@ -110,8 +110,9 @@ This version reduces history limit for Argo CD deployment replicas to 3 to provi ### 5.12.0 -This version deprecates the `configs.secret.argocdServerTlsConfig` option. Use `server.certificate` or `server.certificateSecret` to provide custom TLS configuration for Argo CD server. -If you terminate TLS on ingress please use `argocd-server-tls` secret instead of `argocd-secret` secret. +If Argo CD is managing termination of TLS and you are using `configs.secret.argocdServerTlsConfig` option to provide custom TLS configuration for this chart, please use `server.certificate` or `server.certificateSecret` instead. +For the secrets for tls termination, please use a secret named `argocd-server-tls` instead of `argocd-secret`. +For the technical details please check the [Argo CD documentation](https://argo-cd.readthedocs.io/en/stable/operator-manual/tls/#tls-certificates-used-by-argocd-server). When transitioning from the one secret to the other pay attention to `tls.key` and `tls.crt` keys. ### 5.10.0 diff --git a/scripts/helm-docs.sh b/scripts/helm-docs.sh index e8ade437c..5669f91c7 100755 --- a/scripts/helm-docs.sh +++ b/scripts/helm-docs.sh @@ -1,11 +1,11 @@ #!/bin/bash ## Reference: https://github.com/norwoodj/helm-docs set -eux -CHART_DIR="$(cd "$(dirname "$0")/.." && pwd)" -echo "$CHART_DIR" +REPO_ROOT="$(cd "$(dirname "$0")/.." && pwd)" +echo "$REPO_ROOT" echo "Running Helm-Docs" docker run \ - -v "$CHART_DIR:/helm-docs" \ + -v "$REPO_ROOT:/helm-docs" \ -u $(id -u) \ jnorwood/helm-docs:v1.9.1 From 4dd31571b3ce2d90bd3598ca020e70cd887c6d23 Mon Sep 17 00:00:00 2001 From: Richard Johansson Date: Fri, 20 Jan 2023 17:41:52 +0100 Subject: [PATCH 037/356] feat(argo-rollouts): Added flags to toggle provider-specific RBAC (#1777) * Toggle for provider-specific RBAC + Added missing RBAC rules Signed-off-by: Richard Johansson * Updated docs with new Helm values Signed-off-by: Richard Johansson * Added a general flag providerRBAC.enabled to toggle all of the providers Signed-off-by: Richard Johansson * Aligned with main Signed-off-by: Richard Johansson * Corrected inline comments Signed-off-by: Richard Johansson * Fixed incorrect inline comments Signed-off-by: Richard Johansson Signed-off-by: Richard Johansson --- charts/argo-rollouts/Chart.yaml | 4 ++-- charts/argo-rollouts/README.md | 8 ++++++++ .../templates/controller/clusterrole.yaml | 20 ++++++++++++++++++- .../templates/controller/role.yaml | 20 ++++++++++++++++++- charts/argo-rollouts/values.yaml | 20 +++++++++++++++++++ 5 files changed, 68 insertions(+), 4 deletions(-) diff --git a/charts/argo-rollouts/Chart.yaml b/charts/argo-rollouts/Chart.yaml index 89ff80efd..a9968a4f4 100644 --- a/charts/argo-rollouts/Chart.yaml +++ b/charts/argo-rollouts/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v2 appVersion: v1.4.0 description: A Helm chart for Argo Rollouts name: argo-rollouts -version: 2.22.0 +version: 2.22.1 home: https://github.com/argoproj/argo-helm icon: https://argoproj.github.io/argo-rollouts/assets/logo.png keywords: @@ -15,4 +15,4 @@ maintainers: url: https://argoproj.github.io/ annotations: artifacthub.io/changes: | - - "[Changed]: Upgrade ArgoRollouts to v1.4.0" + - "[Added]: Flags to toggle provider-specific RBAC rules in Role and ClusterRole" diff --git a/charts/argo-rollouts/README.md b/charts/argo-rollouts/README.md index 43f68a05e..73581f4ee 100644 --- a/charts/argo-rollouts/README.md +++ b/charts/argo-rollouts/README.md @@ -55,6 +55,14 @@ If dashboard is installed by `--set dashboard.enabled=true`, checkout the argo-r | notifications.secret.items | object | `{}` | Generic key:value pairs to be inserted into the notifications secret | | notifications.templates | object | `{}` | Notification templates | | notifications.triggers | object | `{}` | The trigger defines the condition when the notification should be sent | +| providerRBAC.enabled | bool | `true` | Toggles addition of provider-specific RBAC rules to the controller Role and ClusterRole | +| providerRBAC.providers.ambassador | bool | `true` | Adds RBAC rules for the Ambassador provider | +| providerRBAC.providers.apisix | bool | `true` | Adds RBAC rules for the Apisix provider | +| providerRBAC.providers.awsAppMesh | bool | `true` | Adds RBAC rules for the AWS App Mesh provider | +| providerRBAC.providers.awsLoadBalancerController | bool | `true` | Adds RBAC rules for the AWS Load Balancer Controller provider | +| providerRBAC.providers.istio | bool | `true` | Adds RBAC rules for the Istio provider | +| providerRBAC.providers.smi | bool | `true` | Adds RBAC rules for the SMI provider | +| providerRBAC.providers.traefik | bool | `true` | Adds RBAC rules for the Traefik provider | ### Controller diff --git a/charts/argo-rollouts/templates/controller/clusterrole.yaml b/charts/argo-rollouts/templates/controller/clusterrole.yaml index eaaadd240..964daed3d 100644 --- a/charts/argo-rollouts/templates/controller/clusterrole.yaml +++ b/charts/argo-rollouts/templates/controller/clusterrole.yaml @@ -149,6 +149,8 @@ rules: - update - patch - delete +{{- if .Values.providerRBAC.enabled }} +{{- if .Values.providerRBAC.providers.istio }} # virtualservice/destinationrule access needed for using the Istio provider - apiGroups: - networking.istio.io @@ -161,6 +163,8 @@ rules: - update - patch - list +{{- end }} +{{- if .Values.providerRBAC.providers.smi }} # trafficsplit access needed for using the SMI provider - apiGroups: - split.smi-spec.io @@ -172,6 +176,8 @@ rules: - get - update - patch +{{- end }} +{{- if .Values.providerRBAC.providers.ambassador }} # ambassador access needed for Ambassador provider - apiGroups: - getambassador.io @@ -186,7 +192,9 @@ rules: - update - list - delete -# Endpoints and TargetGroupBindings needed for ALB target group verification +{{- end }} +{{- if .Values.providerRBAC.providers.awsLoadBalancerController }} +# Endpoints and TargetGroupBindings needed for ALB target group verification when using AWS Load Balancer Controller - apiGroups: - "" resources: @@ -200,6 +208,8 @@ rules: verbs: - list - get +{{- end }} +{{- if .Values.providerRBAC.providers.awsAppMesh }} # AppMesh virtualservices/virtualrouter CRD read-only access needed for using the App Mesh provider - apiGroups: - appmesh.k8s.aws @@ -221,6 +231,9 @@ rules: - list - update - patch +{{- end }} +{{- if .Values.providerRBAC.providers.traefik }} +# Traefik access needed when using the Traefik provider - apiGroups: - traefik.containo.us resources: @@ -229,6 +242,9 @@ rules: - watch - get - update +{{- end }} +{{- if .Values.providerRBAC.providers.apisix }} +# Access needed when using the Apisix provider - apiGroups: - apisix.apache.org resources: @@ -238,3 +254,5 @@ rules: - get - update {{- end }} +{{- end }} +{{- end }} diff --git a/charts/argo-rollouts/templates/controller/role.yaml b/charts/argo-rollouts/templates/controller/role.yaml index 8c7aa9d47..72ebdbc94 100644 --- a/charts/argo-rollouts/templates/controller/role.yaml +++ b/charts/argo-rollouts/templates/controller/role.yaml @@ -149,6 +149,8 @@ rules: - update - patch - delete +{{- if .Values.providerRBAC.enabled }} +{{- if .Values.providerRBAC.providers.istio }} # virtualservice/destinationrule access needed for using the Istio provider - apiGroups: - networking.istio.io @@ -161,6 +163,8 @@ rules: - update - patch - list +{{- end }} +{{- if .Values.providerRBAC.providers.smi }} # trafficsplit access needed for using the SMI provider - apiGroups: - split.smi-spec.io @@ -172,6 +176,8 @@ rules: - get - update - patch +{{- end }} +{{- if .Values.providerRBAC.providers.ambassador }} # ambassador access needed for Ambassador provider - apiGroups: - getambassador.io @@ -186,7 +192,9 @@ rules: - update - list - delete -# Endpoints and TargetGroupBindings needed for ALB target group verification +{{- end }} +{{- if .Values.providerRBAC.providers.awsLoadBalancerController }} +# Endpoints and TargetGroupBindings needed for ALB target group verification when using AWS Load Balancer Controller - apiGroups: - "" resources: @@ -200,6 +208,8 @@ rules: verbs: - list - get +{{- end }} +{{- if .Values.providerRBAC.providers.awsAppMesh }} # AppMesh virtualservices/virtualrouter CRD read-only access needed for using the App Mesh provider - apiGroups: - appmesh.k8s.aws @@ -221,6 +231,9 @@ rules: - list - update - patch +{{- end }} +{{- if .Values.providerRBAC.providers.traefik }} +# Traefik access needed when using the Traefik provider - apiGroups: - traefik.containo.us resources: @@ -229,6 +242,9 @@ rules: - watch - get - update +{{- end }} +{{- if .Values.providerRBAC.providers.apisix }} +# Access needed when using the Apisix provider - apiGroups: - apisix.apache.org resources: @@ -238,3 +254,5 @@ rules: - get - update {{- end }} +{{- end }} +{{- end }} diff --git a/charts/argo-rollouts/values.yaml b/charts/argo-rollouts/values.yaml index 43d322c24..eb077221d 100644 --- a/charts/argo-rollouts/values.yaml +++ b/charts/argo-rollouts/values.yaml @@ -190,6 +190,26 @@ podLabels: {} imagePullSecrets: [] # - name: argo-pull-secret +providerRBAC: + # -- Toggles addition of provider-specific RBAC rules to the controller Role and ClusterRole + enabled: true + # providerRBAC.enabled must be true in order to toggle the individual providers + providers: + # -- Adds RBAC rules for the Istio provider + istio: true + # -- Adds RBAC rules for the SMI provider + smi: true + # -- Adds RBAC rules for the Ambassador provider + ambassador: true + # -- Adds RBAC rules for the AWS Load Balancer Controller provider + awsLoadBalancerController: true + # -- Adds RBAC rules for the AWS App Mesh provider + awsAppMesh: true + # -- Adds RBAC rules for the Traefik provider + traefik: true + # -- Adds RBAC rules for the Apisix provider + apisix: true + dashboard: # -- Deploy dashboard server enabled: false From 5b9f624ba21f167bb55d948f0c5042383c87678d Mon Sep 17 00:00:00 2001 From: Petr Drastil Date: Sat, 21 Jan 2023 10:24:46 +0100 Subject: [PATCH 038/356] feat(argo-cd): Consolidate certificate config for repositories (#1786) Signed-off-by: Petr Drastil --- charts/argo-cd/Chart.yaml | 6 +- charts/argo-cd/README.md | 14 ++- charts/argo-cd/README.md.gotmpl | 5 + charts/argo-cd/templates/NOTES.txt | 12 +++ .../argocd-ssh-known-hosts-cm.yaml | 15 ++- .../argocd-configs/argocd-tls-certs-cm.yaml | 15 ++- charts/argo-cd/values.yaml | 102 ++++++++---------- 7 files changed, 98 insertions(+), 71 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index df9f69edb..daad23a9c 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -3,7 +3,7 @@ appVersion: v2.5.7 kubeVersion: ">=1.22.0-0" description: A Helm chart for Argo CD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 5.18.1 +version: 5.19.0 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png sources: @@ -23,4 +23,6 @@ dependencies: condition: redis-ha.enabled annotations: artifacthub.io/changes: | - - "[Fixed]: README information about 5.12.0 TLS changes" + - "[Added]: Option configs.ssh.extraHosts that allows to keep original SSH known list" + - "[Changed]: Option configs.knownHosts deprecated as moved to configs.ssh" + - "[Changed]: Option configs.tlsCerts deprecated as moved to configs.tls" diff --git a/charts/argo-cd/README.md b/charts/argo-cd/README.md index ec342a3d5..37a2dc19b 100644 --- a/charts/argo-cd/README.md +++ b/charts/argo-cd/README.md @@ -105,6 +105,11 @@ For full list of changes please check ArtifactHub [changelog]. Highlighted versions provide information about additional steps that should be performed by user when upgrading to newer version. +### 5.19.0 + +This version consolidates config for custom repository TLS certificates and SSH known hosts. If you provide this values please move them into new `configs.ssh` and `configs.tls` sections. +You can also use new option `configs.ssh.extraHosts` to configure your SSH keys without maintaing / overwritting keys for public Git repositories. + ### 5.13.0 This version reduces history limit for Argo CD deployment replicas to 3 to provide more visibility for Argo CD deployments that manage itself. If you need more deployment revisions for rollbacks set `global.revisionHistoryLimit` parameter. @@ -410,8 +415,6 @@ NAME: my-release | configs.credentialTemplatesAnnotations | object | `{}` | Annotations to be added to `configs.credentialTemplates` Secret | | configs.gpg.annotations | object | `{}` | Annotations to be added to argocd-gpg-keys-cm configmap | | configs.gpg.keys | object | `{}` (See [values.yaml]) | [GnuPG] public keys to add to the keyring | -| configs.knownHosts.data.ssh_known_hosts | string | See [values.yaml] | Known Hosts | -| configs.knownHostsAnnotations | object | `{}` | Known Hosts configmap annotations | | configs.params."controller.operation.processors" | int | `10` | Number of application operation processors | | configs.params."controller.repo.server.timeout.seconds" | int | `60` | Repo server RPC call timeout seconds. | | configs.params."controller.self.heal.timeout.seconds" | int | `5` | Specifies timeout between application self heal attempts | @@ -444,9 +447,12 @@ NAME: my-release | configs.secret.gitlabSecret | string | `""` | Shared secret for authenticating GitLab webhook events | | configs.secret.gogsSecret | string | `""` | Shared secret for authenticating Gogs webhook events | | configs.secret.labels | object | `{}` | Labels to be added to argocd-secret | +| configs.ssh.annotations | object | `{}` | Annotations to be added to argocd-ssh-known-hosts-cm configmap | +| configs.ssh.extraHosts | string | `""` | Additional known hosts for private repositories | +| configs.ssh.knownHosts | string | See [values.yaml] | Known hosts to be added to the known host list by default. | | configs.styles | string | `""` (See [values.yaml]) | Define custom [CSS styles] for your argo instance. This setting will automatically mount the provided CSS and reference it in the argo configuration. | -| configs.tlsCerts | object | See [values.yaml] | TLS certificate | -| configs.tlsCertsAnnotations | object | `{}` | TLS certificate configmap annotations | +| configs.tls.annotations | object | `{}` | Annotations to be added to argocd-tls-certs-cm configmap | +| configs.tls.certificates | object | `{}` (See [values.yaml]) | TLS certificates for Git repositories | ## Argo CD Controller diff --git a/charts/argo-cd/README.md.gotmpl b/charts/argo-cd/README.md.gotmpl index b41f82c0f..fde0c0c88 100644 --- a/charts/argo-cd/README.md.gotmpl +++ b/charts/argo-cd/README.md.gotmpl @@ -104,6 +104,11 @@ For full list of changes please check ArtifactHub [changelog]. Highlighted versions provide information about additional steps that should be performed by user when upgrading to newer version. +### 5.19.0 + +This version consolidates config for custom repository TLS certificates and SSH known hosts. If you provide this values please move them into new `configs.ssh` and `configs.tls` sections. +You can also use new option `configs.ssh.extraHosts` to configure your SSH keys without maintaing / overwritting keys for public Git repositories. + ### 5.13.0 This version reduces history limit for Argo CD deployment replicas to 3 to provide more visibility for Argo CD deployments that manage itself. If you need more deployment revisions for rollbacks set `global.revisionHistoryLimit` parameter. diff --git a/charts/argo-cd/templates/NOTES.txt b/charts/argo-cd/templates/NOTES.txt index 30138ee4e..c5c5e7c54 100644 --- a/charts/argo-cd/templates/NOTES.txt +++ b/charts/argo-cd/templates/NOTES.txt @@ -64,6 +64,18 @@ DEPRECATED option .server.clusterAdminAccess.enabled - Use createClusterRoles {{- if hasKey (.Values.repoServer.clusterAdminAccess | default dict) "enabled" }} DEPRECATED option .server.clusterAdminAccess.enabled - Use createClusterRoles {{- end }} +{{- if .Values.configs.knownHostsAnnotations }} +DEPRECATED option configs.knownHostsAnnotations - Use configs.ssh.annotations +{{- end }} +{{- if hasKey .Values.configs "knownHosts" }} +DEPRECATED option configs.knownHosts.data.ssh_known_hosts - Use configs.ssh.knownHosts +{{- end }} +{{- if .Values.configs.tlsCertsAnnotations }} +DEPRECATED option configs.tlsCertsAnnotations - Use configs.tls.annotations +{{- end }} +{{- if hasKey .Values.configs "tlsCerts" }} +DEPRECATED option configs.tlsCerts.data - Use configs.tls.certificates +{{- end }} {{- if .Values.controller.service }} REMOVED option controller.service - Use controller.metrics {{- end }} diff --git a/charts/argo-cd/templates/argocd-configs/argocd-ssh-known-hosts-cm.yaml b/charts/argo-cd/templates/argocd-configs/argocd-ssh-known-hosts-cm.yaml index 844f492da..03c306d41 100644 --- a/charts/argo-cd/templates/argocd-configs/argocd-ssh-known-hosts-cm.yaml +++ b/charts/argo-cd/templates/argocd-configs/argocd-ssh-known-hosts-cm.yaml @@ -3,11 +3,20 @@ kind: ConfigMap metadata: name: argocd-ssh-known-hosts-cm labels: - {{- include "argo-cd.labels" (dict "context" . "component" .Values.server.name "name" "ssh-known-hosts-cm") | nindent 4 }} - {{- with .Values.configs.knownHostsAnnotations }} + {{- include "argo-cd.labels" (dict "context" . "name" "ssh-known-hosts-cm") | nindent 4 }} + {{- with (mergeOverwrite (deepCopy .Values.configs.ssh.annotations) (.Values.configs.knownHostsAnnotations | default dict)) -}} annotations: {{- range $key, $value := . }} {{ $key }}: {{ $value | quote }} {{- end }} {{- end }} -{{- toYaml .Values.configs.knownHosts | nindent 0 }} +data: + ssh_known_hosts: | + {{- if hasKey .Values.configs "knownHosts" }} + {{- .Values.configs.knownHosts.data.ssh_known_hosts | nindent 4 }} + {{- else }} + {{- .Values.configs.ssh.knownHosts | nindent 4 }} + {{- end }} + {{- with .Values.configs.ssh.extraHosts }} + {{- . | nindent 4 }} + {{- end }} diff --git a/charts/argo-cd/templates/argocd-configs/argocd-tls-certs-cm.yaml b/charts/argo-cd/templates/argocd-configs/argocd-tls-certs-cm.yaml index 74b211813..8e5c7c884 100644 --- a/charts/argo-cd/templates/argocd-configs/argocd-tls-certs-cm.yaml +++ b/charts/argo-cd/templates/argocd-configs/argocd-tls-certs-cm.yaml @@ -3,13 +3,20 @@ kind: ConfigMap metadata: name: argocd-tls-certs-cm labels: - {{- include "argo-cd.labels" (dict "context" . "component" .Values.server.name "name" "tls-certs-cm") | nindent 4 }} - {{- with .Values.configs.tlsCertsAnnotations }} + {{- include "argo-cd.labels" (dict "context" . "name" "tls-certs-cm") | nindent 4 }} + {{- with (mergeOverwrite (deepCopy .Values.configs.ssh.annotations) (.Values.configs.tlsCertsAnnotations | default dict)) -}} annotations: {{- range $key, $value := . }} {{ $key }}: {{ $value | quote }} {{- end }} {{- end }} -{{- with .Values.configs.tlsCerts }} -{{- toYaml . | nindent 0 }} +{{- if hasKey .Values.configs "tlsCerts" }} + {{- with .Values.configs.tlsCerts }} + {{- toYaml . | nindent 0 }} + {{- end }} +{{- else }} +{{- with .Values.configs.tls.certificates }} +data: + {{- toYaml . | nindent 2 }} +{{- end }} {{- end }} diff --git a/charts/argo-cd/values.yaml b/charts/argo-cd/values.yaml index 98b62c1ea..5e73d2187 100755 --- a/charts/argo-cd/values.yaml +++ b/charts/argo-cd/values.yaml @@ -254,6 +254,41 @@ configs: # ... # -----END PGP PUBLIC KEY BLOCK----- + # SSH known hosts for Git repositories + ## Ref: https://argo-cd.readthedocs.io/en/stable/operator-manual/declarative-setup/#ssh-known-host-public-keys + ssh: + # -- Annotations to be added to argocd-ssh-known-hosts-cm configmap + annotations: {} + + # -- Known hosts to be added to the known host list by default. + # @default -- See [values.yaml] + knownHosts: | + bitbucket.org ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAQEAubiN81eDcafrgMeLzaFPsw2kNvEcqTKl/VqLat/MaB33pZy0y3rJZtnqwR2qOOvbwKZYKiEO1O6VqNEBxKvJJelCq0dTXWT5pbO2gDXC6h6QDXCaHo6pOHGPUy+YBaGQRGuSusMEASYiWunYN0vCAI8QaXnWMXNMdFP3jHAJH0eDsoiGnLPBlBp4TNm6rYI74nMzgz3B9IikW4WVK+dc8KZJZWYjAuORU3jc1c/NPskD2ASinf8v3xnfXeukU0sJ5N6m5E8VLjObPEO+mN2t/FZTMZLiFqPWc/ALSqnMnnhwrNi2rbfg/rd/IpL8Le3pSBne8+seeFVBoGqzHM9yXw== + github.com ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBEmKSENjQEezOmxkZMy7opKgwFB9nkt5YRrYMjNuG5N87uRgg6CLrbo5wAdT/y6v0mKV0U2w0WZ2YB/++Tpockg= + github.com ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIOMqqnkVzrm0SdG6UOoqKLsabgH5C9okWi0dh2l9GKJl + github.com ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAQEAq2A7hRGmdnm9tUDbO9IDSwBK6TbQa+PXYPCPy6rbTrTtw7PHkccKrpp0yVhp5HdEIcKr6pLlVDBfOLX9QUsyCOV0wzfjIJNlGEYsdlLJizHhbn2mUjvSAHQqZETYP81eFzLQNnPHt4EVVUh7VfDESU84KezmD5QlWpXLmvU31/yMf+Se8xhHTvKSCZIFImWwoG6mbUoWf9nzpIoaSjB+weqqUUmpaaasXVal72J+UX2B+2RPW3RcT0eOzQgqlJL3RKrTJvdsjE3JEAvGq3lGHSZXy28G3skua2SmVi/w4yCE6gbODqnTWlg7+wC604ydGXA8VJiS5ap43JXiUFFAaQ== + gitlab.com ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBFSMqzJeV9rUzU4kWitGjeR4PWSa29SPqJ1fVkhtj3Hw9xjLVXVYrU9QlYWrOLXBpQ6KWjbjTDTdDkoohFzgbEY= + gitlab.com ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIAfuCHKVTjquxvt6CM6tdG4SLp1Btn/nOeHHE5UOzRdf + gitlab.com ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCsj2bNKTBSpIYDEGk9KxsGh3mySTRgMtXL583qmBpzeQ+jqCMRgBqB98u3z++J1sKlXHWfM9dyhSevkMwSbhoR8XIq/U0tCNyokEi/ueaBMCvbcTHhO7FcwzY92WK4Yt0aGROY5qX2UKSeOvuP4D6TPqKF1onrSzH9bx9XUf2lEdWT/ia1NEKjunUqu1xOB/StKDHMoX4/OKyIzuS0q/T1zOATthvasJFoPrAjkohTyaDUz2LN5JoH839hViyEG82yB+MjcFV5MU3N1l1QL3cVUCh93xSaua1N85qivl+siMkPGbO5xR/En4iEY6K2XPASUEMaieWVNTRCtJ4S8H+9 + ssh.dev.azure.com ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQC7Hr1oTWqNqOlzGJOfGJ4NakVyIzf1rXYd4d7wo6jBlkLvCA4odBlL0mDUyZ0/QUfTTqeu+tm22gOsv+VrVTMk6vwRU75gY/y9ut5Mb3bR5BV58dKXyq9A9UeB5Cakehn5Zgm6x1mKoVyf+FFn26iYqXJRgzIZZcZ5V6hrE0Qg39kZm4az48o0AUbf6Sp4SLdvnuMa2sVNwHBboS7EJkm57XQPVU3/QpyNLHbWDdzwtrlS+ez30S3AdYhLKEOxAG8weOnyrtLJAUen9mTkol8oII1edf7mWWbWVf0nBmly21+nZcmCTISQBtdcyPaEno7fFQMDD26/s0lfKob4Kw8H + vs-ssh.visualstudio.com ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQC7Hr1oTWqNqOlzGJOfGJ4NakVyIzf1rXYd4d7wo6jBlkLvCA4odBlL0mDUyZ0/QUfTTqeu+tm22gOsv+VrVTMk6vwRU75gY/y9ut5Mb3bR5BV58dKXyq9A9UeB5Cakehn5Zgm6x1mKoVyf+FFn26iYqXJRgzIZZcZ5V6hrE0Qg39kZm4az48o0AUbf6Sp4SLdvnuMa2sVNwHBboS7EJkm57XQPVU3/QpyNLHbWDdzwtrlS+ez30S3AdYhLKEOxAG8weOnyrtLJAUen9mTkol8oII1edf7mWWbWVf0nBmly21+nZcmCTISQBtdcyPaEno7fFQMDD26/s0lfKob4Kw8H + + # -- Additional known hosts for private repositories + extraHosts: '' + + # Repository TLS certificates + # Ref: https://argo-cd.readthedocs.io/en/stable/operator-manual/declarative-setup/#repositories-using-self-signed-tls-certificates-or-are-signed-by-custom-ca + tls: + # -- Annotations to be added to argocd-tls-certs-cm configmap + annotations: {} + + # -- TLS certificates for Git repositories + # @default -- `{}` (See [values.yaml]) + certificates: {} + # server.example.com: | + # -----BEGIN CERTIFICATE----- + # ... + # -----END CERTIFICATE----- # -- Provide one or multiple [external cluster credentials] # @default -- `[]` (See [values.yaml]) @@ -282,64 +317,15 @@ configs: # insecure: false # caData: "" - # -- Known Hosts configmap annotations - knownHostsAnnotations: {} - knownHosts: - data: - # -- Known Hosts - # @default -- See [values.yaml] - ssh_known_hosts: | - bitbucket.org ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAQEAubiN81eDcafrgMeLzaFPsw2kNvEcqTKl/VqLat/MaB33pZy0y3rJZtnqwR2qOOvbwKZYKiEO1O6VqNEBxKvJJelCq0dTXWT5pbO2gDXC6h6QDXCaHo6pOHGPUy+YBaGQRGuSusMEASYiWunYN0vCAI8QaXnWMXNMdFP3jHAJH0eDsoiGnLPBlBp4TNm6rYI74nMzgz3B9IikW4WVK+dc8KZJZWYjAuORU3jc1c/NPskD2ASinf8v3xnfXeukU0sJ5N6m5E8VLjObPEO+mN2t/FZTMZLiFqPWc/ALSqnMnnhwrNi2rbfg/rd/IpL8Le3pSBne8+seeFVBoGqzHM9yXw== - github.com ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBEmKSENjQEezOmxkZMy7opKgwFB9nkt5YRrYMjNuG5N87uRgg6CLrbo5wAdT/y6v0mKV0U2w0WZ2YB/++Tpockg= - github.com ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIOMqqnkVzrm0SdG6UOoqKLsabgH5C9okWi0dh2l9GKJl - github.com ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAQEAq2A7hRGmdnm9tUDbO9IDSwBK6TbQa+PXYPCPy6rbTrTtw7PHkccKrpp0yVhp5HdEIcKr6pLlVDBfOLX9QUsyCOV0wzfjIJNlGEYsdlLJizHhbn2mUjvSAHQqZETYP81eFzLQNnPHt4EVVUh7VfDESU84KezmD5QlWpXLmvU31/yMf+Se8xhHTvKSCZIFImWwoG6mbUoWf9nzpIoaSjB+weqqUUmpaaasXVal72J+UX2B+2RPW3RcT0eOzQgqlJL3RKrTJvdsjE3JEAvGq3lGHSZXy28G3skua2SmVi/w4yCE6gbODqnTWlg7+wC604ydGXA8VJiS5ap43JXiUFFAaQ== - gitlab.com ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBFSMqzJeV9rUzU4kWitGjeR4PWSa29SPqJ1fVkhtj3Hw9xjLVXVYrU9QlYWrOLXBpQ6KWjbjTDTdDkoohFzgbEY= - gitlab.com ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIAfuCHKVTjquxvt6CM6tdG4SLp1Btn/nOeHHE5UOzRdf - gitlab.com ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCsj2bNKTBSpIYDEGk9KxsGh3mySTRgMtXL583qmBpzeQ+jqCMRgBqB98u3z++J1sKlXHWfM9dyhSevkMwSbhoR8XIq/U0tCNyokEi/ueaBMCvbcTHhO7FcwzY92WK4Yt0aGROY5qX2UKSeOvuP4D6TPqKF1onrSzH9bx9XUf2lEdWT/ia1NEKjunUqu1xOB/StKDHMoX4/OKyIzuS0q/T1zOATthvasJFoPrAjkohTyaDUz2LN5JoH839hViyEG82yB+MjcFV5MU3N1l1QL3cVUCh93xSaua1N85qivl+siMkPGbO5xR/En4iEY6K2XPASUEMaieWVNTRCtJ4S8H+9 - ssh.dev.azure.com ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQC7Hr1oTWqNqOlzGJOfGJ4NakVyIzf1rXYd4d7wo6jBlkLvCA4odBlL0mDUyZ0/QUfTTqeu+tm22gOsv+VrVTMk6vwRU75gY/y9ut5Mb3bR5BV58dKXyq9A9UeB5Cakehn5Zgm6x1mKoVyf+FFn26iYqXJRgzIZZcZ5V6hrE0Qg39kZm4az48o0AUbf6Sp4SLdvnuMa2sVNwHBboS7EJkm57XQPVU3/QpyNLHbWDdzwtrlS+ez30S3AdYhLKEOxAG8weOnyrtLJAUen9mTkol8oII1edf7mWWbWVf0nBmly21+nZcmCTISQBtdcyPaEno7fFQMDD26/s0lfKob4Kw8H - vs-ssh.visualstudio.com ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQC7Hr1oTWqNqOlzGJOfGJ4NakVyIzf1rXYd4d7wo6jBlkLvCA4odBlL0mDUyZ0/QUfTTqeu+tm22gOsv+VrVTMk6vwRU75gY/y9ut5Mb3bR5BV58dKXyq9A9UeB5Cakehn5Zgm6x1mKoVyf+FFn26iYqXJRgzIZZcZ5V6hrE0Qg39kZm4az48o0AUbf6Sp4SLdvnuMa2sVNwHBboS7EJkm57XQPVU3/QpyNLHbWDdzwtrlS+ez30S3AdYhLKEOxAG8weOnyrtLJAUen9mTkol8oII1edf7mWWbWVf0nBmly21+nZcmCTISQBtdcyPaEno7fFQMDD26/s0lfKob4Kw8H - # -- TLS certificate configmap annotations - tlsCertsAnnotations: {} - # -- TLS certificate - # @default -- See [values.yaml] - tlsCerts: - {} - # data: - # argocd.example.com: | - # -----BEGIN CERTIFICATE----- - # MIIF1zCCA7+gAwIBAgIUQdTcSHY2Sxd3Tq/v1eIEZPCNbOowDQYJKoZIhvcNAQEL - # BQAwezELMAkGA1UEBhMCREUxFTATBgNVBAgMDExvd2VyIFNheG9ueTEQMA4GA1UE - # BwwHSGFub3ZlcjEVMBMGA1UECgwMVGVzdGluZyBDb3JwMRIwEAYDVQQLDAlUZXN0 - # c3VpdGUxGDAWBgNVBAMMD2Jhci5leGFtcGxlLmNvbTAeFw0xOTA3MDgxMzU2MTda - # Fw0yMDA3MDcxMzU2MTdaMHsxCzAJBgNVBAYTAkRFMRUwEwYDVQQIDAxMb3dlciBT - # YXhvbnkxEDAOBgNVBAcMB0hhbm92ZXIxFTATBgNVBAoMDFRlc3RpbmcgQ29ycDES - # MBAGA1UECwwJVGVzdHN1aXRlMRgwFgYDVQQDDA9iYXIuZXhhbXBsZS5jb20wggIi - # MA0GCSqGSIb3DQEBAQUAA4ICDwAwggIKAoICAQCv4mHMdVUcafmaSHVpUM0zZWp5 - # NFXfboxA4inuOkE8kZlbGSe7wiG9WqLirdr39Ts+WSAFA6oANvbzlu3JrEQ2CHPc - # CNQm6diPREFwcDPFCe/eMawbwkQAPVSHPts0UoRxnpZox5pn69ghncBR+jtvx+/u - # P6HdwW0qqTvfJnfAF1hBJ4oIk2AXiip5kkIznsAh9W6WRy6nTVCeetmIepDOGe0G - # ZJIRn/OfSz7NzKylfDCat2z3EAutyeT/5oXZoWOmGg/8T7pn/pR588GoYYKRQnp+ - # YilqCPFX+az09EqqK/iHXnkdZ/Z2fCuU+9M/Zhrnlwlygl3RuVBI6xhm/ZsXtL2E - # Gxa61lNy6pyx5+hSxHEFEJshXLtioRd702VdLKxEOuYSXKeJDs1x9o6cJ75S6hko - # Ml1L4zCU+xEsMcvb1iQ2n7PZdacqhkFRUVVVmJ56th8aYyX7KNX6M9CD+kMpNm6J - # kKC1li/Iy+RI138bAvaFplajMF551kt44dSvIoJIbTr1LigudzWPqk31QaZXV/4u - # kD1n4p/XMc9HYU/was/CmQBFqmIZedTLTtK7clkuFN6wbwzdo1wmUNgnySQuMacO - # gxhHxxzRWxd24uLyk9Px+9U3BfVPaRLiOPaPoC58lyVOykjSgfpgbus7JS69fCq7 - # bEH4Jatp/10zkco+UQIDAQABo1MwUTAdBgNVHQ4EFgQUjXH6PHi92y4C4hQpey86 - # r6+x1ewwHwYDVR0jBBgwFoAUjXH6PHi92y4C4hQpey86r6+x1ewwDwYDVR0TAQH/ - # BAUwAwEB/zANBgkqhkiG9w0BAQsFAAOCAgEAFE4SdKsX9UsLy+Z0xuHSxhTd0jfn - # Iih5mtzb8CDNO5oTw4z0aMeAvpsUvjJ/XjgxnkiRACXh7K9hsG2r+ageRWGevyvx - # CaRXFbherV1kTnZw4Y9/pgZTYVWs9jlqFOppz5sStkfjsDQ5lmPJGDii/StENAz2 - # XmtiPOgfG9Upb0GAJBCuKnrU9bIcT4L20gd2F4Y14ccyjlf8UiUi192IX6yM9OjT - # +TuXwZgqnTOq6piVgr+FTSa24qSvaXb5z/mJDLlk23npecTouLg83TNSn3R6fYQr - # d/Y9eXuUJ8U7/qTh2Ulz071AO9KzPOmleYPTx4Xty4xAtWi1QE5NHW9/Ajlv5OtO - # OnMNWIs7ssDJBsB7VFC8hcwf79jz7kC0xmQqDfw51Xhhk04kla+v+HZcFW2AO9so - # 6ZdVHHQnIbJa7yQJKZ+hK49IOoBR6JgdB5kymoplLLiuqZSYTcwSBZ72FYTm3iAr - # jzvt1hxpxVDmXvRnkhRrIRhK4QgJL0jRmirBjDY+PYYd7bdRIjN7WNZLFsgplnS8 - # 9w6CwG32pRlm0c8kkiQ7FXA6BYCqOsDI8f1VGQv331OpR2Ck+FTv+L7DAmg6l37W - # +LB9LGh4OAp68ImTjqf6ioGKG0RBSznwME+r4nXtT1S/qLR6ASWUS4ViWRhbRlNK - # XWyb96wrUlv+E8I= - # -----END CERTIFICATE----- + # DEPRECATED - Moved to configs.ssh.annotations + # knownHostsAnnotations: {} + # DEPRECATED - Moved to configs.ssh.knownHosts + # knownHosts: {} + + # DEPRECATED - Moved to configs.tls.annotations + # tlsCertsAnnotations: {} + # DEPRECATED - Moved to configs.tls.certificates + # tlsCerts: {} # -- Repository credentials to be used as Templates for other repos ## Creates a secret for each key/value specified below to create repository credentials From e91bc78a4a337ab014adb19611dfb8f2b5ce707f Mon Sep 17 00:00:00 2001 From: Pedro Date: Sat, 21 Jan 2023 05:37:52 -0600 Subject: [PATCH 039/356] feat(argocd-image-updater): prevent generation of label value of invalid length (#1691) * feat(argocd-image-updater): prevent label from being greater than 63 characters. Signed-off-by: Pedro Salgado * fix: Add missing double quote in changelog Signed-off-by: Marco Kilchhofer Signed-off-by: Pedro Salgado Signed-off-by: Marco Kilchhofer Co-authored-by: Marco Kilchhofer Co-authored-by: Jason Meridth --- charts/argocd-image-updater/Chart.yaml | 4 ++-- charts/argocd-image-updater/templates/_helpers.tpl | 2 +- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/charts/argocd-image-updater/Chart.yaml b/charts/argocd-image-updater/Chart.yaml index 049ed8cea..5147ea828 100644 --- a/charts/argocd-image-updater/Chart.yaml +++ b/charts/argocd-image-updater/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v2 name: argocd-image-updater description: A Helm chart for Argo CD Image Updater, a tool to automatically update the container images of Kubernetes workloads which are managed by Argo CD type: application -version: 0.8.1 +version: 0.8.2 appVersion: v0.12.0 home: https://github.com/argoproj-labs/argocd-image-updater icon: https://argocd-image-updater.readthedocs.io/en/stable/assets/logo.png @@ -15,4 +15,4 @@ maintainers: url: https://argoproj.github.io/ annotations: artifacthub.io/changes: | - - "[Added]: Add support for additional initContainers and additional volume/volumeMounts" + - "[Changed]: avoid app.kubernetes.io/version kubernetes label from exceeding maximum length (63)" diff --git a/charts/argocd-image-updater/templates/_helpers.tpl b/charts/argocd-image-updater/templates/_helpers.tpl index 5c0be1da6..934d894c0 100644 --- a/charts/argocd-image-updater/templates/_helpers.tpl +++ b/charts/argocd-image-updater/templates/_helpers.tpl @@ -38,7 +38,7 @@ Common labels helm.sh/chart: {{ include "argocd-image-updater.chart" . }} {{ include "argocd-image-updater.selectorLabels" . }} {{- if .Chart.AppVersion }} -app.kubernetes.io/version: {{ .Chart.AppVersion | quote }} +app.kubernetes.io/version: {{ .Chart.AppVersion | trunc 63 | quote }} {{- end }} app.kubernetes.io/managed-by: {{ .Release.Service }} {{- end }} From 58f587618fbabe601d0f433d8a2d935069fbffdf Mon Sep 17 00:00:00 2001 From: Petr Drastil Date: Sat, 21 Jan 2023 13:07:14 +0100 Subject: [PATCH 040/356] fix(argo-cd): Consolidate and fix container ports (#1788) Signed-off-by: Petr Drastil --- charts/argo-cd/Chart.yaml | 7 +- charts/argo-cd/README.md | 25 ++-- charts/argo-cd/templates/NOTES.txt | 21 +++ .../statefulset.yaml | 15 ++- .../argocd-applicationset/deployment.yaml | 11 +- .../argocd-notifications/deployment.yaml | 4 +- .../argocd-repo-server/deployment.yaml | 6 +- .../templates/argocd-server/aws/service.yaml | 4 +- .../templates/argocd-server/deployment.yaml | 12 +- .../templates/argocd-server/service.yaml | 6 +- charts/argo-cd/templates/dex/deployment.yaml | 6 +- .../argo-cd/templates/redis/deployment.yaml | 8 +- charts/argo-cd/values.yaml | 124 +++++++++++------- 13 files changed, 152 insertions(+), 97 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index daad23a9c..e75156e7c 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -3,7 +3,7 @@ appVersion: v2.5.7 kubeVersion: ">=1.22.0-0" description: A Helm chart for Argo CD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 5.19.0 +version: 5.19.1 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png sources: @@ -23,6 +23,5 @@ dependencies: condition: redis-ha.enabled annotations: artifacthub.io/changes: | - - "[Added]: Option configs.ssh.extraHosts that allows to keep original SSH known list" - - "[Changed]: Option configs.knownHosts deprecated as moved to configs.ssh" - - "[Changed]: Option configs.tlsCerts deprecated as moved to configs.tls" + - "[Fixed]: Container port configuration now properly sets the listening port" + - "[Changed]: Container ports consolidated from various places to new containerPorts sections" diff --git a/charts/argo-cd/README.md b/charts/argo-cd/README.md index 37a2dc19b..ca54a9bce 100644 --- a/charts/argo-cd/README.md +++ b/charts/argo-cd/README.md @@ -462,7 +462,7 @@ NAME: my-release | controller.args | object | `{}` | DEPRECATED - Application controller commandline flags | | controller.clusterRoleRules.enabled | bool | `false` | Enable custom rules for the application controller's ClusterRole resource | | controller.clusterRoleRules.rules | list | `[]` | List of custom rules for the application controller's ClusterRole resource | -| controller.containerPort | int | `8082` | Application controller listening port | +| controller.containerPorts.metrics | int | `8082` | Metrics container port | | controller.containerSecurityContext | object | See [values.yaml] | Application controller container-level security context | | controller.env | list | `[]` | Environment variables to pass to application controller | | controller.envFrom | list | `[]` (See [values.yaml]) | envFrom to pass to application controller | @@ -539,7 +539,8 @@ NAME: my-release | repoServer.certificateSecret.labels | object | `{}` | Labels to be added to argocd-repo-server-tls secret | | repoServer.clusterRoleRules.enabled | bool | `false` | Enable custom rules for the Repo server's Cluster Role resource | | repoServer.clusterRoleRules.rules | list | `[]` | List of custom rules for the Repo server's Cluster Role resource | -| repoServer.containerPort | int | `8081` | Configures the repo server port | +| repoServer.containerPorts.metrics | int | `8084` | Metrics container port | +| repoServer.containerPorts.server | int | `8081` | Repo server container port | | repoServer.containerSecurityContext | object | See [values.yaml] | Repo server container-level security context | | repoServer.deploymentAnnotations | object | `{}` | Annotations to be added to repo server Deployment | | repoServer.env | list | `[]` | Environment variables to pass to repo server | @@ -638,7 +639,8 @@ NAME: my-release | server.certificateSecret.enabled | bool | `false` | Create argocd-server-tls secret | | server.certificateSecret.key | string | `""` | Private Key of the certificate | | server.certificateSecret.labels | object | `{}` | Labels to be added to argocd-server-tls secret | -| server.containerPort | int | `8080` | Configures the server port | +| server.containerPorts.metrics | int | `8082` | Metrics container port | +| server.containerPorts.server | int | `8080` | Server container port | | server.containerSecurityContext | object | See [values.yaml] | Server container-level security context | | server.deploymentAnnotations | object | `{}` | Annotations to be added to server Deployment | | server.env | list | `[]` | Environment variables to pass to Argo CD server | @@ -728,7 +730,6 @@ NAME: my-release | server.service.labels | object | `{}` | Server service labels | | server.service.loadBalancerIP | string | `""` | LoadBalancer will get created with the IP specified in this field | | server.service.loadBalancerSourceRanges | list | `[]` | Source IP ranges to allow access to service from | -| server.service.namedTargetPort | bool | `true` | Use named target port for argocd | | server.service.nodePortHttp | int | `30080` | Server service http port for NodePort service type (only if `server.service.type` is set to "NodePort") | | server.service.nodePortHttps | int | `30443` | Server service https port for NodePort service type (only if `server.service.type` is set to "NodePort") | | server.service.servicePortHttp | int | `80` | Server service http port | @@ -780,9 +781,9 @@ server: | dex.certificateSecret.enabled | bool | `false` | Create argocd-dex-server-tls secret | | dex.certificateSecret.key | string | `""` | Certificate private key | | dex.certificateSecret.labels | object | `{}` | Labels to be added to argocd-dex-server-tls secret | -| dex.containerPortGrpc | int | `5557` | Container port for gRPC access | -| dex.containerPortHttp | int | `5556` | Container port for HTTP access | -| dex.containerPortMetrics | int | `5558` | Container port for metrics access | +| dex.containerPorts.grpc | int | `5557` | gRPC container port | +| dex.containerPorts.http | int | `5556` | HTTP container port | +| dex.containerPorts.metrics | int | `5558` | Metrics container port | | dex.containerSecurityContext | object | See [values.yaml] | Dex container-level security context | | dex.deploymentAnnotations | object | `{}` | Annotations to be added to the Dex server Deployment | | dex.enabled | bool | `true` | Enable dex | @@ -856,7 +857,8 @@ server: | Key | Type | Default | Description | |-----|------|---------|-------------| | redis.affinity | object | `{}` | Assign custom [affinity] rules to the deployment | -| redis.containerPort | int | `6379` | Redis container port | +| redis.containerPorts.metrics | int | `9121` | Metrics container port | +| redis.containerPorts.redis | int | `6379` | Redis container port | | redis.containerSecurityContext | object | See [values.yaml] | Redis container-level security context | | redis.deploymentAnnotations | object | `{}` | Annotations to be added to the Redis server Deployment | | redis.enabled | bool | `true` | Enable redis | @@ -869,7 +871,6 @@ server: | redis.image.tag | string | `"7.0.5-alpine"` | Redis tag | | redis.imagePullSecrets | list | `[]` (defaults to global.imagePullSecrets) | Secrets with credentials to pull images from a private registry | | redis.initContainers | list | `[]` | Init containers to add to the redis pod | -| redis.metrics.containerPort | int | `9121` | Port to use for redis-exporter sidecar | | redis.metrics.containerSecurityContext | object | See [values.yaml] | Redis exporter security context | | redis.metrics.enabled | bool | `false` | Deploy metrics service and redis-exporter sidecar | | redis.metrics.image.imagePullPolicy | string | `"IfNotPresent"` | redis-exporter image PullPolicy | @@ -962,9 +963,10 @@ If you want to use an existing Redis (eg. a managed service from a cloud provide |-----|------|---------|-------------| | applicationSet.affinity | object | `{}` | Assign custom [affinity] rules | | applicationSet.args.dryRun | bool | `false` | Enable dry run mode | -| applicationSet.args.metricsAddr | string | `":8080"` | The default metric address | | applicationSet.args.policy | string | `"sync"` | How application is synced between the generator and the cluster | -| applicationSet.args.probeBindAddr | string | `":8081"` | The default health check port | +| applicationSet.containerPorts.metrics | int | `8080` | Metrics container port | +| applicationSet.containerPorts.probe | int | `8081` | Probe container port | +| applicationSet.containerPorts.webhook | int | `7000` | Webhook container port | | applicationSet.containerSecurityContext | object | See [values.yaml] | ApplicationSet controller container-level security context | | applicationSet.deploymentAnnotations | object | `{}` | Annotations to be added to ApplicationSet controller Deployment | | applicationSet.enabled | bool | `true` | Enable ApplicationSet controller | @@ -1067,6 +1069,7 @@ If you want to use an existing Redis (eg. a managed service from a cloud provide | notifications.bots.slack.serviceAccount.name | string | `"argocd-notifications-bot"` | The name of the service account to use. | | notifications.bots.slack.tolerations | list | `[]` | [Tolerations] for use with node taints | | notifications.cm.create | bool | `true` | Whether helm chart creates notifications controller config map | +| notifications.containerPorts.metrics | int | `9001` | Metrics container port | | notifications.containerSecurityContext | object | See [values.yaml] | Notification controller container-level security Context | | notifications.context | object | `{}` | Define user-defined context | | notifications.deploymentAnnotations | object | `{}` | Annotations to be applied to the notifications controller Deployment | diff --git a/charts/argo-cd/templates/NOTES.txt b/charts/argo-cd/templates/NOTES.txt index c5c5e7c54..210cf3bbe 100644 --- a/charts/argo-cd/templates/NOTES.txt +++ b/charts/argo-cd/templates/NOTES.txt @@ -88,6 +88,27 @@ REMOVED option applicationSet.args.debug - Use applicationSet.logLevel: debug {{- if .Values.applicationSet.args.enableLeaderElection }} REMOVED option applicationSet.args.enableLeaderElection - Value determined based on replicas {{- end }} +{{- if .Values.controller.containerPort }} +REMOVED option controller.containerPort - Use controller.containerPorts +{{- end }} +{{- if .Values.server.containerPort }} +REMOVED option server.containerPort - Use server.containerPorts +{{- end }} +{{- if .Values.repoServer.containerPort }} +REMOVED option repoServer.containerPort - Use repoServer.containerPorts +{{- end }} +{{- if .Values.applicationSet.args.metricsAddr }} +REMOVED option applicationSet.args.metricsAddr - Use applicationSet.containerPorts +{{- end }} +{{- if .Values.applicationSet.args.probeBindAddr }} +REMOVED option applicationSet.args.probeBindAddr - Use applicationSet.containerPorts +{{- end }} +{{- if .Values.redis.containerPort }} +REMOVED option redis.containerPort - Use redis.containerPorts +{{- end }} +{{- if .Values.redis.metrics.containerPort }} +REMOVED option redis.metrics.containerPort - Use redis.containerPorts +{{- end }} In order to access the server UI you have the following options: diff --git a/charts/argo-cd/templates/argocd-application-controller/statefulset.yaml b/charts/argo-cd/templates/argocd-application-controller/statefulset.yaml index 208545e08..d853a8560 100644 --- a/charts/argo-cd/templates/argocd-application-controller/statefulset.yaml +++ b/charts/argo-cd/templates/argocd-application-controller/statefulset.yaml @@ -44,6 +44,13 @@ spec: containers: - command: - argocd-application-controller + - --metrics-port={{ .Values.controller.containerPorts.metrics }} + {{- if .Values.controller.metrics.applicationLabels.enabled }} + {{- range .Values.controller.metrics.applicationLabels.labels }} + - --metrics-application-labels + - {{ . }} + {{- end }} + {{- end }} {{- with .Values.controller.args.statusProcessors }} - --status-processors - {{ . | quote }} @@ -76,12 +83,6 @@ spec: - --loglevel - {{ . | quote }} {{- end }} - {{- if .Values.controller.metrics.applicationLabels.enabled }} - {{- range .Values.controller.metrics.applicationLabels.labels }} - - --metrics-application-labels - - {{ . }} - {{- end }} - {{- end }} {{- with .Values.controller.extraArgs }} {{- toYaml . | nindent 8 }} {{- end }} @@ -232,7 +233,7 @@ spec: {{- end }} ports: - name: metrics - containerPort: {{ .Values.controller.containerPort }} + containerPort: {{ .Values.controller.containerPorts.metrics }} protocol: TCP readinessProbe: httpGet: diff --git a/charts/argo-cd/templates/argocd-applicationset/deployment.yaml b/charts/argo-cd/templates/argocd-applicationset/deployment.yaml index 0c3862de3..6fd9170c4 100644 --- a/charts/argo-cd/templates/argocd-applicationset/deployment.yaml +++ b/charts/argo-cd/templates/argocd-applicationset/deployment.yaml @@ -51,10 +51,11 @@ spec: command: - entrypoint.sh - argocd-applicationset-controller + - --metrics-addr=:{{ .Values.applicationSet.containerPorts.metrics }} + - --probe-addr=:{{ .Values.applicationSet.containerPorts.probe }} + - --webhook-addr=:{{ .Values.applicationSet.containerPorts.webhook }} - --argocd-repo-server={{ template "argo-cd.repoServer.fullname" . }}:{{ .Values.repoServer.service.port }} - --enable-leader-election={{ gt ( .Values.applicationSet.replicaCount | int64) 1 }} - - --metrics-addr={{ .Values.applicationSet.args.metricsAddr }} - - --probe-addr={{ .Values.applicationSet.args.probeBindAddr }} - --policy={{ .Values.applicationSet.args.policy }} - --dry-run={{ .Values.applicationSet.args.dryRun }} - --logformat @@ -78,13 +79,13 @@ spec: {{- end }} ports: - name: metrics - containerPort: {{ (split ":" .Values.applicationSet.args.metricsAddr)._1 }} + containerPort: {{ .Values.applicationSet.containerPorts.metrics }} protocol: TCP - name: probe - containerPort: {{ (split ":" .Values.applicationSet.args.probeBindAddr)._1 }} + containerPort: {{ .Values.applicationSet.containerPorts.probe }} protocol: TCP - name: webhook - containerPort: 7000 + containerPort: {{ .Values.applicationSet.containerPorts.webhook }} protocol: TCP {{- if .Values.applicationSet.livenessProbe.enabled }} livenessProbe: diff --git a/charts/argo-cd/templates/argocd-notifications/deployment.yaml b/charts/argo-cd/templates/argocd-notifications/deployment.yaml index 7ee9f8f47..85d586ccc 100644 --- a/charts/argo-cd/templates/argocd-notifications/deployment.yaml +++ b/charts/argo-cd/templates/argocd-notifications/deployment.yaml @@ -48,9 +48,9 @@ spec: imagePullPolicy: {{ default .Values.global.image.imagePullPolicy .Values.notifications.image.imagePullPolicy }} command: - argocd-notifications + - --metrics-port={{ .Values.notifications.containerPorts.metrics }} - --loglevel={{ default .Values.global.logging.level .Values.notifications.logLevel }} - --logformat={{ default .Values.global.logging.format .Values.notifications.logFormat }} - - --metrics-port={{ .Values.notifications.metrics.port }} - --namespace={{ .Release.Namespace }} - --argocd-repo-server={{ template "argo-cd.repoServer.fullname" . }}:{{ .Values.repoServer.service.port }} {{- range .Values.notifications.extraArgs }} @@ -66,7 +66,7 @@ spec: {{- end }} ports: - name: metrics - containerPort: {{ .Values.notifications.metrics.port }} + containerPort: {{ .Values.notifications.containerPorts.metrics }} protocol: TCP resources: {{- toYaml .Values.notifications.resources | nindent 12 }} diff --git a/charts/argo-cd/templates/argocd-repo-server/deployment.yaml b/charts/argo-cd/templates/argocd-repo-server/deployment.yaml index 04117ba36..c786d7143 100755 --- a/charts/argo-cd/templates/argocd-repo-server/deployment.yaml +++ b/charts/argo-cd/templates/argocd-repo-server/deployment.yaml @@ -53,6 +53,8 @@ spec: - entrypoint.sh args: - argocd-repo-server + - --port={{ .Values.repoServer.containerPorts.server }} + - --metrics-port={{ .Values.repoServer.containerPorts.metrics }} {{- with .Values.repoServer.logFormat }} - --logformat - {{ . | quote }} @@ -236,10 +238,10 @@ spec: name: tmp ports: - name: repo-server - containerPort: {{ .Values.repoServer.containerPort }} + containerPort: {{ .Values.repoServer.containerPorts.server }} protocol: TCP - name: metrics - containerPort: 8084 + containerPort: {{ .Values.repoServer.containerPorts.metrics }} protocol: TCP livenessProbe: httpGet: diff --git a/charts/argo-cd/templates/argocd-server/aws/service.yaml b/charts/argo-cd/templates/argocd-server/aws/service.yaml index 4adcd82d5..a0368023c 100644 --- a/charts/argo-cd/templates/argocd-server/aws/service.yaml +++ b/charts/argo-cd/templates/argocd-server/aws/service.yaml @@ -12,11 +12,11 @@ spec: - name: {{ .Values.server.service.servicePortHttpName }} protocol: TCP port: {{ .Values.server.service.servicePortHttp }} - targetPort: {{- if .Values.server.service.namedTargetPort }} {{ .Values.server.name }} {{- else }} {{ .Values.server.containerPort }} {{- end }} + targetPort: server - name: {{ .Values.server.service.servicePortHttpsName }} protocol: TCP port: {{ .Values.server.service.servicePortHttps }} - targetPort: {{- if .Values.server.service.namedTargetPort }} {{ .Values.server.name }} {{- else }} {{ .Values.server.containerPort }} {{- end }} + targetPort: server selector: {{- include "argo-cd.selectorLabels" (dict "context" . "name" .Values.server.name) | nindent 4 }} sessionAffinity: None diff --git a/charts/argo-cd/templates/argocd-server/deployment.yaml b/charts/argo-cd/templates/argocd-server/deployment.yaml index c38d9348f..2f510bc37 100755 --- a/charts/argo-cd/templates/argocd-server/deployment.yaml +++ b/charts/argo-cd/templates/argocd-server/deployment.yaml @@ -47,6 +47,8 @@ spec: imagePullPolicy: {{ default .Values.global.image.imagePullPolicy .Values.server.image.imagePullPolicy }} command: - argocd-server + - --port={{ .Values.server.containerPorts.server }} + - --metrics-port={{ .Values.server.containerPorts.metrics }} {{- with .Values.server.logFormat }} - --logformat - {{ . | quote }} @@ -287,16 +289,16 @@ spec: name: extensions {{- end }} ports: - - name: {{ .Values.server.name }} - containerPort: {{ .Values.server.containerPort }} + - name: server + containerPort: {{ .Values.server.containerPorts.server }} protocol: TCP - name: metrics - containerPort: 8083 + containerPort: {{ .Values.server.containerPorts.metrics }} protocol: TCP livenessProbe: httpGet: path: /healthz?full=true - port: {{ .Values.server.containerPort }} + port: server initialDelaySeconds: {{ .Values.server.livenessProbe.initialDelaySeconds }} periodSeconds: {{ .Values.server.livenessProbe.periodSeconds }} timeoutSeconds: {{ .Values.server.livenessProbe.timeoutSeconds }} @@ -305,7 +307,7 @@ spec: readinessProbe: httpGet: path: /healthz - port: {{ .Values.server.containerPort }} + port: server initialDelaySeconds: {{ .Values.server.readinessProbe.initialDelaySeconds }} periodSeconds: {{ .Values.server.readinessProbe.periodSeconds }} timeoutSeconds: {{ .Values.server.readinessProbe.timeoutSeconds }} diff --git a/charts/argo-cd/templates/argocd-server/service.yaml b/charts/argo-cd/templates/argocd-server/service.yaml index 1dc041168..879bdb32e 100644 --- a/charts/argo-cd/templates/argocd-server/service.yaml +++ b/charts/argo-cd/templates/argocd-server/service.yaml @@ -19,14 +19,14 @@ spec: - name: {{ .Values.server.service.servicePortHttpName }} protocol: TCP port: {{ .Values.server.service.servicePortHttp }} - targetPort: {{- if .Values.server.service.namedTargetPort }} {{ .Values.server.name }} {{- else }} {{ .Values.server.containerPort }} {{- end }} + targetPort: {{ .Values.server.containerPorts.server }} {{- if eq .Values.server.service.type "NodePort" }} nodePort: {{ .Values.server.service.nodePortHttp }} {{- end }} - name: {{ .Values.server.service.servicePortHttpsName }} protocol: TCP port: {{ .Values.server.service.servicePortHttps }} - targetPort: {{- if .Values.server.service.namedTargetPort }} {{ .Values.server.name }} {{- else }} {{ .Values.server.containerPort }} {{- end }} + targetPort: {{ .Values.server.containerPorts.server }} {{- if eq .Values.server.service.type "NodePort" }} nodePort: {{ .Values.server.service.nodePortHttps }} {{- end }} @@ -49,4 +49,4 @@ spec: {{- end }} {{- with .Values.server.service.sessionAffinity }} sessionAffinity: {{ . }} -{{- end }} \ No newline at end of file +{{- end }} diff --git a/charts/argo-cd/templates/dex/deployment.yaml b/charts/argo-cd/templates/dex/deployment.yaml index bd0362b3c..1b3b43380 100755 --- a/charts/argo-cd/templates/dex/deployment.yaml +++ b/charts/argo-cd/templates/dex/deployment.yaml @@ -70,13 +70,13 @@ spec: {{- end }} ports: - name: http - containerPort: {{ .Values.dex.containerPortHttp }} + containerPort: {{ .Values.dex.containerPorts.http }} protocol: TCP - name: grpc - containerPort: {{ .Values.dex.containerPortGrpc }} + containerPort: {{ .Values.dex.containerPorts.grpc }} protocol: TCP - name: metrics - containerPort: {{ .Values.dex.containerPortMetrics }} + containerPort: {{ .Values.dex.containerPorts.metrics }} protocol: TCP {{- if .Values.dex.livenessProbe.enabled }} livenessProbe: diff --git a/charts/argo-cd/templates/redis/deployment.yaml b/charts/argo-cd/templates/redis/deployment.yaml index 6c6a4dbe5..c2f17a455 100755 --- a/charts/argo-cd/templates/redis/deployment.yaml +++ b/charts/argo-cd/templates/redis/deployment.yaml @@ -63,7 +63,7 @@ spec: {{- end }} ports: - name: redis - containerPort: {{ .Values.redis.containerPort }} + containerPort: {{ .Values.redis.containerPorts.redis }} protocol: TCP resources: {{- toYaml .Values.redis.resources | nindent 10 }} @@ -79,12 +79,12 @@ spec: imagePullPolicy: {{ default .Values.global.image.imagePullPolicy .Values.redis.metrics.image.imagePullPolicy }} env: - name: REDIS_ADDR - value: {{ printf "redis://localhost:%v" .Values.redis.containerPort }} + value: {{ printf "redis://localhost:%v" .Values.redis.containerPorts.redis }} - name: REDIS_EXPORTER_WEB_LISTEN_ADDRESS - value: {{ printf "0.0.0.0:%v" .Values.redis.metrics.containerPort }} + value: {{ printf "0.0.0.0:%v" .Values.redis.containerPorts.metrics }} ports: - name: metrics - containerPort: {{ .Values.redis.metrics.containerPort }} + containerPort: {{ .Values.redis.containerPorts.metrics }} protocol: TCP resources: {{- toYaml .Values.redis.metrics.resources | nindent 10 }} diff --git a/charts/argo-cd/values.yaml b/charts/argo-cd/values.yaml index 5e73d2187..e7207863e 100755 --- a/charts/argo-cd/values.yaml +++ b/charts/argo-cd/values.yaml @@ -575,6 +575,11 @@ controller: # cpu: 250m # memory: 256Mi + # Application controller container ports + containerPorts: + # -- Metrics container port + metrics: 8082 + # -- Application controller container-level security context # @default -- See [values.yaml] containerSecurityContext: @@ -587,9 +592,6 @@ controller: drop: - ALL - # -- Application controller listening port - containerPort: 8082 - # Rediness probe for application controller ## Ref: https://kubernetes.io/docs/tasks/configure-pod-container/configure-liveness-readiness-probes/ readinessProbe: @@ -866,6 +868,16 @@ dex: # cpu: 10m # memory: 32Mi + # Dex container ports + # NOTE: These ports are currently hardcoded and cannot be changed + containerPorts: + # -- HTTP container port + http: 5556 + # -- gRPC container port + grpc: 5557 + # -- Metrics container port + metrics: 5558 + # -- Dex container-level security context # @default -- See [values.yaml] containerSecurityContext: @@ -893,6 +905,7 @@ dex: successThreshold: 1 # -- Number of seconds after which the [probe] times out timeoutSeconds: 1 + readinessProbe: # -- Enable Kubernetes readiness probe for Dex >= 2.28.0 enabled: false @@ -917,20 +930,14 @@ dex: # -- Automount API credentials for the Service Account automountServiceAccountToken: true - # -- Container port for HTTP access - containerPortHttp: 5556 # -- Service port for HTTP access servicePortHttp: 5556 # -- Service port name for HTTP access servicePortHttpName: http - # -- Container port for gRPC access - containerPortGrpc: 5557 # -- Service port for gRPC access servicePortGrpc: 5557 # -- Service port name for gRPC access servicePortGrpcName: grpc - # -- Container port for metrics access - containerPortMetrics: 5558 # -- Service port for metrics access servicePortMetrics: 5558 @@ -1044,6 +1051,13 @@ redis: seccompProfile: type: RuntimeDefault + # Redis container ports + containerPorts: + # -- Redis container port + redis: 6379 + # -- Metrics container port + metrics: 9121 + # -- Redis container-level security context # @default -- See [values.yaml] containerSecurityContext: @@ -1052,8 +1066,6 @@ redis: drop: - ALL - # -- Redis container port - containerPort: 6379 # -- Redis service port servicePort: 6379 @@ -1103,8 +1115,6 @@ redis: tag: 1.26.0-debian-10-r2 # -- redis-exporter image PullPolicy imagePullPolicy: IfNotPresent - # -- Port to use for redis-exporter sidecar - containerPort: 9121 # -- Redis exporter security context # @default -- See [values.yaml] @@ -1415,8 +1425,24 @@ server: # cpu: 50m # memory: 64Mi - # -- Configures the server port - containerPort: 8080 + # Server container ports + containerPorts: + # -- Server container port + server: 8080 + # -- Metrics container port + metrics: 8082 + + # -- Server container-level security context + # @default -- See [values.yaml] + containerSecurityContext: + runAsNonRoot: true + readOnlyRootFilesystem: true + allowPrivilegeEscalation: false + seccompProfile: + type: RuntimeDefault + capabilities: + drop: + - ALL ## Readiness and liveness probes for default backend ## Ref: https://kubernetes.io/docs/tasks/configure-pod-container/configure-liveness-readiness-probes/ @@ -1431,6 +1457,7 @@ server: successThreshold: 1 # -- Number of seconds after which the [probe] times out timeoutSeconds: 1 + livenessProbe: # -- Minimum consecutive failures for the [probe] to be considered failed after having succeeded failureThreshold: 3 @@ -1461,18 +1488,6 @@ server: # -- Priority class for the Argo CD server priorityClassName: "" - # -- Server container-level security context - # @default -- See [values.yaml] - containerSecurityContext: - runAsNonRoot: true - readOnlyRootFilesystem: true - allowPrivilegeEscalation: false - seccompProfile: - type: RuntimeDefault - capabilities: - drop: - - ALL - # TLS certificate configuration via cert-manager ## Ref: https://argo-cd.readthedocs.io/en/stable/operator-manual/tls/#tls-certificates-used-by-argocd-server certificate: @@ -1546,10 +1561,6 @@ server: servicePortHttpName: http # -- Server service https port name, can be used to route traffic via istio servicePortHttpsName: https - # -- Use named target port for argocd - ## Named target ports are not supported by GCE health checks, so when deploying argocd on GKE - ## and exposing it via GCE ingress, the health checks fail and the load balancer returns a 502. - namedTargetPort: true # -- LoadBalancer will get created with the IP specified in this field loadBalancerIP: "" # -- Source IP ranges to allow access to service from @@ -1897,8 +1908,24 @@ repoServer: # cpu: 10m # memory: 64Mi - # -- Configures the repo server port - containerPort: 8081 + # Repo server container ports + containerPorts: + # -- Repo server container port + server: 8081 + # -- Metrics container port + metrics: 8084 + + # -- Repo server container-level security context + # @default -- See [values.yaml] + containerSecurityContext: + runAsNonRoot: true + readOnlyRootFilesystem: true + allowPrivilegeEscalation: false + seccompProfile: + type: RuntimeDefault + capabilities: + drop: + - ALL ## Readiness and liveness probes for default backend ## Ref: https://kubernetes.io/docs/tasks/configure-pod-container/configure-liveness-readiness-probes/ @@ -1913,6 +1940,7 @@ repoServer: successThreshold: 1 # -- Number of seconds after which the [probe] times out timeoutSeconds: 1 + livenessProbe: # -- Minimum consecutive failures for the [probe] to be considered failed after having succeeded failureThreshold: 3 @@ -1943,18 +1971,6 @@ repoServer: # -- Priority class for the repo server priorityClassName: "" - # -- Repo server container-level security context - # @default -- See [values.yaml] - containerSecurityContext: - runAsNonRoot: true - readOnlyRootFilesystem: true - allowPrivilegeEscalation: false - seccompProfile: - type: RuntimeDefault - capabilities: - drop: - - ALL - # TLS certificate configuration via Secret ## Ref: https://argo-cd.readthedocs.io/en/stable/operator-manual/tls/#configuring-tls-to-argocd-repo-server ## Note: Issuing certificates via cert-manager in not supported right now because it's not possible to restart repo server automatically without extra controllers. @@ -2105,10 +2121,6 @@ applicationSet: logLevel: "" args: - # -- The default metric address - metricsAddr: :8080 - # -- The default health check port - probeBindAddr: :8081 # -- How application is synced between the generator and the cluster policy: sync # -- Enable dry run mode @@ -2221,6 +2233,15 @@ applicationSet: # cpu: 100m # memory: 128Mi + # ApplicationSet controller container ports + containerPorts: + # -- Metrics container port + metrics: 8080 + # -- Probe container port + probe: 8081 + # -- Webhook container port + webhook: 7000 + # -- ApplicationSet controller container-level security context # @default -- See [values.yaml] containerSecurityContext: @@ -2486,6 +2507,11 @@ notifications: # cpu: 100m # memory: 128Mi + # Notification controller container ports + containerPorts: + # -- Metrics container port + metrics: 9001 + # -- Notification controller container-level security Context # @default -- See [values.yaml] containerSecurityContext: From 0f2856ea416ae45e06382e63e2cb9ef083cb318d Mon Sep 17 00:00:00 2001 From: Petr Drastil Date: Sat, 21 Jan 2023 13:18:53 +0100 Subject: [PATCH 041/356] fix(argo-cd): Add missing options for mounting service account tokens (#1787) Signed-off-by: Petr Drastil Co-authored-by: Jason Meridth --- charts/argo-cd/Chart.yaml | 5 ++--- charts/argo-cd/README.md | 12 +++++++----- charts/argo-cd/values.yaml | 22 +++++++++++----------- 3 files changed, 20 insertions(+), 19 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index e75156e7c..8799e3eb3 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -3,7 +3,7 @@ appVersion: v2.5.7 kubeVersion: ">=1.22.0-0" description: A Helm chart for Argo CD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 5.19.1 +version: 5.19.2 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png sources: @@ -23,5 +23,4 @@ dependencies: condition: redis-ha.enabled annotations: artifacthub.io/changes: | - - "[Fixed]: Container port configuration now properly sets the listening port" - - "[Changed]: Container ports consolidated from various places to new containerPorts sections" + - "[Fixed]: Added missing options for automounting service tokens for applicationset and notifications controllers" diff --git a/charts/argo-cd/README.md b/charts/argo-cd/README.md index ca54a9bce..032436529 100644 --- a/charts/argo-cd/README.md +++ b/charts/argo-cd/README.md @@ -1026,10 +1026,11 @@ If you want to use an existing Redis (eg. a managed service from a cloud provide | applicationSet.service.labels | object | `{}` | ApplicationSet service labels | | applicationSet.service.port | int | `7000` | ApplicationSet service port | | applicationSet.service.portName | string | `"webhook"` | ApplicationSet service port name | -| applicationSet.serviceAccount.annotations | object | `{}` | Annotations to add to the service account | -| applicationSet.serviceAccount.create | bool | `true` | Specifies whether a service account should be created | +| applicationSet.serviceAccount.annotations | object | `{}` | Annotations applied to created service account | +| applicationSet.serviceAccount.automountServiceAccountToken | bool | `true` | Automount API credentials for the Service Account | +| applicationSet.serviceAccount.create | bool | `true` | Create ApplicationSet controller service account | | applicationSet.serviceAccount.labels | object | `{}` | Labels applied to created service account | -| applicationSet.serviceAccount.name | string | `""` | The name of the service account to use. If not set and create is true, a name is generated using the fullname template | +| applicationSet.serviceAccount.name | string | `"argocd-applicationset-controller"` | ApplicationSet controller service account name | | applicationSet.tolerations | list | `[]` | [Tolerations] for use with node taints | | applicationSet.webhook.ingress.annotations | object | `{}` | Additional ingress annotations | | applicationSet.webhook.ingress.enabled | bool | `false` | Enable an ingress resource for Webhooks | @@ -1116,9 +1117,10 @@ If you want to use an existing Redis (eg. a managed service from a cloud provide | notifications.secret.create | bool | `true` | Whether helm chart creates notifications controller secret | | notifications.secret.items | object | `{}` | Generic key:value pairs to be inserted into the secret | | notifications.serviceAccount.annotations | object | `{}` | Annotations applied to created service account | -| notifications.serviceAccount.create | bool | `true` | Specifies whether a service account should be created | +| notifications.serviceAccount.automountServiceAccountToken | bool | `true` | Automount API credentials for the Service Account | +| notifications.serviceAccount.create | bool | `true` | Create notifications controller service account | | notifications.serviceAccount.labels | object | `{}` | Labels applied to created service account | -| notifications.serviceAccount.name | string | `"argocd-notifications-controller"` | The name of the service account to use. | +| notifications.serviceAccount.name | string | `"argocd-notifications-controller"` | Notification controller service account name | | notifications.subscriptions | list | `[]` | Contains centrally managed global application subscriptions | | notifications.templates | object | `{}` | The notification template is used to generate the notification content | | notifications.tolerations | list | `[]` | [Tolerations] for use with node taints | diff --git a/charts/argo-cd/values.yaml b/charts/argo-cd/values.yaml index e7207863e..7f06a376c 100755 --- a/charts/argo-cd/values.yaml +++ b/charts/argo-cd/values.yaml @@ -2205,15 +2205,16 @@ applicationSet: portName: webhook serviceAccount: - # -- Specifies whether a service account should be created + # -- Create ApplicationSet controller service account create: true - # -- Annotations to add to the service account + # -- ApplicationSet controller service account name + name: argocd-applicationset-controller + # -- Annotations applied to created service account annotations: {} # -- Labels applied to created service account labels: {} - # -- The name of the service account to use. - # If not set and create is true, a name is generated using the fullname template - name: "" + # -- Automount API credentials for the Service Account + automountServiceAccountToken: true # -- Annotations to be added to ApplicationSet controller Deployment deploymentAnnotations: {} @@ -2537,18 +2538,17 @@ notifications: priorityClassName: "" serviceAccount: - # -- Specifies whether a service account should be created + # -- Create notifications controller service account create: true - - # -- The name of the service account to use. - ## If not set and create is true, a name is generated using the fullname template + # -- Notification controller service account name name: argocd-notifications-controller - # -- Annotations applied to created service account annotations: {} - # -- Labels applied to created service account labels: {} + # -- Automount API credentials for the Service Account + automountServiceAccountToken: true + cm: # -- Whether helm chart creates notifications controller config map create: true From adc526612fa553d1e9dfe8c213be6294dc023281 Mon Sep 17 00:00:00 2001 From: Petr Drastil Date: Sat, 21 Jan 2023 20:11:02 +0100 Subject: [PATCH 042/356] fix(argo-cd): Redis service have invalid targetPort (#1792) Signed-off-by: Petr Drastil --- charts/argo-cd/Chart.yaml | 4 ++-- charts/argo-cd/templates/redis/service.yaml | 2 +- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index 8799e3eb3..b7e63216d 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -3,7 +3,7 @@ appVersion: v2.5.7 kubeVersion: ">=1.22.0-0" description: A Helm chart for Argo CD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 5.19.2 +version: 5.19.3 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png sources: @@ -23,4 +23,4 @@ dependencies: condition: redis-ha.enabled annotations: artifacthub.io/changes: | - - "[Fixed]: Added missing options for automounting service tokens for applicationset and notifications controllers" + - "[Fixed]: Fixed invalid port on redis service" diff --git a/charts/argo-cd/templates/redis/service.yaml b/charts/argo-cd/templates/redis/service.yaml index af273d717..6e949fd4b 100644 --- a/charts/argo-cd/templates/redis/service.yaml +++ b/charts/argo-cd/templates/redis/service.yaml @@ -19,7 +19,7 @@ spec: ports: - name: redis port: {{ .Values.redis.servicePort }} - targetPort: {{ .Values.redis.containerPort }} + targetPort: redis selector: {{- include "argo-cd.selectorLabels" (dict "context" . "name" .Values.redis.name) | nindent 4 }} {{- end }} From b4de202859d65343dc32d88364aa3dd368ba7d27 Mon Sep 17 00:00:00 2001 From: Petr Drastil Date: Sun, 22 Jan 2023 18:20:30 +0100 Subject: [PATCH 043/356] chore(argo-cd): Decouple Redis exporter from metrics service (#1791) Signed-off-by: Petr Drastil --- charts/argo-cd/Chart.yaml | 4 +- charts/argo-cd/README.md | 13 ++-- .../argo-cd/templates/redis/deployment.yaml | 10 +-- charts/argo-cd/values.yaml | 67 +++++++++++-------- 4 files changed, 53 insertions(+), 41 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index b7e63216d..b39e40b73 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -3,7 +3,7 @@ appVersion: v2.5.7 kubeVersion: ">=1.22.0-0" description: A Helm chart for Argo CD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 5.19.3 +version: 5.19.4 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png sources: @@ -23,4 +23,4 @@ dependencies: condition: redis-ha.enabled annotations: artifacthub.io/changes: | - - "[Fixed]: Fixed invalid port on redis service" + - "[Changed]: Decoupled redis metrics exporter from metrics service" diff --git a/charts/argo-cd/README.md b/charts/argo-cd/README.md index 032436529..41ab164f6 100644 --- a/charts/argo-cd/README.md +++ b/charts/argo-cd/README.md @@ -864,6 +864,12 @@ server: | redis.enabled | bool | `true` | Enable redis | | redis.env | list | `[]` | Environment variables to pass to the Redis server | | redis.envFrom | list | `[]` (See [values.yaml]) | envFrom to pass to the Redis server | +| redis.exporter.containerSecurityContext | object | See [values.yaml] | Redis exporter security context | +| redis.exporter.enabled | bool | `true` | Enable Prometheus redis-exporter sidecar | +| redis.exporter.image.imagePullPolicy | string | `""` (defaults to global.image.imagePullPolicy) | Image pull policy for the Redis exporter | +| redis.exporter.image.repository | string | `"public.ecr.aws/bitnami/redis-exporter"` | redis-exporter image repository | +| redis.exporter.image.tag | string | `"1.26.0-debian-10-r2"` | redis-exporter image tag | +| redis.exporter.resources | object | `{}` | Resource limits and requests for redis-exporter sidecar | | redis.extraArgs | list | `[]` | Additional command line arguments to pass to redis-server | | redis.extraContainers | list | `[]` | Additional containers to be added to the redis pod | | redis.image.imagePullPolicy | string | `"IfNotPresent"` | Redis imagePullPolicy | @@ -871,12 +877,7 @@ server: | redis.image.tag | string | `"7.0.5-alpine"` | Redis tag | | redis.imagePullSecrets | list | `[]` (defaults to global.imagePullSecrets) | Secrets with credentials to pull images from a private registry | | redis.initContainers | list | `[]` | Init containers to add to the redis pod | -| redis.metrics.containerSecurityContext | object | See [values.yaml] | Redis exporter security context | -| redis.metrics.enabled | bool | `false` | Deploy metrics service and redis-exporter sidecar | -| redis.metrics.image.imagePullPolicy | string | `"IfNotPresent"` | redis-exporter image PullPolicy | -| redis.metrics.image.repository | string | `"public.ecr.aws/bitnami/redis-exporter"` | redis-exporter image repository | -| redis.metrics.image.tag | string | `"1.26.0-debian-10-r2"` | redis-exporter image tag | -| redis.metrics.resources | object | `{}` | Resource limits and requests for redis-exporter sidecar | +| redis.metrics.enabled | bool | `false` | Deploy metrics service | | redis.metrics.service.annotations | object | `{}` | Metrics service annotations | | redis.metrics.service.clusterIP | string | `"None"` | Metrics service clusterIP. `None` makes a "headless service" (no virtual IP) | | redis.metrics.service.labels | object | `{}` | Metrics service labels | diff --git a/charts/argo-cd/templates/redis/deployment.yaml b/charts/argo-cd/templates/redis/deployment.yaml index c2f17a455..6f23e44e1 100755 --- a/charts/argo-cd/templates/redis/deployment.yaml +++ b/charts/argo-cd/templates/redis/deployment.yaml @@ -73,10 +73,10 @@ spec: volumeMounts: {{- toYaml . | nindent 10 }} {{- end }} - {{- if .Values.redis.metrics.enabled }} + {{- if .Values.redis.exporter.enabled }} - name: metrics - image: {{ .Values.redis.metrics.image.repository }}:{{ .Values.redis.metrics.image.tag }} - imagePullPolicy: {{ default .Values.global.image.imagePullPolicy .Values.redis.metrics.image.imagePullPolicy }} + image: {{ .Values.redis.exporter.image.repository }}:{{ .Values.redis.exporter.image.tag }} + imagePullPolicy: {{ default .Values.global.image.imagePullPolicy .Values.redis.exporter.image.imagePullPolicy }} env: - name: REDIS_ADDR value: {{ printf "redis://localhost:%v" .Values.redis.containerPorts.redis }} @@ -87,9 +87,9 @@ spec: containerPort: {{ .Values.redis.containerPorts.metrics }} protocol: TCP resources: - {{- toYaml .Values.redis.metrics.resources | nindent 10 }} + {{- toYaml .Values.redis.exporter.resources | nindent 10 }} securityContext: - {{- toYaml .Values.redis.metrics.containerSecurityContext | nindent 10 }} + {{- toYaml .Values.redis.exporter.containerSecurityContext | nindent 10 }} {{- end }} {{- with .Values.redis.extraContainers }} {{- tpl (toYaml .) $ | nindent 6 }} diff --git a/charts/argo-cd/values.yaml b/charts/argo-cd/values.yaml index 7f06a376c..75296bd9d 100755 --- a/charts/argo-cd/values.yaml +++ b/charts/argo-cd/values.yaml @@ -991,6 +991,42 @@ redis: # -- Redis imagePullPolicy imagePullPolicy: IfNotPresent + # Prometheus redis-exporter sidecar + exporter: + # -- Enable Prometheus redis-exporter sidecar + enabled: true + + # Prometheus redis-exporter image + image: + # -- redis-exporter image repository + repository: public.ecr.aws/bitnami/redis-exporter + # -- redis-exporter image tag + tag: 1.26.0-debian-10-r2 + # -- Image pull policy for the Redis exporter + # @default -- `""` (defaults to global.image.imagePullPolicy) + imagePullPolicy: "" + + # -- Redis exporter security context + # @default -- See [values.yaml] + containerSecurityContext: + runAsNonRoot: true + readOnlyRootFilesystem: true + allowPrivilegeEscalation: false + seccompProfile: + type: RuntimeDefault + capabilities: + drop: + - ALL + + # -- Resource limits and requests for redis-exporter sidecar + resources: {} + # limits: + # cpu: 50m + # memory: 64Mi + # requests: + # cpu: 10m + # memory: 32Mi + # -- Secrets with credentials to pull images from a private registry # @default -- `[]` (defaults to global.imagePullSecrets) imagePullSecrets: [] @@ -1106,36 +1142,10 @@ redis: labels: {} metrics: - # -- Deploy metrics service and redis-exporter sidecar + # -- Deploy metrics service enabled: false - image: - # -- redis-exporter image repository - repository: public.ecr.aws/bitnami/redis-exporter - # -- redis-exporter image tag - tag: 1.26.0-debian-10-r2 - # -- redis-exporter image PullPolicy - imagePullPolicy: IfNotPresent - # -- Redis exporter security context - # @default -- See [values.yaml] - containerSecurityContext: - runAsNonRoot: true - readOnlyRootFilesystem: true - allowPrivilegeEscalation: false - seccompProfile: - type: RuntimeDefault - capabilities: - drop: - - ALL - - # -- Resource limits and requests for redis-exporter sidecar - resources: {} - # limits: - # cpu: 50m - # memory: 64Mi - # requests: - # cpu: 10m - # memory: 32Mi + # Redis metrics service configuration service: # -- Metrics service type type: ClusterIP @@ -1149,6 +1159,7 @@ redis: servicePort: 9121 # -- Metrics service port name portName: http-metrics + serviceMonitor: # -- Enable a prometheus ServiceMonitor enabled: false From 885959311f6214bc6da9b461ec89b2d0ef44ea87 Mon Sep 17 00:00:00 2001 From: Petr Drastil Date: Sun, 22 Jan 2023 20:22:41 +0100 Subject: [PATCH 044/356] fix(argo-cd): Fix annotations for ssh and tls configs (#1793) Signed-off-by: Petr Drastil Signed-off-by: Petr Drastil --- charts/argo-cd/Chart.yaml | 4 ++-- .../templates/argocd-configs/argocd-ssh-known-hosts-cm.yaml | 2 +- .../argo-cd/templates/argocd-configs/argocd-tls-certs-cm.yaml | 2 +- 3 files changed, 4 insertions(+), 4 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index b39e40b73..200889deb 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -3,7 +3,7 @@ appVersion: v2.5.7 kubeVersion: ">=1.22.0-0" description: A Helm chart for Argo CD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 5.19.4 +version: 5.19.5 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png sources: @@ -23,4 +23,4 @@ dependencies: condition: redis-ha.enabled annotations: artifacthub.io/changes: | - - "[Changed]: Decoupled redis metrics exporter from metrics service" + - "[Fixed]: Annotations for tls and ssh sections works as expected" diff --git a/charts/argo-cd/templates/argocd-configs/argocd-ssh-known-hosts-cm.yaml b/charts/argo-cd/templates/argocd-configs/argocd-ssh-known-hosts-cm.yaml index 03c306d41..7b8e5d0b8 100644 --- a/charts/argo-cd/templates/argocd-configs/argocd-ssh-known-hosts-cm.yaml +++ b/charts/argo-cd/templates/argocd-configs/argocd-ssh-known-hosts-cm.yaml @@ -4,7 +4,7 @@ metadata: name: argocd-ssh-known-hosts-cm labels: {{- include "argo-cd.labels" (dict "context" . "name" "ssh-known-hosts-cm") | nindent 4 }} - {{- with (mergeOverwrite (deepCopy .Values.configs.ssh.annotations) (.Values.configs.knownHostsAnnotations | default dict)) -}} + {{- with (mergeOverwrite (deepCopy .Values.configs.ssh.annotations) (.Values.configs.knownHostsAnnotations | default dict)) }} annotations: {{- range $key, $value := . }} {{ $key }}: {{ $value | quote }} diff --git a/charts/argo-cd/templates/argocd-configs/argocd-tls-certs-cm.yaml b/charts/argo-cd/templates/argocd-configs/argocd-tls-certs-cm.yaml index 8e5c7c884..1ba0176d8 100644 --- a/charts/argo-cd/templates/argocd-configs/argocd-tls-certs-cm.yaml +++ b/charts/argo-cd/templates/argocd-configs/argocd-tls-certs-cm.yaml @@ -4,7 +4,7 @@ metadata: name: argocd-tls-certs-cm labels: {{- include "argo-cd.labels" (dict "context" . "name" "tls-certs-cm") | nindent 4 }} - {{- with (mergeOverwrite (deepCopy .Values.configs.ssh.annotations) (.Values.configs.tlsCertsAnnotations | default dict)) -}} + {{- with (mergeOverwrite (deepCopy .Values.configs.tls.annotations) (.Values.configs.tlsCertsAnnotations | default dict)) }} annotations: {{- range $key, $value := . }} {{ $key }}: {{ $value | quote }} From 4befcd5dc55cdeced984241d99785bd877b98add Mon Sep 17 00:00:00 2001 From: ilia-medvedev-codefresh Date: Mon, 23 Jan 2023 11:54:32 +0400 Subject: [PATCH 045/356] Update Chart.yaml (#4) Signed-off-by: ilia-medvedev-codefresh Signed-off-by: ilia-medvedev-codefresh --- charts/argo-cd/Chart.yaml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index ab174773d..f452fffe9 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -1,8 +1,8 @@ apiVersion: v2 -appVersion: v2.4.15-cap-CR-15677-rollout-rollback +appVersion: v2.4.15-cap-CR-16709-init-app-proxy description: A Helm chart for Argo CD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 5.7.0-1-cf-init +version: 5.7.0-2-CR-16709-init-app-proxy home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png sources: From 0578482bd69c2cf341e34893e916d638002d546d Mon Sep 17 00:00:00 2001 From: Petr Drastil Date: Tue, 24 Jan 2023 01:15:46 +0100 Subject: [PATCH 046/356] chore(argo-cd): Upgrade Redis exporter image (#1795) Signed-off-by: Petr Drastil Signed-off-by: Petr Drastil --- charts/argo-cd/Chart.yaml | 4 ++-- charts/argo-cd/README.md | 2 +- charts/argo-cd/values.yaml | 2 +- 3 files changed, 4 insertions(+), 4 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index 200889deb..d08ba1c3b 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -3,7 +3,7 @@ appVersion: v2.5.7 kubeVersion: ">=1.22.0-0" description: A Helm chart for Argo CD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 5.19.5 +version: 5.19.6 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png sources: @@ -23,4 +23,4 @@ dependencies: condition: redis-ha.enabled annotations: artifacthub.io/changes: | - - "[Fixed]: Annotations for tls and ssh sections works as expected" + - "[Changed]: Upgrade Redis exporter image to 1.45.0" diff --git a/charts/argo-cd/README.md b/charts/argo-cd/README.md index 41ab164f6..04441317d 100644 --- a/charts/argo-cd/README.md +++ b/charts/argo-cd/README.md @@ -868,7 +868,7 @@ server: | redis.exporter.enabled | bool | `true` | Enable Prometheus redis-exporter sidecar | | redis.exporter.image.imagePullPolicy | string | `""` (defaults to global.image.imagePullPolicy) | Image pull policy for the Redis exporter | | redis.exporter.image.repository | string | `"public.ecr.aws/bitnami/redis-exporter"` | redis-exporter image repository | -| redis.exporter.image.tag | string | `"1.26.0-debian-10-r2"` | redis-exporter image tag | +| redis.exporter.image.tag | string | `"1.45.0"` | redis-exporter image tag | | redis.exporter.resources | object | `{}` | Resource limits and requests for redis-exporter sidecar | | redis.extraArgs | list | `[]` | Additional command line arguments to pass to redis-server | | redis.extraContainers | list | `[]` | Additional containers to be added to the redis pod | diff --git a/charts/argo-cd/values.yaml b/charts/argo-cd/values.yaml index 75296bd9d..76ad809d3 100755 --- a/charts/argo-cd/values.yaml +++ b/charts/argo-cd/values.yaml @@ -1001,7 +1001,7 @@ redis: # -- redis-exporter image repository repository: public.ecr.aws/bitnami/redis-exporter # -- redis-exporter image tag - tag: 1.26.0-debian-10-r2 + tag: 1.45.0 # -- Image pull policy for the Redis exporter # @default -- `""` (defaults to global.image.imagePullPolicy) imagePullPolicy: "" From 73e6f1913eb5cab2504f906163abe940e622dbbe Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Ole=20Markus=20Kristiansen=20Tern=C3=B8?= <79976935+oterno@users.noreply.github.com> Date: Wed, 25 Jan 2023 22:46:14 +0100 Subject: [PATCH 047/356] feat(argo-events): Added support for extra k8s manifests (#1797) MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit * feat(argo-events): Added support for extra k8s manifests Signed-off-by: Ole Markus Kristiansen Ternø <79976935+oterno@users.noreply.github.com> * added value example for extraObjects Signed-off-by: Ole Markus Kristiansen Ternø <79976935+oterno@users.noreply.github.com> Signed-off-by: Ole Markus Kristiansen Ternø <79976935+oterno@users.noreply.github.com> --- charts/argo-events/Chart.yaml | 4 +-- charts/argo-events/README.md | 1 + .../templates/extra-manifests.yaml | 4 +++ charts/argo-events/values.yaml | 29 +++++++++++++++++++ 4 files changed, 36 insertions(+), 2 deletions(-) create mode 100644 charts/argo-events/templates/extra-manifests.yaml diff --git a/charts/argo-events/Chart.yaml b/charts/argo-events/Chart.yaml index ece10ef88..757a36088 100644 --- a/charts/argo-events/Chart.yaml +++ b/charts/argo-events/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v2 appVersion: v1.7.4 description: A Helm chart for Argo Events, the event-driven workflow automation framework name: argo-events -version: 2.0.11 +version: 2.1.0 home: https://github.com/argoproj/argo-helm icon: https://argoproj.github.io/argo-events/assets/logo.png keywords: @@ -15,4 +15,4 @@ maintainers: url: https://argoproj.github.io/ annotations: artifacthub.io/changes: | - - "[Fixed]: Added missing NATS version in values.yaml" + - "[Added]: Additional manifests to deploy within the chart" diff --git a/charts/argo-events/README.md b/charts/argo-events/README.md index 39b46bf55..48597a864 100644 --- a/charts/argo-events/README.md +++ b/charts/argo-events/README.md @@ -62,6 +62,7 @@ done | crds.install | bool | `true` | Install and upgrade CRDs | | crds.keep | bool | `true` | Keep CRDs on chart uninstall | | createAggregateRoles | bool | `false` | Create clusterroles that extend existing clusterroles to interact with argo-events crds Only applies for cluster-wide installation (`controller.rbac.namespaced: false`) | +| extraObjects | list | `[]` | Array of extra K8s manifests to deploy | | fullnameOverride | string | `""` | String to fully override "argo-events.fullname" template | | global.additionalLabels | object | `{}` | Additional labels to add to all resources | | global.hostAliases | list | `[]` | Mapping between IP and hostnames that will be injected as entries in the pod's hosts files | diff --git a/charts/argo-events/templates/extra-manifests.yaml b/charts/argo-events/templates/extra-manifests.yaml new file mode 100644 index 000000000..a9bb3b6ba --- /dev/null +++ b/charts/argo-events/templates/extra-manifests.yaml @@ -0,0 +1,4 @@ +{{ range .Values.extraObjects }} +--- +{{ tpl (toYaml .) $ }} +{{ end }} diff --git a/charts/argo-events/values.yaml b/charts/argo-events/values.yaml index c24368512..89a7323d7 100644 --- a/charts/argo-events/values.yaml +++ b/charts/argo-events/values.yaml @@ -99,6 +99,35 @@ configs: configReloaderImage: natsio/nats-server-config-reloader:latest startCommand: /nats-server +# -- Array of extra K8s manifests to deploy +## Note: Supports use of custom Helm templates +extraObjects: [] + # - apiVersion: secrets-store.csi.x-k8s.io/v1 + # kind: SecretProviderClass + # metadata: + # name: argo-events-secrets-store + # spec: + # provider: aws + # parameters: + # objects: | + # - objectName: "argo-events" + # objectType: "secretsmanager" + # jmesPath: + # - path: "client_id" + # objectAlias: "client_id" + # - path: "client_secret" + # objectAlias: "client_secret" + # secretObjects: + # - data: + # - key: client_id + # objectName: client_id + # - key: client_secret + # objectName: client_secret + # secretName: argo-events-secrets-store + # type: Opaque + # labels: + # app.kubernetes.io/part-of: argocd + ## Argo Events controller controller: # -- Argo Events controller name string From 9fb1f9d0913faaa51a6e07e1a058939a5ff4b8ea Mon Sep 17 00:00:00 2001 From: Aikawa Date: Thu, 26 Jan 2023 17:22:40 +0900 Subject: [PATCH 048/356] chore(argo-cd): Update Argo CD to v2.5.8 (#1798) Signed-off-by: yu-croco --- charts/argo-cd/Chart.yaml | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index d08ba1c3b..6c2ab6d23 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -1,9 +1,9 @@ apiVersion: v2 -appVersion: v2.5.7 +appVersion: v2.5.8 kubeVersion: ">=1.22.0-0" description: A Helm chart for Argo CD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 5.19.6 +version: 5.19.7 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png sources: @@ -23,4 +23,4 @@ dependencies: condition: redis-ha.enabled annotations: artifacthub.io/changes: | - - "[Changed]: Upgrade Redis exporter image to 1.45.0" + - "[Changed]: Update Argo CD to v2.5.8" From 5335a75fbcbb8bdd87d19fa088c9420a0ea8f990 Mon Sep 17 00:00:00 2001 From: Petr Drastil Date: Thu, 26 Jan 2023 13:06:19 +0100 Subject: [PATCH 049/356] fix(argo-cd): Disable Redis exporter by default (#1799) Signed-off-by: Petr Drastil Signed-off-by: Petr Drastil --- charts/argo-cd/Chart.yaml | 6 ++++-- charts/argo-cd/README.md | 14 ++++++++------ charts/argo-cd/values.yaml | 27 ++++++++++++++++----------- 3 files changed, 28 insertions(+), 19 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index 6c2ab6d23..06a52a3a3 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -3,7 +3,7 @@ appVersion: v2.5.8 kubeVersion: ">=1.22.0-0" description: A Helm chart for Argo CD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 5.19.7 +version: 5.19.8 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png sources: @@ -23,4 +23,6 @@ dependencies: condition: redis-ha.enabled annotations: artifacthub.io/changes: | - - "[Changed]: Update Argo CD to v2.5.8" + - "[Changed]: Disable Redis exporter by default" + - "[Changed]: Use bitnami Redis exporter image for redis-ha" + - "[Docs]: Fixed defaults for Redis exporter" diff --git a/charts/argo-cd/README.md b/charts/argo-cd/README.md index 04441317d..5d7cb0d79 100644 --- a/charts/argo-cd/README.md +++ b/charts/argo-cd/README.md @@ -865,14 +865,14 @@ server: | redis.env | list | `[]` | Environment variables to pass to the Redis server | | redis.envFrom | list | `[]` (See [values.yaml]) | envFrom to pass to the Redis server | | redis.exporter.containerSecurityContext | object | See [values.yaml] | Redis exporter security context | -| redis.exporter.enabled | bool | `true` | Enable Prometheus redis-exporter sidecar | -| redis.exporter.image.imagePullPolicy | string | `""` (defaults to global.image.imagePullPolicy) | Image pull policy for the Redis exporter | -| redis.exporter.image.repository | string | `"public.ecr.aws/bitnami/redis-exporter"` | redis-exporter image repository | -| redis.exporter.image.tag | string | `"1.45.0"` | redis-exporter image tag | +| redis.exporter.enabled | bool | `false` | Enable Prometheus redis-exporter sidecar | +| redis.exporter.image.imagePullPolicy | string | `""` (defaults to global.image.imagePullPolicy) | Image pull policy for the redis-exporter | +| redis.exporter.image.repository | string | `"public.ecr.aws/bitnami/redis-exporter"` | Repository to use for the redis-exporter | +| redis.exporter.image.tag | string | `"1.45.0"` | Tag to use for the redis-exporter | | redis.exporter.resources | object | `{}` | Resource limits and requests for redis-exporter sidecar | | redis.extraArgs | list | `[]` | Additional command line arguments to pass to redis-server | | redis.extraContainers | list | `[]` | Additional containers to be added to the redis pod | -| redis.image.imagePullPolicy | string | `"IfNotPresent"` | Redis imagePullPolicy | +| redis.image.imagePullPolicy | string | `""` (defaults to global.image.imagePullPolicy) | Redis image pull policy | | redis.image.repository | string | `"public.ecr.aws/docker/library/redis"` | Redis repository | | redis.image.tag | string | `"7.0.5-alpine"` | Redis tag | | redis.imagePullSecrets | list | `[]` (defaults to global.imagePullSecrets) | Secrets with credentials to pull images from a private registry | @@ -927,7 +927,9 @@ The main options are listed here: | Key | Type | Default | Description | |-----|------|---------|-------------| | redis-ha.enabled | bool | `false` | Enables the Redis HA subchart and disables the custom Redis single node deployment | -| redis-ha.exporter.enabled | bool | `true` | If `true`, the prometheus exporter sidecar is enabled | +| redis-ha.exporter.enabled | bool | `false` | Enable Prometheus redis-exporter sidecar | +| redis-ha.exporter.image | string | `"public.ecr.aws/bitnami/redis-exporter"` | Repository to use for the redis-exporter | +| redis-ha.exporter.tag | string | `"1.45.0"` | Tag to use for the redis-exporter | | redis-ha.haproxy.enabled | bool | `true` | Enabled HAProxy LoadBalancing/Proxy | | redis-ha.haproxy.metrics.enabled | bool | `true` | HAProxy enable prometheus metric scraping | | redis-ha.image.tag | string | `"7.0.5-alpine"` | Redis tag | diff --git a/charts/argo-cd/values.yaml b/charts/argo-cd/values.yaml index 76ad809d3..ec37a3f88 100755 --- a/charts/argo-cd/values.yaml +++ b/charts/argo-cd/values.yaml @@ -988,21 +988,21 @@ redis: repository: public.ecr.aws/docker/library/redis # -- Redis tag tag: 7.0.5-alpine - # -- Redis imagePullPolicy - imagePullPolicy: IfNotPresent + # -- Redis image pull policy + # @default -- `""` (defaults to global.image.imagePullPolicy) + imagePullPolicy: "" - # Prometheus redis-exporter sidecar + ## Prometheus redis-exporter sidecar exporter: # -- Enable Prometheus redis-exporter sidecar - enabled: true - - # Prometheus redis-exporter image + enabled: false + ## Prometheus redis-exporter image image: - # -- redis-exporter image repository + # -- Repository to use for the redis-exporter repository: public.ecr.aws/bitnami/redis-exporter - # -- redis-exporter image tag + # -- Tag to use for the redis-exporter tag: 1.45.0 - # -- Image pull policy for the Redis exporter + # -- Image pull policy for the redis-exporter # @default -- `""` (defaults to global.image.imagePullPolicy) imagePullPolicy: "" @@ -1190,9 +1190,14 @@ redis: redis-ha: # -- Enables the Redis HA subchart and disables the custom Redis single node deployment enabled: false + ## Prometheus redis-exporter sidecar exporter: - # -- If `true`, the prometheus exporter sidecar is enabled - enabled: true + # -- Enable Prometheus redis-exporter sidecar + enabled: false + # -- Repository to use for the redis-exporter + image: public.ecr.aws/bitnami/redis-exporter + # -- Tag to use for the redis-exporter + tag: 1.45.0 persistentVolume: # -- Configures persistency on Redis nodes enabled: false From 36cd83081cfaf4d2f83c737e007563710dfc5869 Mon Sep 17 00:00:00 2001 From: Wojciech Date: Fri, 27 Jan 2023 15:45:49 +0100 Subject: [PATCH 050/356] feat(argo-cd): Add log settings and extraArgs to Slack bot (#1802) * Add log settings and extraArgs to Slack bot Signed-off-by: duxet * Fix readme Signed-off-by: duxet --------- Signed-off-by: duxet --- charts/argo-cd/Chart.yaml | 6 ++---- charts/argo-cd/README.md | 3 +++ .../argocd-notifications/bots/slack/deployment.yaml | 5 +++++ charts/argo-cd/values.yaml | 10 ++++++++++ 4 files changed, 20 insertions(+), 4 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index 06a52a3a3..2b9d215f2 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -3,7 +3,7 @@ appVersion: v2.5.8 kubeVersion: ">=1.22.0-0" description: A Helm chart for Argo CD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 5.19.8 +version: 5.19.9 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png sources: @@ -23,6 +23,4 @@ dependencies: condition: redis-ha.enabled annotations: artifacthub.io/changes: | - - "[Changed]: Disable Redis exporter by default" - - "[Changed]: Use bitnami Redis exporter image for redis-ha" - - "[Docs]: Fixed defaults for Redis exporter" + - "[Added]: Added logFormat, logLevel and extraArgs to Slack bot" diff --git a/charts/argo-cd/README.md b/charts/argo-cd/README.md index 5d7cb0d79..54a11752f 100644 --- a/charts/argo-cd/README.md +++ b/charts/argo-cd/README.md @@ -1054,10 +1054,13 @@ If you want to use an existing Redis (eg. a managed service from a cloud provide | notifications.bots.slack.affinity | object | `{}` | Assign custom [affinity] rules | | notifications.bots.slack.containerSecurityContext | object | See [values.yaml] | Slack bot container-level security Context | | notifications.bots.slack.enabled | bool | `false` | Enable slack bot | +| notifications.bots.slack.extraArgs | list | `[]` | List of extra cli args to add for Slack bot | | notifications.bots.slack.image.imagePullPolicy | string | `""` (defaults to global.image.imagePullPolicy) | Image pull policy for the Slack bot | | notifications.bots.slack.image.repository | string | `""` (defaults to global.image.repository) | Repository to use for the Slack bot | | notifications.bots.slack.image.tag | string | `""` (defaults to global.image.tag) | Tag to use for the Slack bot | | notifications.bots.slack.imagePullSecrets | list | `[]` (defaults to global.imagePullSecrets) | Secrets with credentials to pull images from a private registry | +| notifications.bots.slack.logFormat | string | `""` (defaults to global.logging.format) | Slack bot log format. Either `text` or `json` | +| notifications.bots.slack.logLevel | string | `""` (defaults to global.logging.level) | Slack bot log level. One of: `debug`, `info`, `warn`, `error` | | notifications.bots.slack.nodeSelector | object | `{}` | [Node selector] | | notifications.bots.slack.pdb.annotations | object | `{}` | Annotations to be added to Slack bot pdb | | notifications.bots.slack.pdb.enabled | bool | `false` | Deploy a [PodDisruptionBudget] for the Slack bot | diff --git a/charts/argo-cd/templates/argocd-notifications/bots/slack/deployment.yaml b/charts/argo-cd/templates/argocd-notifications/bots/slack/deployment.yaml index da9346072..90fcf78ce 100644 --- a/charts/argo-cd/templates/argocd-notifications/bots/slack/deployment.yaml +++ b/charts/argo-cd/templates/argocd-notifications/bots/slack/deployment.yaml @@ -40,6 +40,11 @@ spec: command: - argocd-notifications - bot + - --loglevel={{ default .Values.global.logging.level .Values.notifications.bots.slack.logLevel }} + - --logformat={{ default .Values.global.logging.format .Values.notifications.bots.slack.logFormat }} + {{- range .Values.notifications.bots.slack.extraArgs }} + - {{ . | squote }} + {{- end }} workingDir: /app ports: - containerPort: 8080 diff --git a/charts/argo-cd/values.yaml b/charts/argo-cd/values.yaml index ec37a3f88..1a6bdda4e 100755 --- a/charts/argo-cd/values.yaml +++ b/charts/argo-cd/values.yaml @@ -2881,6 +2881,16 @@ notifications: # @default -- `[]` (defaults to global.imagePullSecrets) imagePullSecrets: [] + # -- Slack bot log format. Either `text` or `json` + # @default -- `""` (defaults to global.logging.format) + logFormat: "" + # -- Slack bot log level. One of: `debug`, `info`, `warn`, `error` + # @default -- `""` (defaults to global.logging.level) + logLevel: "" + + # -- List of extra cli args to add for Slack bot + extraArgs: [] + service: # -- Service annotations for Slack bot annotations: {} From 790438efebf423c2d56cb4b93471f4adb3fcd448 Mon Sep 17 00:00:00 2001 From: Petr Drastil Date: Sat, 28 Jan 2023 00:18:43 +0100 Subject: [PATCH 051/356] chore(argo-cd): Upgrade redis to 7.0.7 to avoid CVE-2022-3996 (#1803) Signed-off-by: Petr Drastil --- charts/argo-cd/Chart.yaml | 4 ++-- charts/argo-cd/README.md | 4 ++-- charts/argo-cd/values.yaml | 4 ++-- 3 files changed, 6 insertions(+), 6 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index 2b9d215f2..fb2674928 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -3,7 +3,7 @@ appVersion: v2.5.8 kubeVersion: ">=1.22.0-0" description: A Helm chart for Argo CD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 5.19.9 +version: 5.19.10 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png sources: @@ -23,4 +23,4 @@ dependencies: condition: redis-ha.enabled annotations: artifacthub.io/changes: | - - "[Added]: Added logFormat, logLevel and extraArgs to Slack bot" + - "[Security]: Upgrade redis to 7.0.7 to avoid CVE-2022-3996" diff --git a/charts/argo-cd/README.md b/charts/argo-cd/README.md index 54a11752f..a7c8c287c 100644 --- a/charts/argo-cd/README.md +++ b/charts/argo-cd/README.md @@ -874,7 +874,7 @@ server: | redis.extraContainers | list | `[]` | Additional containers to be added to the redis pod | | redis.image.imagePullPolicy | string | `""` (defaults to global.image.imagePullPolicy) | Redis image pull policy | | redis.image.repository | string | `"public.ecr.aws/docker/library/redis"` | Redis repository | -| redis.image.tag | string | `"7.0.5-alpine"` | Redis tag | +| redis.image.tag | string | `"7.0.7-alpine"` | Redis tag | | redis.imagePullSecrets | list | `[]` (defaults to global.imagePullSecrets) | Secrets with credentials to pull images from a private registry | | redis.initContainers | list | `[]` | Init containers to add to the redis pod | | redis.metrics.enabled | bool | `false` | Deploy metrics service | @@ -932,7 +932,7 @@ The main options are listed here: | redis-ha.exporter.tag | string | `"1.45.0"` | Tag to use for the redis-exporter | | redis-ha.haproxy.enabled | bool | `true` | Enabled HAProxy LoadBalancing/Proxy | | redis-ha.haproxy.metrics.enabled | bool | `true` | HAProxy enable prometheus metric scraping | -| redis-ha.image.tag | string | `"7.0.5-alpine"` | Redis tag | +| redis-ha.image.tag | string | `"7.0.7-alpine"` | Redis tag | | redis-ha.persistentVolume.enabled | bool | `false` | Configures persistency on Redis nodes | | redis-ha.redis.config | object | See [values.yaml] | Any valid redis config options in this section will be applied to each server (see `redis-ha` chart) | | redis-ha.redis.config.save | string | `'""'` | Will save the DB if both the given number of seconds and the given number of write operations against the DB occurred. `""` is disabled | diff --git a/charts/argo-cd/values.yaml b/charts/argo-cd/values.yaml index 1a6bdda4e..5cff81684 100755 --- a/charts/argo-cd/values.yaml +++ b/charts/argo-cd/values.yaml @@ -987,7 +987,7 @@ redis: # -- Redis repository repository: public.ecr.aws/docker/library/redis # -- Redis tag - tag: 7.0.5-alpine + tag: 7.0.7-alpine # -- Redis image pull policy # @default -- `""` (defaults to global.image.imagePullPolicy) imagePullPolicy: "" @@ -1218,7 +1218,7 @@ redis-ha: enabled: true image: # -- Redis tag - tag: 7.0.5-alpine + tag: 7.0.7-alpine ## https://kubernetes.io/docs/concepts/workloads/pods/pod-topology-spread-constraints/ topologySpreadConstraints: From 369136b69a7c41c395a8d701195333708b4d6459 Mon Sep 17 00:00:00 2001 From: Aikawa Date: Sat, 28 Jan 2023 22:40:50 +0900 Subject: [PATCH 052/356] chore(argo-cd): Update Argo CD to v2.5.9 (#1805) --- charts/argo-cd/Chart.yaml | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index fb2674928..4056760bd 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -1,9 +1,9 @@ apiVersion: v2 -appVersion: v2.5.8 +appVersion: v2.5.9 kubeVersion: ">=1.22.0-0" description: A Helm chart for Argo CD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 5.19.10 +version: 5.19.11 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png sources: @@ -23,4 +23,4 @@ dependencies: condition: redis-ha.enabled annotations: artifacthub.io/changes: | - - "[Security]: Upgrade redis to 7.0.7 to avoid CVE-2022-3996" + - "[Changed]: Update Argo CD to v2.5.9" From 231cfcb20a92a66ad6de5e3f8faaa420c810c854 Mon Sep 17 00:00:00 2001 From: Jason Meridth Date: Sun, 29 Jan 2023 06:16:13 -0600 Subject: [PATCH 053/356] chore(argo-events): Upgrade Argo Events to v1.7.5 (#1809) --- charts/argo-events/Chart.yaml | 6 +++--- .../templates/argo-events-controller/rbac.yaml | 12 +++++++++++- 2 files changed, 14 insertions(+), 4 deletions(-) diff --git a/charts/argo-events/Chart.yaml b/charts/argo-events/Chart.yaml index 757a36088..c98ab3ae2 100644 --- a/charts/argo-events/Chart.yaml +++ b/charts/argo-events/Chart.yaml @@ -1,8 +1,8 @@ apiVersion: v2 -appVersion: v1.7.4 +appVersion: v1.7.5 description: A Helm chart for Argo Events, the event-driven workflow automation framework name: argo-events -version: 2.1.0 +version: 2.1.1 home: https://github.com/argoproj/argo-helm icon: https://argoproj.github.io/argo-events/assets/logo.png keywords: @@ -15,4 +15,4 @@ maintainers: url: https://argoproj.github.io/ annotations: artifacthub.io/changes: | - - "[Added]: Additional manifests to deploy within the chart" + - "[Changed]: Update Argo Events to v1.7.5" diff --git a/charts/argo-events/templates/argo-events-controller/rbac.yaml b/charts/argo-events/templates/argo-events-controller/rbac.yaml index c69c44198..1d9a2e558 100644 --- a/charts/argo-events/templates/argo-events-controller/rbac.yaml +++ b/charts/argo-events/templates/argo-events-controller/rbac.yaml @@ -71,7 +71,6 @@ rules: - pods - pods/exec - configmaps - - secrets - services - persistentvolumeclaims verbs: @@ -82,6 +81,17 @@ rules: - update - patch - delete +- apiGroups: + - "" + resources: + - secrets + verbs: + - create + - get + - list + - update + - patch + - delete - apiGroups: - apps resources: From c7b972c3afb283c50b250ea9856760c9f5539b35 Mon Sep 17 00:00:00 2001 From: Aikawa Date: Mon, 30 Jan 2023 00:23:04 +0900 Subject: [PATCH 054/356] fix(argo-cd): Align changelog structure to show changelogs on Artifact Hub (#1810) fixed(argo-cd): Align changelog structure to show changelogs on Artifact Hub Signed-off-by: yu-croco --- charts/argo-cd/Chart.yaml | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index 4056760bd..8f9c7d792 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -3,7 +3,7 @@ appVersion: v2.5.9 kubeVersion: ">=1.22.0-0" description: A Helm chart for Argo CD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 5.19.11 +version: 5.19.12 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png sources: @@ -23,4 +23,5 @@ dependencies: condition: redis-ha.enabled annotations: artifacthub.io/changes: | - - "[Changed]: Update Argo CD to v2.5.9" + - kind: fixed + description: Align changelog structure to show changelogs on Artifact Hub From b6922aed2fc4d87a162e23f64dd8d36410031b41 Mon Sep 17 00:00:00 2001 From: Aikawa Date: Mon, 30 Jan 2023 01:01:21 +0900 Subject: [PATCH 055/356] fix(github): Align changelog structure to show changelogs on Artifact Hub (#1811) fix(doc): Align changelog structure to show changelogs on Artifact Hub Signed-off-by: yu-croco --- CONTRIBUTING.md | 32 +++++++++++++++++++++++--------- 1 file changed, 23 insertions(+), 9 deletions(-) diff --git a/CONTRIBUTING.md b/CONTRIBUTING.md index f8753d60b..535bbbb39 100644 --- a/CONTRIBUTING.md +++ b/CONTRIBUTING.md @@ -80,21 +80,35 @@ Changes on a chart must be documented in a chart specific changelog in the `Char A new `artifacthub.io/changes` needs to be written covering only the changes since the previous release. -Each change requires a new bullet point following the pattern `- "[{type}]: {description}"`. You can use the following template: +Each change requires a new bullet point following the pattern. See more information [Artifact Hub annotations in Helm Chart.yaml file](https://artifacthub.io/docs/topics/annotations/helm/). + +```yaml +- kind: {type} + description: {description} +``` + +You can use the following template: ```yaml name: argo-cd -version: 3.4.1 +version: 5.19.12 ... annotations: artifacthub.io/changes: | - - "[Added]: Something New was added" - - "[Changed]: Changed Something within this chart" - - "[Changed]: Changed Something else within this chart" - - "[Deprecated]: Something deprecated" - - "[Removed]: Something was removed" - - "[Fixed]: Something was fixed" - - "[Security]: Some Security Patch was included" + - kind: added + description: Something New was added + - kind: changed + description: Changed Something within this chart + - kind: changed + description: Changed Something else within this chart + - kind: deprecated + description: Something deprecated + - kind: removed + description: Something was removed + - kind: fixed + description: Something was fixed + - kind: security + description: Some Security Patch was included ``` ## Testing From bdbfaa25233e7db0a3c0a3c1b440b0146e2955b4 Mon Sep 17 00:00:00 2001 From: Aikawa Date: Mon, 30 Jan 2023 03:48:27 +0900 Subject: [PATCH 056/356] fix(argo-workflows): Align changelog structure to show changelogs on Artifact Hub (#1812) Signed-off-by: yu-croco --- charts/argo-workflows/Chart.yaml | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/charts/argo-workflows/Chart.yaml b/charts/argo-workflows/Chart.yaml index 25aa9fd67..37846bed1 100644 --- a/charts/argo-workflows/Chart.yaml +++ b/charts/argo-workflows/Chart.yaml @@ -3,7 +3,7 @@ appVersion: v3.4.4 name: argo-workflows description: A Helm chart for Argo Workflows type: application -version: 0.22.8 +version: 0.22.9 icon: https://raw.githubusercontent.com/argoproj/argo-workflows/master/docs/assets/argo.png home: https://github.com/argoproj/argo-helm sources: @@ -13,4 +13,5 @@ maintainers: url: https://argoproj.github.io/ annotations: artifacthub.io/changes: | - - "[Added]: Helm helper function to allow image registry to be absent" + - kind: fixed + description: Align changelog structure to show changelogs on Artifact Hub From 4c018a495450e9de40d9b24b32c1dcc557449bf3 Mon Sep 17 00:00:00 2001 From: Jason Meridth Date: Sun, 29 Jan 2023 12:59:32 -0600 Subject: [PATCH 057/356] fix(argocd-image-updater): Align changelog structure (#1816) --- charts/argocd-image-updater/Chart.yaml | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/charts/argocd-image-updater/Chart.yaml b/charts/argocd-image-updater/Chart.yaml index 5147ea828..c88296f12 100644 --- a/charts/argocd-image-updater/Chart.yaml +++ b/charts/argocd-image-updater/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v2 name: argocd-image-updater description: A Helm chart for Argo CD Image Updater, a tool to automatically update the container images of Kubernetes workloads which are managed by Argo CD type: application -version: 0.8.2 +version: 0.8.3 appVersion: v0.12.0 home: https://github.com/argoproj-labs/argocd-image-updater icon: https://argocd-image-updater.readthedocs.io/en/stable/assets/logo.png @@ -15,4 +15,5 @@ maintainers: url: https://argoproj.github.io/ annotations: artifacthub.io/changes: | - - "[Changed]: avoid app.kubernetes.io/version kubernetes label from exceeding maximum length (63)" + - kind: fixed + description: Align changelog structure to show changelogs on Artifact Hub From f299ae3025f547c150a0d031db36382988fc01d1 Mon Sep 17 00:00:00 2001 From: Jason Meridth Date: Sun, 29 Jan 2023 13:07:33 -0600 Subject: [PATCH 058/356] fix(argo-events): Align changelog structure (#1813) relates to #1808 Was fixed already for [argo-cd](https://github.com/argoproj/argo-helm/pull/1810) and [argo-workflows](https://github.com/argoproj/argo-helm/pull/1812) Signed-off-by: jmeridth --- charts/argo-events/Chart.yaml | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/charts/argo-events/Chart.yaml b/charts/argo-events/Chart.yaml index c98ab3ae2..160f6cf63 100644 --- a/charts/argo-events/Chart.yaml +++ b/charts/argo-events/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v2 appVersion: v1.7.5 description: A Helm chart for Argo Events, the event-driven workflow automation framework name: argo-events -version: 2.1.1 +version: 2.1.2 home: https://github.com/argoproj/argo-helm icon: https://argoproj.github.io/argo-events/assets/logo.png keywords: @@ -15,4 +15,5 @@ maintainers: url: https://argoproj.github.io/ annotations: artifacthub.io/changes: | - - "[Changed]: Update Argo Events to v1.7.5" + - kind: fixed + description: Align changelog structure to show changelogs on Artifact Hub From e3ae99b74db033c659f1962392ca14a107af730b Mon Sep 17 00:00:00 2001 From: Jason Meridth Date: Sun, 29 Jan 2023 13:14:11 -0600 Subject: [PATCH 059/356] fix(argo-rollouts): Align changelog structure (#1814) relates to #1808 Signed-off-by: jmeridth --- charts/argo-rollouts/Chart.yaml | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/charts/argo-rollouts/Chart.yaml b/charts/argo-rollouts/Chart.yaml index a9968a4f4..2beb83ffa 100644 --- a/charts/argo-rollouts/Chart.yaml +++ b/charts/argo-rollouts/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v2 appVersion: v1.4.0 description: A Helm chart for Argo Rollouts name: argo-rollouts -version: 2.22.1 +version: 2.22.2 home: https://github.com/argoproj/argo-helm icon: https://argoproj.github.io/argo-rollouts/assets/logo.png keywords: @@ -15,4 +15,5 @@ maintainers: url: https://argoproj.github.io/ annotations: artifacthub.io/changes: | - - "[Added]: Flags to toggle provider-specific RBAC rules in Role and ClusterRole" + - kind: fixed + description: Align changelog structure to show changelogs on Artifact Hub From 8a1c4f0ad6cad127e7148509a5087a1a5bf51075 Mon Sep 17 00:00:00 2001 From: Jason Meridth Date: Sun, 29 Jan 2023 13:17:35 -0600 Subject: [PATCH 060/356] fix(argocd-apps): Align changelog structure (#1815) relates to #1808 Signed-off-by: jmeridth Co-authored-by: Petr Drastil --- charts/argocd-apps/Chart.yaml | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/charts/argocd-apps/Chart.yaml b/charts/argocd-apps/Chart.yaml index 4f2d82bef..422dc6867 100644 --- a/charts/argocd-apps/Chart.yaml +++ b/charts/argocd-apps/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v2 name: argocd-apps description: A Helm chart for managing additional Argo CD Applications and Projects type: application -version: 0.0.6 +version: 0.0.7 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png keywords: @@ -14,4 +14,5 @@ maintainers: url: https://argoproj.github.io/ annotations: artifacthub.io/changes: | - - "[Added]: Changelog link on README" + - kind: fixed + description: Align changelog structure to show changelogs on Artifact Hub From 28abc348ac60863cca9f099d4e33ab209c1a96aa Mon Sep 17 00:00:00 2001 From: Ben Hayden Date: Wed, 1 Feb 2023 15:07:07 -0600 Subject: [PATCH 061/356] chore(argocd-image-updater): Update Argo CD Image Updater to v0.12.2 (#1819) Signed-off-by: Ben Hayden --- charts/argocd-image-updater/Chart.yaml | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/charts/argocd-image-updater/Chart.yaml b/charts/argocd-image-updater/Chart.yaml index c88296f12..5d599c41b 100644 --- a/charts/argocd-image-updater/Chart.yaml +++ b/charts/argocd-image-updater/Chart.yaml @@ -2,8 +2,8 @@ apiVersion: v2 name: argocd-image-updater description: A Helm chart for Argo CD Image Updater, a tool to automatically update the container images of Kubernetes workloads which are managed by Argo CD type: application -version: 0.8.3 -appVersion: v0.12.0 +version: 0.8.4 +appVersion: v0.12.2 home: https://github.com/argoproj-labs/argocd-image-updater icon: https://argocd-image-updater.readthedocs.io/en/stable/assets/logo.png keywords: @@ -15,5 +15,5 @@ maintainers: url: https://argoproj.github.io/ annotations: artifacthub.io/changes: | - - kind: fixed - description: Align changelog structure to show changelogs on Artifact Hub + - kind: changed + description: Update Argo CD Image Updater to v0.12.2 From 92f83fca3ef11fe1ba144bd106867ff23435ebeb Mon Sep 17 00:00:00 2001 From: ArsenyBelorukov <52857617+ArsenyBelorukov@users.noreply.github.com> Date: Thu, 2 Feb 2023 04:11:10 +0000 Subject: [PATCH 062/356] fix(argo-cd): fixed maxUnavailable value in redis-PDB (#1820) fixed maxUnavailable value in redis-PDB Signed-off-by: ArsenyBelorukov Co-authored-by: Jason Meridth --- charts/argo-cd/Chart.yaml | 4 ++-- charts/argo-cd/templates/redis/pdb.yaml | 2 +- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index 8f9c7d792..118ed99e5 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -3,7 +3,7 @@ appVersion: v2.5.9 kubeVersion: ">=1.22.0-0" description: A Helm chart for Argo CD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 5.19.12 +version: 5.19.13 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png sources: @@ -24,4 +24,4 @@ dependencies: annotations: artifacthub.io/changes: | - kind: fixed - description: Align changelog structure to show changelogs on Artifact Hub + description: Fixed maxUnavailable value in redis-PDB diff --git a/charts/argo-cd/templates/redis/pdb.yaml b/charts/argo-cd/templates/redis/pdb.yaml index 8be05f938..223c57589 100644 --- a/charts/argo-cd/templates/redis/pdb.yaml +++ b/charts/argo-cd/templates/redis/pdb.yaml @@ -16,7 +16,7 @@ metadata: {{- end }} {{- end }} spec: - {{- with .Values.dex.pdb.maxUnavailable }} + {{- with .Values.redis.pdb.maxUnavailable }} maxUnavailable: {{ . }} {{- else }} minAvailable: {{ .Values.redis.pdb.minAvailable | default 0 }} From 9591bf1023b38da6d6c03412b4c38e92a66cdeb1 Mon Sep 17 00:00:00 2001 From: ilia-medvedev-codefresh Date: Thu, 2 Feb 2023 14:54:39 +0200 Subject: [PATCH 063/356] Update chart to 5.16.0 (#5) * feat(argo-cd): Upgrade Argo CD to 2.5.0 (#1568) Signed-off-by: Petr Drastil * chore(github): Bump GitHub actions versions (#1575) Signed-off-by: Petr Drastil * fix(argo-cd): Chart NOTES nil references (#1582) Signed-off-by: Filipe Santos * docs(argo-cd): Improve documentation (#1584) Signed-off-by: Petr Drastil Signed-off-by: Petr Drastil * fix(argo-workflows): serviceaccount rbac when sso is enabled (#1586) Signed-off-by: Nick Fisher Signed-off-by: Nick Fisher * Fix incorrect applicationSet property in README (#1590) Based on [here](https://github.com/argoproj/argo-helm/blob/55b8b34d20ebaf38fa05e1113daf30220d11e725/charts/argo-cd/templates/argocd-applicationset/deployment.yaml#L9), I think `replicas` should be `replicaCount` (though `replicas` would be more consistent). Signed-off-by: Ashlin Eldridge Signed-off-by: Ashlin Eldridge * fix(argo-cd): Remove AWS volume from server (#1591) Signed-off-by: Petr Drastil Signed-off-by: Petr Drastil * chore(argo-cd): Cleanup Redis manifest (#1577) Signed-off-by: Petr Drastil * fix(argo-cd): Fix migration path for server configs (#1585) Signed-off-by: Petr Drastil * fix(argo-cd): Type conversion for ConfigMaps values (#1594) Signed-off-by: Petr Drastil * feat(argo-cd): Add probes for ApplicationSet controller (#1532) Signed-off-by: Petr Drastil * chore(argo-cd): Remove liveness probe from application controller (#1581) Signed-off-by: Petr Drastil * chore(github): Add dependabot.yml (#1595) Signed-off-by: Petr Drastil * feat(argo-cd): Set container security contexts (#1579) Signed-off-by: Petr Drastil * feat(argo-cd): Support custom TLS certificates for Dex (#1477) Signed-off-by: Petr Drastil * feat(argo-cd): Support manually managed TLS certificate for Server (#1534) Signed-off-by: Petr Drastil * fix(argo-cd): Don't install CRDs for disabled components (#1596) Signed-off-by: Marco Kilchhofer * fix(argo-cd): update network policy port name (#1603) Signed-off-by: Eric Cimino * chore(argo-workflows): Update ArgoWorkflows to v3.4.3 (#1610) Signed-off-by: yu-croco * fix(argo-cd): Replace coalesce with merge for old config values (#1612) Signed-off-by: Petr Drastil * feat(argo-cd): Add revisionHistoryLimit (#1599) Signed-off-by: Petr Drastil * Upgrade Argo Image to the latest (#1614) Signed-off-by: Dong Wang Signed-off-by: Dong Wang * chore(argo-cd): Update redis-ha (#1617) Signed-off-by: yu-croco * fix(argo-cd): Add /tmp voulmeMount to extensions container (#1620) * Fixes #1619 - Add /tmp voulmeMount to extensions container Signed-off-by: Tim Van de Walle * Bump version, add change notes Signed-off-by: Tim Van de Walle Signed-off-by: Tim Van de Walle * fix(argo-cd): Add missing ClusterRole permissions to argo-cd-server to manage Application in all namespaces (#1621) Signed-off-by: Elad Dolev * fix(argo-cd): Use Dex non-distroless image (#1626) Signed-off-by: Petr Drastil * chore(argo-cd): Upgrade Argo CD to 2.5.2 (#1628) Signed-off-by: Petr Drastil Signed-off-by: Petr Drastil * Allow to add custom artifact repository (#1453) Signed-off-by: Max Kochubey <20810306+maxkochubey@users.noreply.github.com> Signed-off-by: Max Kochubey <20810306+maxkochubey@users.noreply.github.com> * fix(argo-cd): Use raw json for cluster credentials for Vault compatibility (#1634) Signed-off-by: Petr Drastil Signed-off-by: Petr Drastil Co-authored-by: Aikawa * fix(argo-cd): Cluster credentials config should be a string (#1636) Signed-off-by: Petr Drastil Signed-off-by: Petr Drastil * fix(argo-workflows): Added missing attribute for sso (#1641) Signed-off-by: yu-croco * docs(argo-cd): Improve changelog information (#1652) Signed-off-by: Petr Drastil Signed-off-by: Petr Drastil * chore(argo-cd): Consolidated GnuPG configuration (#1609) Signed-off-by: Petr Drastil * fix(argo-cd): Invalid argocd-gpg-keys-cm template (#1656) The template removed a little too much whitespace resulting in an invalid ConfigMap. Error: ``` Error: YAML parse error on argocd/charts/argo-cd/templates/argocd-configs/argocd-gpg-keys-cm.yaml: error converting YAML to JSON: yaml: line 10: mapping values are not allowed in this context ``` Signed-off-by: Allex Signed-off-by: Allex * feat(argo-workflows): Allow controller to whitelist secrets (#1646) * allow users to whitelist secrets Signed-off-by: emmayylu <84873428+yolu-kxs@users.noreply.github.com> * remove unnecessary if-statement Signed-off-by: emmayylu <44856279+emmayylu@users.noreply.github.com> * use square bracket for array Signed-off-by: emmayylu <44856279+emmayylu@users.noreply.github.com> * fix typo and update readme Signed-off-by: emmayylu <44856279+emmayylu@users.noreply.github.com> Signed-off-by: emmayylu <84873428+yolu-kxs@users.noreply.github.com> Signed-off-by: emmayylu <44856279+emmayylu@users.noreply.github.com> Co-authored-by: emmayylu <84873428+yolu-kxs@users.noreply.github.com> * feat(argo-workflows): Add labels for ServiceAccounts (#1665) * Add labels for ServiceAccounts Signed-off-by: Eugene Lugovtsov * fix workflow serviceaccount labels Signed-off-by: Eugene Lugovtsov * fix docs Signed-off-by: Eugene Lugovtsov Signed-off-by: Eugene Lugovtsov * fix(argo-cd): deprecate server.extraArgs."--insecure" (#1669) Signed-off-by: GitHub Signed-off-by: GitHub * chore(argo-workflows): Support workflow retention (#1668) Signed-off-by: yu-croco * feat(argo-cd): Upgrade argocd to v2.5.3 (#1671) Signed-off-by: smcavallo * fix helm install md (#1672) Signed-off-by: fsl <1171313930@qq.com> Signed-off-by: fsl <1171313930@qq.com> * feat(argo-cd): Add Repo Server strict TLS cert support (#1673) Signed-off-by: Karl Parry * chore(argo-workflows): Update Argo Workflows to v3.4.4 (#1674) Signed-off-by: yu-croco * fix(argo-cd): Rename tls secret to include the -secret suffix (#1676) - "[Fixed]: TLS secret name so Dex correctly generates the checksum for argocd-dex-server-tls." - "[Fixed]: Standardise the naming convention of the TLS secret manifests." - "[Added]: Add checksum to Repo-Server for the argocd-repo-server-tls secret." Signed-off-by: Karl Parry * chore(argo-cd): Remove duplicate ApplicationSet features (#1598) Signed-off-by: Petr Drastil * feat(argo-cd): Add ability to annotate Deployments and StatefulSets (#1608) * feat(argo-cd): Add ability to annotate Deployments and StatefulSets Signed-off-by: John Stewart * fix: Controller and AppSet controller was mixed Signed-off-by: Marco Kilchhofer Signed-off-by: John Stewart Signed-off-by: Marco Kilchhofer Co-authored-by: Marco Kilchhofer * chart update WIP * backport applicationset * backport applicationset * argocd 2.5.5 --------- Signed-off-by: Petr Drastil Signed-off-by: Filipe Santos Signed-off-by: Nick Fisher Signed-off-by: Ashlin Eldridge Signed-off-by: Marco Kilchhofer Signed-off-by: Eric Cimino Signed-off-by: yu-croco Signed-off-by: Dong Wang Signed-off-by: Tim Van de Walle Signed-off-by: Elad Dolev Signed-off-by: Max Kochubey <20810306+maxkochubey@users.noreply.github.com> Signed-off-by: Allex Signed-off-by: emmayylu <84873428+yolu-kxs@users.noreply.github.com> Signed-off-by: emmayylu <44856279+emmayylu@users.noreply.github.com> Signed-off-by: Eugene Lugovtsov Signed-off-by: GitHub Signed-off-by: smcavallo Signed-off-by: fsl <1171313930@qq.com> Signed-off-by: Karl Parry Signed-off-by: John Stewart Co-authored-by: Petr Drastil Co-authored-by: Filipe Co-authored-by: Nick Fisher Co-authored-by: Ashlin Eldridge Co-authored-by: Marco Kilchhofer Co-authored-by: Eric Cimino <58572548+cimin0@users.noreply.github.com> Co-authored-by: Aikawa Co-authored-by: Dong Wang Co-authored-by: tvandewalle <1022306+tvandewalle@users.noreply.github.com> Co-authored-by: Elad Dolev Co-authored-by: Max Kochubey <20810306+maxkochubey@users.noreply.github.com> Co-authored-by: Allex Co-authored-by: emmayylu <44856279+emmayylu@users.noreply.github.com> Co-authored-by: emmayylu <84873428+yolu-kxs@users.noreply.github.com> Co-authored-by: Eugene Lugovtsov <34510252+EugeneLugovtsov@users.noreply.github.com> Co-authored-by: Zadkiel Aharonian Co-authored-by: smcavallo Co-authored-by: fsl <1171313930@qq.com> Co-authored-by: Karl Parry <88431088+karlparry@users.noreply.github.com> Co-authored-by: John Stewart <32647598+jstewart612@users.noreply.github.com> --- .github/dependabot.yml | 8 + .github/workflows/lint-and-test.yml | 5 +- .github/workflows/pr-title.yml | 2 +- CONTRIBUTING.md | 2 +- charts/argo-cd/Chart.lock | 6 +- charts/argo-cd/Chart.yaml | 11 +- charts/argo-cd/README.md | 123 ++++-- charts/argo-cd/README.md.gotmpl | 40 +- charts/argo-cd/templates/NOTES.txt | 28 +- charts/argo-cd/templates/_helpers.tpl | 25 +- .../networkpolicy.yaml | 2 +- .../statefulset.yaml | 77 ++-- .../argocd-applicationset/deployment.yaml | 2 +- .../templates/argocd-applicationset/role.yaml | 23 +- .../templates/argocd-configs/argocd-cm.yaml | 6 +- .../argocd-dex-server-tls-secret.yaml | 24 ++ .../argocd-configs/argocd-gpg-keys-cm.yaml | 4 +- .../argocd-configs/argocd-rbac-cm.yaml | 6 +- .../argocd-repo-server-tls-secret.yaml | 24 ++ .../argocd-server-tls-secret.yaml | 21 + .../argocd-configs/argocd-styles-cm.yaml | 4 +- .../argocd-configs/cluster-secrets.yaml | 2 +- .../bots/slack/deployment.yaml | 36 +- .../argocd-notifications/deployment.yaml | 31 +- .../argocd-repo-server/deployment.yaml | 119 ++++-- .../templates/argocd-server/certificate.yaml | 10 +- .../templates/argocd-server/clusterrole.yaml | 19 +- .../templates/argocd-server/deployment.yaml | 131 +++--- .../argo-cd/templates/argocd-server/role.yaml | 3 +- .../templates/crds/crd-application.yaml | 30 +- .../templates/crds/crd-applicationset.yaml | 236 ++++++++++- .../argo-cd/templates/crds/crd-extension.yaml | 2 +- .../argo-cd/templates/crds/crd-project.yaml | 10 + charts/argo-cd/templates/dex/deployment.yaml | 54 ++- .../argo-cd/templates/redis/deployment.yaml | 129 +++--- charts/argo-cd/values.yaml | 378 ++++++++++++------ charts/argo-workflows/Chart.yaml | 6 +- charts/argo-workflows/README.md | 6 + charts/argo-workflows/README.md.gotmpl | 4 +- .../workflow-controller-cluster-roles.yaml | 11 + .../workflow-controller-config-map.yaml | 7 + .../controller/workflow-controller-sa.yaml | 3 + .../templates/controller/workflow-sa.yaml | 3 + .../server/server-cluster-roles.yaml | 6 +- .../templates/server/server-sa.yaml | 3 + charts/argo-workflows/values.yaml | 28 ++ scripts/lint.sh | 2 +- 47 files changed, 1221 insertions(+), 491 deletions(-) create mode 100644 .github/dependabot.yml mode change 100755 => 100644 charts/argo-cd/templates/argocd-application-controller/statefulset.yaml create mode 100644 charts/argo-cd/templates/argocd-configs/argocd-dex-server-tls-secret.yaml create mode 100644 charts/argo-cd/templates/argocd-configs/argocd-repo-server-tls-secret.yaml create mode 100644 charts/argo-cd/templates/argocd-configs/argocd-server-tls-secret.yaml diff --git a/.github/dependabot.yml b/.github/dependabot.yml new file mode 100644 index 000000000..0a4fd6ca4 --- /dev/null +++ b/.github/dependabot.yml @@ -0,0 +1,8 @@ +## Reference: https://docs.github.com/github/administering-a-repository/configuration-options-for-dependency-updates +version: 2 +updates: + - package-ecosystem: "github-actions" + directory: "/" + schedule: + interval: weekly + day: "saturday" diff --git a/.github/workflows/lint-and-test.yml b/.github/workflows/lint-and-test.yml index 5a7e2596e..37382e68c 100644 --- a/.github/workflows/lint-and-test.yml +++ b/.github/workflows/lint-and-test.yml @@ -26,10 +26,10 @@ jobs: - name: Setup Chart Linting id: lint - uses: helm/chart-testing-action@v2.3.0 + uses: helm/chart-testing-action@v2.3.1 with: # Note: Also update in scripts/lint.sh - version: v3.7.0 + version: v3.7.1 - name: List changed charts id: list-changed @@ -41,6 +41,7 @@ jobs: echo "::set-output name=changed::true" echo "::set-output name=changed_charts::$charts" fi + - name: Run chart-testing (lint) run: ct lint --debug --config ./.github/configs/ct-lint.yaml --target-branch ${{ github.base_ref }} --lint-conf ./.github/configs/lintconf.yaml diff --git a/.github/workflows/pr-title.yml b/.github/workflows/pr-title.yml index f42d814f6..a636b08bd 100644 --- a/.github/workflows/pr-title.yml +++ b/.github/workflows/pr-title.yml @@ -19,7 +19,7 @@ jobs: name: Validate PR title runs-on: ubuntu-latest steps: - - uses: amannn/action-semantic-pull-request@v4 + - uses: amannn/action-semantic-pull-request@v5 env: GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} with: diff --git a/CONTRIBUTING.md b/CONTRIBUTING.md index 36ef70b68..49c0577bc 100644 --- a/CONTRIBUTING.md +++ b/CONTRIBUTING.md @@ -93,7 +93,7 @@ helm dependency update Minimally: ``` -helm install charts/argo-cd --namespace argocd -n argo-cd +helm install argocd argo/argo-cd -n argocd --create-namespace kubectl port-forward service/argo-cd-argocd-server -n argocd 8080:443 ``` diff --git a/charts/argo-cd/Chart.lock b/charts/argo-cd/Chart.lock index 72afb4020..7a069ce95 100644 --- a/charts/argo-cd/Chart.lock +++ b/charts/argo-cd/Chart.lock @@ -1,6 +1,6 @@ dependencies: - name: redis-ha repository: https://dandydeveloper.github.io/charts/ - version: 4.22.2 -digest: sha256:b6dc7774d0cc20a7a889d10e61f3dd653bdacd7836558f4875688b5cb5051d80 -generated: "2022-09-19T12:39:19.736045+02:00" + version: 4.22.3 +digest: sha256:ef6269e4e073dad10c230ccfb069fc013608111c895c5e7568450bb3967cf195 +generated: "2022-11-03T12:04:33.673857+09:00" diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index f452fffe9..7b9d885e3 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -1,8 +1,9 @@ apiVersion: v2 -appVersion: v2.4.15-cap-CR-16709-init-app-proxy +appVersion: v2.5.5-cap-CR-16950 description: A Helm chart for Argo CD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 5.7.0-2-CR-16709-init-app-proxy +version: 5.16.0-2-cap-CR-16950 +kubeVersion: ">=1.22.0-0" home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png sources: @@ -17,11 +18,9 @@ maintainers: url: https://argoproj.github.io/ dependencies: - name: redis-ha - version: 4.22.2 + version: 4.22.3 repository: https://dandydeveloper.github.io/charts/ condition: redis-ha.enabled annotations: artifacthub.io/changes: | - - "[Added]: Configuration sections configs.cm and configs.rbac" - - "[Deprecated]: Generic configuration via server.config" - - "[Deprecated]: Argo RBAC configuration via server.rbacConfig" + - "[Added]: Ability to annotate Deployment and Statefulset objects for all components" diff --git a/charts/argo-cd/README.md b/charts/argo-cd/README.md index b71caef2e..4fc8def08 100644 --- a/charts/argo-cd/README.md +++ b/charts/argo-cd/README.md @@ -11,7 +11,7 @@ This is a **community maintained** chart. This chart installs [argo-cd](https:// The default installation is intended to be similar to the provided Argo CD [releases](https://github.com/argoproj/argo-cd/releases). -If you want to avoid including sensitive information unencrypted (clear text) in your version control, make use of the [declarative set up](https://argo-cd.readthedocs.io/en/stable/operator-manual/declarative-setup/) of Argo CD. +If you want to avoid including sensitive information unencrypted (clear text) in your version control, make use of the [declarative setup] of Argo CD. For instance, rather than adding repositories and their keys in your Helm values, you could deploy [SealedSecrets](https://github.com/bitnami-labs/sealed-secrets) with contents as seen in this [repositories section](https://argo-cd.readthedocs.io/en/stable/operator-manual/declarative-setup/#repositories) or any other secrets manager service (i.e. HashiCorp Vault, AWS/GCP Secrets Manager, etc.). ## High Availability @@ -42,7 +42,7 @@ repoServer: minReplicas: 2 applicationSet: - replicas: 2 + replicaCount: 2 ``` ### HA mode without autoscaling @@ -61,7 +61,7 @@ repoServer: replicas: 2 applicationSet: - replicas: 2 + replicaCount: 2 ``` ### Synchronizing Changes from Original Repository @@ -84,8 +84,6 @@ git diff v1.8.7 v2.0.0 -- manifests/install.yaml Changes in the `CustomResourceDefinition` resources shall be fixed easily by copying 1:1 from the [`manifests/crds` folder](https://github.com/argoproj/argo-cd/tree/master/manifests/crds) into this [`charts/argo-cd/templates/crds` folder](https://github.com/argoproj/argo-helm/tree/master/charts/argo-cd/templates/crds). -## Upgrading - ### Custom resource definitions Some users would prefer to install the CRDs _outside_ of the chart. You can disable the CRD installation of this chart by using `--set crds.install=false` when installing the chart. @@ -101,6 +99,32 @@ kubectl apply -k "https://github.com/argoproj/argo-cd/manifests/crds?ref==1.22.0-0` - Helm v3.0.0+ ## Installing the Chart @@ -333,7 +357,7 @@ NAME: my-release | Key | Type | Default | Description | |-----|------|---------|-------------| | apiVersionOverrides.autoscaling | string | `""` | String to override apiVersion of autoscaling rendered by this helm chart | -| apiVersionOverrides.certmanager | string | `""` | String to override apiVersion of certmanager resources rendered by this helm chart | +| apiVersionOverrides.certmanager | string | `""` | String to override apiVersion of cert-manager resources rendered by this helm chart | | apiVersionOverrides.cloudgoogle | string | `""` | String to override apiVersion of GKE resources rendered by this helm chart | | apiVersionOverrides.ingress | string | `""` | String to override apiVersion of ingresses rendered by this helm chart | | apiVersionOverrides.pdb | string | `""` | String to override apiVersion of pod disruption budgets rendered by this helm chart | @@ -351,7 +375,8 @@ NAME: my-release | Key | Type | Default | Description | |-----|------|---------|-------------| -| global.additionalLabels | object | `{}` | Additional labels to add to all resources | +| global.additionalLabels | object | `{}` | Common labels for the all resources | +| global.deploymentAnnotations | object | `{}` | Annotations for the all deployed Deployments | | global.hostAliases | list | `[]` | Mapping between IP and hostnames that will be injected as entries in the pod's hosts files | | global.image.imagePullPolicy | string | `"IfNotPresent"` | If defined, a imagePullPolicy applied to all Argo CD deployments | | global.image.repository | string | `"quay.io/codefresh/argocd"` | If defined, a repository applied to all Argo CD deployments | @@ -363,25 +388,28 @@ NAME: my-release | global.networkPolicy.defaultDenyIngress | bool | `false` | Default deny all ingress traffic | | global.podAnnotations | object | `{}` | Annotations for the all deployed pods | | global.podLabels | object | `{}` | Labels for the all deployed pods | -| global.securityContext | object | `{}` | Toggle and define securityContext. See [values.yaml] | +| global.revisionHistoryLimit | int | `3` | Number of old deployment ReplicaSets to retain. The rest will be garbage collected. | +| global.securityContext | object | `{}` (See [values.yaml]) | Toggle and define pod-level security context. | +| global.statefulsetAnnotations | object | `{}` | Annotations for the all deployed Statefulsets | ## Argo CD Configs | Key | Type | Default | Description | |-----|------|---------|-------------| | configs.clusterCredentials | list | `[]` (See [values.yaml]) | Provide one or multiple [external cluster credentials] | -| configs.cm."admin.enabled" | string | `"true"` | Enable local admin user | +| configs.cm."admin.enabled" | bool | `true` | Enable local admin user | | configs.cm."application.instanceLabelKey" | string | Defaults to app.kubernetes.io/instance | The name of tracking label used by Argo CD for resource pruning | -| configs.cm."exec.enabled" | string | `"false"` | Enable exec feature in Argo UI | -| configs.cm."server.rbac.log.enforce.enable" | string | `"false"` | Enable logs RBAC enforcement | -| configs.cm."timeout.hard.reconciliation" | string | `"0"` | Timeout to refresh application data as well as target manifests cache | +| configs.cm."exec.enabled" | bool | `false` | Enable exec feature in Argo UI | +| configs.cm."server.rbac.log.enforce.enable" | bool | `false` | Enable logs RBAC enforcement | +| configs.cm."timeout.hard.reconciliation" | int | `0` | Timeout to refresh application data as well as target manifests cache | | configs.cm."timeout.reconciliation" | string | `"180s"` | Timeout to discover if a new manifests version got published to the repository | | configs.cm.annotations | object | `{}` | Annotations to be added to argocd-cm configmap | -| configs.cm.create | bool | `true` | Create the argocd-cm configmap for [Declarative setup] | +| configs.cm.create | bool | `true` | Create the argocd-cm configmap for [declarative setup] | +| configs.cm.url | string | `""` | Argo CD's externally facing base URL (optional). Required when configuring SSO | | configs.credentialTemplates | object | `{}` | Repository credentials to be used as Templates for other repos | | configs.credentialTemplatesAnnotations | object | `{}` | Annotations to be added to `configs.credentialTemplates` Secret | -| configs.gpgKeys | object | `{}` (See [values.yaml]) | [GnuPG](https://argo-cd.readthedocs.io/en/stable/user-guide/gpg-verification/) keys to add to the key ring | -| configs.gpgKeysAnnotations | object | `{}` | GnuPG key ring annotations | +| configs.gpg.annotations | object | `{}` | Annotations to be added to argocd-gpg-keys-cm configmap | +| configs.gpg.keys | object | `{}` (See [values.yaml]) | [GnuPG] public keys to add to the keyring | | configs.knownHosts.data.ssh_known_hosts | string | See [values.yaml] | Known Hosts | | configs.knownHostsAnnotations | object | `{}` | Known Hosts configmap annotations | | configs.params."controller.operation.processors" | int | `10` | Number of application operation processors | @@ -408,7 +436,6 @@ NAME: my-release | configs.secret.annotations | object | `{}` | Annotations to be added to argocd-secret | | configs.secret.argocdServerAdminPassword | string | `""` | Bcrypt hashed admin password | | configs.secret.argocdServerAdminPasswordMtime | string | `""` (defaults to current time) | Admin password modification time. Eg. `"2006-01-02T15:04:05Z"` | -| configs.secret.argocdServerTlsConfig | object | `{}` | Argo TLS Data | | configs.secret.bitbucketServerSecret | string | `""` | Shared secret for authenticating BitbucketServer webhook events | | configs.secret.bitbucketUUID | string | `""` | UUID for authenticating Bitbucket webhook events | | configs.secret.createSecret | bool | `true` | Create the argocd-secret | @@ -430,7 +457,7 @@ NAME: my-release | controller.clusterRoleRules.enabled | bool | `false` | Enable custom rules for the application controller's ClusterRole resource | | controller.clusterRoleRules.rules | list | `[]` | List of custom rules for the application controller's ClusterRole resource | | controller.containerPort | int | `8082` | Application controller listening port | -| controller.containerSecurityContext | object | `{}` | Application controller container-level security context | +| controller.containerSecurityContext | object | See [values.yaml] | Application controller container-level security context | | controller.env | list | `[]` | Environment variables to pass to application controller | | controller.envFrom | list | `[]` (See [values.yaml]) | envFrom to pass to application controller | | controller.extraArgs | list | `[]` | Additional command line arguments to pass to application controller | @@ -440,11 +467,6 @@ NAME: my-release | controller.image.tag | string | `""` (defaults to global.image.tag) | Tag to use for the application controller | | controller.imagePullSecrets | list | `[]` (defaults to global.imagePullSecrets) | Secrets with credentials to pull images from a private registry | | controller.initContainers | list | `[]` | Init containers to add to the application controller pod | -| controller.livenessProbe.failureThreshold | int | `3` | Minimum consecutive failures for the [probe] to be considered failed after having succeeded | -| controller.livenessProbe.initialDelaySeconds | int | `10` | Number of seconds after the container has started before [probe] is initiated | -| controller.livenessProbe.periodSeconds | int | `10` | How often (in seconds) to perform the [probe] | -| controller.livenessProbe.successThreshold | int | `1` | Minimum consecutive successes for the [probe] to be considered successful after having failed | -| controller.livenessProbe.timeoutSeconds | int | `1` | Number of seconds after which the [probe] times out | | controller.metrics.applicationLabels.enabled | bool | `false` | Enables additional labels in argocd_app_labels metric | | controller.metrics.applicationLabels.labels | list | `[]` | Additional labels | | controller.metrics.enabled | bool | `false` | Deploy metrics service | @@ -486,6 +508,7 @@ NAME: my-release | controller.serviceAccount.create | bool | `true` | Create a service account for the application controller | | controller.serviceAccount.labels | object | `{}` | Labels applied to created service account | | controller.serviceAccount.name | string | `"argocd-application-controller"` | Service account name | +| controller.statefulsetAnnotations | object | `{}` | Annotations for the application controller StatefulSet | | controller.tolerations | list | `[]` | [Tolerations] for use with node taints | | controller.topologySpreadConstraints | list | `[]` | Assign custom [TopologySpreadConstraints] rules to the application controller | | controller.volumeMounts | list | `[]` | Additional volumeMounts to the application controller main container | @@ -502,11 +525,18 @@ NAME: my-release | repoServer.autoscaling.minReplicas | int | `1` | Minimum number of replicas for the repo server [HPA] | | repoServer.autoscaling.targetCPUUtilizationPercentage | int | `50` | Average CPU utilization percentage for the repo server [HPA] | | repoServer.autoscaling.targetMemoryUtilizationPercentage | int | `50` | Average memory utilization percentage for the repo server [HPA] | +| repoServer.certificateSecret.annotations | object | `{}` | Annotations to be added to argocd-repo-server-tls secret | +| repoServer.certificateSecret.ca | string | `""` | Certificate authority. Required for self-signed certificates. | +| repoServer.certificateSecret.crt | string | `""` | Certificate data. Must contain SANs of Repo service (ie: argocd-repo-server, argocd-repo-server.argo-cd.svc) | +| repoServer.certificateSecret.enabled | bool | `false` | Create argocd-repo-server-tls secret | +| repoServer.certificateSecret.key | string | `""` | Certificate private key | +| repoServer.certificateSecret.labels | object | `{}` | Labels to be added to argocd-repo-server-tls secret | | repoServer.clusterAdminAccess.enabled | bool | `false` | Enable RBAC for local cluster deployments | | repoServer.clusterRoleRules.enabled | bool | `false` | Enable custom rules for the Repo server's Cluster Role resource | | repoServer.clusterRoleRules.rules | list | `[]` | List of custom rules for the Repo server's Cluster Role resource | | repoServer.containerPort | int | `8081` | Configures the repo server port | -| repoServer.containerSecurityContext | object | `{}` | Repo server container-level security context | +| repoServer.containerSecurityContext | object | See [values.yaml] | Repo server container-level security context | +| repoServer.deploymentAnnotations | object | `{}` | Annotations to be added to repo server Deployment | | repoServer.env | list | `[]` | Environment variables to pass to repo server | | repoServer.envFrom | list | `[]` (See [values.yaml]) | envFrom to pass to repo server | | repoServer.extraArgs | list | `[]` | Additional command line arguments to pass to repo server | @@ -585,9 +615,9 @@ NAME: my-release | server.autoscaling.minReplicas | int | `1` | Minimum number of replicas for the Argo CD server [HPA] | | server.autoscaling.targetCPUUtilizationPercentage | int | `50` | Average CPU utilization percentage for the Argo CD server [HPA] | | server.autoscaling.targetMemoryUtilizationPercentage | int | `50` | Average memory utilization percentage for the Argo CD server [HPA] | -| server.certificate.additionalHosts | list | `[]` | Certificate manager additional hosts | +| server.certificate.additionalHosts | list | `[]` | Certificate Subject Alternate Names (SANs) | | server.certificate.domain | string | `"argocd.example.com"` | Certificate primary domain (commonName) | -| server.certificate.duration | string | `""` | The requested 'duration' (i.e. lifetime) of the Certificate. Value must be in units accepted by Go time.ParseDuration | +| server.certificate.duration | string | `""` (defaults to 2160h = 90d if not specified) | The requested 'duration' (i.e. lifetime) of the certificate. | | server.certificate.enabled | bool | `false` | Deploy a Certificate resource (requires cert-manager) | | server.certificate.issuer.group | string | `""` | Certificate issuer group. Set if using an external issuer. Eg. `cert-manager.io` | | server.certificate.issuer.kind | string | `""` | Certificate issuer kind. Either `Issuer` or `ClusterIssuer` | @@ -596,13 +626,20 @@ NAME: my-release | server.certificate.privateKey.encoding | string | `"PKCS1"` | The private key cryptography standards (PKCS) encoding for private key. Either: `PCKS1` or `PKCS8` | | server.certificate.privateKey.rotationPolicy | string | `"Never"` | Rotation policy of private key when certificate is re-issued. Either: `Never` or `Always` | | server.certificate.privateKey.size | int | `2048` | Key bit size of the private key. If algorithm is set to `Ed25519`, size is ignored. | -| server.certificate.renewBefore | string | `""` | How long before the currently issued certificate's expiry cert-manager should renew the certificate. Value must be in units accepted by Go time.ParseDuration | +| server.certificate.renewBefore | string | `""` (defaults to 360h = 15d if not specified) | How long before the expiry a certificate should be renewed. | | server.certificate.secretName | string | `"argocd-server-tls"` | The name of the Secret that will be automatically created and managed by this Certificate resource | +| server.certificateSecret.annotations | object | `{}` | Annotations to be added to argocd-server-tls secret | +| server.certificateSecret.crt | string | `""` | Certificate data | +| server.certificateSecret.enabled | bool | `false` | Create argocd-server-tls secret | +| server.certificateSecret.key | string | `""` | Private Key of the certificate | +| server.certificateSecret.labels | object | `{}` | Labels to be added to argocd-server-tls secret | | server.clusterAdminAccess.enabled | bool | `true` | Enable RBAC for local cluster deployments | | server.containerPort | int | `8080` | Configures the server port | -| server.containerSecurityContext | object | `{}` | Servers container-level security context | +| server.containerSecurityContext | object | See [values.yaml] | Server container-level security context | +| server.deploymentAnnotations | object | `{}` | Annotations to be added to server Deployment | | server.env | list | `[]` | Environment variables to pass to Argo CD server | | server.envFrom | list | `[]` (See [values.yaml]) | envFrom to pass to Argo CD server | +| server.extensions.containerSecurityContext | object | See [values.yaml] | Server UI extensions container-level security context | | server.extensions.enabled | bool | `false` | Enable support for Argo UI extensions | | server.extensions.image.imagePullPolicy | string | `"IfNotPresent"` | Image pull policy for extensions | | server.extensions.image.repository | string | `"ghcr.io/argoproj-labs/argocd-extensions"` | Repository to use for extensions image | @@ -733,10 +770,17 @@ server: | Key | Type | Default | Description | |-----|------|---------|-------------| | dex.affinity | object | `{}` | Assign custom [affinity] rules to the deployment | +| dex.certificateSecret.annotations | object | `{}` | Annotations to be added to argocd-dex-server-tls secret | +| dex.certificateSecret.ca | string | `""` | Certificate authority. Required for self-signed certificates. | +| dex.certificateSecret.crt | string | `""` | Certificate data. Must contain SANs of Dex service (ie: argocd-dex-server, argocd-dex-server.argo-cd.svc) | +| dex.certificateSecret.enabled | bool | `false` | Create argocd-dex-server-tls secret | +| dex.certificateSecret.key | string | `""` | Certificate private key | +| dex.certificateSecret.labels | object | `{}` | Labels to be added to argocd-dex-server-tls secret | | dex.containerPortGrpc | int | `5557` | Container port for gRPC access | | dex.containerPortHttp | int | `5556` | Container port for HTTP access | | dex.containerPortMetrics | int | `5558` | Container port for metrics access | -| dex.containerSecurityContext | object | `{}` | Dex container-level security context | +| dex.containerSecurityContext | object | See [values.yaml] | Dex container-level security context | +| dex.deploymentAnnotations | object | `{}` | Annotations to be added to the Dex server Deployment | | dex.enabled | bool | `true` | Enable dex | | dex.env | list | `[]` | Environment variables to pass to the Dex server | | dex.envFrom | list | `[]` (See [values.yaml]) | envFrom to pass to the Dex server | @@ -744,7 +788,7 @@ server: | dex.extraContainers | list | `[]` | Additional containers to be added to the dex pod | | dex.image.imagePullPolicy | string | `""` (defaults to global.image.imagePullPolicy) | Dex imagePullPolicy | | dex.image.repository | string | `"ghcr.io/dexidp/dex"` | Dex image repository | -| dex.image.tag | string | `"v2.35.3-distroless"` | Dex image tag | +| dex.image.tag | string | `"v2.35.3"` | Dex image tag | | dex.imagePullSecrets | list | `[]` (defaults to global.imagePullSecrets) | Secrets with credentials to pull images from a private registry | | dex.initContainers | list | `[]` | Init containers to add to the dex pod | | dex.initImage.imagePullPolicy | string | `""` (defaults to global.image.imagePullPolicy) | Argo CD init image imagePullPolicy | @@ -809,7 +853,8 @@ server: |-----|------|---------|-------------| | redis.affinity | object | `{}` | Assign custom [affinity] rules to the deployment | | redis.containerPort | int | `6379` | Redis container port | -| redis.containerSecurityContext | object | `{}` | Redis container-level security context | +| redis.containerSecurityContext | object | See [values.yaml] | Redis container-level security context | +| redis.deploymentAnnotations | object | `{}` | Annotations to be added to the Redis server Deployment | | redis.enabled | bool | `true` | Enable redis | | redis.env | list | `[]` | Environment variables to pass to the Redis server | | redis.envFrom | list | `[]` (See [values.yaml]) | envFrom to pass to the Redis server | @@ -817,10 +862,11 @@ server: | redis.extraContainers | list | `[]` | Additional containers to be added to the redis pod | | redis.image.imagePullPolicy | string | `"IfNotPresent"` | Redis imagePullPolicy | | redis.image.repository | string | `"quay.io/codefresh/redis"` | Redis repository | -| redis.image.tag | string | `"7.0.4-alpine"` | Redis tag | +| redis.image.tag | string | `"7.0.5-alpine"` | Redis tag | | redis.imagePullSecrets | list | `[]` (defaults to global.imagePullSecrets) | Secrets with credentials to pull images from a private registry | | redis.initContainers | list | `[]` | Init containers to add to the redis pod | | redis.metrics.containerPort | int | `9121` | Port to use for redis-exporter sidecar | +| redis.metrics.containerSecurityContext | object | See [values.yaml] | Redis exporter security context | | redis.metrics.enabled | bool | `false` | Deploy metrics service and redis-exporter sidecar | | redis.metrics.image.imagePullPolicy | string | `"IfNotPresent"` | redis-exporter image PullPolicy | | redis.metrics.image.repository | string | `"public.ecr.aws/bitnami/redis-exporter"` | redis-exporter image repository | @@ -853,7 +899,7 @@ server: | redis.podLabels | object | `{}` | Labels to be added to the Redis server pods | | redis.priorityClassName | string | `""` | Priority class for redis | | redis.resources | object | `{}` | Resource limits and requests for redis | -| redis.securityContext | object | `{"runAsNonRoot":true,"runAsUser":999}` | Redis pod-level security context | +| redis.securityContext | object | See [values.yaml] | Redis pod-level security context | | redis.service.annotations | object | `{}` | Redis service annotations | | redis.service.labels | object | `{}` | Additional redis service labels | | redis.serviceAccount.annotations | object | `{}` | Annotations applied to created service account | @@ -985,7 +1031,7 @@ If you want to use an existing Redis (eg. a managed service from a cloud provide | notifications.affinity | object | `{}` | Assign custom [affinity] rules | | notifications.argocdUrl | string | `nil` | Argo CD dashboard url; used in place of {{.context.argocdUrl}} in templates | | notifications.bots.slack.affinity | object | `{}` | Assign custom [affinity] rules | -| notifications.bots.slack.containerSecurityContext | object | `{}` | Container Security Context | +| notifications.bots.slack.containerSecurityContext | object | See [values.yaml] | Slack bot container-level security Context | | notifications.bots.slack.enabled | bool | `false` | Enable slack bot | | notifications.bots.slack.image.imagePullPolicy | string | `""` (defaults to global.image.imagePullPolicy) | Image pull policy for the Slack bot | | notifications.bots.slack.image.repository | string | `""` (defaults to global.image.repository) | Repository to use for the Slack bot | @@ -998,7 +1044,6 @@ If you want to use an existing Redis (eg. a managed service from a cloud provide | notifications.bots.slack.pdb.maxUnavailable | string | `""` | Number of pods that are unavailble after eviction as number or percentage (eg.: 50%). | | notifications.bots.slack.pdb.minAvailable | string | `""` (defaults to 0 if not specified) | Number of pods that are available after eviction as number or percentage (eg.: 50%) | | notifications.bots.slack.resources | object | `{}` | Resource limits and requests for the Slack bot | -| notifications.bots.slack.securityContext | object | `{"runAsNonRoot":true}` | Pod Security Context | | notifications.bots.slack.service.annotations | object | `{}` | Service annotations for Slack bot | | notifications.bots.slack.service.port | int | `80` | Service port for Slack bot | | notifications.bots.slack.service.type | string | `"LoadBalancer"` | Service type for Slack bot | @@ -1006,10 +1051,10 @@ If you want to use an existing Redis (eg. a managed service from a cloud provide | notifications.bots.slack.serviceAccount.create | bool | `true` | Specifies whether a service account should be created | | notifications.bots.slack.serviceAccount.name | string | `"argocd-notifications-bot"` | The name of the service account to use. | | notifications.bots.slack.tolerations | list | `[]` | [Tolerations] for use with node taints | -| notifications.bots.slack.updateStrategy | object | `{"type":"Recreate"}` | The deployment strategy to use to replace existing pods with new ones | | notifications.cm.create | bool | `true` | Whether helm chart creates controller config map | -| notifications.containerSecurityContext | object | `{}` | Container Security Context | +| notifications.containerSecurityContext | object | See [values.yaml] | Notification controller container-level security Context | | notifications.context | object | `{}` | Define user-defined context | +| notifications.deploymentAnnotations | object | `{}` | Annotations to be applied to the notifications controller Deployment | | notifications.enabled | bool | `false` | Enable notifications controller | | notifications.extraArgs | list | `[]` | Extra arguments to provide to the controller | | notifications.extraEnv | list | `[]` | Additional container environment variables | @@ -1064,10 +1109,12 @@ Autogenerated from chart metadata using [helm-docs](https://github.com/norwoodj/ [affinity]: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/ [BackendConfigSpec]: https://cloud.google.com/kubernetes-engine/docs/concepts/backendconfig#backendconfigspec_v1beta1_cloudgooglecom [CSS styles]: https://argo-cd.readthedocs.io/en/stable/operator-manual/custom-styles/ +[changelog]: https://artifacthub.io/packages/helm/argo/argo-cd?modal=changelog [external cluster credentials]: https://argo-cd.readthedocs.io/en/stable/operator-manual/declarative-setup/#clusters [FrontendConfigSpec]: https://cloud.google.com/kubernetes-engine/docs/how-to/ingress-features#configuring_ingress_features_through_frontendconfig_parameters -[Declarative setup]: https://argo-cd.readthedocs.io/en/stable/operator-manual/declarative-setup +[declarative setup]: https://argo-cd.readthedocs.io/en/stable/operator-manual/declarative-setup [gRPC-ingress]: https://argo-cd.readthedocs.io/en/stable/operator-manual/ingress/ +[GnuPG]: https://argo-cd.readthedocs.io/en/stable/user-guide/gpg-verification/ [HPA]: https://kubernetes.io/docs/tasks/run-application/horizontal-pod-autoscale/ [MetricRelabelConfigs]: https://prometheus.io/docs/prometheus/latest/configuration/configuration/#metric_relabel_configs [Node selector]: https://kubernetes.io/docs/user-guide/node-selection/ diff --git a/charts/argo-cd/README.md.gotmpl b/charts/argo-cd/README.md.gotmpl index 0fb649cdd..a844449af 100644 --- a/charts/argo-cd/README.md.gotmpl +++ b/charts/argo-cd/README.md.gotmpl @@ -10,7 +10,7 @@ This is a **community maintained** chart. This chart installs [argo-cd](https:// The default installation is intended to be similar to the provided Argo CD [releases](https://github.com/argoproj/argo-cd/releases). -If you want to avoid including sensitive information unencrypted (clear text) in your version control, make use of the [declarative set up](https://argo-cd.readthedocs.io/en/stable/operator-manual/declarative-setup/) of Argo CD. +If you want to avoid including sensitive information unencrypted (clear text) in your version control, make use of the [declarative setup] of Argo CD. For instance, rather than adding repositories and their keys in your Helm values, you could deploy [SealedSecrets](https://github.com/bitnami-labs/sealed-secrets) with contents as seen in this [repositories section](https://argo-cd.readthedocs.io/en/stable/operator-manual/declarative-setup/#repositories) or any other secrets manager service (i.e. HashiCorp Vault, AWS/GCP Secrets Manager, etc.). ## High Availability @@ -41,7 +41,7 @@ repoServer: minReplicas: 2 applicationSet: - replicas: 2 + replicaCount: 2 ``` ### HA mode without autoscaling @@ -60,7 +60,7 @@ repoServer: replicas: 2 applicationSet: - replicas: 2 + replicaCount: 2 ``` ### Synchronizing Changes from Original Repository @@ -83,8 +83,6 @@ git diff v1.8.7 v2.0.0 -- manifests/install.yaml Changes in the `CustomResourceDefinition` resources shall be fixed easily by copying 1:1 from the [`manifests/crds` folder](https://github.com/argoproj/argo-cd/tree/master/manifests/crds) into this [`charts/argo-cd/templates/crds` folder](https://github.com/argoproj/argo-helm/tree/master/charts/argo-cd/templates/crds). -## Upgrading - ### Custom resource definitions Some users would prefer to install the CRDs _outside_ of the chart. You can disable the CRD installation of this chart by using `--set crds.install=false` when installing the chart. @@ -100,6 +98,32 @@ kubectl apply -k "https://github.com/argoproj/argo-cd/manifests/crds?ref=` + keys: {} + # 4AEE18F83AFDEB23: | + # -----BEGIN PGP PUBLIC KEY BLOCK----- + # ... + # -----END PGP PUBLIC KEY BLOCK----- + + # -- Provide one or multiple [external cluster credentials] # @default -- `[]` (See [values.yaml]) ## Ref: @@ -244,30 +283,6 @@ configs: # insecure: false # caData: "" - # -- GnuPG key ring annotations - gpgKeysAnnotations: {} - # -- [GnuPG](https://argo-cd.readthedocs.io/en/stable/user-guide/gpg-verification/) keys to add to the key ring - # @default -- `{}` (See [values.yaml]) - gpgKeys: {} - # 4AEE18F83AFDEB23: | - # -----BEGIN PGP PUBLIC KEY BLOCK----- - # - # mQENBFmUaEEBCACzXTDt6ZnyaVtueZASBzgnAmK13q9Urgch+sKYeIhdymjuMQta - # x15OklctmrZtqre5kwPUosG3/B2/ikuPYElcHgGPL4uL5Em6S5C/oozfkYzhwRrT - # SQzvYjsE4I34To4UdE9KA97wrQjGoz2Bx72WDLyWwctD3DKQtYeHXswXXtXwKfjQ - # 7Fy4+Bf5IPh76dA8NJ6UtjjLIDlKqdxLW4atHe6xWFaJ+XdLUtsAroZcXBeWDCPa - # buXCDscJcLJRKZVc62gOZXXtPfoHqvUPp3nuLA4YjH9bphbrMWMf810Wxz9JTd3v - # yWgGqNY0zbBqeZoGv+TuExlRHT8ASGFS9SVDABEBAAG0NUdpdEh1YiAod2ViLWZs - # b3cgY29tbWl0IHNpZ25pbmcpIDxub3JlcGx5QGdpdGh1Yi5jb20+iQEiBBMBCAAW - # BQJZlGhBCRBK7hj4Ov3rIwIbAwIZAQAAmQEH/iATWFmi2oxlBh3wAsySNCNV4IPf - # DDMeh6j80WT7cgoX7V7xqJOxrfrqPEthQ3hgHIm7b5MPQlUr2q+UPL22t/I+ESF6 - # 9b0QWLFSMJbMSk+BXkvSjH9q8jAO0986/pShPV5DU2sMxnx4LfLfHNhTzjXKokws - # +8ptJ8uhMNIDXfXuzkZHIxoXk3rNcjDN5c5X+sK8UBRH092BIJWCOfaQt7v7wig5 - # 4Ra28pM9GbHKXVNxmdLpCFyzvyMuCmINYYADsC848QQFFwnd4EQnupo6QvhEVx1O - # j7wDwvuH5dCrLuLwtwXaQh0onG4583p0LGms2Mf5F+Ick6o/4peOlBoZz48= - # =Bvzs - # -----END PGP PUBLIC KEY BLOCK----- - # -- Known Hosts configmap annotations knownHostsAnnotations: {} knownHosts: @@ -373,6 +388,8 @@ configs: # -- Annotations to be added to `configs.repositories` Secret repositoriesAnnotations: {} + # Argo CD sensitive data + # Ref: https://argo-cd.readthedocs.io/en/stable/operator-manual/user-management/#sensitive-data-and-sso-client-secrets secret: # -- Create the argocd-secret createSecret: true @@ -399,16 +416,10 @@ configs: # LDAP_PASSWORD: "mypassword" # -- Argo TLS Data - argocdServerTlsConfig: - {} - # key: - # crt: | - # -----BEGIN CERTIFICATE----- - # - # -----END CERTIFICATE----- - # -----BEGIN CERTIFICATE----- - # - # -----END CERTIFICATE----- + # DEPRECATED - Use server.certificate or server.certificateSecret + # argocdServerTlsConfig: + # key: '' + # crt: '' # -- Bcrypt hashed admin password ## Argo expects the password in the secret to be bcrypt hashed. You can create this hash with @@ -535,6 +546,9 @@ controller: # - secretRef: # name: secret-name + # -- Annotations for the application controller StatefulSet + statefulsetAnnotations: {} + # -- Annotations to be added to application controller pods podAnnotations: {} @@ -542,20 +556,22 @@ controller: podLabels: {} # -- Application controller container-level security context + # @default -- See [values.yaml] containerSecurityContext: - {} - # capabilities: - # drop: - # - all - # readOnlyRootFilesystem: true - # runAsNonRoot: true + runAsNonRoot: true + readOnlyRootFilesystem: true + allowPrivilegeEscalation: false + seccompProfile: + type: RuntimeDefault + capabilities: + drop: + - ALL # -- Application controller listening port containerPort: 8082 - ## Readiness and liveness probes for default backend + # Rediness probe for application controller ## Ref: https://kubernetes.io/docs/tasks/configure-pod-container/configure-liveness-readiness-probes/ - ## readinessProbe: # -- Minimum consecutive failures for the [probe] to be considered failed after having succeeded failureThreshold: 3 @@ -567,17 +583,6 @@ controller: successThreshold: 1 # -- Number of seconds after which the [probe] times out timeoutSeconds: 1 - livenessProbe: - # -- Minimum consecutive failures for the [probe] to be considered failed after having succeeded - failureThreshold: 3 - # -- Number of seconds after the container has started before [probe] is initiated - initialDelaySeconds: 10 - # -- How often (in seconds) to perform the [probe] - periodSeconds: 10 - # -- Minimum consecutive successes for the [probe] to be considered successful after having failed - successThreshold: 1 - # -- Number of seconds after which the [probe] times out - timeoutSeconds: 1 # -- Additional volumeMounts to the application controller main container volumeMounts: [] @@ -801,7 +806,7 @@ dex: # -- Dex image repository repository: ghcr.io/dexidp/dex # -- Dex image tag - tag: v2.35.3-distroless + tag: v2.35.3 # -- Dex imagePullPolicy # @default -- `""` (defaults to global.image.imagePullPolicy) imagePullPolicy: "" @@ -810,6 +815,7 @@ dex: # @default -- `[]` (defaults to global.imagePullSecrets) imagePullSecrets: [] + # Argo CD init image that creates Dex config initImage: # -- Argo CD init image repository # @default -- `""` (defaults to global.image.repository) @@ -832,12 +838,44 @@ dex: # - secretRef: # name: secret-name + # TLS certificate configuration via Secret + ## Ref: https://argo-cd.readthedocs.io/en/stable/operator-manual/tls/#configuring-tls-to-argocd-dex-server + ## Note: Issuing certificates via cert-manager in not supported right now because it's not possible to restart Dex automatically without extra controllers. + certificateSecret: + # -- Create argocd-dex-server-tls secret + enabled: false + # -- Labels to be added to argocd-dex-server-tls secret + labels: {} + # -- Annotations to be added to argocd-dex-server-tls secret + annotations: {} + # -- Certificate authority. Required for self-signed certificates. + ca: '' + # -- Certificate private key + key: '' + # -- Certificate data. Must contain SANs of Dex service (ie: argocd-dex-server, argocd-dex-server.argo-cd.svc) + crt: '' + + # -- Annotations to be added to the Dex server Deployment + deploymentAnnotations: {} + # -- Annotations to be added to the Dex server pods podAnnotations: {} # -- Labels to be added to the Dex server pods podLabels: {} + # -- Dex container-level security context + # @default -- See [values.yaml] + containerSecurityContext: + runAsNonRoot: true + readOnlyRootFilesystem: true + allowPrivilegeEscalation: false + seccompProfile: + type: RuntimeDefault + capabilities: + drop: + - ALL + ## Probes for Dex server ## Supported from Dex >= 2.28.0 livenessProbe: @@ -918,14 +956,6 @@ dex: # -- Priority class for dex priorityClassName: "" - # -- Dex container-level security context - containerSecurityContext: - {} - # capabilities: - # drop: - # - all - # readOnlyRootFilesystem: true - # -- Resource limits and requests for dex resources: {} # limits: @@ -982,7 +1012,7 @@ redis: # -- Redis repository repository: quay.io/codefresh/redis # -- Redis tag - tag: 7.0.4-alpine + tag: 7.0.5-alpine # -- Redis imagePullPolicy imagePullPolicy: IfNotPresent @@ -1011,12 +1041,31 @@ redis: # - secretRef: # name: secret-name + # -- Annotations to be added to the Redis server Deployment + deploymentAnnotations: {} + # -- Annotations to be added to the Redis server pods podAnnotations: {} # -- Labels to be added to the Redis server pods podLabels: {} + # -- Redis pod-level security context + # @default -- See [values.yaml] + securityContext: + runAsNonRoot: true + runAsUser: 999 + seccompProfile: + type: RuntimeDefault + + # -- Redis container-level security context + # @default -- See [values.yaml] + containerSecurityContext: + allowPrivilegeEscalation: false + capabilities: + drop: + - ALL + # -- [Node selector] nodeSelector: {} # -- [Tolerations] for use with node taints @@ -1035,19 +1084,6 @@ redis: # -- Priority class for redis priorityClassName: "" - # -- Redis container-level security context - containerSecurityContext: - {} - # capabilities: - # drop: - # - all - # readOnlyRootFilesystem: true - - # -- Redis pod-level security context - securityContext: - runAsNonRoot: true - runAsUser: 999 - serviceAccount: # -- Create a service account for the redis pod create: false @@ -1109,6 +1145,19 @@ redis: imagePullPolicy: IfNotPresent # -- Port to use for redis-exporter sidecar containerPort: 9121 + + # -- Redis exporter security context + # @default -- See [values.yaml] + containerSecurityContext: + runAsNonRoot: true + readOnlyRootFilesystem: true + allowPrivilegeEscalation: false + seccompProfile: + type: RuntimeDefault + capabilities: + drop: + - ALL + # -- Resource limits and requests for redis-exporter sidecar resources: {} # limits: @@ -1309,6 +1358,9 @@ server: # @default -- `""` (defaults to global.logging.level) # logLevel: "" + # -- Annotations to be added to server Deployment + deploymentAnnotations: {} + # -- Annotations to be added to server pods podAnnotations: {} @@ -1320,7 +1372,6 @@ server: ## Readiness and liveness probes for default backend ## Ref: https://kubernetes.io/docs/tasks/configure-pod-container/configure-liveness-readiness-probes/ - ## readinessProbe: # -- Minimum consecutive failures for the [probe] to be considered failed after having succeeded failureThreshold: 3 @@ -1368,13 +1419,17 @@ server: # -- Priority class for the Argo CD server priorityClassName: "" - # -- Servers container-level security context + # -- Server container-level security context + # @default -- See [values.yaml] containerSecurityContext: - {} - # capabilities: - # drop: - # - all - # readOnlyRootFilesystem: true + runAsNonRoot: true + readOnlyRootFilesystem: true + allowPrivilegeEscalation: false + seccompProfile: + type: RuntimeDefault + capabilities: + drop: + - ALL # -- Resource limits and requests for the Argo CD server resources: {} @@ -1385,16 +1440,34 @@ server: # cpu: 50m # memory: 64Mi - ## Certificate configuration + # TLS certificate configuration via cert-manager + ## Ref: https://argo-cd.readthedocs.io/en/stable/operator-manual/tls/#tls-certificates-used-by-argocd-server certificate: # -- Deploy a Certificate resource (requires cert-manager) enabled: false + # -- The name of the Secret that will be automatically created and managed by this Certificate resource + secretName: argocd-server-tls # -- Certificate primary domain (commonName) domain: argocd.example.com - # -- The requested 'duration' (i.e. lifetime) of the Certificate. Value must be in units accepted by Go time.ParseDuration + # -- Certificate Subject Alternate Names (SANs) + additionalHosts: [] + # -- The requested 'duration' (i.e. lifetime) of the certificate. + # @default -- `""` (defaults to 2160h = 90d if not specified) + ## Ref: https://cert-manager.io/docs/usage/certificate/#renewal duration: "" - # -- How long before the currently issued certificate's expiry cert-manager should renew the certificate. Value must be in units accepted by Go time.ParseDuration + # -- How long before the expiry a certificate should be renewed. + # @default -- `""` (defaults to 360h = 15d if not specified) + ## Ref: https://cert-manager.io/docs/usage/certificate/#renewal renewBefore: "" + # Certificate issuer + ## Ref: https://cert-manager.io/docs/concepts/issuer + issuer: + # -- Certificate issuer group. Set if using an external issuer. Eg. `cert-manager.io` + group: "" + # -- Certificate issuer kind. Either `Issuer` or `ClusterIssuer` + kind: "" + # -- Certificate isser name. Eg. `letsencrypt` + name: "" # Private key of the certificate privateKey: # -- Rotation policy of private key when certificate is re-issued. Either: `Never` or `Always` @@ -1405,17 +1478,20 @@ server: algorithm: RSA # -- Key bit size of the private key. If algorithm is set to `Ed25519`, size is ignored. size: 2048 - issuer: - # -- Certificate issuer group. Set if using an external issuer. Eg. `cert-manager.io` - group: "" - # -- Certificate issuer kind. Either `Issuer` or `ClusterIssuer` - kind: "" - # -- Certificate isser name. Eg. `letsencrypt` - name: "" - # -- Certificate manager additional hosts - additionalHosts: [] - # -- The name of the Secret that will be automatically created and managed by this Certificate resource - secretName: argocd-server-tls + + # TLS certificate configuration via Secret + ## Ref: https://argo-cd.readthedocs.io/en/stable/operator-manual/tls/#tls-certificates-used-by-argocd-server + certificateSecret: + # -- Create argocd-server-tls secret + enabled: false + # -- Annotations to be added to argocd-server-tls secret + annotations: {} + # -- Labels to be added to argocd-server-tls secret + labels: {} + # -- Private Key of the certificate + key: '' + # -- Certificate data + crt: '' ## Server service configuration service: @@ -1543,7 +1619,7 @@ server: # -- Ingress TLS configuration tls: [] - # - secretName: argocd-tls-certificate + # - secretName: your-certificate-name # hosts: # - argocd.example.com @@ -1609,7 +1685,7 @@ server: # -- Ingress TLS configuration for dedicated [gRPC-ingress] tls: [] - # - secretName: argocd-tls-certificate + # - secretName: your-certificate-name # hosts: # - argocd.example.com @@ -1729,6 +1805,18 @@ server: # -- Image pull policy for extensions imagePullPolicy: IfNotPresent + # -- Server UI extensions container-level security context + # @default -- See [values.yaml] + containerSecurityContext: + runAsNonRoot: true + readOnlyRootFilesystem: true + allowPrivilegeEscalation: false + seccompProfile: + type: RuntimeDefault + capabilities: + drop: + - ALL + # -- Resource limits and requests for the argocd-extensions container resources: {} # limits: @@ -1828,6 +1916,9 @@ repoServer: # @default -- `""` (defaults to global.logging.format) # logLevel: "" + # -- Annotations to be added to repo server Deployment + deploymentAnnotations: {} + # -- Annotations to be added to repo server pods podAnnotations: {} @@ -1839,7 +1930,6 @@ repoServer: ## Readiness and liveness probes for default backend ## Ref: https://kubernetes.io/docs/tasks/configure-pod-container/configure-liveness-readiness-probes/ - ## readinessProbe: # -- Minimum consecutive failures for the [probe] to be considered failed after having succeeded failureThreshold: 3 @@ -1893,12 +1983,16 @@ repoServer: priorityClassName: "" # -- Repo server container-level security context + # @default -- See [values.yaml] containerSecurityContext: - {} - # capabilities: - # drop: - # - all - # readOnlyRootFilesystem: true + runAsNonRoot: true + readOnlyRootFilesystem: true + allowPrivilegeEscalation: false + seccompProfile: + type: RuntimeDefault + capabilities: + drop: + - ALL # -- Resource limits and requests for the repo server pods resources: {} @@ -1909,6 +2003,23 @@ repoServer: # cpu: 10m # memory: 64Mi + # TLS certificate configuration via Secret + ## Ref: https://argo-cd.readthedocs.io/en/stable/operator-manual/tls/#configuring-tls-to-argocd-repo-server + ## Note: Issuing certificates via cert-manager in not supported right now because it's not possible to restart repo server automatically without extra controllers. + certificateSecret: + # -- Create argocd-repo-server-tls secret + enabled: false + # -- Annotations to be added to argocd-repo-server-tls secret + annotations: {} + # -- Labels to be added to argocd-repo-server-tls secret + labels: {} + # -- Certificate authority. Required for self-signed certificates. + ca: '' + # -- Certificate private key + key: '' + # -- Certificate data. Must contain SANs of Repo service (ie: argocd-repo-server, argocd-repo-server.argo-cd.svc) + crt: '' + ## Repo server service configuration service: # -- Repo server service annotations @@ -2402,14 +2513,26 @@ notifications: # service.slack: | # token: $slack-token + # -- Annotations to be applied to the notifications controller Deployment + deploymentAnnotations: {} + # -- Annotations to be applied to the controller Pods podAnnotations: {} # -- Labels to be applied to the controller Pods podLabels: {} - # -- Container Security Context - containerSecurityContext: {} + # -- Notification controller container-level security Context + # @default -- See [values.yaml] + containerSecurityContext: + runAsNonRoot: true + readOnlyRootFilesystem: true + allowPrivilegeEscalation: false + seccompProfile: + type: RuntimeDefault + capabilities: + drop: + - ALL # -- Priority class for the controller pods priorityClassName: "" @@ -2723,10 +2846,6 @@ notifications: ## You have to set secret.notifiers.slack.signingSecret enabled: false - # -- The deployment strategy to use to replace existing pods with new ones - updateStrategy: - type: Recreate - ## Slack bot Pod Disruption Budget ## Ref: https://kubernetes.io/docs/tasks/run-application/configure-pdb/ pdb: @@ -2778,12 +2897,17 @@ notifications: # -- Annotations applied to created service account annotations: {} - # -- Pod Security Context - securityContext: + # -- Slack bot container-level security Context + # @default -- See [values.yaml] + containerSecurityContext: runAsNonRoot: true - - # -- Container Security Context - containerSecurityContext: {} + readOnlyRootFilesystem: true + allowPrivilegeEscalation: false + seccompProfile: + type: RuntimeDefault + capabilities: + drop: + - ALL # -- Resource limits and requests for the Slack bot resources: {} diff --git a/charts/argo-workflows/Chart.yaml b/charts/argo-workflows/Chart.yaml index 0c3dbf479..088afe25f 100644 --- a/charts/argo-workflows/Chart.yaml +++ b/charts/argo-workflows/Chart.yaml @@ -1,9 +1,9 @@ apiVersion: v2 -appVersion: v3.4.2 +appVersion: v3.4.4 name: argo-workflows description: A Helm chart for Argo Workflows type: application -version: 0.20.4 +version: 0.20.12 icon: https://raw.githubusercontent.com/argoproj/argo-workflows/master/docs/assets/argo.png home: https://github.com/argoproj/argo-helm sources: @@ -13,4 +13,4 @@ maintainers: url: https://argoproj.github.io/ annotations: artifacthub.io/changes: | - - "[Changed]: Enable to set different imagePullPolicy for mainContainer and executor" + - "[Changed]: Update Argo Workflows to v3.4.4" diff --git a/charts/argo-workflows/README.md b/charts/argo-workflows/README.md index 3d9c4d10e..711a1f52e 100644 --- a/charts/argo-workflows/README.md +++ b/charts/argo-workflows/README.md @@ -62,6 +62,7 @@ Fields to note: | workflow.rbac.create | bool | `true` | Adds Role and RoleBinding for the above specified service account to be able to run workflows. A Role and Rolebinding pair is also created for each namespace in controller.workflowNamespaces (see below) | | workflow.serviceAccount.annotations | object | `{}` | Annotations applied to created service account | | workflow.serviceAccount.create | bool | `false` | Specifies whether a service account should be created | +| workflow.serviceAccount.labels | object | `{}` | Labels applied to created service account | | workflow.serviceAccount.name | string | `"argo-workflow"` | Service account which is used to run workflows | ### Workflow Controller @@ -107,12 +108,15 @@ Fields to note: | controller.podSecurityContext | object | `{}` | SecurityContext to set on the controller pods | | controller.priorityClassName | string | `""` | Leverage a PriorityClass to ensure your pods survive resource shortages. | | controller.rbac.create | bool | `true` | Adds Role and RoleBinding for the controller. | +| controller.rbac.secretWhitelist | list | `[]` | Allows controller to get, list, and watch certain k8s secrets | | controller.replicas | int | `1` | The number of controller pods to run | | controller.resourceRateLimit | object | `{}` | Globally limits the rate at which pods are created. This is intended to mitigate flooding of the Kubernetes API server by workflows with a large amount of parallel nodes. | | controller.resources | object | `{}` | Resource limits and requests for the controller | +| controller.retentionPolicy | object | `{}` | Workflow retention by number of workflows | | controller.securityContext | object | `{"allowPrivilegeEscalation":false,"capabilities":{"drop":["ALL"]},"readOnlyRootFilesystem":true,"runAsNonRoot":true}` | the controller container's securityContext | | controller.serviceAccount.annotations | object | `{}` | Annotations applied to created service account | | controller.serviceAccount.create | bool | `true` | Create a service account for the controller | +| controller.serviceAccount.labels | object | `{}` | Labels applied to created service account | | controller.serviceAccount.name | string | `""` | Service account name | | controller.serviceAnnotations | object | `{}` | Annotations to be applied to the controller Service | | controller.serviceLabels | object | `{}` | Optional labels to add to the controller Service | @@ -199,6 +203,7 @@ Fields to note: | server.securityContext | object | `{"allowPrivilegeEscalation":false,"capabilities":{"drop":["ALL"]},"readOnlyRootFilesystem":false,"runAsNonRoot":true}` | Servers container-level security context | | server.serviceAccount.annotations | object | `{}` | Annotations applied to created service account | | server.serviceAccount.create | bool | `true` | Create a service account for the server | +| server.serviceAccount.labels | object | `{}` | Labels applied to created service account | | server.serviceAccount.name | string | `""` | Service account name | | server.serviceAnnotations | object | `{}` | Annotations to be applied to the UI Service | | server.serviceLabels | object | `{}` | Optional labels to add to the UI Service | @@ -220,6 +225,7 @@ Fields to note: | artifactRepository.azure | object | `{}` (See [values.yaml]) | Store artifact in Azure Blob Storage | | artifactRepository.gcs | object | `{}` (See [values.yaml]) | Store artifact in a GCS object store | | artifactRepository.s3 | object | See [values.yaml] | Store artifact in a S3-compliant object store | +| customArtifactRepository | object | `{}` | The section of custom artifact repository. Will be added to the config in case useDefaultArtifactRepo is set to false | | useDefaultArtifactRepo | bool | `false` | Influences the creation of the ConfigMap for the workflow-controller itself. | | useStaticCredentials | bool | `true` | Use static credentials for S3 (eg. when not using AWS IRSA) | diff --git a/charts/argo-workflows/README.md.gotmpl b/charts/argo-workflows/README.md.gotmpl index 1a9e3e56a..28ee4fdce 100644 --- a/charts/argo-workflows/README.md.gotmpl +++ b/charts/argo-workflows/README.md.gotmpl @@ -42,7 +42,7 @@ Fields to note: | Key | Type | Default | Description | |-----|------|---------|-------------| {{- range .Values }} - {{- if not (or (hasPrefix "workflow" .Key) (hasPrefix "controller" .Key) (hasPrefix "executor" .Key) (hasPrefix "server" .Key) (hasPrefix "artifactRepository" .Key) (hasPrefix "use" .Key) (hasPrefix "mainContainer" .Key) ) }} + {{- if not (or (hasPrefix "workflow" .Key) (hasPrefix "controller" .Key) (hasPrefix "executor" .Key) (hasPrefix "server" .Key) (hasPrefix "artifactRepository" .Key) (hasPrefix "customArtifact" .Key) (hasPrefix "use" .Key) (hasPrefix "mainContainer" .Key) ) }} | {{ .Key }} | {{ .Type }} | {{ if .Default }}{{ .Default }}{{ else }}{{ .AutoDefault }}{{ end }} | {{ if .Description }}{{ .Description }}{{ else }}{{ .AutoDescription }}{{ end }} | {{- end }} {{- end }} @@ -102,7 +102,7 @@ Fields to note: | Key | Type | Default | Description | |-----|------|---------|-------------| {{- range .Values }} - {{- if or (hasPrefix "artifactRepository" .Key) (hasPrefix "use" .Key) }} + {{- if or (hasPrefix "artifactRepository" .Key) (hasPrefix "use" .Key) (hasPrefix "customArtifact" .Key) }} | {{ .Key }} | {{ .Type }} | {{ if .Default }}{{ .Default }}{{ else }}{{ .AutoDefault }}{{ end }} | {{ if .Description }}{{ .Description }}{{ else }}{{ .AutoDescription }}{{ end }} | {{- end }} {{- end }} diff --git a/charts/argo-workflows/templates/controller/workflow-controller-cluster-roles.yaml b/charts/argo-workflows/templates/controller/workflow-controller-cluster-roles.yaml index 4b0f389a3..34f91c0da 100644 --- a/charts/argo-workflows/templates/controller/workflow-controller-cluster-roles.yaml +++ b/charts/argo-workflows/templates/controller/workflow-controller-cluster-roles.yaml @@ -164,6 +164,17 @@ rules: resourceNames: {{/* for HTTP templates */}} - argo-workflows-agent-ca-certificates +{{- with .Values.controller.rbac.secretWhitelist }} +- apiGroups: + - "" + resources: + - secrets + verbs: + - get + - list + - watch + resourceNames: {{- toYaml . | nindent 4 }} +{{- end }} {{- if .Values.controller.clusterWorkflowTemplates.enabled }} --- diff --git a/charts/argo-workflows/templates/controller/workflow-controller-config-map.yaml b/charts/argo-workflows/templates/controller/workflow-controller-config-map.yaml index 0e79514cc..0f29b5768 100644 --- a/charts/argo-workflows/templates/controller/workflow-controller-config-map.yaml +++ b/charts/argo-workflows/templates/controller/workflow-controller-config-map.yaml @@ -92,6 +92,10 @@ data: {{- toYaml . | nindent 10 }} {{- end }} {{- end }} + {{- else }} + {{- if .Values.customArtifactRepository }} + artifactRepository: {{- toYaml .Values.customArtifactRepository | nindent 6 }} + {{- end }} {{- end }} {{- if .Values.controller.metricsConfig.enabled }} metricsConfig: @@ -163,3 +167,6 @@ data: {{- with .Values.controller.navColor }} navColor: {{ . }} {{- end }} + {{- with .Values.controller.retentionPolicy }} + retentionPolicy: {{- toYaml . | nindent 6 }} + {{- end }} diff --git a/charts/argo-workflows/templates/controller/workflow-controller-sa.yaml b/charts/argo-workflows/templates/controller/workflow-controller-sa.yaml index 3acc93ab3..362459005 100644 --- a/charts/argo-workflows/templates/controller/workflow-controller-sa.yaml +++ b/charts/argo-workflows/templates/controller/workflow-controller-sa.yaml @@ -5,6 +5,9 @@ metadata: name: {{ template "argo-workflows.controllerServiceAccountName" . }} labels: {{- include "argo-workflows.labels" (dict "context" . "component" .Values.controller.name "name" .Values.controller.name) | nindent 4 }} + {{- with .Values.controller.serviceAccount.labels }} + {{- toYaml . | nindent 4 }} + {{- end }} {{ with .Values.controller.serviceAccount.annotations }} annotations: {{- toYaml .| nindent 4 }} diff --git a/charts/argo-workflows/templates/controller/workflow-sa.yaml b/charts/argo-workflows/templates/controller/workflow-sa.yaml index 43e6cbf62..8928b32e8 100644 --- a/charts/argo-workflows/templates/controller/workflow-sa.yaml +++ b/charts/argo-workflows/templates/controller/workflow-sa.yaml @@ -7,6 +7,9 @@ metadata: name: {{ $.Values.workflow.serviceAccount.name }} labels: {{- include "argo-workflows.labels" (dict "context" $ "component" $.Values.controller.name "name" $.Values.controller.name) | nindent 4 }} + {{- with $.Values.workflow.serviceAccount.labels }} + {{- toYaml . | nindent 4 }} + {{- end }} {{- with $namespace }} namespace: {{ . }} {{- end }} diff --git a/charts/argo-workflows/templates/server/server-cluster-roles.yaml b/charts/argo-workflows/templates/server/server-cluster-roles.yaml index 669446478..c3c4e6887 100644 --- a/charts/argo-workflows/templates/server/server-cluster-roles.yaml +++ b/charts/argo-workflows/templates/server/server-cluster-roles.yaml @@ -30,7 +30,7 @@ rules: - list - watch - delete - {{- if .Values.server.sso }} +{{- if .Values.server.sso }} - apiGroups: - "" resources: @@ -46,7 +46,7 @@ rules: - secrets verbs: - create - {{- if .Values.server.sso.rbac }} + {{- if .Values.server.sso.rbac }} - apiGroups: - "" resources: @@ -55,8 +55,8 @@ rules: - get - list - watch - {{- end }} {{- end }} +{{- end }} - apiGroups: - "" resources: diff --git a/charts/argo-workflows/templates/server/server-sa.yaml b/charts/argo-workflows/templates/server/server-sa.yaml index 5525d7af9..2f6644edb 100644 --- a/charts/argo-workflows/templates/server/server-sa.yaml +++ b/charts/argo-workflows/templates/server/server-sa.yaml @@ -5,6 +5,9 @@ metadata: name: {{ template "argo-workflows.serverServiceAccountName" . }} labels: {{- include "argo-workflows.labels" (dict "context" . "component" .Values.server.name "name" .Values.server.name) | nindent 4 }} + {{- with .Values.server.serviceAccount.labels }} + {{- toYaml . | nindent 4 }} + {{- end }} {{- with .Values.server.serviceAccount.annotations }} annotations: {{- toYaml . | nindent 4 }} diff --git a/charts/argo-workflows/values.yaml b/charts/argo-workflows/values.yaml index 1e2faa301..18d28ad46 100644 --- a/charts/argo-workflows/values.yaml +++ b/charts/argo-workflows/values.yaml @@ -41,6 +41,8 @@ workflow: serviceAccount: # -- Specifies whether a service account should be created create: false + # -- Labels applied to created service account + labels: {} # -- Annotations applied to created service account annotations: {} # -- Service account which is used to run workflows @@ -70,6 +72,8 @@ controller: rbac: # -- Adds Role and RoleBinding for the controller. create: true + # -- Allows controller to get, list, and watch certain k8s secrets + secretWhitelist: [] # -- Limits the maximum number of incomplete workflows in a namespace namespaceParallelism: @@ -179,6 +183,8 @@ controller: create: true # -- Service account name name: "" + # -- Labels applied to created service account + labels: {} # -- Annotations applied to created service account annotations: {} @@ -285,6 +291,12 @@ controller: # -- Extra containers to be added to the controller deployment extraContainers: [] + # -- Workflow retention by number of workflows + retentionPolicy: {} + # completed: 10 + # failed: 3 + # errored: 3 + # mainContainer adds default config for main container that could be overriden in workflows template mainContainer: # -- imagePullPolicy to apply to Workflow main container. Defaults to `.Values.images.pullPolicy`. @@ -364,6 +376,8 @@ server: create: true # -- Service account name name: "" + # -- Labels applied to created service account + labels: {} # -- Annotations applied to created service account annotations: {} @@ -602,3 +616,17 @@ artifactRepository: # accountKeySecret: # name: my-azure-storage-credentials # key: account-access-key + +# -- The section of custom artifact repository. +# Will be added to the config in case useDefaultArtifactRepo is set to false +customArtifactRepository: {} +# customArtifactRepository: +# archiveLogs: true +# artifactory: +# repoUrl: https://artifactory.example.com/raw +# usernameSecret: +# name: artifactory-creds +# key: username +# passwordSecret: +# name: artifactory-creds +# key: password diff --git a/scripts/lint.sh b/scripts/lint.sh index 4fcf08709..b44a6cee4 100755 --- a/scripts/lint.sh +++ b/scripts/lint.sh @@ -9,7 +9,7 @@ echo -e "\n-- Linting all Helm Charts --\n" docker run \ -v "$SRCROOT:/workdir" \ --entrypoint /bin/sh \ - quay.io/helmpack/chart-testing:v3.7.0 \ + quay.io/helmpack/chart-testing:v3.7.1 \ -c cd /workdir \ ct lint \ --config .github/configs/ct-lint.yaml \ From 5687377d8ff4bcd8095207a1480dbbff13d7e117 Mon Sep 17 00:00:00 2001 From: Marcel Hoyer Date: Thu, 2 Feb 2023 22:56:18 +0100 Subject: [PATCH 064/356] chore(argo-cd): Update Argo CD to v2.5.10 (#1822) --- charts/argo-cd/Chart.yaml | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index 118ed99e5..37c612bc4 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -1,9 +1,9 @@ apiVersion: v2 -appVersion: v2.5.9 +appVersion: v2.5.10 kubeVersion: ">=1.22.0-0" description: A Helm chart for Argo CD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 5.19.13 +version: 5.19.14 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png sources: @@ -23,5 +23,5 @@ dependencies: condition: redis-ha.enabled annotations: artifacthub.io/changes: | - - kind: fixed - description: Fixed maxUnavailable value in redis-PDB + - kind: changed + description: Update Argo CD to v2.5.10 From 05c79e322a6d1f54a70840dd9649d9b9cb5ef8a2 Mon Sep 17 00:00:00 2001 From: Tone Date: Mon, 6 Feb 2023 05:40:13 +0100 Subject: [PATCH 065/356] feat(argo-cd): Configurable `dnsPolicy` / `hostNetwork` (#1821) --- charts/argo-cd/Chart.yaml | 6 +++--- charts/argo-cd/README.md | 6 ++++++ .../statefulset.yaml | 2 ++ .../argocd-repo-server/deployment.yaml | 2 ++ .../templates/argocd-server/deployment.yaml | 2 ++ charts/argo-cd/values.yaml | 18 ++++++++++++++++++ 6 files changed, 33 insertions(+), 3 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index 37c612bc4..ce2b91c1e 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -3,7 +3,7 @@ appVersion: v2.5.10 kubeVersion: ">=1.22.0-0" description: A Helm chart for Argo CD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 5.19.14 +version: 5.19.15 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png sources: @@ -23,5 +23,5 @@ dependencies: condition: redis-ha.enabled annotations: artifacthub.io/changes: | - - kind: changed - description: Update Argo CD to v2.5.10 + - kind: added + description: Configurable dnsPolicy / hostNetwork diff --git a/charts/argo-cd/README.md b/charts/argo-cd/README.md index a7c8c287c..02482d753 100644 --- a/charts/argo-cd/README.md +++ b/charts/argo-cd/README.md @@ -464,10 +464,12 @@ NAME: my-release | controller.clusterRoleRules.rules | list | `[]` | List of custom rules for the application controller's ClusterRole resource | | controller.containerPorts.metrics | int | `8082` | Metrics container port | | controller.containerSecurityContext | object | See [values.yaml] | Application controller container-level security context | +| controller.dnsPolicy | string | `"ClusterFirst"` | Alternative DNS policy for application controller pods | | controller.env | list | `[]` | Environment variables to pass to application controller | | controller.envFrom | list | `[]` (See [values.yaml]) | envFrom to pass to application controller | | controller.extraArgs | list | `[]` | Additional command line arguments to pass to application controller | | controller.extraContainers | list | `[]` | Additional containers to be added to the application controller pod | +| controller.hostNetwork | bool | `false` | Host Network for application controller pods | | controller.image.imagePullPolicy | string | `""` (defaults to global.image.imagePullPolicy) | Image pull policy for the application controller | | controller.image.repository | string | `""` (defaults to global.image.repository) | Repository to use for the application controller | | controller.image.tag | string | `""` (defaults to global.image.tag) | Tag to use for the application controller | @@ -543,10 +545,12 @@ NAME: my-release | repoServer.containerPorts.server | int | `8081` | Repo server container port | | repoServer.containerSecurityContext | object | See [values.yaml] | Repo server container-level security context | | repoServer.deploymentAnnotations | object | `{}` | Annotations to be added to repo server Deployment | +| repoServer.dnsPolicy | string | `"ClusterFirst"` | Alternative DNS policy for Repo server pods | | repoServer.env | list | `[]` | Environment variables to pass to repo server | | repoServer.envFrom | list | `[]` (See [values.yaml]) | envFrom to pass to repo server | | repoServer.extraArgs | list | `[]` | Additional command line arguments to pass to repo server | | repoServer.extraContainers | list | `[]` | Additional containers to be added to the repo server pod | +| repoServer.hostNetwork | bool | `false` | Host Network for Repo server pods | | repoServer.image.imagePullPolicy | string | `""` (defaults to global.image.imagePullPolicy) | Image pull policy for the repo server | | repoServer.image.repository | string | `""` (defaults to global.image.repository) | Repository to use for the repo server | | repoServer.image.tag | string | `""` (defaults to global.image.tag) | Tag to use for the repo server | @@ -643,6 +647,7 @@ NAME: my-release | server.containerPorts.server | int | `8080` | Server container port | | server.containerSecurityContext | object | See [values.yaml] | Server container-level security context | | server.deploymentAnnotations | object | `{}` | Annotations to be added to server Deployment | +| server.dnsPolicy | string | `"ClusterFirst"` | Alternative DNS policy for Server pods | | server.env | list | `[]` | Environment variables to pass to Argo CD server | | server.envFrom | list | `[]` (See [values.yaml]) | envFrom to pass to Argo CD server | | server.extensions.containerSecurityContext | object | See [values.yaml] | Server UI extensions container-level security context | @@ -653,6 +658,7 @@ NAME: my-release | server.extensions.resources | object | `{}` | Resource limits and requests for the argocd-extensions container | | server.extraArgs | list | `[]` | Additional command line arguments to pass to Argo CD server | | server.extraContainers | list | `[]` | Additional containers to be added to the server pod | +| server.hostNetwork | bool | `false` | Host Network for Server pods | | server.image.imagePullPolicy | string | `""` (defaults to global.image.imagePullPolicy) | Image pull policy for the Argo CD server | | server.image.repository | string | `""` (defaults to global.image.repository) | Repository to use for the Argo CD server | | server.image.tag | string | `""` (defaults to global.image.tag) | Tag to use for the Argo CD server | diff --git a/charts/argo-cd/templates/argocd-application-controller/statefulset.yaml b/charts/argo-cd/templates/argocd-application-controller/statefulset.yaml index d853a8560..634431dd3 100644 --- a/charts/argo-cd/templates/argocd-application-controller/statefulset.yaml +++ b/charts/argo-cd/templates/argocd-application-controller/statefulset.yaml @@ -312,3 +312,5 @@ spec: {{- with .Values.controller.priorityClassName }} priorityClassName: {{ . }} {{- end }} + hostNetwork: {{ .Values.controller.hostNetwork }} + dnsPolicy: {{ .Values.controller.dnsPolicy }} diff --git a/charts/argo-cd/templates/argocd-repo-server/deployment.yaml b/charts/argo-cd/templates/argocd-repo-server/deployment.yaml index c786d7143..a39c007c3 100755 --- a/charts/argo-cd/templates/argocd-repo-server/deployment.yaml +++ b/charts/argo-cd/templates/argocd-repo-server/deployment.yaml @@ -356,3 +356,5 @@ spec: {{- with .Values.repoServer.priorityClassName }} priorityClassName: {{ . }} {{- end }} + hostNetwork: {{ .Values.repoServer.hostNetwork }} + dnsPolicy: {{ .Values.repoServer.dnsPolicy }} diff --git a/charts/argo-cd/templates/argocd-server/deployment.yaml b/charts/argo-cd/templates/argocd-server/deployment.yaml index 2f510bc37..aa06bf254 100755 --- a/charts/argo-cd/templates/argocd-server/deployment.yaml +++ b/charts/argo-cd/templates/argocd-server/deployment.yaml @@ -415,3 +415,5 @@ spec: {{- with .Values.server.priorityClassName }} priorityClassName: {{ . }} {{- end }} + hostNetwork: {{ .Values.server.hostNetwork }} + dnsPolicy: {{ .Values.server.dnsPolicy }} diff --git a/charts/argo-cd/values.yaml b/charts/argo-cd/values.yaml index 5cff81684..c3f6fdab3 100755 --- a/charts/argo-cd/values.yaml +++ b/charts/argo-cd/values.yaml @@ -580,6 +580,12 @@ controller: # -- Metrics container port metrics: 8082 + # -- Host Network for application controller pods + hostNetwork: false + + # -- Alternative DNS policy for application controller pods + dnsPolicy: "ClusterFirst" + # -- Application controller container-level security context # @default -- See [values.yaml] containerSecurityContext: @@ -1448,6 +1454,12 @@ server: # -- Metrics container port metrics: 8082 + # -- Host Network for Server pods + hostNetwork: false + + # -- Alternative DNS policy for Server pods + dnsPolicy: "ClusterFirst" + # -- Server container-level security context # @default -- See [values.yaml] containerSecurityContext: @@ -1931,6 +1943,12 @@ repoServer: # -- Metrics container port metrics: 8084 + # -- Host Network for Repo server pods + hostNetwork: false + + # -- Alternative DNS policy for Repo server pods + dnsPolicy: "ClusterFirst" + # -- Repo server container-level security context # @default -- See [values.yaml] containerSecurityContext: From 0d3150ce670346e07533965e0beec8e62fabffce Mon Sep 17 00:00:00 2001 From: Petr Drastil Date: Tue, 7 Feb 2023 16:02:23 +0100 Subject: [PATCH 066/356] feat(argo-cd): Upgrade Argo CD to 2.6.0 (#1758) Signed-off-by: Petr Drastil --- charts/argo-cd/Chart.yaml | 10 +- charts/argo-cd/README.md | 7 +- charts/argo-cd/templates/NOTES.txt | 12 + charts/argo-cd/templates/_helpers.tpl | 5 +- .../argocd-applicationset/deployment.yaml | 78 +- .../templates/argocd-server/deployment.yaml | 6 + .../templates/crds/crd-application.yaml | 2614 ++++++++-- .../templates/crds/crd-applicationset.yaml | 4354 ++++++++++++++++- charts/argo-cd/values.yaml | 22 +- 9 files changed, 6530 insertions(+), 578 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index ce2b91c1e..c5f6c5fbf 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -1,9 +1,9 @@ apiVersion: v2 -appVersion: v2.5.10 +appVersion: v2.6.0 kubeVersion: ">=1.22.0-0" description: A Helm chart for Argo CD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 5.19.15 +version: 5.20.0 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png sources: @@ -23,5 +23,7 @@ dependencies: condition: redis-ha.enabled annotations: artifacthub.io/changes: | - - kind: added - description: Configurable dnsPolicy / hostNetwork + - kind: changed + description: Upgrade Argo CD to 2.6.0 + - kind: deprecated + description: ApplicationSet args, logFormat and logLevel superseded by configs.params diff --git a/charts/argo-cd/README.md b/charts/argo-cd/README.md index 02482d753..652620e55 100644 --- a/charts/argo-cd/README.md +++ b/charts/argo-cd/README.md @@ -415,6 +415,8 @@ NAME: my-release | configs.credentialTemplatesAnnotations | object | `{}` | Annotations to be added to `configs.credentialTemplates` Secret | | configs.gpg.annotations | object | `{}` | Annotations to be added to argocd-gpg-keys-cm configmap | | configs.gpg.keys | object | `{}` (See [values.yaml]) | [GnuPG] public keys to add to the keyring | +| configs.params."applicationsetcontroller.enable.progressive.syncs" | bool | `false` | Enables use of the Progressive Syncs capability | +| configs.params."applicationsetcontroller.policy" | string | `"sync"` | Modify how application is synced between the generator and the cluster. One of: `sync`, `create-only`, `create-update`, `create-delete` | | configs.params."controller.operation.processors" | int | `10` | Number of application operation processors | | configs.params."controller.repo.server.timeout.seconds" | int | `60` | Repo server RPC call timeout seconds. | | configs.params."controller.self.heal.timeout.seconds" | int | `5` | Specifies timeout between application self heal attempts | @@ -971,8 +973,7 @@ If you want to use an existing Redis (eg. a managed service from a cloud provide | Key | Type | Default | Description | |-----|------|---------|-------------| | applicationSet.affinity | object | `{}` | Assign custom [affinity] rules | -| applicationSet.args.dryRun | bool | `false` | Enable dry run mode | -| applicationSet.args.policy | string | `"sync"` | How application is synced between the generator and the cluster | +| applicationSet.args | object | `{}` | DEPRECATED - ApplicationSet controller command line flags | | applicationSet.containerPorts.metrics | int | `8080` | Metrics container port | | applicationSet.containerPorts.probe | int | `8081` | Probe container port | | applicationSet.containerPorts.webhook | int | `7000` | Webhook container port | @@ -996,8 +997,6 @@ If you want to use an existing Redis (eg. a managed service from a cloud provide | applicationSet.livenessProbe.periodSeconds | int | `10` | How often (in seconds) to perform the [probe] | | applicationSet.livenessProbe.successThreshold | int | `1` | Minimum consecutive successes for the [probe] to be considered successful after having failed | | applicationSet.livenessProbe.timeoutSeconds | int | `1` | Number of seconds after which the [probe] times out | -| applicationSet.logFormat | string | `""` (defaults to global.logging.format) | ApplicationSet controller log format. Either `text` or `json` | -| applicationSet.logLevel | string | `""` (defaults to global.logging.level) | ApplicationSet controller log level. One of: `debug`, `info`, `warn`, `error` | | applicationSet.metrics.enabled | bool | `false` | Deploy metrics service | | applicationSet.metrics.service.annotations | object | `{}` | Metrics service annotations | | applicationSet.metrics.service.labels | object | `{}` | Metrics service labels | diff --git a/charts/argo-cd/templates/NOTES.txt b/charts/argo-cd/templates/NOTES.txt index 210cf3bbe..002d38442 100644 --- a/charts/argo-cd/templates/NOTES.txt +++ b/charts/argo-cd/templates/NOTES.txt @@ -76,6 +76,18 @@ DEPRECATED option configs.tlsCertsAnnotations - Use configs.tls.annotations {{- if hasKey .Values.configs "tlsCerts" }} DEPRECATED option configs.tlsCerts.data - Use configs.tls.certificates {{- end }} +{{- if .Values.applicationSet.logFormat }} +DEPRECATED option applicationSet.logFormat - Use configs.params.applicationsetcontroller.log.format +{{- end }} +{{- if .Values.applicationSet.logLevel }} +DEPRECATED option applicationSet.logLevel - Use configs.params.applicationsetcontroller.log.level +{{- end }} +{{- if .Values.applicationSet.args.policy }} +DEPRECATED option applicationSet.args.policy - Use configs.params.applicationsetcontroller.policy +{{- end }} +{{- if .Values.applicationSet.args.dryRun }} +DEPRECATED option applicationSet.args.dryRun - Use configs.params.applicationsetcontroller.dryRun +{{- end }} {{- if .Values.controller.service }} REMOVED option controller.service - Use controller.metrics {{- end }} diff --git a/charts/argo-cd/templates/_helpers.tpl b/charts/argo-cd/templates/_helpers.tpl index bdfa010b7..bd99fc9dd 100644 --- a/charts/argo-cd/templates/_helpers.tpl +++ b/charts/argo-cd/templates/_helpers.tpl @@ -202,10 +202,13 @@ redis.server: {{ . | quote }} server.dex.server: {{ include "argo-cd.dex.server" . | quote }} server.dex.server.strict.tls: {{ .Values.dex.certificateSecret.enabled | toString }} {{- end }} -{{- range $component := tuple "controller" "server" "reposerver" }} +{{- range $component := tuple "applicationsetcontroller" "controller" "server" "reposerver" }} {{ $component }}.log.format: {{ $.Values.global.logging.format | quote }} {{ $component }}.log.level: {{ $.Values.global.logging.level | quote }} {{- end }} +{{- if .Values.applicationSet.enabled }} +applicationsetcontroller.enable.leader.election: {{ gt (.Values.applicationSet.replicaCount | int64) 1 }} +{{- end }} {{- end -}} {{/* diff --git a/charts/argo-cd/templates/argocd-applicationset/deployment.yaml b/charts/argo-cd/templates/argocd-applicationset/deployment.yaml index 6fd9170c4..82324f4d1 100644 --- a/charts/argo-cd/templates/argocd-applicationset/deployment.yaml +++ b/charts/argo-cd/templates/argocd-applicationset/deployment.yaml @@ -54,14 +54,20 @@ spec: - --metrics-addr=:{{ .Values.applicationSet.containerPorts.metrics }} - --probe-addr=:{{ .Values.applicationSet.containerPorts.probe }} - --webhook-addr=:{{ .Values.applicationSet.containerPorts.webhook }} - - --argocd-repo-server={{ template "argo-cd.repoServer.fullname" . }}:{{ .Values.repoServer.service.port }} - - --enable-leader-election={{ gt ( .Values.applicationSet.replicaCount | int64) 1 }} - - --policy={{ .Values.applicationSet.args.policy }} - - --dry-run={{ .Values.applicationSet.args.dryRun }} + {{- with .Values.applicationSet.args.policy }} + - --policy={{ . }} + {{- end }} + {{- with .Values.applicationSet.args.dryRun }} + - --dry-run={{ . }} + {{- end }} + {{- with .Values.applicationSet.logFormat }} - --logformat - - {{ default .Values.global.logging.format .Values.applicationSet.logFormat }} + - {{ . }} + {{- end }} + {{- with .Values.applicationSet.logLevel }} - --loglevel - - {{ default .Values.global.logging.level .Values.applicationSet.logLevel }} + - {{ . }} + {{- end }} {{- with .Values.applicationSet.extraArgs }} {{- toYaml . | nindent 12 }} {{- end }} @@ -73,6 +79,66 @@ spec: valueFrom: fieldRef: fieldPath: metadata.namespace + - name: ARGOCD_APPLICATIONSET_CONTROLLER_ENABLE_LEADER_ELECTION + valueFrom: + configMapKeyRef: + key: applicationsetcontroller.enable.leader.election + name: argocd-cmd-params-cm + optional: true + - name: ARGOCD_APPLICATIONSET_CONTROLLER_NAMESPACE + valueFrom: + configMapKeyRef: + key: applicationsetcontroller.namespace + name: argocd-cmd-params-cm + optional: true + - name: ARGOCD_APPLICATIONSET_CONTROLLER_REPO_SERVER + valueFrom: + configMapKeyRef: + key: repo.server + name: argocd-cmd-params-cm + optional: true + - name: ARGOCD_APPLICATIONSET_CONTROLLER_POLICY + valueFrom: + configMapKeyRef: + key: applicationsetcontroller.policy + name: argocd-cmd-params-cm + optional: true + - name: ARGOCD_APPLICATIONSET_CONTROLLER_DEBUG + valueFrom: + configMapKeyRef: + key: applicationsetcontroller.debug + name: argocd-cmd-params-cm + optional: true + - name: ARGOCD_APPLICATIONSET_CONTROLLER_LOGFORMAT + valueFrom: + configMapKeyRef: + key: applicationsetcontroller.log.format + name: argocd-cmd-params-cm + optional: true + - name: ARGOCD_APPLICATIONSET_CONTROLLER_LOGLEVEL + valueFrom: + configMapKeyRef: + key: applicationsetcontroller.log.level + name: argocd-cmd-params-cm + optional: true + - name: ARGOCD_APPLICATIONSET_CONTROLLER_DRY_RUN + valueFrom: + configMapKeyRef: + key: applicationsetcontroller.dryrun + name: argocd-cmd-params-cm + optional: true + - name: ARGOCD_GIT_MODULES_ENABLED + valueFrom: + configMapKeyRef: + key: applicationsetcontroller.enable.git.submodule + name: argocd-cmd-params-cm + optional: true + - name: ARGOCD_APPLICATIONSET_CONTROLLER_ENABLE_PROGRESSIVE_SYNCS + valueFrom: + configMapKeyRef: + key: applicationsetcontroller.enable.progressive.rollouts + name: argocd-cmd-params-cm + optional: true {{- with .Values.applicationSet.extraEnvFrom }} envFrom: {{- toYaml . | nindent 12 }} diff --git a/charts/argo-cd/templates/argocd-server/deployment.yaml b/charts/argo-cd/templates/argocd-server/deployment.yaml index aa06bf254..b0ed47d4a 100755 --- a/charts/argo-cd/templates/argocd-server/deployment.yaml +++ b/charts/argo-cd/templates/argocd-server/deployment.yaml @@ -262,6 +262,12 @@ spec: name: argocd-cmd-params-cm key: application.namespaces optional: true + - name: ARGOCD_SERVER_ENABLE_PROXY_EXTENSION + valueFrom: + configMapKeyRef: + name: argocd-cmd-params-cm + key: server.enable.proxy.extension + optional: true {{- with .Values.server.envFrom }} envFrom: {{- toYaml . | nindent 10 }} diff --git a/charts/argo-cd/templates/crds/crd-application.yaml b/charts/argo-cd/templates/crds/crd-application.yaml index 23f9b6b31..ae0f7295f 100644 --- a/charts/argo-cd/templates/crds/crd-application.yaml +++ b/charts/argo-cd/templates/crds/crd-application.yaml @@ -151,6 +151,14 @@ spec: which to sync the application to If omitted, will use the revision specified in app spec. type: string + revisions: + description: Revisions is the list of revision (Git) or chart + version (Helm) which to sync each source in sources field for + the application to If omitted, will use the revision specified + in app spec. + items: + type: string + type: array source: description: Source overrides the source definition set in the application. This is typically set in a Rollback operation and @@ -366,7 +374,35 @@ spec: type: array name: type: string + parameters: + items: + properties: + array: + description: Array is the value of an array type + parameter. + items: + type: string + type: array + map: + additionalProperties: + type: string + description: Map is the value of a map type parameter. + type: object + name: + description: Name is the name identifying a parameter. + type: string + string: + description: String_ is the value of a string type + parameter. + type: string + type: object + type: array type: object + ref: + description: Ref is reference to another source within sources + field. This field will not be used if used with a `source` + tag. + type: string repoURL: description: RepoURL is the URL to the repository (Git or Helm) that contains the application manifests @@ -380,232 +416,497 @@ spec: required: - repoURL type: object - syncOptions: - description: SyncOptions provide per-sync sync-options, e.g. Validate=false + sources: + description: Sources overrides the source definition set in the + application. This is typically set in a Rollback operation and + is nil during a Sync operation items: - type: string - type: array - syncStrategy: - description: SyncStrategy describes how to perform the sync - properties: - apply: - description: Apply will perform a `kubectl apply` to perform - the sync. - properties: - force: - description: Force indicates whether or not to supply - the --force flag to `kubectl apply`. The --force flag - deletes and re-create the resource, when PATCH encounters - conflict and has retried for 5 times. - type: boolean - type: object - hook: - description: Hook will submit any referenced resources to - perform the sync. This is the default strategy - properties: - force: - description: Force indicates whether or not to supply - the --force flag to `kubectl apply`. The --force flag - deletes and re-create the resource, when PATCH encounters - conflict and has retried for 5 times. - type: boolean - type: object - type: object - type: object - type: object - spec: - description: ApplicationSpec represents desired application state. Contains - link to repository with application definition and additional parameters - link definition revision. - properties: - destination: - description: Destination is a reference to the target Kubernetes server - and namespace - properties: - name: - description: Name is an alternate way of specifying the target - cluster by its symbolic name - type: string - namespace: - description: Namespace specifies the target namespace for the - application's resources. The namespace will only be set for - namespace-scoped resources that have not set a value for .metadata.namespace - type: string - server: - description: Server specifies the URL of the target cluster and - must be set to the Kubernetes control plane API - type: string - type: object - ignoreDifferences: - description: IgnoreDifferences is a list of resources and their fields - which should be ignored during comparison - items: - description: ResourceIgnoreDifferences contains resource filter - and list of json paths which should be ignored during comparison - with live state. - properties: - group: - type: string - jqPathExpressions: - items: - type: string - type: array - jsonPointers: - items: - type: string - type: array - kind: - type: string - managedFieldsManagers: - description: ManagedFieldsManagers is a list of trusted managers. - Fields mutated by those managers will take precedence over - the desired state defined in the SCM and won't be displayed - in diffs - items: - type: string - type: array - name: - type: string - namespace: - type: string - required: - - kind - type: object - type: array - info: - description: Info contains a list of information (URLs, email addresses, - and plain text) that relates to the application - items: - properties: - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - project: - description: Project is a reference to the project this application - belongs to. The empty string means that application belongs to the - 'default' project. - type: string - revisionHistoryLimit: - description: RevisionHistoryLimit limits the number of items kept - in the application's revision history, which is used for informational - purposes as well as for rollbacks to previous versions. This should - only be changed in exceptional circumstances. Setting to zero will - store no history. This will reduce storage used. Increasing will - increase the space used to store the history, so we do not recommend - increasing it. Default is 10. - format: int64 - type: integer - source: - description: Source is a reference to the location of the application's - manifests or chart - properties: - chart: - description: Chart is a Helm chart name, and must be specified - for applications sourced from a Helm repo. - type: string - directory: - description: Directory holds path/directory specific options - properties: - exclude: - description: Exclude contains a glob pattern to match paths - against that should be explicitly excluded from being used - during manifest generation - type: string - include: - description: Include contains a glob pattern to match paths - against that should be explicitly included during manifest - generation - type: string - jsonnet: - description: Jsonnet holds options specific to Jsonnet - properties: - extVars: - description: ExtVars is a list of Jsonnet External Variables - items: - description: JsonnetVar represents a variable to be - passed to jsonnet during manifest generation - properties: - code: - type: boolean - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - libs: - description: Additional library search dirs - items: - type: string - type: array - tlas: - description: TLAS is a list of Jsonnet Top-level Arguments - items: - description: JsonnetVar represents a variable to be - passed to jsonnet during manifest generation - properties: - code: - type: boolean - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - type: object - recurse: - description: Recurse specifies whether to scan a directory - recursively for manifests - type: boolean - type: object - helm: - description: Helm holds helm specific options - properties: - fileParameters: - description: FileParameters are file parameters to the helm - template - items: - description: HelmFileParameter is a file parameter that's - passed to helm template during manifest generation + description: ApplicationSource contains all required information + about the source of an application + properties: + chart: + description: Chart is a Helm chart name, and must be specified + for applications sourced from a Helm repo. + type: string + directory: + description: Directory holds path/directory specific options properties: - name: - description: Name is the name of the Helm parameter + exclude: + description: Exclude contains a glob pattern to match + paths against that should be explicitly excluded from + being used during manifest generation type: string - path: - description: Path is the path to the file containing - the values for the Helm parameter + include: + description: Include contains a glob pattern to match + paths against that should be explicitly included during + manifest generation type: string - type: object - type: array - ignoreMissingValueFiles: - description: IgnoreMissingValueFiles prevents helm template - from failing when valueFiles do not exist locally by not - appending them to helm template --values - type: boolean - parameters: - description: Parameters is a list of Helm parameters which - are passed to the helm template command upon manifest generation - items: - description: HelmParameter is a parameter that's passed - to helm template during manifest generation - properties: - forceString: - description: ForceString determines whether to tell - Helm to interpret booleans and numbers as strings - type: boolean - name: + jsonnet: + description: Jsonnet holds options specific to Jsonnet + properties: + extVars: + description: ExtVars is a list of Jsonnet External + Variables + items: + description: JsonnetVar represents a variable + to be passed to jsonnet during manifest generation + properties: + code: + type: boolean + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + libs: + description: Additional library search dirs + items: + type: string + type: array + tlas: + description: TLAS is a list of Jsonnet Top-level + Arguments + items: + description: JsonnetVar represents a variable + to be passed to jsonnet during manifest generation + properties: + code: + type: boolean + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + type: object + recurse: + description: Recurse specifies whether to scan a directory + recursively for manifests + type: boolean + type: object + helm: + description: Helm holds helm specific options + properties: + fileParameters: + description: FileParameters are file parameters to the + helm template + items: + description: HelmFileParameter is a file parameter + that's passed to helm template during manifest generation + properties: + name: + description: Name is the name of the Helm parameter + type: string + path: + description: Path is the path to the file containing + the values for the Helm parameter + type: string + type: object + type: array + ignoreMissingValueFiles: + description: IgnoreMissingValueFiles prevents helm template + from failing when valueFiles do not exist locally + by not appending them to helm template --values + type: boolean + parameters: + description: Parameters is a list of Helm parameters + which are passed to the helm template command upon + manifest generation + items: + description: HelmParameter is a parameter that's passed + to helm template during manifest generation + properties: + forceString: + description: ForceString determines whether to + tell Helm to interpret booleans and numbers + as strings + type: boolean + name: + description: Name is the name of the Helm parameter + type: string + value: + description: Value is the value for the Helm parameter + type: string + type: object + type: array + passCredentials: + description: PassCredentials pass credentials to all + domains (Helm's --pass-credentials) + type: boolean + releaseName: + description: ReleaseName is the Helm release name to + use. If omitted it will use the application name + type: string + skipCrds: + description: SkipCrds skips custom resource definition + installation step (Helm's --skip-crds) + type: boolean + valueFiles: + description: ValuesFiles is a list of Helm value files + to use when generating a template + items: + type: string + type: array + values: + description: Values specifies Helm values to be passed + to helm template, typically defined as a block + type: string + version: + description: Version is the Helm version to use for + templating ("3") + type: string + type: object + kustomize: + description: Kustomize holds kustomize specific options + properties: + commonAnnotations: + additionalProperties: + type: string + description: CommonAnnotations is a list of additional + annotations to add to rendered manifests + type: object + commonLabels: + additionalProperties: + type: string + description: CommonLabels is a list of additional labels + to add to rendered manifests + type: object + forceCommonAnnotations: + description: ForceCommonAnnotations specifies whether + to force applying common annotations to resources + for Kustomize apps + type: boolean + forceCommonLabels: + description: ForceCommonLabels specifies whether to + force applying common labels to resources for Kustomize + apps + type: boolean + images: + description: Images is a list of Kustomize image override + specifications + items: + description: KustomizeImage represents a Kustomize + image definition in the format [old_image_name=]: + type: string + type: array + namePrefix: + description: NamePrefix is a prefix appended to resources + for Kustomize apps + type: string + nameSuffix: + description: NameSuffix is a suffix appended to resources + for Kustomize apps + type: string + version: + description: Version controls which version of Kustomize + to use for rendering manifests + type: string + type: object + path: + description: Path is a directory path within the Git repository, + and is only valid for applications sourced from Git. + type: string + plugin: + description: Plugin holds config management plugin specific + options + properties: + env: + description: Env is a list of environment variable entries + items: + description: EnvEntry represents an entry in the application's + environment + properties: + name: + description: Name is the name of the variable, + usually expressed in uppercase + type: string + value: + description: Value is the value of the variable + type: string + required: + - name + - value + type: object + type: array + name: + type: string + parameters: + items: + properties: + array: + description: Array is the value of an array type + parameter. + items: + type: string + type: array + map: + additionalProperties: + type: string + description: Map is the value of a map type parameter. + type: object + name: + description: Name is the name identifying a parameter. + type: string + string: + description: String_ is the value of a string + type parameter. + type: string + type: object + type: array + type: object + ref: + description: Ref is reference to another source within sources + field. This field will not be used if used with a `source` + tag. + type: string + repoURL: + description: RepoURL is the URL to the repository (Git or + Helm) that contains the application manifests + type: string + targetRevision: + description: TargetRevision defines the revision of the + source to sync the application to. In case of Git, this + can be commit, tag, or branch. If omitted, will equal + to HEAD. In case of Helm, this is a semver tag for the + Chart's version. + type: string + required: + - repoURL + type: object + type: array + syncOptions: + description: SyncOptions provide per-sync sync-options, e.g. Validate=false + items: + type: string + type: array + syncStrategy: + description: SyncStrategy describes how to perform the sync + properties: + apply: + description: Apply will perform a `kubectl apply` to perform + the sync. + properties: + force: + description: Force indicates whether or not to supply + the --force flag to `kubectl apply`. The --force flag + deletes and re-create the resource, when PATCH encounters + conflict and has retried for 5 times. + type: boolean + type: object + hook: + description: Hook will submit any referenced resources to + perform the sync. This is the default strategy + properties: + force: + description: Force indicates whether or not to supply + the --force flag to `kubectl apply`. The --force flag + deletes and re-create the resource, when PATCH encounters + conflict and has retried for 5 times. + type: boolean + type: object + type: object + type: object + type: object + spec: + description: ApplicationSpec represents desired application state. Contains + link to repository with application definition and additional parameters + link definition revision. + properties: + destination: + description: Destination is a reference to the target Kubernetes server + and namespace + properties: + name: + description: Name is an alternate way of specifying the target + cluster by its symbolic name + type: string + namespace: + description: Namespace specifies the target namespace for the + application's resources. The namespace will only be set for + namespace-scoped resources that have not set a value for .metadata.namespace + type: string + server: + description: Server specifies the URL of the target cluster and + must be set to the Kubernetes control plane API + type: string + type: object + ignoreDifferences: + description: IgnoreDifferences is a list of resources and their fields + which should be ignored during comparison + items: + description: ResourceIgnoreDifferences contains resource filter + and list of json paths which should be ignored during comparison + with live state. + properties: + group: + type: string + jqPathExpressions: + items: + type: string + type: array + jsonPointers: + items: + type: string + type: array + kind: + type: string + managedFieldsManagers: + description: ManagedFieldsManagers is a list of trusted managers. + Fields mutated by those managers will take precedence over + the desired state defined in the SCM and won't be displayed + in diffs + items: + type: string + type: array + name: + type: string + namespace: + type: string + required: + - kind + type: object + type: array + info: + description: Info contains a list of information (URLs, email addresses, + and plain text) that relates to the application + items: + properties: + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + project: + description: Project is a reference to the project this application + belongs to. The empty string means that application belongs to the + 'default' project. + type: string + revisionHistoryLimit: + description: RevisionHistoryLimit limits the number of items kept + in the application's revision history, which is used for informational + purposes as well as for rollbacks to previous versions. This should + only be changed in exceptional circumstances. Setting to zero will + store no history. This will reduce storage used. Increasing will + increase the space used to store the history, so we do not recommend + increasing it. Default is 10. + format: int64 + type: integer + source: + description: Source is a reference to the location of the application's + manifests or chart + properties: + chart: + description: Chart is a Helm chart name, and must be specified + for applications sourced from a Helm repo. + type: string + directory: + description: Directory holds path/directory specific options + properties: + exclude: + description: Exclude contains a glob pattern to match paths + against that should be explicitly excluded from being used + during manifest generation + type: string + include: + description: Include contains a glob pattern to match paths + against that should be explicitly included during manifest + generation + type: string + jsonnet: + description: Jsonnet holds options specific to Jsonnet + properties: + extVars: + description: ExtVars is a list of Jsonnet External Variables + items: + description: JsonnetVar represents a variable to be + passed to jsonnet during manifest generation + properties: + code: + type: boolean + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + libs: + description: Additional library search dirs + items: + type: string + type: array + tlas: + description: TLAS is a list of Jsonnet Top-level Arguments + items: + description: JsonnetVar represents a variable to be + passed to jsonnet during manifest generation + properties: + code: + type: boolean + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + type: object + recurse: + description: Recurse specifies whether to scan a directory + recursively for manifests + type: boolean + type: object + helm: + description: Helm holds helm specific options + properties: + fileParameters: + description: FileParameters are file parameters to the helm + template + items: + description: HelmFileParameter is a file parameter that's + passed to helm template during manifest generation + properties: + name: + description: Name is the name of the Helm parameter + type: string + path: + description: Path is the path to the file containing + the values for the Helm parameter + type: string + type: object + type: array + ignoreMissingValueFiles: + description: IgnoreMissingValueFiles prevents helm template + from failing when valueFiles do not exist locally by not + appending them to helm template --values + type: boolean + parameters: + description: Parameters is a list of Helm parameters which + are passed to the helm template command upon manifest generation + items: + description: HelmParameter is a parameter that's passed + to helm template during manifest generation + properties: + forceString: + description: ForceString determines whether to tell + Helm to interpret booleans and numbers as strings + type: boolean + name: description: Name is the name of the Helm parameter type: string value: @@ -711,7 +1012,32 @@ spec: type: array name: type: string + parameters: + items: + properties: + array: + description: Array is the value of an array type parameter. + items: + type: string + type: array + map: + additionalProperties: + type: string + description: Map is the value of a map type parameter. + type: object + name: + description: Name is the name identifying a parameter. + type: string + string: + description: String_ is the value of a string type parameter. + type: string + type: object + type: array type: object + ref: + description: Ref is reference to another source within sources + field. This field will not be used if used with a `source` tag. + type: string repoURL: description: RepoURL is the URL to the repository (Git or Helm) that contains the application manifests @@ -725,6 +1051,264 @@ spec: required: - repoURL type: object + sources: + description: Sources is a reference to the location of the application's + manifests or chart + items: + description: ApplicationSource contains all required information + about the source of an application + properties: + chart: + description: Chart is a Helm chart name, and must be specified + for applications sourced from a Helm repo. + type: string + directory: + description: Directory holds path/directory specific options + properties: + exclude: + description: Exclude contains a glob pattern to match paths + against that should be explicitly excluded from being + used during manifest generation + type: string + include: + description: Include contains a glob pattern to match paths + against that should be explicitly included during manifest + generation + type: string + jsonnet: + description: Jsonnet holds options specific to Jsonnet + properties: + extVars: + description: ExtVars is a list of Jsonnet External Variables + items: + description: JsonnetVar represents a variable to be + passed to jsonnet during manifest generation + properties: + code: + type: boolean + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + libs: + description: Additional library search dirs + items: + type: string + type: array + tlas: + description: TLAS is a list of Jsonnet Top-level Arguments + items: + description: JsonnetVar represents a variable to be + passed to jsonnet during manifest generation + properties: + code: + type: boolean + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + type: object + recurse: + description: Recurse specifies whether to scan a directory + recursively for manifests + type: boolean + type: object + helm: + description: Helm holds helm specific options + properties: + fileParameters: + description: FileParameters are file parameters to the helm + template + items: + description: HelmFileParameter is a file parameter that's + passed to helm template during manifest generation + properties: + name: + description: Name is the name of the Helm parameter + type: string + path: + description: Path is the path to the file containing + the values for the Helm parameter + type: string + type: object + type: array + ignoreMissingValueFiles: + description: IgnoreMissingValueFiles prevents helm template + from failing when valueFiles do not exist locally by not + appending them to helm template --values + type: boolean + parameters: + description: Parameters is a list of Helm parameters which + are passed to the helm template command upon manifest + generation + items: + description: HelmParameter is a parameter that's passed + to helm template during manifest generation + properties: + forceString: + description: ForceString determines whether to tell + Helm to interpret booleans and numbers as strings + type: boolean + name: + description: Name is the name of the Helm parameter + type: string + value: + description: Value is the value for the Helm parameter + type: string + type: object + type: array + passCredentials: + description: PassCredentials pass credentials to all domains + (Helm's --pass-credentials) + type: boolean + releaseName: + description: ReleaseName is the Helm release name to use. + If omitted it will use the application name + type: string + skipCrds: + description: SkipCrds skips custom resource definition installation + step (Helm's --skip-crds) + type: boolean + valueFiles: + description: ValuesFiles is a list of Helm value files to + use when generating a template + items: + type: string + type: array + values: + description: Values specifies Helm values to be passed to + helm template, typically defined as a block + type: string + version: + description: Version is the Helm version to use for templating + ("3") + type: string + type: object + kustomize: + description: Kustomize holds kustomize specific options + properties: + commonAnnotations: + additionalProperties: + type: string + description: CommonAnnotations is a list of additional annotations + to add to rendered manifests + type: object + commonLabels: + additionalProperties: + type: string + description: CommonLabels is a list of additional labels + to add to rendered manifests + type: object + forceCommonAnnotations: + description: ForceCommonAnnotations specifies whether to + force applying common annotations to resources for Kustomize + apps + type: boolean + forceCommonLabels: + description: ForceCommonLabels specifies whether to force + applying common labels to resources for Kustomize apps + type: boolean + images: + description: Images is a list of Kustomize image override + specifications + items: + description: KustomizeImage represents a Kustomize image + definition in the format [old_image_name=]: + type: string + type: array + namePrefix: + description: NamePrefix is a prefix appended to resources + for Kustomize apps + type: string + nameSuffix: + description: NameSuffix is a suffix appended to resources + for Kustomize apps + type: string + version: + description: Version controls which version of Kustomize + to use for rendering manifests + type: string + type: object + path: + description: Path is a directory path within the Git repository, + and is only valid for applications sourced from Git. + type: string + plugin: + description: Plugin holds config management plugin specific + options + properties: + env: + description: Env is a list of environment variable entries + items: + description: EnvEntry represents an entry in the application's + environment + properties: + name: + description: Name is the name of the variable, usually + expressed in uppercase + type: string + value: + description: Value is the value of the variable + type: string + required: + - name + - value + type: object + type: array + name: + type: string + parameters: + items: + properties: + array: + description: Array is the value of an array type parameter. + items: + type: string + type: array + map: + additionalProperties: + type: string + description: Map is the value of a map type parameter. + type: object + name: + description: Name is the name identifying a parameter. + type: string + string: + description: String_ is the value of a string type + parameter. + type: string + type: object + type: array + type: object + ref: + description: Ref is reference to another source within sources + field. This field will not be used if used with a `source` + tag. + type: string + repoURL: + description: RepoURL is the URL to the repository (Git or Helm) + that contains the application manifests + type: string + targetRevision: + description: TargetRevision defines the revision of the source + to sync the application to. In case of Git, this can be commit, + tag, or branch. If omitted, will equal to HEAD. In case of + Helm, this is a semver tag for the Chart's version. + type: string + required: + - repoURL + type: object + type: array syncPolicy: description: SyncPolicy controls when and how a sync will be performed properties: @@ -747,6 +1331,19 @@ spec: (default: false)' type: boolean type: object + managedNamespaceMetadata: + description: ManagedNamespaceMetadata controls metadata in the + given namespace (if CreateNamespace=true) + properties: + annotations: + additionalProperties: + type: string + type: object + labels: + additionalProperties: + type: string + type: object + type: object retry: description: Retry controls failed sync retry behavior properties: @@ -784,7 +1381,6 @@ spec: required: - destination - project - - source type: object status: description: ApplicationStatus contains status information for the application @@ -850,6 +1446,12 @@ spec: description: Revision holds the revision the sync was performed against type: string + revisions: + description: Revisions holds the revision of each source in + sources field the sync was performed against + items: + type: string + type: array source: description: Source is a reference to the application source used for the sync operation @@ -916,176 +1518,472 @@ spec: type: object type: array type: object - recurse: - description: Recurse specifies whether to scan a directory - recursively for manifests + recurse: + description: Recurse specifies whether to scan a directory + recursively for manifests + type: boolean + type: object + helm: + description: Helm holds helm specific options + properties: + fileParameters: + description: FileParameters are file parameters to the + helm template + items: + description: HelmFileParameter is a file parameter + that's passed to helm template during manifest generation + properties: + name: + description: Name is the name of the Helm parameter + type: string + path: + description: Path is the path to the file containing + the values for the Helm parameter + type: string + type: object + type: array + ignoreMissingValueFiles: + description: IgnoreMissingValueFiles prevents helm template + from failing when valueFiles do not exist locally + by not appending them to helm template --values + type: boolean + parameters: + description: Parameters is a list of Helm parameters + which are passed to the helm template command upon + manifest generation + items: + description: HelmParameter is a parameter that's passed + to helm template during manifest generation + properties: + forceString: + description: ForceString determines whether to + tell Helm to interpret booleans and numbers + as strings + type: boolean + name: + description: Name is the name of the Helm parameter + type: string + value: + description: Value is the value for the Helm parameter + type: string + type: object + type: array + passCredentials: + description: PassCredentials pass credentials to all + domains (Helm's --pass-credentials) + type: boolean + releaseName: + description: ReleaseName is the Helm release name to + use. If omitted it will use the application name + type: string + skipCrds: + description: SkipCrds skips custom resource definition + installation step (Helm's --skip-crds) + type: boolean + valueFiles: + description: ValuesFiles is a list of Helm value files + to use when generating a template + items: + type: string + type: array + values: + description: Values specifies Helm values to be passed + to helm template, typically defined as a block + type: string + version: + description: Version is the Helm version to use for + templating ("3") + type: string + type: object + kustomize: + description: Kustomize holds kustomize specific options + properties: + commonAnnotations: + additionalProperties: + type: string + description: CommonAnnotations is a list of additional + annotations to add to rendered manifests + type: object + commonLabels: + additionalProperties: + type: string + description: CommonLabels is a list of additional labels + to add to rendered manifests + type: object + forceCommonAnnotations: + description: ForceCommonAnnotations specifies whether + to force applying common annotations to resources + for Kustomize apps + type: boolean + forceCommonLabels: + description: ForceCommonLabels specifies whether to + force applying common labels to resources for Kustomize + apps type: boolean + images: + description: Images is a list of Kustomize image override + specifications + items: + description: KustomizeImage represents a Kustomize + image definition in the format [old_image_name=]: + type: string + type: array + namePrefix: + description: NamePrefix is a prefix appended to resources + for Kustomize apps + type: string + nameSuffix: + description: NameSuffix is a suffix appended to resources + for Kustomize apps + type: string + version: + description: Version controls which version of Kustomize + to use for rendering manifests + type: string type: object - helm: - description: Helm holds helm specific options + path: + description: Path is a directory path within the Git repository, + and is only valid for applications sourced from Git. + type: string + plugin: + description: Plugin holds config management plugin specific + options properties: - fileParameters: - description: FileParameters are file parameters to the - helm template + env: + description: Env is a list of environment variable entries items: - description: HelmFileParameter is a file parameter - that's passed to helm template during manifest generation + description: EnvEntry represents an entry in the application's + environment properties: name: - description: Name is the name of the Helm parameter + description: Name is the name of the variable, + usually expressed in uppercase type: string - path: - description: Path is the path to the file containing - the values for the Helm parameter + value: + description: Value is the value of the variable + type: string + required: + - name + - value + type: object + type: array + name: + type: string + parameters: + items: + properties: + array: + description: Array is the value of an array type + parameter. + items: + type: string + type: array + map: + additionalProperties: + type: string + description: Map is the value of a map type parameter. + type: object + name: + description: Name is the name identifying a parameter. type: string + string: + description: String_ is the value of a string + type parameter. + type: string + type: object + type: array + type: object + ref: + description: Ref is reference to another source within sources + field. This field will not be used if used with a `source` + tag. + type: string + repoURL: + description: RepoURL is the URL to the repository (Git or + Helm) that contains the application manifests + type: string + targetRevision: + description: TargetRevision defines the revision of the + source to sync the application to. In case of Git, this + can be commit, tag, or branch. If omitted, will equal + to HEAD. In case of Helm, this is a semver tag for the + Chart's version. + type: string + required: + - repoURL + type: object + sources: + description: Sources is a reference to the application sources + used for the sync operation + items: + description: ApplicationSource contains all required information + about the source of an application + properties: + chart: + description: Chart is a Helm chart name, and must be specified + for applications sourced from a Helm repo. + type: string + directory: + description: Directory holds path/directory specific options + properties: + exclude: + description: Exclude contains a glob pattern to match + paths against that should be explicitly excluded + from being used during manifest generation + type: string + include: + description: Include contains a glob pattern to match + paths against that should be explicitly included + during manifest generation + type: string + jsonnet: + description: Jsonnet holds options specific to Jsonnet + properties: + extVars: + description: ExtVars is a list of Jsonnet External + Variables + items: + description: JsonnetVar represents a variable + to be passed to jsonnet during manifest generation + properties: + code: + type: boolean + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + libs: + description: Additional library search dirs + items: + type: string + type: array + tlas: + description: TLAS is a list of Jsonnet Top-level + Arguments + items: + description: JsonnetVar represents a variable + to be passed to jsonnet during manifest generation + properties: + code: + type: boolean + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + type: object + recurse: + description: Recurse specifies whether to scan a directory + recursively for manifests + type: boolean + type: object + helm: + description: Helm holds helm specific options + properties: + fileParameters: + description: FileParameters are file parameters to + the helm template + items: + description: HelmFileParameter is a file parameter + that's passed to helm template during manifest + generation + properties: + name: + description: Name is the name of the Helm parameter + type: string + path: + description: Path is the path to the file containing + the values for the Helm parameter + type: string + type: object + type: array + ignoreMissingValueFiles: + description: IgnoreMissingValueFiles prevents helm + template from failing when valueFiles do not exist + locally by not appending them to helm template --values + type: boolean + parameters: + description: Parameters is a list of Helm parameters + which are passed to the helm template command upon + manifest generation + items: + description: HelmParameter is a parameter that's + passed to helm template during manifest generation + properties: + forceString: + description: ForceString determines whether + to tell Helm to interpret booleans and numbers + as strings + type: boolean + name: + description: Name is the name of the Helm parameter + type: string + value: + description: Value is the value for the Helm + parameter + type: string + type: object + type: array + passCredentials: + description: PassCredentials pass credentials to all + domains (Helm's --pass-credentials) + type: boolean + releaseName: + description: ReleaseName is the Helm release name + to use. If omitted it will use the application name + type: string + skipCrds: + description: SkipCrds skips custom resource definition + installation step (Helm's --skip-crds) + type: boolean + valueFiles: + description: ValuesFiles is a list of Helm value files + to use when generating a template + items: + type: string + type: array + values: + description: Values specifies Helm values to be passed + to helm template, typically defined as a block + type: string + version: + description: Version is the Helm version to use for + templating ("3") + type: string + type: object + kustomize: + description: Kustomize holds kustomize specific options + properties: + commonAnnotations: + additionalProperties: + type: string + description: CommonAnnotations is a list of additional + annotations to add to rendered manifests type: object - type: array - ignoreMissingValueFiles: - description: IgnoreMissingValueFiles prevents helm template - from failing when valueFiles do not exist locally - by not appending them to helm template --values - type: boolean - parameters: - description: Parameters is a list of Helm parameters - which are passed to the helm template command upon - manifest generation - items: - description: HelmParameter is a parameter that's passed - to helm template during manifest generation - properties: - forceString: - description: ForceString determines whether to - tell Helm to interpret booleans and numbers - as strings - type: boolean - name: - description: Name is the name of the Helm parameter - type: string - value: - description: Value is the value for the Helm parameter - type: string + commonLabels: + additionalProperties: + type: string + description: CommonLabels is a list of additional + labels to add to rendered manifests type: object - type: array - passCredentials: - description: PassCredentials pass credentials to all - domains (Helm's --pass-credentials) - type: boolean - releaseName: - description: ReleaseName is the Helm release name to - use. If omitted it will use the application name - type: string - skipCrds: - description: SkipCrds skips custom resource definition - installation step (Helm's --skip-crds) - type: boolean - valueFiles: - description: ValuesFiles is a list of Helm value files - to use when generating a template - items: + forceCommonAnnotations: + description: ForceCommonAnnotations specifies whether + to force applying common annotations to resources + for Kustomize apps + type: boolean + forceCommonLabels: + description: ForceCommonLabels specifies whether to + force applying common labels to resources for Kustomize + apps + type: boolean + images: + description: Images is a list of Kustomize image override + specifications + items: + description: KustomizeImage represents a Kustomize + image definition in the format [old_image_name=]: + type: string + type: array + namePrefix: + description: NamePrefix is a prefix appended to resources + for Kustomize apps type: string - type: array - values: - description: Values specifies Helm values to be passed - to helm template, typically defined as a block - type: string - version: - description: Version is the Helm version to use for - templating ("3") - type: string - type: object - kustomize: - description: Kustomize holds kustomize specific options - properties: - commonAnnotations: - additionalProperties: + nameSuffix: + description: NameSuffix is a suffix appended to resources + for Kustomize apps type: string - description: CommonAnnotations is a list of additional - annotations to add to rendered manifests - type: object - commonLabels: - additionalProperties: + version: + description: Version controls which version of Kustomize + to use for rendering manifests type: string - description: CommonLabels is a list of additional labels - to add to rendered manifests - type: object - forceCommonAnnotations: - description: ForceCommonAnnotations specifies whether - to force applying common annotations to resources - for Kustomize apps - type: boolean - forceCommonLabels: - description: ForceCommonLabels specifies whether to - force applying common labels to resources for Kustomize - apps - type: boolean - images: - description: Images is a list of Kustomize image override - specifications - items: - description: KustomizeImage represents a Kustomize - image definition in the format [old_image_name=]: + type: object + path: + description: Path is a directory path within the Git repository, + and is only valid for applications sourced from Git. + type: string + plugin: + description: Plugin holds config management plugin specific + options + properties: + env: + description: Env is a list of environment variable + entries + items: + description: EnvEntry represents an entry in the + application's environment + properties: + name: + description: Name is the name of the variable, + usually expressed in uppercase + type: string + value: + description: Value is the value of the variable + type: string + required: + - name + - value + type: object + type: array + name: type: string - type: array - namePrefix: - description: NamePrefix is a prefix appended to resources - for Kustomize apps - type: string - nameSuffix: - description: NameSuffix is a suffix appended to resources - for Kustomize apps - type: string - version: - description: Version controls which version of Kustomize - to use for rendering manifests - type: string - type: object - path: - description: Path is a directory path within the Git repository, - and is only valid for applications sourced from Git. - type: string - plugin: - description: Plugin holds config management plugin specific - options - properties: - env: - description: Env is a list of environment variable entries - items: - description: EnvEntry represents an entry in the application's - environment - properties: - name: - description: Name is the name of the variable, - usually expressed in uppercase - type: string - value: - description: Value is the value of the variable - type: string - required: - - name - - value - type: object - type: array - name: - type: string - type: object - repoURL: - description: RepoURL is the URL to the repository (Git or - Helm) that contains the application manifests - type: string - targetRevision: - description: TargetRevision defines the revision of the - source to sync the application to. In case of Git, this - can be commit, tag, or branch. If omitted, will equal - to HEAD. In case of Helm, this is a semver tag for the - Chart's version. - type: string - required: - - repoURL - type: object + parameters: + items: + properties: + array: + description: Array is the value of an array + type parameter. + items: + type: string + type: array + map: + additionalProperties: + type: string + description: Map is the value of a map type + parameter. + type: object + name: + description: Name is the name identifying a + parameter. + type: string + string: + description: String_ is the value of a string + type parameter. + type: string + type: object + type: array + type: object + ref: + description: Ref is reference to another source within + sources field. This field will not be used if used with + a `source` tag. + type: string + repoURL: + description: RepoURL is the URL to the repository (Git + or Helm) that contains the application manifests + type: string + targetRevision: + description: TargetRevision defines the revision of the + source to sync the application to. In case of Git, this + can be commit, tag, or branch. If omitted, will equal + to HEAD. In case of Helm, this is a semver tag for the + Chart's version. + type: string + required: + - repoURL + type: object + type: array required: - deployedAt - id - - revision type: object type: array observedAt: @@ -1208,6 +2106,14 @@ spec: (Helm) which to sync the application to If omitted, will use the revision specified in app spec. type: string + revisions: + description: Revisions is the list of revision (Git) or + chart version (Helm) which to sync each source in sources + field for the application to If omitted, will use the + revision specified in app spec. + items: + type: string + type: array source: description: Source overrides the source definition set in the application. This is typically set in a Rollback @@ -1438,9 +2344,39 @@ spec: - value type: object type: array - name: - type: string + name: + type: string + parameters: + items: + properties: + array: + description: Array is the value of an array + type parameter. + items: + type: string + type: array + map: + additionalProperties: + type: string + description: Map is the value of a map type + parameter. + type: object + name: + description: Name is the name identifying + a parameter. + type: string + string: + description: String_ is the value of a string + type parameter. + type: string + type: object + type: array type: object + ref: + description: Ref is reference to another source within + sources field. This field will not be used if used + with a `source` tag. + type: string repoURL: description: RepoURL is the URL to the repository (Git or Helm) that contains the application manifests @@ -1455,6 +2391,291 @@ spec: required: - repoURL type: object + sources: + description: Sources overrides the source definition set + in the application. This is typically set in a Rollback + operation and is nil during a Sync operation + items: + description: ApplicationSource contains all required + information about the source of an application + properties: + chart: + description: Chart is a Helm chart name, and must + be specified for applications sourced from a Helm + repo. + type: string + directory: + description: Directory holds path/directory specific + options + properties: + exclude: + description: Exclude contains a glob pattern + to match paths against that should be explicitly + excluded from being used during manifest generation + type: string + include: + description: Include contains a glob pattern + to match paths against that should be explicitly + included during manifest generation + type: string + jsonnet: + description: Jsonnet holds options specific + to Jsonnet + properties: + extVars: + description: ExtVars is a list of Jsonnet + External Variables + items: + description: JsonnetVar represents a variable + to be passed to jsonnet during manifest + generation + properties: + code: + type: boolean + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + libs: + description: Additional library search dirs + items: + type: string + type: array + tlas: + description: TLAS is a list of Jsonnet Top-level + Arguments + items: + description: JsonnetVar represents a variable + to be passed to jsonnet during manifest + generation + properties: + code: + type: boolean + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + type: object + recurse: + description: Recurse specifies whether to scan + a directory recursively for manifests + type: boolean + type: object + helm: + description: Helm holds helm specific options + properties: + fileParameters: + description: FileParameters are file parameters + to the helm template + items: + description: HelmFileParameter is a file parameter + that's passed to helm template during manifest + generation + properties: + name: + description: Name is the name of the Helm + parameter + type: string + path: + description: Path is the path to the file + containing the values for the Helm parameter + type: string + type: object + type: array + ignoreMissingValueFiles: + description: IgnoreMissingValueFiles prevents + helm template from failing when valueFiles + do not exist locally by not appending them + to helm template --values + type: boolean + parameters: + description: Parameters is a list of Helm parameters + which are passed to the helm template command + upon manifest generation + items: + description: HelmParameter is a parameter + that's passed to helm template during manifest + generation + properties: + forceString: + description: ForceString determines whether + to tell Helm to interpret booleans and + numbers as strings + type: boolean + name: + description: Name is the name of the Helm + parameter + type: string + value: + description: Value is the value for the + Helm parameter + type: string + type: object + type: array + passCredentials: + description: PassCredentials pass credentials + to all domains (Helm's --pass-credentials) + type: boolean + releaseName: + description: ReleaseName is the Helm release + name to use. If omitted it will use the application + name + type: string + skipCrds: + description: SkipCrds skips custom resource + definition installation step (Helm's --skip-crds) + type: boolean + valueFiles: + description: ValuesFiles is a list of Helm value + files to use when generating a template + items: + type: string + type: array + values: + description: Values specifies Helm values to + be passed to helm template, typically defined + as a block + type: string + version: + description: Version is the Helm version to + use for templating ("3") + type: string + type: object + kustomize: + description: Kustomize holds kustomize specific + options + properties: + commonAnnotations: + additionalProperties: + type: string + description: CommonAnnotations is a list of + additional annotations to add to rendered + manifests + type: object + commonLabels: + additionalProperties: + type: string + description: CommonLabels is a list of additional + labels to add to rendered manifests + type: object + forceCommonAnnotations: + description: ForceCommonAnnotations specifies + whether to force applying common annotations + to resources for Kustomize apps + type: boolean + forceCommonLabels: + description: ForceCommonLabels specifies whether + to force applying common labels to resources + for Kustomize apps + type: boolean + images: + description: Images is a list of Kustomize image + override specifications + items: + description: KustomizeImage represents a Kustomize + image definition in the format [old_image_name=]: + type: string + type: array + namePrefix: + description: NamePrefix is a prefix appended + to resources for Kustomize apps + type: string + nameSuffix: + description: NameSuffix is a suffix appended + to resources for Kustomize apps + type: string + version: + description: Version controls which version + of Kustomize to use for rendering manifests + type: string + type: object + path: + description: Path is a directory path within the + Git repository, and is only valid for applications + sourced from Git. + type: string + plugin: + description: Plugin holds config management plugin + specific options + properties: + env: + description: Env is a list of environment variable + entries + items: + description: EnvEntry represents an entry + in the application's environment + properties: + name: + description: Name is the name of the variable, + usually expressed in uppercase + type: string + value: + description: Value is the value of the + variable + type: string + required: + - name + - value + type: object + type: array + name: + type: string + parameters: + items: + properties: + array: + description: Array is the value of an + array type parameter. + items: + type: string + type: array + map: + additionalProperties: + type: string + description: Map is the value of a map + type parameter. + type: object + name: + description: Name is the name identifying + a parameter. + type: string + string: + description: String_ is the value of a + string type parameter. + type: string + type: object + type: array + type: object + ref: + description: Ref is reference to another source + within sources field. This field will not be used + if used with a `source` tag. + type: string + repoURL: + description: RepoURL is the URL to the repository + (Git or Helm) that contains the application manifests + type: string + targetRevision: + description: TargetRevision defines the revision + of the source to sync the application to. In case + of Git, this can be commit, tag, or branch. If + omitted, will equal to HEAD. In case of Helm, + this is a semver tag for the Chart's version. + type: string + required: + - repoURL + type: object + type: array syncOptions: description: SyncOptions provide per-sync sync-options, e.g. Validate=false @@ -1564,6 +2785,12 @@ spec: description: Revision holds the revision this sync operation was performed to type: string + revisions: + description: Revisions holds the revision this sync operation + was performed for respective indexed source in sources field + items: + type: string + type: array source: description: Source records the application source information of the sync, used for comparing auto-sync @@ -1784,7 +3011,37 @@ spec: type: array name: type: string + parameters: + items: + properties: + array: + description: Array is the value of an array + type parameter. + items: + type: string + type: array + map: + additionalProperties: + type: string + description: Map is the value of a map type + parameter. + type: object + name: + description: Name is the name identifying a + parameter. + type: string + string: + description: String_ is the value of a string + type parameter. + type: string + type: object + type: array type: object + ref: + description: Ref is reference to another source within + sources field. This field will not be used if used with + a `source` tag. + type: string repoURL: description: RepoURL is the URL to the repository (Git or Helm) that contains the application manifests @@ -1799,6 +3056,284 @@ spec: required: - repoURL type: object + sources: + description: Source records the application source information + of the sync, used for comparing auto-sync + items: + description: ApplicationSource contains all required information + about the source of an application + properties: + chart: + description: Chart is a Helm chart name, and must be + specified for applications sourced from a Helm repo. + type: string + directory: + description: Directory holds path/directory specific + options + properties: + exclude: + description: Exclude contains a glob pattern to + match paths against that should be explicitly + excluded from being used during manifest generation + type: string + include: + description: Include contains a glob pattern to + match paths against that should be explicitly + included during manifest generation + type: string + jsonnet: + description: Jsonnet holds options specific to Jsonnet + properties: + extVars: + description: ExtVars is a list of Jsonnet External + Variables + items: + description: JsonnetVar represents a variable + to be passed to jsonnet during manifest + generation + properties: + code: + type: boolean + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + libs: + description: Additional library search dirs + items: + type: string + type: array + tlas: + description: TLAS is a list of Jsonnet Top-level + Arguments + items: + description: JsonnetVar represents a variable + to be passed to jsonnet during manifest + generation + properties: + code: + type: boolean + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + type: object + recurse: + description: Recurse specifies whether to scan a + directory recursively for manifests + type: boolean + type: object + helm: + description: Helm holds helm specific options + properties: + fileParameters: + description: FileParameters are file parameters + to the helm template + items: + description: HelmFileParameter is a file parameter + that's passed to helm template during manifest + generation + properties: + name: + description: Name is the name of the Helm + parameter + type: string + path: + description: Path is the path to the file + containing the values for the Helm parameter + type: string + type: object + type: array + ignoreMissingValueFiles: + description: IgnoreMissingValueFiles prevents helm + template from failing when valueFiles do not exist + locally by not appending them to helm template + --values + type: boolean + parameters: + description: Parameters is a list of Helm parameters + which are passed to the helm template command + upon manifest generation + items: + description: HelmParameter is a parameter that's + passed to helm template during manifest generation + properties: + forceString: + description: ForceString determines whether + to tell Helm to interpret booleans and numbers + as strings + type: boolean + name: + description: Name is the name of the Helm + parameter + type: string + value: + description: Value is the value for the Helm + parameter + type: string + type: object + type: array + passCredentials: + description: PassCredentials pass credentials to + all domains (Helm's --pass-credentials) + type: boolean + releaseName: + description: ReleaseName is the Helm release name + to use. If omitted it will use the application + name + type: string + skipCrds: + description: SkipCrds skips custom resource definition + installation step (Helm's --skip-crds) + type: boolean + valueFiles: + description: ValuesFiles is a list of Helm value + files to use when generating a template + items: + type: string + type: array + values: + description: Values specifies Helm values to be + passed to helm template, typically defined as + a block + type: string + version: + description: Version is the Helm version to use + for templating ("3") + type: string + type: object + kustomize: + description: Kustomize holds kustomize specific options + properties: + commonAnnotations: + additionalProperties: + type: string + description: CommonAnnotations is a list of additional + annotations to add to rendered manifests + type: object + commonLabels: + additionalProperties: + type: string + description: CommonLabels is a list of additional + labels to add to rendered manifests + type: object + forceCommonAnnotations: + description: ForceCommonAnnotations specifies whether + to force applying common annotations to resources + for Kustomize apps + type: boolean + forceCommonLabels: + description: ForceCommonLabels specifies whether + to force applying common labels to resources for + Kustomize apps + type: boolean + images: + description: Images is a list of Kustomize image + override specifications + items: + description: KustomizeImage represents a Kustomize + image definition in the format [old_image_name=]: + type: string + type: array + namePrefix: + description: NamePrefix is a prefix appended to + resources for Kustomize apps + type: string + nameSuffix: + description: NameSuffix is a suffix appended to + resources for Kustomize apps + type: string + version: + description: Version controls which version of Kustomize + to use for rendering manifests + type: string + type: object + path: + description: Path is a directory path within the Git + repository, and is only valid for applications sourced + from Git. + type: string + plugin: + description: Plugin holds config management plugin specific + options + properties: + env: + description: Env is a list of environment variable + entries + items: + description: EnvEntry represents an entry in the + application's environment + properties: + name: + description: Name is the name of the variable, + usually expressed in uppercase + type: string + value: + description: Value is the value of the variable + type: string + required: + - name + - value + type: object + type: array + name: + type: string + parameters: + items: + properties: + array: + description: Array is the value of an array + type parameter. + items: + type: string + type: array + map: + additionalProperties: + type: string + description: Map is the value of a map type + parameter. + type: object + name: + description: Name is the name identifying + a parameter. + type: string + string: + description: String_ is the value of a string + type parameter. + type: string + type: object + type: array + type: object + ref: + description: Ref is reference to another source within + sources field. This field will not be used if used + with a `source` tag. + type: string + repoURL: + description: RepoURL is the URL to the repository (Git + or Helm) that contains the application manifests + type: string + targetRevision: + description: TargetRevision defines the revision of + the source to sync the application to. In case of + Git, this can be commit, tag, or branch. If omitted, + will equal to HEAD. In case of Helm, this is a semver + tag for the Chart's version. + type: string + required: + - repoURL + type: object + type: array required: - revision type: object @@ -1862,6 +3397,14 @@ spec: sourceType: description: SourceType specifies the type of this application type: string + sourceTypes: + description: SourceTypes specifies the type of the sources included + in the application + items: + description: ApplicationSourceType specifies the type of the application's + source + type: string + type: array summary: description: Summary contains a list of URLs and container images used by this application @@ -2125,7 +3668,37 @@ spec: type: array name: type: string + parameters: + items: + properties: + array: + description: Array is the value of an array + type parameter. + items: + type: string + type: array + map: + additionalProperties: + type: string + description: Map is the value of a map type + parameter. + type: object + name: + description: Name is the name identifying a + parameter. + type: string + string: + description: String_ is the value of a string + type parameter. + type: string + type: object + type: array type: object + ref: + description: Ref is reference to another source within + sources field. This field will not be used if used with + a `source` tag. + type: string repoURL: description: RepoURL is the URL to the repository (Git or Helm) that contains the application manifests @@ -2140,14 +3713,297 @@ spec: required: - repoURL type: object + sources: + description: Sources is a reference to the application's multiple + sources used for comparison + items: + description: ApplicationSource contains all required information + about the source of an application + properties: + chart: + description: Chart is a Helm chart name, and must be + specified for applications sourced from a Helm repo. + type: string + directory: + description: Directory holds path/directory specific + options + properties: + exclude: + description: Exclude contains a glob pattern to + match paths against that should be explicitly + excluded from being used during manifest generation + type: string + include: + description: Include contains a glob pattern to + match paths against that should be explicitly + included during manifest generation + type: string + jsonnet: + description: Jsonnet holds options specific to Jsonnet + properties: + extVars: + description: ExtVars is a list of Jsonnet External + Variables + items: + description: JsonnetVar represents a variable + to be passed to jsonnet during manifest + generation + properties: + code: + type: boolean + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + libs: + description: Additional library search dirs + items: + type: string + type: array + tlas: + description: TLAS is a list of Jsonnet Top-level + Arguments + items: + description: JsonnetVar represents a variable + to be passed to jsonnet during manifest + generation + properties: + code: + type: boolean + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + type: object + recurse: + description: Recurse specifies whether to scan a + directory recursively for manifests + type: boolean + type: object + helm: + description: Helm holds helm specific options + properties: + fileParameters: + description: FileParameters are file parameters + to the helm template + items: + description: HelmFileParameter is a file parameter + that's passed to helm template during manifest + generation + properties: + name: + description: Name is the name of the Helm + parameter + type: string + path: + description: Path is the path to the file + containing the values for the Helm parameter + type: string + type: object + type: array + ignoreMissingValueFiles: + description: IgnoreMissingValueFiles prevents helm + template from failing when valueFiles do not exist + locally by not appending them to helm template + --values + type: boolean + parameters: + description: Parameters is a list of Helm parameters + which are passed to the helm template command + upon manifest generation + items: + description: HelmParameter is a parameter that's + passed to helm template during manifest generation + properties: + forceString: + description: ForceString determines whether + to tell Helm to interpret booleans and numbers + as strings + type: boolean + name: + description: Name is the name of the Helm + parameter + type: string + value: + description: Value is the value for the Helm + parameter + type: string + type: object + type: array + passCredentials: + description: PassCredentials pass credentials to + all domains (Helm's --pass-credentials) + type: boolean + releaseName: + description: ReleaseName is the Helm release name + to use. If omitted it will use the application + name + type: string + skipCrds: + description: SkipCrds skips custom resource definition + installation step (Helm's --skip-crds) + type: boolean + valueFiles: + description: ValuesFiles is a list of Helm value + files to use when generating a template + items: + type: string + type: array + values: + description: Values specifies Helm values to be + passed to helm template, typically defined as + a block + type: string + version: + description: Version is the Helm version to use + for templating ("3") + type: string + type: object + kustomize: + description: Kustomize holds kustomize specific options + properties: + commonAnnotations: + additionalProperties: + type: string + description: CommonAnnotations is a list of additional + annotations to add to rendered manifests + type: object + commonLabels: + additionalProperties: + type: string + description: CommonLabels is a list of additional + labels to add to rendered manifests + type: object + forceCommonAnnotations: + description: ForceCommonAnnotations specifies whether + to force applying common annotations to resources + for Kustomize apps + type: boolean + forceCommonLabels: + description: ForceCommonLabels specifies whether + to force applying common labels to resources for + Kustomize apps + type: boolean + images: + description: Images is a list of Kustomize image + override specifications + items: + description: KustomizeImage represents a Kustomize + image definition in the format [old_image_name=]: + type: string + type: array + namePrefix: + description: NamePrefix is a prefix appended to + resources for Kustomize apps + type: string + nameSuffix: + description: NameSuffix is a suffix appended to + resources for Kustomize apps + type: string + version: + description: Version controls which version of Kustomize + to use for rendering manifests + type: string + type: object + path: + description: Path is a directory path within the Git + repository, and is only valid for applications sourced + from Git. + type: string + plugin: + description: Plugin holds config management plugin specific + options + properties: + env: + description: Env is a list of environment variable + entries + items: + description: EnvEntry represents an entry in the + application's environment + properties: + name: + description: Name is the name of the variable, + usually expressed in uppercase + type: string + value: + description: Value is the value of the variable + type: string + required: + - name + - value + type: object + type: array + name: + type: string + parameters: + items: + properties: + array: + description: Array is the value of an array + type parameter. + items: + type: string + type: array + map: + additionalProperties: + type: string + description: Map is the value of a map type + parameter. + type: object + name: + description: Name is the name identifying + a parameter. + type: string + string: + description: String_ is the value of a string + type parameter. + type: string + type: object + type: array + type: object + ref: + description: Ref is reference to another source within + sources field. This field will not be used if used + with a `source` tag. + type: string + repoURL: + description: RepoURL is the URL to the repository (Git + or Helm) that contains the application manifests + type: string + targetRevision: + description: TargetRevision defines the revision of + the source to sync the application to. In case of + Git, this can be commit, tag, or branch. If omitted, + will equal to HEAD. In case of Helm, this is a semver + tag for the Chart's version. + type: string + required: + - repoURL + type: object + type: array required: - destination - - source type: object revision: description: Revision contains information about the revision the comparison has been performed to type: string + revisions: + description: Revisions contains information about the revisions + of multiple sources the comparison has been performed to + items: + type: string + type: array status: description: Status is the sync state of the comparison type: string diff --git a/charts/argo-cd/templates/crds/crd-applicationset.yaml b/charts/argo-cd/templates/crds/crd-applicationset.yaml index 48dd57c57..7a15b67de 100644 --- a/charts/argo-cd/templates/crds/crd-applicationset.yaml +++ b/charts/argo-cd/templates/crds/crd-applicationset.yaml @@ -278,7 +278,26 @@ spec: type: array name: type: string + parameters: + items: + properties: + array: + items: + type: string + type: array + map: + additionalProperties: + type: string + type: object + name: + type: string + string: + type: string + type: object + type: array type: object + ref: + type: string repoURL: type: string targetRevision: @@ -286,6 +305,165 @@ spec: required: - repoURL type: object + sources: + items: + properties: + chart: + type: string + directory: + properties: + exclude: + type: string + include: + type: string + jsonnet: + properties: + extVars: + items: + properties: + code: + type: boolean + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + libs: + items: + type: string + type: array + tlas: + items: + properties: + code: + type: boolean + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + type: object + recurse: + type: boolean + type: object + helm: + properties: + fileParameters: + items: + properties: + name: + type: string + path: + type: string + type: object + type: array + ignoreMissingValueFiles: + type: boolean + parameters: + items: + properties: + forceString: + type: boolean + name: + type: string + value: + type: string + type: object + type: array + passCredentials: + type: boolean + releaseName: + type: string + skipCrds: + type: boolean + valueFiles: + items: + type: string + type: array + values: + type: string + version: + type: string + type: object + kustomize: + properties: + commonAnnotations: + additionalProperties: + type: string + type: object + commonLabels: + additionalProperties: + type: string + type: object + forceCommonAnnotations: + type: boolean + forceCommonLabels: + type: boolean + images: + items: + type: string + type: array + namePrefix: + type: string + nameSuffix: + type: string + version: + type: string + type: object + path: + type: string + plugin: + properties: + env: + items: + properties: + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + name: + type: string + parameters: + items: + properties: + array: + items: + type: string + type: array + map: + additionalProperties: + type: string + type: object + name: + type: string + string: + type: string + type: object + type: array + type: object + ref: + type: string + repoURL: + type: string + targetRevision: + type: string + required: + - repoURL + type: object + type: array syncPolicy: properties: automated: @@ -297,6 +475,17 @@ spec: selfHeal: type: boolean type: object + managedNamespaceMetadata: + properties: + annotations: + additionalProperties: + type: string + type: object + labels: + additionalProperties: + type: string + type: object + type: object retry: properties: backoff: @@ -321,7 +510,6 @@ spec: required: - destination - project - - source type: object required: - metadata @@ -565,7 +753,26 @@ spec: type: array name: type: string + parameters: + items: + properties: + array: + items: + type: string + type: array + map: + additionalProperties: + type: string + type: object + name: + type: string + string: + type: string + type: object + type: array type: object + ref: + type: string repoURL: type: string targetRevision: @@ -573,6 +780,165 @@ spec: required: - repoURL type: object + sources: + items: + properties: + chart: + type: string + directory: + properties: + exclude: + type: string + include: + type: string + jsonnet: + properties: + extVars: + items: + properties: + code: + type: boolean + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + libs: + items: + type: string + type: array + tlas: + items: + properties: + code: + type: boolean + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + type: object + recurse: + type: boolean + type: object + helm: + properties: + fileParameters: + items: + properties: + name: + type: string + path: + type: string + type: object + type: array + ignoreMissingValueFiles: + type: boolean + parameters: + items: + properties: + forceString: + type: boolean + name: + type: string + value: + type: string + type: object + type: array + passCredentials: + type: boolean + releaseName: + type: string + skipCrds: + type: boolean + valueFiles: + items: + type: string + type: array + values: + type: string + version: + type: string + type: object + kustomize: + properties: + commonAnnotations: + additionalProperties: + type: string + type: object + commonLabels: + additionalProperties: + type: string + type: object + forceCommonAnnotations: + type: boolean + forceCommonLabels: + type: boolean + images: + items: + type: string + type: array + namePrefix: + type: string + nameSuffix: + type: string + version: + type: string + type: object + path: + type: string + plugin: + properties: + env: + items: + properties: + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + name: + type: string + parameters: + items: + properties: + array: + items: + type: string + type: array + map: + additionalProperties: + type: string + type: object + name: + type: string + string: + type: string + type: object + type: array + type: object + ref: + type: string + repoURL: + type: string + targetRevision: + type: string + required: + - repoURL + type: object + type: array syncPolicy: properties: automated: @@ -584,6 +950,17 @@ spec: selfHeal: type: boolean type: object + managedNamespaceMetadata: + properties: + annotations: + additionalProperties: + type: string + type: object + labels: + additionalProperties: + type: string + type: object + type: object retry: properties: backoff: @@ -608,7 +985,6 @@ spec: required: - destination - project - - source type: object required: - metadata @@ -641,6 +1017,8 @@ spec: - path type: object type: array + pathParamPrefix: + type: string repoURL: type: string requeueAfterSeconds: @@ -854,7 +1232,26 @@ spec: type: array name: type: string + parameters: + items: + properties: + array: + items: + type: string + type: array + map: + additionalProperties: + type: string + type: object + name: + type: string + string: + type: string + type: object + type: array type: object + ref: + type: string repoURL: type: string targetRevision: @@ -862,23 +1259,193 @@ spec: required: - repoURL type: object - syncPolicy: - properties: - automated: - properties: - allowEmpty: - type: boolean - prune: - type: boolean - selfHeal: - type: boolean - type: object - retry: - properties: - backoff: - properties: - duration: - type: string + sources: + items: + properties: + chart: + type: string + directory: + properties: + exclude: + type: string + include: + type: string + jsonnet: + properties: + extVars: + items: + properties: + code: + type: boolean + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + libs: + items: + type: string + type: array + tlas: + items: + properties: + code: + type: boolean + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + type: object + recurse: + type: boolean + type: object + helm: + properties: + fileParameters: + items: + properties: + name: + type: string + path: + type: string + type: object + type: array + ignoreMissingValueFiles: + type: boolean + parameters: + items: + properties: + forceString: + type: boolean + name: + type: string + value: + type: string + type: object + type: array + passCredentials: + type: boolean + releaseName: + type: string + skipCrds: + type: boolean + valueFiles: + items: + type: string + type: array + values: + type: string + version: + type: string + type: object + kustomize: + properties: + commonAnnotations: + additionalProperties: + type: string + type: object + commonLabels: + additionalProperties: + type: string + type: object + forceCommonAnnotations: + type: boolean + forceCommonLabels: + type: boolean + images: + items: + type: string + type: array + namePrefix: + type: string + nameSuffix: + type: string + version: + type: string + type: object + path: + type: string + plugin: + properties: + env: + items: + properties: + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + name: + type: string + parameters: + items: + properties: + array: + items: + type: string + type: array + map: + additionalProperties: + type: string + type: object + name: + type: string + string: + type: string + type: object + type: array + type: object + ref: + type: string + repoURL: + type: string + targetRevision: + type: string + required: + - repoURL + type: object + type: array + syncPolicy: + properties: + automated: + properties: + allowEmpty: + type: boolean + prune: + type: boolean + selfHeal: + type: boolean + type: object + managedNamespaceMetadata: + properties: + annotations: + additionalProperties: + type: string + type: object + labels: + additionalProperties: + type: string + type: object + type: object + retry: + properties: + backoff: + properties: + duration: + type: string factor: format: int64 type: integer @@ -897,13 +1464,13 @@ spec: required: - destination - project - - source type: object required: - metadata - spec type: object required: + - pathParamPrefix - repoURL - revision type: object @@ -1119,7 +1686,26 @@ spec: type: array name: type: string + parameters: + items: + properties: + array: + items: + type: string + type: array + map: + additionalProperties: + type: string + type: object + name: + type: string + string: + type: string + type: object + type: array type: object + ref: + type: string repoURL: type: string targetRevision: @@ -1127,6 +1713,165 @@ spec: required: - repoURL type: object + sources: + items: + properties: + chart: + type: string + directory: + properties: + exclude: + type: string + include: + type: string + jsonnet: + properties: + extVars: + items: + properties: + code: + type: boolean + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + libs: + items: + type: string + type: array + tlas: + items: + properties: + code: + type: boolean + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + type: object + recurse: + type: boolean + type: object + helm: + properties: + fileParameters: + items: + properties: + name: + type: string + path: + type: string + type: object + type: array + ignoreMissingValueFiles: + type: boolean + parameters: + items: + properties: + forceString: + type: boolean + name: + type: string + value: + type: string + type: object + type: array + passCredentials: + type: boolean + releaseName: + type: string + skipCrds: + type: boolean + valueFiles: + items: + type: string + type: array + values: + type: string + version: + type: string + type: object + kustomize: + properties: + commonAnnotations: + additionalProperties: + type: string + type: object + commonLabels: + additionalProperties: + type: string + type: object + forceCommonAnnotations: + type: boolean + forceCommonLabels: + type: boolean + images: + items: + type: string + type: array + namePrefix: + type: string + nameSuffix: + type: string + version: + type: string + type: object + path: + type: string + plugin: + properties: + env: + items: + properties: + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + name: + type: string + parameters: + items: + properties: + array: + items: + type: string + type: array + map: + additionalProperties: + type: string + type: object + name: + type: string + string: + type: string + type: object + type: array + type: object + ref: + type: string + repoURL: + type: string + targetRevision: + type: string + required: + - repoURL + type: object + type: array syncPolicy: properties: automated: @@ -1138,6 +1883,17 @@ spec: selfHeal: type: boolean type: object + managedNamespaceMetadata: + properties: + annotations: + additionalProperties: + type: string + type: object + labels: + additionalProperties: + type: string + type: object + type: object retry: properties: backoff: @@ -1162,7 +1918,6 @@ spec: required: - destination - project - - source type: object required: - metadata @@ -1414,7 +2169,26 @@ spec: type: array name: type: string + parameters: + items: + properties: + array: + items: + type: string + type: array + map: + additionalProperties: + type: string + type: object + name: + type: string + string: + type: string + type: object + type: array type: object + ref: + type: string repoURL: type: string targetRevision: @@ -1422,25 +2196,195 @@ spec: required: - repoURL type: object - syncPolicy: - properties: - automated: - properties: - allowEmpty: - type: boolean - prune: - type: boolean - selfHeal: - type: boolean - type: object - retry: - properties: - backoff: - properties: - duration: - type: string - factor: - format: int64 + sources: + items: + properties: + chart: + type: string + directory: + properties: + exclude: + type: string + include: + type: string + jsonnet: + properties: + extVars: + items: + properties: + code: + type: boolean + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + libs: + items: + type: string + type: array + tlas: + items: + properties: + code: + type: boolean + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + type: object + recurse: + type: boolean + type: object + helm: + properties: + fileParameters: + items: + properties: + name: + type: string + path: + type: string + type: object + type: array + ignoreMissingValueFiles: + type: boolean + parameters: + items: + properties: + forceString: + type: boolean + name: + type: string + value: + type: string + type: object + type: array + passCredentials: + type: boolean + releaseName: + type: string + skipCrds: + type: boolean + valueFiles: + items: + type: string + type: array + values: + type: string + version: + type: string + type: object + kustomize: + properties: + commonAnnotations: + additionalProperties: + type: string + type: object + commonLabels: + additionalProperties: + type: string + type: object + forceCommonAnnotations: + type: boolean + forceCommonLabels: + type: boolean + images: + items: + type: string + type: array + namePrefix: + type: string + nameSuffix: + type: string + version: + type: string + type: object + path: + type: string + plugin: + properties: + env: + items: + properties: + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + name: + type: string + parameters: + items: + properties: + array: + items: + type: string + type: array + map: + additionalProperties: + type: string + type: object + name: + type: string + string: + type: string + type: object + type: array + type: object + ref: + type: string + repoURL: + type: string + targetRevision: + type: string + required: + - repoURL + type: object + type: array + syncPolicy: + properties: + automated: + properties: + allowEmpty: + type: boolean + prune: + type: boolean + selfHeal: + type: boolean + type: object + managedNamespaceMetadata: + properties: + annotations: + additionalProperties: + type: string + type: object + labels: + additionalProperties: + type: string + type: object + type: object + retry: + properties: + backoff: + properties: + duration: + type: string + factor: + format: int64 type: integer maxDuration: type: string @@ -1457,7 +2401,6 @@ spec: required: - destination - project - - source type: object required: - metadata @@ -1701,7 +2644,26 @@ spec: type: array name: type: string + parameters: + items: + properties: + array: + items: + type: string + type: array + map: + additionalProperties: + type: string + type: object + name: + type: string + string: + type: string + type: object + type: array type: object + ref: + type: string repoURL: type: string targetRevision: @@ -1709,6 +2671,165 @@ spec: required: - repoURL type: object + sources: + items: + properties: + chart: + type: string + directory: + properties: + exclude: + type: string + include: + type: string + jsonnet: + properties: + extVars: + items: + properties: + code: + type: boolean + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + libs: + items: + type: string + type: array + tlas: + items: + properties: + code: + type: boolean + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + type: object + recurse: + type: boolean + type: object + helm: + properties: + fileParameters: + items: + properties: + name: + type: string + path: + type: string + type: object + type: array + ignoreMissingValueFiles: + type: boolean + parameters: + items: + properties: + forceString: + type: boolean + name: + type: string + value: + type: string + type: object + type: array + passCredentials: + type: boolean + releaseName: + type: string + skipCrds: + type: boolean + valueFiles: + items: + type: string + type: array + values: + type: string + version: + type: string + type: object + kustomize: + properties: + commonAnnotations: + additionalProperties: + type: string + type: object + commonLabels: + additionalProperties: + type: string + type: object + forceCommonAnnotations: + type: boolean + forceCommonLabels: + type: boolean + images: + items: + type: string + type: array + namePrefix: + type: string + nameSuffix: + type: string + version: + type: string + type: object + path: + type: string + plugin: + properties: + env: + items: + properties: + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + name: + type: string + parameters: + items: + properties: + array: + items: + type: string + type: array + map: + additionalProperties: + type: string + type: object + name: + type: string + string: + type: string + type: object + type: array + type: object + ref: + type: string + repoURL: + type: string + targetRevision: + type: string + required: + - repoURL + type: object + type: array syncPolicy: properties: automated: @@ -1720,6 +2841,17 @@ spec: selfHeal: type: boolean type: object + managedNamespaceMetadata: + properties: + annotations: + additionalProperties: + type: string + type: object + labels: + additionalProperties: + type: string + type: object + type: object retry: properties: backoff: @@ -1744,7 +2876,6 @@ spec: required: - destination - project - - source type: object required: - metadata @@ -1777,6 +2908,8 @@ spec: - path type: object type: array + pathParamPrefix: + type: string repoURL: type: string requeueAfterSeconds: @@ -1990,7 +3123,26 @@ spec: type: array name: type: string + parameters: + items: + properties: + array: + items: + type: string + type: array + map: + additionalProperties: + type: string + type: object + name: + type: string + string: + type: string + type: object + type: array type: object + ref: + type: string repoURL: type: string targetRevision: @@ -1998,6 +3150,165 @@ spec: required: - repoURL type: object + sources: + items: + properties: + chart: + type: string + directory: + properties: + exclude: + type: string + include: + type: string + jsonnet: + properties: + extVars: + items: + properties: + code: + type: boolean + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + libs: + items: + type: string + type: array + tlas: + items: + properties: + code: + type: boolean + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + type: object + recurse: + type: boolean + type: object + helm: + properties: + fileParameters: + items: + properties: + name: + type: string + path: + type: string + type: object + type: array + ignoreMissingValueFiles: + type: boolean + parameters: + items: + properties: + forceString: + type: boolean + name: + type: string + value: + type: string + type: object + type: array + passCredentials: + type: boolean + releaseName: + type: string + skipCrds: + type: boolean + valueFiles: + items: + type: string + type: array + values: + type: string + version: + type: string + type: object + kustomize: + properties: + commonAnnotations: + additionalProperties: + type: string + type: object + commonLabels: + additionalProperties: + type: string + type: object + forceCommonAnnotations: + type: boolean + forceCommonLabels: + type: boolean + images: + items: + type: string + type: array + namePrefix: + type: string + nameSuffix: + type: string + version: + type: string + type: object + path: + type: string + plugin: + properties: + env: + items: + properties: + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + name: + type: string + parameters: + items: + properties: + array: + items: + type: string + type: array + map: + additionalProperties: + type: string + type: object + name: + type: string + string: + type: string + type: object + type: array + type: object + ref: + type: string + repoURL: + type: string + targetRevision: + type: string + required: + - repoURL + type: object + type: array syncPolicy: properties: automated: @@ -2009,6 +3320,17 @@ spec: selfHeal: type: boolean type: object + managedNamespaceMetadata: + properties: + annotations: + additionalProperties: + type: string + type: object + labels: + additionalProperties: + type: string + type: object + type: object retry: properties: backoff: @@ -2033,13 +3355,13 @@ spec: required: - destination - project - - source type: object required: - metadata - spec type: object required: + - pathParamPrefix - repoURL - revision type: object @@ -2255,7 +3577,26 @@ spec: type: array name: type: string + parameters: + items: + properties: + array: + items: + type: string + type: array + map: + additionalProperties: + type: string + type: object + name: + type: string + string: + type: string + type: object + type: array type: object + ref: + type: string repoURL: type: string targetRevision: @@ -2263,6 +3604,165 @@ spec: required: - repoURL type: object + sources: + items: + properties: + chart: + type: string + directory: + properties: + exclude: + type: string + include: + type: string + jsonnet: + properties: + extVars: + items: + properties: + code: + type: boolean + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + libs: + items: + type: string + type: array + tlas: + items: + properties: + code: + type: boolean + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + type: object + recurse: + type: boolean + type: object + helm: + properties: + fileParameters: + items: + properties: + name: + type: string + path: + type: string + type: object + type: array + ignoreMissingValueFiles: + type: boolean + parameters: + items: + properties: + forceString: + type: boolean + name: + type: string + value: + type: string + type: object + type: array + passCredentials: + type: boolean + releaseName: + type: string + skipCrds: + type: boolean + valueFiles: + items: + type: string + type: array + values: + type: string + version: + type: string + type: object + kustomize: + properties: + commonAnnotations: + additionalProperties: + type: string + type: object + commonLabels: + additionalProperties: + type: string + type: object + forceCommonAnnotations: + type: boolean + forceCommonLabels: + type: boolean + images: + items: + type: string + type: array + namePrefix: + type: string + nameSuffix: + type: string + version: + type: string + type: object + path: + type: string + plugin: + properties: + env: + items: + properties: + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + name: + type: string + parameters: + items: + properties: + array: + items: + type: string + type: array + map: + additionalProperties: + type: string + type: object + name: + type: string + string: + type: string + type: object + type: array + type: object + ref: + type: string + repoURL: + type: string + targetRevision: + type: string + required: + - repoURL + type: object + type: array syncPolicy: properties: automated: @@ -2274,6 +3774,17 @@ spec: selfHeal: type: boolean type: object + managedNamespaceMetadata: + properties: + annotations: + additionalProperties: + type: string + type: object + labels: + additionalProperties: + type: string + type: object + type: object retry: properties: backoff: @@ -2298,7 +3809,6 @@ spec: required: - destination - project - - source type: object required: - metadata @@ -2638,7 +4148,26 @@ spec: type: array name: type: string + parameters: + items: + properties: + array: + items: + type: string + type: array + map: + additionalProperties: + type: string + type: object + name: + type: string + string: + type: string + type: object + type: array type: object + ref: + type: string repoURL: type: string targetRevision: @@ -2646,6 +4175,165 @@ spec: required: - repoURL type: object + sources: + items: + properties: + chart: + type: string + directory: + properties: + exclude: + type: string + include: + type: string + jsonnet: + properties: + extVars: + items: + properties: + code: + type: boolean + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + libs: + items: + type: string + type: array + tlas: + items: + properties: + code: + type: boolean + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + type: object + recurse: + type: boolean + type: object + helm: + properties: + fileParameters: + items: + properties: + name: + type: string + path: + type: string + type: object + type: array + ignoreMissingValueFiles: + type: boolean + parameters: + items: + properties: + forceString: + type: boolean + name: + type: string + value: + type: string + type: object + type: array + passCredentials: + type: boolean + releaseName: + type: string + skipCrds: + type: boolean + valueFiles: + items: + type: string + type: array + values: + type: string + version: + type: string + type: object + kustomize: + properties: + commonAnnotations: + additionalProperties: + type: string + type: object + commonLabels: + additionalProperties: + type: string + type: object + forceCommonAnnotations: + type: boolean + forceCommonLabels: + type: boolean + images: + items: + type: string + type: array + namePrefix: + type: string + nameSuffix: + type: string + version: + type: string + type: object + path: + type: string + plugin: + properties: + env: + items: + properties: + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + name: + type: string + parameters: + items: + properties: + array: + items: + type: string + type: array + map: + additionalProperties: + type: string + type: object + name: + type: string + string: + type: string + type: object + type: array + type: object + ref: + type: string + repoURL: + type: string + targetRevision: + type: string + required: + - repoURL + type: object + type: array syncPolicy: properties: automated: @@ -2657,6 +4345,17 @@ spec: selfHeal: type: boolean type: object + managedNamespaceMetadata: + properties: + annotations: + additionalProperties: + type: string + type: object + labels: + additionalProperties: + type: string + type: object + type: object retry: properties: backoff: @@ -2681,7 +4380,6 @@ spec: required: - destination - project - - source type: object required: - metadata @@ -3068,7 +4766,26 @@ spec: type: array name: type: string + parameters: + items: + properties: + array: + items: + type: string + type: array + map: + additionalProperties: + type: string + type: object + name: + type: string + string: + type: string + type: object + type: array type: object + ref: + type: string repoURL: type: string targetRevision: @@ -3076,7 +4793,166 @@ spec: required: - repoURL type: object - syncPolicy: + sources: + items: + properties: + chart: + type: string + directory: + properties: + exclude: + type: string + include: + type: string + jsonnet: + properties: + extVars: + items: + properties: + code: + type: boolean + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + libs: + items: + type: string + type: array + tlas: + items: + properties: + code: + type: boolean + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + type: object + recurse: + type: boolean + type: object + helm: + properties: + fileParameters: + items: + properties: + name: + type: string + path: + type: string + type: object + type: array + ignoreMissingValueFiles: + type: boolean + parameters: + items: + properties: + forceString: + type: boolean + name: + type: string + value: + type: string + type: object + type: array + passCredentials: + type: boolean + releaseName: + type: string + skipCrds: + type: boolean + valueFiles: + items: + type: string + type: array + values: + type: string + version: + type: string + type: object + kustomize: + properties: + commonAnnotations: + additionalProperties: + type: string + type: object + commonLabels: + additionalProperties: + type: string + type: object + forceCommonAnnotations: + type: boolean + forceCommonLabels: + type: boolean + images: + items: + type: string + type: array + namePrefix: + type: string + nameSuffix: + type: string + version: + type: string + type: object + path: + type: string + plugin: + properties: + env: + items: + properties: + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + name: + type: string + parameters: + items: + properties: + array: + items: + type: string + type: array + map: + additionalProperties: + type: string + type: object + name: + type: string + string: + type: string + type: object + type: array + type: object + ref: + type: string + repoURL: + type: string + targetRevision: + type: string + required: + - repoURL + type: object + type: array + syncPolicy: properties: automated: properties: @@ -3087,6 +4963,17 @@ spec: selfHeal: type: boolean type: object + managedNamespaceMetadata: + properties: + annotations: + additionalProperties: + type: string + type: object + labels: + additionalProperties: + type: string + type: object + type: object retry: properties: backoff: @@ -3111,7 +4998,6 @@ spec: required: - destination - project - - source type: object required: - metadata @@ -3349,7 +5235,26 @@ spec: type: array name: type: string + parameters: + items: + properties: + array: + items: + type: string + type: array + map: + additionalProperties: + type: string + type: object + name: + type: string + string: + type: string + type: object + type: array type: object + ref: + type: string repoURL: type: string targetRevision: @@ -3357,6 +5262,165 @@ spec: required: - repoURL type: object + sources: + items: + properties: + chart: + type: string + directory: + properties: + exclude: + type: string + include: + type: string + jsonnet: + properties: + extVars: + items: + properties: + code: + type: boolean + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + libs: + items: + type: string + type: array + tlas: + items: + properties: + code: + type: boolean + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + type: object + recurse: + type: boolean + type: object + helm: + properties: + fileParameters: + items: + properties: + name: + type: string + path: + type: string + type: object + type: array + ignoreMissingValueFiles: + type: boolean + parameters: + items: + properties: + forceString: + type: boolean + name: + type: string + value: + type: string + type: object + type: array + passCredentials: + type: boolean + releaseName: + type: string + skipCrds: + type: boolean + valueFiles: + items: + type: string + type: array + values: + type: string + version: + type: string + type: object + kustomize: + properties: + commonAnnotations: + additionalProperties: + type: string + type: object + commonLabels: + additionalProperties: + type: string + type: object + forceCommonAnnotations: + type: boolean + forceCommonLabels: + type: boolean + images: + items: + type: string + type: array + namePrefix: + type: string + nameSuffix: + type: string + version: + type: string + type: object + path: + type: string + plugin: + properties: + env: + items: + properties: + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + name: + type: string + parameters: + items: + properties: + array: + items: + type: string + type: array + map: + additionalProperties: + type: string + type: object + name: + type: string + string: + type: string + type: object + type: array + type: object + ref: + type: string + repoURL: + type: string + targetRevision: + type: string + required: + - repoURL + type: object + type: array syncPolicy: properties: automated: @@ -3368,6 +5432,17 @@ spec: selfHeal: type: boolean type: object + managedNamespaceMetadata: + properties: + annotations: + additionalProperties: + type: string + type: object + labels: + additionalProperties: + type: string + type: object + type: object retry: properties: backoff: @@ -3392,7 +5467,6 @@ spec: required: - destination - project - - source type: object required: - metadata @@ -3644,7 +5718,26 @@ spec: type: array name: type: string + parameters: + items: + properties: + array: + items: + type: string + type: array + map: + additionalProperties: + type: string + type: object + name: + type: string + string: + type: string + type: object + type: array type: object + ref: + type: string repoURL: type: string targetRevision: @@ -3652,6 +5745,165 @@ spec: required: - repoURL type: object + sources: + items: + properties: + chart: + type: string + directory: + properties: + exclude: + type: string + include: + type: string + jsonnet: + properties: + extVars: + items: + properties: + code: + type: boolean + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + libs: + items: + type: string + type: array + tlas: + items: + properties: + code: + type: boolean + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + type: object + recurse: + type: boolean + type: object + helm: + properties: + fileParameters: + items: + properties: + name: + type: string + path: + type: string + type: object + type: array + ignoreMissingValueFiles: + type: boolean + parameters: + items: + properties: + forceString: + type: boolean + name: + type: string + value: + type: string + type: object + type: array + passCredentials: + type: boolean + releaseName: + type: string + skipCrds: + type: boolean + valueFiles: + items: + type: string + type: array + values: + type: string + version: + type: string + type: object + kustomize: + properties: + commonAnnotations: + additionalProperties: + type: string + type: object + commonLabels: + additionalProperties: + type: string + type: object + forceCommonAnnotations: + type: boolean + forceCommonLabels: + type: boolean + images: + items: + type: string + type: array + namePrefix: + type: string + nameSuffix: + type: string + version: + type: string + type: object + path: + type: string + plugin: + properties: + env: + items: + properties: + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + name: + type: string + parameters: + items: + properties: + array: + items: + type: string + type: array + map: + additionalProperties: + type: string + type: object + name: + type: string + string: + type: string + type: object + type: array + type: object + ref: + type: string + repoURL: + type: string + targetRevision: + type: string + required: + - repoURL + type: object + type: array syncPolicy: properties: automated: @@ -3663,6 +5915,17 @@ spec: selfHeal: type: boolean type: object + managedNamespaceMetadata: + properties: + annotations: + additionalProperties: + type: string + type: object + labels: + additionalProperties: + type: string + type: object + type: object retry: properties: backoff: @@ -3687,7 +5950,6 @@ spec: required: - destination - project - - source type: object required: - metadata @@ -3931,7 +6193,26 @@ spec: type: array name: type: string + parameters: + items: + properties: + array: + items: + type: string + type: array + map: + additionalProperties: + type: string + type: object + name: + type: string + string: + type: string + type: object + type: array type: object + ref: + type: string repoURL: type: string targetRevision: @@ -3939,6 +6220,165 @@ spec: required: - repoURL type: object + sources: + items: + properties: + chart: + type: string + directory: + properties: + exclude: + type: string + include: + type: string + jsonnet: + properties: + extVars: + items: + properties: + code: + type: boolean + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + libs: + items: + type: string + type: array + tlas: + items: + properties: + code: + type: boolean + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + type: object + recurse: + type: boolean + type: object + helm: + properties: + fileParameters: + items: + properties: + name: + type: string + path: + type: string + type: object + type: array + ignoreMissingValueFiles: + type: boolean + parameters: + items: + properties: + forceString: + type: boolean + name: + type: string + value: + type: string + type: object + type: array + passCredentials: + type: boolean + releaseName: + type: string + skipCrds: + type: boolean + valueFiles: + items: + type: string + type: array + values: + type: string + version: + type: string + type: object + kustomize: + properties: + commonAnnotations: + additionalProperties: + type: string + type: object + commonLabels: + additionalProperties: + type: string + type: object + forceCommonAnnotations: + type: boolean + forceCommonLabels: + type: boolean + images: + items: + type: string + type: array + namePrefix: + type: string + nameSuffix: + type: string + version: + type: string + type: object + path: + type: string + plugin: + properties: + env: + items: + properties: + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + name: + type: string + parameters: + items: + properties: + array: + items: + type: string + type: array + map: + additionalProperties: + type: string + type: object + name: + type: string + string: + type: string + type: object + type: array + type: object + ref: + type: string + repoURL: + type: string + targetRevision: + type: string + required: + - repoURL + type: object + type: array syncPolicy: properties: automated: @@ -3950,6 +6390,17 @@ spec: selfHeal: type: boolean type: object + managedNamespaceMetadata: + properties: + annotations: + additionalProperties: + type: string + type: object + labels: + additionalProperties: + type: string + type: object + type: object retry: properties: backoff: @@ -3974,7 +6425,6 @@ spec: required: - destination - project - - source type: object required: - metadata @@ -4007,6 +6457,8 @@ spec: - path type: object type: array + pathParamPrefix: + type: string repoURL: type: string requeueAfterSeconds: @@ -4220,7 +6672,26 @@ spec: type: array name: type: string + parameters: + items: + properties: + array: + items: + type: string + type: array + map: + additionalProperties: + type: string + type: object + name: + type: string + string: + type: string + type: object + type: array type: object + ref: + type: string repoURL: type: string targetRevision: @@ -4228,7 +6699,166 @@ spec: required: - repoURL type: object - syncPolicy: + sources: + items: + properties: + chart: + type: string + directory: + properties: + exclude: + type: string + include: + type: string + jsonnet: + properties: + extVars: + items: + properties: + code: + type: boolean + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + libs: + items: + type: string + type: array + tlas: + items: + properties: + code: + type: boolean + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + type: object + recurse: + type: boolean + type: object + helm: + properties: + fileParameters: + items: + properties: + name: + type: string + path: + type: string + type: object + type: array + ignoreMissingValueFiles: + type: boolean + parameters: + items: + properties: + forceString: + type: boolean + name: + type: string + value: + type: string + type: object + type: array + passCredentials: + type: boolean + releaseName: + type: string + skipCrds: + type: boolean + valueFiles: + items: + type: string + type: array + values: + type: string + version: + type: string + type: object + kustomize: + properties: + commonAnnotations: + additionalProperties: + type: string + type: object + commonLabels: + additionalProperties: + type: string + type: object + forceCommonAnnotations: + type: boolean + forceCommonLabels: + type: boolean + images: + items: + type: string + type: array + namePrefix: + type: string + nameSuffix: + type: string + version: + type: string + type: object + path: + type: string + plugin: + properties: + env: + items: + properties: + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + name: + type: string + parameters: + items: + properties: + array: + items: + type: string + type: array + map: + additionalProperties: + type: string + type: object + name: + type: string + string: + type: string + type: object + type: array + type: object + ref: + type: string + repoURL: + type: string + targetRevision: + type: string + required: + - repoURL + type: object + type: array + syncPolicy: properties: automated: properties: @@ -4239,6 +6869,17 @@ spec: selfHeal: type: boolean type: object + managedNamespaceMetadata: + properties: + annotations: + additionalProperties: + type: string + type: object + labels: + additionalProperties: + type: string + type: object + type: object retry: properties: backoff: @@ -4263,13 +6904,13 @@ spec: required: - destination - project - - source type: object required: - metadata - spec type: object required: + - pathParamPrefix - repoURL - revision type: object @@ -4485,7 +7126,26 @@ spec: type: array name: type: string + parameters: + items: + properties: + array: + items: + type: string + type: array + map: + additionalProperties: + type: string + type: object + name: + type: string + string: + type: string + type: object + type: array type: object + ref: + type: string repoURL: type: string targetRevision: @@ -4493,6 +7153,165 @@ spec: required: - repoURL type: object + sources: + items: + properties: + chart: + type: string + directory: + properties: + exclude: + type: string + include: + type: string + jsonnet: + properties: + extVars: + items: + properties: + code: + type: boolean + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + libs: + items: + type: string + type: array + tlas: + items: + properties: + code: + type: boolean + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + type: object + recurse: + type: boolean + type: object + helm: + properties: + fileParameters: + items: + properties: + name: + type: string + path: + type: string + type: object + type: array + ignoreMissingValueFiles: + type: boolean + parameters: + items: + properties: + forceString: + type: boolean + name: + type: string + value: + type: string + type: object + type: array + passCredentials: + type: boolean + releaseName: + type: string + skipCrds: + type: boolean + valueFiles: + items: + type: string + type: array + values: + type: string + version: + type: string + type: object + kustomize: + properties: + commonAnnotations: + additionalProperties: + type: string + type: object + commonLabels: + additionalProperties: + type: string + type: object + forceCommonAnnotations: + type: boolean + forceCommonLabels: + type: boolean + images: + items: + type: string + type: array + namePrefix: + type: string + nameSuffix: + type: string + version: + type: string + type: object + path: + type: string + plugin: + properties: + env: + items: + properties: + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + name: + type: string + parameters: + items: + properties: + array: + items: + type: string + type: array + map: + additionalProperties: + type: string + type: object + name: + type: string + string: + type: string + type: object + type: array + type: object + ref: + type: string + repoURL: + type: string + targetRevision: + type: string + required: + - repoURL + type: object + type: array syncPolicy: properties: automated: @@ -4504,6 +7323,17 @@ spec: selfHeal: type: boolean type: object + managedNamespaceMetadata: + properties: + annotations: + additionalProperties: + type: string + type: object + labels: + additionalProperties: + type: string + type: object + type: object retry: properties: backoff: @@ -4528,7 +7358,6 @@ spec: required: - destination - project - - source type: object required: - metadata @@ -4868,7 +7697,26 @@ spec: type: array name: type: string + parameters: + items: + properties: + array: + items: + type: string + type: array + map: + additionalProperties: + type: string + type: object + name: + type: string + string: + type: string + type: object + type: array type: object + ref: + type: string repoURL: type: string targetRevision: @@ -4876,6 +7724,165 @@ spec: required: - repoURL type: object + sources: + items: + properties: + chart: + type: string + directory: + properties: + exclude: + type: string + include: + type: string + jsonnet: + properties: + extVars: + items: + properties: + code: + type: boolean + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + libs: + items: + type: string + type: array + tlas: + items: + properties: + code: + type: boolean + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + type: object + recurse: + type: boolean + type: object + helm: + properties: + fileParameters: + items: + properties: + name: + type: string + path: + type: string + type: object + type: array + ignoreMissingValueFiles: + type: boolean + parameters: + items: + properties: + forceString: + type: boolean + name: + type: string + value: + type: string + type: object + type: array + passCredentials: + type: boolean + releaseName: + type: string + skipCrds: + type: boolean + valueFiles: + items: + type: string + type: array + values: + type: string + version: + type: string + type: object + kustomize: + properties: + commonAnnotations: + additionalProperties: + type: string + type: object + commonLabels: + additionalProperties: + type: string + type: object + forceCommonAnnotations: + type: boolean + forceCommonLabels: + type: boolean + images: + items: + type: string + type: array + namePrefix: + type: string + nameSuffix: + type: string + version: + type: string + type: object + path: + type: string + plugin: + properties: + env: + items: + properties: + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + name: + type: string + parameters: + items: + properties: + array: + items: + type: string + type: array + map: + additionalProperties: + type: string + type: object + name: + type: string + string: + type: string + type: object + type: array + type: object + ref: + type: string + repoURL: + type: string + targetRevision: + type: string + required: + - repoURL + type: object + type: array syncPolicy: properties: automated: @@ -4887,6 +7894,17 @@ spec: selfHeal: type: boolean type: object + managedNamespaceMetadata: + properties: + annotations: + additionalProperties: + type: string + type: object + labels: + additionalProperties: + type: string + type: object + type: object retry: properties: backoff: @@ -4911,7 +7929,6 @@ spec: required: - destination - project - - source type: object required: - metadata @@ -5298,7 +8315,26 @@ spec: type: array name: type: string + parameters: + items: + properties: + array: + items: + type: string + type: array + map: + additionalProperties: + type: string + type: object + name: + type: string + string: + type: string + type: object + type: array type: object + ref: + type: string repoURL: type: string targetRevision: @@ -5306,6 +8342,165 @@ spec: required: - repoURL type: object + sources: + items: + properties: + chart: + type: string + directory: + properties: + exclude: + type: string + include: + type: string + jsonnet: + properties: + extVars: + items: + properties: + code: + type: boolean + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + libs: + items: + type: string + type: array + tlas: + items: + properties: + code: + type: boolean + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + type: object + recurse: + type: boolean + type: object + helm: + properties: + fileParameters: + items: + properties: + name: + type: string + path: + type: string + type: object + type: array + ignoreMissingValueFiles: + type: boolean + parameters: + items: + properties: + forceString: + type: boolean + name: + type: string + value: + type: string + type: object + type: array + passCredentials: + type: boolean + releaseName: + type: string + skipCrds: + type: boolean + valueFiles: + items: + type: string + type: array + values: + type: string + version: + type: string + type: object + kustomize: + properties: + commonAnnotations: + additionalProperties: + type: string + type: object + commonLabels: + additionalProperties: + type: string + type: object + forceCommonAnnotations: + type: boolean + forceCommonLabels: + type: boolean + images: + items: + type: string + type: array + namePrefix: + type: string + nameSuffix: + type: string + version: + type: string + type: object + path: + type: string + plugin: + properties: + env: + items: + properties: + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + name: + type: string + parameters: + items: + properties: + array: + items: + type: string + type: array + map: + additionalProperties: + type: string + type: object + name: + type: string + string: + type: string + type: object + type: array + type: object + ref: + type: string + repoURL: + type: string + targetRevision: + type: string + required: + - repoURL + type: object + type: array syncPolicy: properties: automated: @@ -5317,6 +8512,17 @@ spec: selfHeal: type: boolean type: object + managedNamespaceMetadata: + properties: + annotations: + additionalProperties: + type: string + type: object + labels: + additionalProperties: + type: string + type: object + type: object retry: properties: backoff: @@ -5341,7 +8547,6 @@ spec: required: - destination - project - - source type: object required: - metadata @@ -5583,7 +8788,26 @@ spec: type: array name: type: string + parameters: + items: + properties: + array: + items: + type: string + type: array + map: + additionalProperties: + type: string + type: object + name: + type: string + string: + type: string + type: object + type: array type: object + ref: + type: string repoURL: type: string targetRevision: @@ -5591,69 +8815,238 @@ spec: required: - repoURL type: object - syncPolicy: - properties: - automated: - properties: - allowEmpty: - type: boolean - prune: - type: boolean - selfHeal: - type: boolean - type: object - retry: - properties: - backoff: - properties: - duration: - type: string - factor: - format: int64 - type: integer - maxDuration: - type: string - type: object - limit: - format: int64 - type: integer - type: object - syncOptions: - items: + sources: + items: + properties: + chart: type: string - type: array - type: object - required: - - destination - - project - - source - type: object - required: - - metadata - - spec - type: object - required: - - generators - - mergeKeys - type: object - pullRequest: - properties: - bitbucketServer: - properties: - api: - type: string - basicAuth: - properties: - passwordRef: - properties: - key: - type: string - secretName: - type: string - required: - - key - - secretName - type: object + directory: + properties: + exclude: + type: string + include: + type: string + jsonnet: + properties: + extVars: + items: + properties: + code: + type: boolean + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + libs: + items: + type: string + type: array + tlas: + items: + properties: + code: + type: boolean + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + type: object + recurse: + type: boolean + type: object + helm: + properties: + fileParameters: + items: + properties: + name: + type: string + path: + type: string + type: object + type: array + ignoreMissingValueFiles: + type: boolean + parameters: + items: + properties: + forceString: + type: boolean + name: + type: string + value: + type: string + type: object + type: array + passCredentials: + type: boolean + releaseName: + type: string + skipCrds: + type: boolean + valueFiles: + items: + type: string + type: array + values: + type: string + version: + type: string + type: object + kustomize: + properties: + commonAnnotations: + additionalProperties: + type: string + type: object + commonLabels: + additionalProperties: + type: string + type: object + forceCommonAnnotations: + type: boolean + forceCommonLabels: + type: boolean + images: + items: + type: string + type: array + namePrefix: + type: string + nameSuffix: + type: string + version: + type: string + type: object + path: + type: string + plugin: + properties: + env: + items: + properties: + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + name: + type: string + parameters: + items: + properties: + array: + items: + type: string + type: array + map: + additionalProperties: + type: string + type: object + name: + type: string + string: + type: string + type: object + type: array + type: object + ref: + type: string + repoURL: + type: string + targetRevision: + type: string + required: + - repoURL + type: object + type: array + syncPolicy: + properties: + automated: + properties: + allowEmpty: + type: boolean + prune: + type: boolean + selfHeal: + type: boolean + type: object + managedNamespaceMetadata: + properties: + annotations: + additionalProperties: + type: string + type: object + labels: + additionalProperties: + type: string + type: object + type: object + retry: + properties: + backoff: + properties: + duration: + type: string + factor: + format: int64 + type: integer + maxDuration: + type: string + type: object + limit: + format: int64 + type: integer + type: object + syncOptions: + items: + type: string + type: array + type: object + required: + - destination + - project + type: object + required: + - metadata + - spec + type: object + required: + - generators + - mergeKeys + type: object + pullRequest: + properties: + bitbucketServer: + properties: + api: + type: string + basicAuth: + properties: + passwordRef: + properties: + key: + type: string + secretName: + type: string + required: + - key + - secretName + type: object username: type: string required: @@ -5963,7 +9356,26 @@ spec: type: array name: type: string + parameters: + items: + properties: + array: + items: + type: string + type: array + map: + additionalProperties: + type: string + type: object + name: + type: string + string: + type: string + type: object + type: array type: object + ref: + type: string repoURL: type: string targetRevision: @@ -5971,6 +9383,165 @@ spec: required: - repoURL type: object + sources: + items: + properties: + chart: + type: string + directory: + properties: + exclude: + type: string + include: + type: string + jsonnet: + properties: + extVars: + items: + properties: + code: + type: boolean + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + libs: + items: + type: string + type: array + tlas: + items: + properties: + code: + type: boolean + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + type: object + recurse: + type: boolean + type: object + helm: + properties: + fileParameters: + items: + properties: + name: + type: string + path: + type: string + type: object + type: array + ignoreMissingValueFiles: + type: boolean + parameters: + items: + properties: + forceString: + type: boolean + name: + type: string + value: + type: string + type: object + type: array + passCredentials: + type: boolean + releaseName: + type: string + skipCrds: + type: boolean + valueFiles: + items: + type: string + type: array + values: + type: string + version: + type: string + type: object + kustomize: + properties: + commonAnnotations: + additionalProperties: + type: string + type: object + commonLabels: + additionalProperties: + type: string + type: object + forceCommonAnnotations: + type: boolean + forceCommonLabels: + type: boolean + images: + items: + type: string + type: array + namePrefix: + type: string + nameSuffix: + type: string + version: + type: string + type: object + path: + type: string + plugin: + properties: + env: + items: + properties: + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + name: + type: string + parameters: + items: + properties: + array: + items: + type: string + type: array + map: + additionalProperties: + type: string + type: object + name: + type: string + string: + type: string + type: object + type: array + type: object + ref: + type: string + repoURL: + type: string + targetRevision: + type: string + required: + - repoURL + type: object + type: array syncPolicy: properties: automated: @@ -5982,6 +9553,17 @@ spec: selfHeal: type: boolean type: object + managedNamespaceMetadata: + properties: + annotations: + additionalProperties: + type: string + type: object + labels: + additionalProperties: + type: string + type: object + type: object retry: properties: backoff: @@ -6006,7 +9588,6 @@ spec: required: - destination - project - - source type: object required: - metadata @@ -6344,63 +9925,241 @@ spec: valueFiles: items: type: string - type: array - values: - type: string - version: - type: string - type: object - kustomize: - properties: - commonAnnotations: - additionalProperties: + type: array + values: + type: string + version: + type: string + type: object + kustomize: + properties: + commonAnnotations: + additionalProperties: + type: string + type: object + commonLabels: + additionalProperties: + type: string + type: object + forceCommonAnnotations: + type: boolean + forceCommonLabels: + type: boolean + images: + items: + type: string + type: array + namePrefix: + type: string + nameSuffix: + type: string + version: + type: string + type: object + path: + type: string + plugin: + properties: + env: + items: + properties: + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + name: + type: string + parameters: + items: + properties: + array: + items: + type: string + type: array + map: + additionalProperties: + type: string + type: object + name: + type: string + string: + type: string + type: object + type: array + type: object + ref: + type: string + repoURL: + type: string + targetRevision: + type: string + required: + - repoURL + type: object + sources: + items: + properties: + chart: + type: string + directory: + properties: + exclude: + type: string + include: + type: string + jsonnet: + properties: + extVars: + items: + properties: + code: + type: boolean + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + libs: + items: + type: string + type: array + tlas: + items: + properties: + code: + type: boolean + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + type: object + recurse: + type: boolean + type: object + helm: + properties: + fileParameters: + items: + properties: + name: + type: string + path: + type: string + type: object + type: array + ignoreMissingValueFiles: + type: boolean + parameters: + items: + properties: + forceString: + type: boolean + name: + type: string + value: + type: string + type: object + type: array + passCredentials: + type: boolean + releaseName: + type: string + skipCrds: + type: boolean + valueFiles: + items: + type: string + type: array + values: + type: string + version: + type: string + type: object + kustomize: + properties: + commonAnnotations: + additionalProperties: + type: string + type: object + commonLabels: + additionalProperties: + type: string + type: object + forceCommonAnnotations: + type: boolean + forceCommonLabels: + type: boolean + images: + items: + type: string + type: array + namePrefix: + type: string + nameSuffix: type: string - type: object - commonLabels: - additionalProperties: + version: type: string - type: object - forceCommonAnnotations: - type: boolean - forceCommonLabels: - type: boolean - images: - items: + type: object + path: + type: string + plugin: + properties: + env: + items: + properties: + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + name: type: string - type: array - namePrefix: - type: string - nameSuffix: - type: string - version: - type: string - type: object - path: - type: string - plugin: - properties: - env: - items: - properties: - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - name: - type: string - type: object - repoURL: - type: string - targetRevision: - type: string - required: - - repoURL - type: object + parameters: + items: + properties: + array: + items: + type: string + type: array + map: + additionalProperties: + type: string + type: object + name: + type: string + string: + type: string + type: object + type: array + type: object + ref: + type: string + repoURL: + type: string + targetRevision: + type: string + required: + - repoURL + type: object + type: array syncPolicy: properties: automated: @@ -6412,6 +10171,17 @@ spec: selfHeal: type: boolean type: object + managedNamespaceMetadata: + properties: + annotations: + additionalProperties: + type: string + type: object + labels: + additionalProperties: + type: string + type: object + type: object retry: properties: backoff: @@ -6436,7 +10206,6 @@ spec: required: - destination - project - - source type: object required: - metadata @@ -6470,6 +10239,37 @@ spec: type: array goTemplate: type: boolean + strategy: + properties: + rollingSync: + properties: + steps: + items: + properties: + matchExpressions: + items: + properties: + key: + type: string + operator: + type: string + values: + items: + type: string + type: array + type: object + type: array + maxUpdate: + anyOf: + - type: integer + - type: string + x-kubernetes-int-or-string: true + type: object + type: array + type: object + type: + type: string + type: object syncPolicy: properties: preserveResourcesOnDeletion: @@ -6681,7 +10481,26 @@ spec: type: array name: type: string + parameters: + items: + properties: + array: + items: + type: string + type: array + map: + additionalProperties: + type: string + type: object + name: + type: string + string: + type: string + type: object + type: array type: object + ref: + type: string repoURL: type: string targetRevision: @@ -6689,6 +10508,165 @@ spec: required: - repoURL type: object + sources: + items: + properties: + chart: + type: string + directory: + properties: + exclude: + type: string + include: + type: string + jsonnet: + properties: + extVars: + items: + properties: + code: + type: boolean + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + libs: + items: + type: string + type: array + tlas: + items: + properties: + code: + type: boolean + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + type: object + recurse: + type: boolean + type: object + helm: + properties: + fileParameters: + items: + properties: + name: + type: string + path: + type: string + type: object + type: array + ignoreMissingValueFiles: + type: boolean + parameters: + items: + properties: + forceString: + type: boolean + name: + type: string + value: + type: string + type: object + type: array + passCredentials: + type: boolean + releaseName: + type: string + skipCrds: + type: boolean + valueFiles: + items: + type: string + type: array + values: + type: string + version: + type: string + type: object + kustomize: + properties: + commonAnnotations: + additionalProperties: + type: string + type: object + commonLabels: + additionalProperties: + type: string + type: object + forceCommonAnnotations: + type: boolean + forceCommonLabels: + type: boolean + images: + items: + type: string + type: array + namePrefix: + type: string + nameSuffix: + type: string + version: + type: string + type: object + path: + type: string + plugin: + properties: + env: + items: + properties: + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + name: + type: string + parameters: + items: + properties: + array: + items: + type: string + type: array + map: + additionalProperties: + type: string + type: object + name: + type: string + string: + type: string + type: object + type: array + type: object + ref: + type: string + repoURL: + type: string + targetRevision: + type: string + required: + - repoURL + type: object + type: array syncPolicy: properties: automated: @@ -6700,6 +10678,17 @@ spec: selfHeal: type: boolean type: object + managedNamespaceMetadata: + properties: + annotations: + additionalProperties: + type: string + type: object + labels: + additionalProperties: + type: string + type: object + type: object retry: properties: backoff: @@ -6724,7 +10713,6 @@ spec: required: - destination - project - - source type: object required: - metadata @@ -6736,6 +10724,24 @@ spec: type: object status: properties: + applicationStatus: + items: + properties: + application: + type: string + lastTransitionTime: + format: date-time + type: string + message: + type: string + status: + type: string + required: + - application + - message + - status + type: object + type: array conditions: items: properties: diff --git a/charts/argo-cd/values.yaml b/charts/argo-cd/values.yaml index c3f6fdab3..6e885f107 100755 --- a/charts/argo-cd/values.yaml +++ b/charts/argo-cd/values.yaml @@ -205,6 +205,12 @@ configs: # -- Limit on number of concurrent manifests generate requests. Any value less the 1 means no limit. reposerver.parallelism.limit: 0 + ## ApplicationSet Properties + # -- Modify how application is synced between the generator and the cluster. One of: `sync`, `create-only`, `create-update`, `create-delete` + applicationsetcontroller.policy: sync + # -- Enables use of the Progressive Syncs capability + applicationsetcontroller.enable.progressive.syncs: false + # Argo CD RBAC policy configuration ## Ref: https://github.com/argoproj/argo-cd/blob/master/docs/operator-manual/rbac.md rbac: @@ -2147,18 +2153,14 @@ applicationSet: # @default -- `[]` (defaults to global.imagePullSecrets) imagePullSecrets: [] - # -- ApplicationSet controller log format. Either `text` or `json` - # @default -- `""` (defaults to global.logging.format) - logFormat: "" - # -- ApplicationSet controller log level. One of: `debug`, `info`, `warn`, `error` - # @default -- `""` (defaults to global.logging.level) - logLevel: "" - - args: + # -- DEPRECATED - ApplicationSet controller command line flags + args: {} + # DEPRECATED - Use configs.params.applicationsetcontroller.policy to override # -- How application is synced between the generator and the cluster - policy: sync + # policy: sync + # DEPRECATED - Use configs.params.applicationsetcontroller.dryrun to override # -- Enable dry run mode - dryRun: false + # dryRun: false # -- List of extra cli args to add extraArgs: [] From b1be8fabd462229b0f5acfad528208eed6146c2d Mon Sep 17 00:00:00 2001 From: Jason Meridth Date: Tue, 7 Feb 2023 09:11:10 -0600 Subject: [PATCH 067/356] chore(argo-workflows): Update Argo Workflows to v3.4.5 (#1828) Signed-off-by: jmeridth Co-authored-by: Petr Drastil --- charts/argo-workflows/Chart.yaml | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/charts/argo-workflows/Chart.yaml b/charts/argo-workflows/Chart.yaml index 37846bed1..8ba37092b 100644 --- a/charts/argo-workflows/Chart.yaml +++ b/charts/argo-workflows/Chart.yaml @@ -1,9 +1,9 @@ apiVersion: v2 -appVersion: v3.4.4 +appVersion: v3.4.5 name: argo-workflows description: A Helm chart for Argo Workflows type: application -version: 0.22.9 +version: 0.22.10 icon: https://raw.githubusercontent.com/argoproj/argo-workflows/master/docs/assets/argo.png home: https://github.com/argoproj/argo-helm sources: @@ -13,5 +13,5 @@ maintainers: url: https://argoproj.github.io/ annotations: artifacthub.io/changes: | - - kind: fixed - description: Align changelog structure to show changelogs on Artifact Hub + - kind: changed + description: Upgrade Argo Workflows to v3.4.5 From 3bede30d3909a2c3d0c48aef3ccc6ddb4a557730 Mon Sep 17 00:00:00 2001 From: Petr Drastil Date: Wed, 8 Feb 2023 02:09:40 +0100 Subject: [PATCH 068/356] fix(argo-cd): Fix ApplicationSet CRD for pathParamPrefix (#1829) fix(argo-cd): Fix ApplicationSet CRD for pathParamPrefix Signed-off-by: Petr Drastil --- charts/argo-cd/Chart.yaml | 8 +++----- charts/argo-cd/templates/crds/crd-applicationset.yaml | 6 +++--- 2 files changed, 6 insertions(+), 8 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index c5f6c5fbf..af4de1565 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -3,7 +3,7 @@ appVersion: v2.6.0 kubeVersion: ">=1.22.0-0" description: A Helm chart for Argo CD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 5.20.0 +version: 5.20.1 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png sources: @@ -23,7 +23,5 @@ dependencies: condition: redis-ha.enabled annotations: artifacthub.io/changes: | - - kind: changed - description: Upgrade Argo CD to 2.6.0 - - kind: deprecated - description: ApplicationSet args, logFormat and logLevel superseded by configs.params + - kind: fixed + description: Sync latest ApplicationSet CRD diff --git a/charts/argo-cd/templates/crds/crd-applicationset.yaml b/charts/argo-cd/templates/crds/crd-applicationset.yaml index 7a15b67de..434522422 100644 --- a/charts/argo-cd/templates/crds/crd-applicationset.yaml +++ b/charts/argo-cd/templates/crds/crd-applicationset.yaml @@ -1470,7 +1470,6 @@ spec: - spec type: object required: - - pathParamPrefix - repoURL - revision type: object @@ -3361,7 +3360,6 @@ spec: - spec type: object required: - - pathParamPrefix - repoURL - revision type: object @@ -6910,7 +6908,6 @@ spec: - spec type: object required: - - pathParamPrefix - repoURL - revision type: object @@ -10736,10 +10733,13 @@ spec: type: string status: type: string + step: + type: string required: - application - message - status + - step type: object type: array conditions: From e17d218600091b20a57310df07fbba2d35ae715f Mon Sep 17 00:00:00 2001 From: Petr Drastil Date: Wed, 8 Feb 2023 17:41:16 +0100 Subject: [PATCH 069/356] docs(argo-cd): Remove incorrect deprecation note (#1830) Signed-off-by: Petr Drastil --- charts/argo-cd/Chart.yaml | 6 +++--- charts/argo-cd/templates/NOTES.txt | 3 --- 2 files changed, 3 insertions(+), 6 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index af4de1565..47438c33f 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -3,7 +3,7 @@ appVersion: v2.6.0 kubeVersion: ">=1.22.0-0" description: A Helm chart for Argo CD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 5.20.1 +version: 5.20.2 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png sources: @@ -23,5 +23,5 @@ dependencies: condition: redis-ha.enabled annotations: artifacthub.io/changes: | - - kind: fixed - description: Sync latest ApplicationSet CRD + - kind: removed + description: Removed incorrect deprecation note diff --git a/charts/argo-cd/templates/NOTES.txt b/charts/argo-cd/templates/NOTES.txt index 002d38442..d79d95f0c 100644 --- a/charts/argo-cd/templates/NOTES.txt +++ b/charts/argo-cd/templates/NOTES.txt @@ -52,9 +52,6 @@ DEPRECATED option configs.gpgKeys - Use config.gpg.keys {{- if .Values.configs.gpgKeysAnnotations }} DEPRECATED option configs.gpgKeysAnnotations - Use config.gpg.annotations {{- end }} -{{- if hasKey .Values "createAggregateRoles" }} -DEPRECATED option createAggregateRoles - Use global.rbac.aggregatedRoles -{{- end }} {{- if hasKey (.Values.controller.clusterAdminAccess | default dict) "enabled" }} DEPRECATED option .controller.clusterAdminAccess.enabled - Use createClusterRoles {{- end }} From eb102d27aa1f84811e4873a781d867ba81cb3cfd Mon Sep 17 00:00:00 2001 From: Michael Crenshaw <350466+crenshaw-dev@users.noreply.github.com> Date: Wed, 8 Feb 2023 15:14:07 -0500 Subject: [PATCH 070/356] feat(argo-cd): Upgrade Argo CD to 2.6.1 (#1832) Signed-off-by: Michael Crenshaw <350466+crenshaw-dev@users.noreply.github.com> --- charts/argo-cd/Chart.yaml | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index 47438c33f..321bd3527 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -1,9 +1,9 @@ apiVersion: v2 -appVersion: v2.6.0 +appVersion: v2.6.1 kubeVersion: ">=1.22.0-0" description: A Helm chart for Argo CD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 5.20.2 +version: 5.20.3 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png sources: @@ -23,5 +23,5 @@ dependencies: condition: redis-ha.enabled annotations: artifacthub.io/changes: | - - kind: removed - description: Removed incorrect deprecation note + - kind: changed + description: Upgrade Argo CD to 2.6.1 From 31768175b92e708ebb447dace0a54e1b0df1a7ef Mon Sep 17 00:00:00 2001 From: toyamagu <83329336+toyamagu-2021@users.noreply.github.com> Date: Fri, 10 Feb 2023 07:43:38 +0900 Subject: [PATCH 071/356] feat(argocd-apps): multiple sources for Application and ApplicationSet (#1831) * feat(argocd-apps): multiple sources for application and applicationset Signed-off-by: toyamagu * fix typo Signed-off-by: toyamagu2021@gmail.com --------- Signed-off-by: toyamagu Signed-off-by: toyamagu2021@gmail.com Co-authored-by: Aikawa --- charts/argocd-apps/Chart.yaml | 6 ++-- .../applications-multiple-sources-values.yaml | 28 +++++++++++++++++ .../argocd-apps/ci/applications-values.yaml | 30 +++++++++++++++++++ ...plicationsets-multiple-sources-values.yaml | 24 +++++++++++++++ .../ci/applicationsets-values.yaml | 3 +- .../argocd-apps/templates/applications.yaml | 8 ++++- .../templates/applicationsets.yaml | 8 ++++- charts/argocd-apps/values.yaml | 8 +++++ 8 files changed, 108 insertions(+), 7 deletions(-) create mode 100644 charts/argocd-apps/ci/applications-multiple-sources-values.yaml create mode 100644 charts/argocd-apps/ci/applications-values.yaml create mode 100644 charts/argocd-apps/ci/applicationsets-multiple-sources-values.yaml diff --git a/charts/argocd-apps/Chart.yaml b/charts/argocd-apps/Chart.yaml index 422dc6867..1a2c09148 100644 --- a/charts/argocd-apps/Chart.yaml +++ b/charts/argocd-apps/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v2 name: argocd-apps description: A Helm chart for managing additional Argo CD Applications and Projects type: application -version: 0.0.7 +version: 0.0.8 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png keywords: @@ -14,5 +14,5 @@ maintainers: url: https://argoproj.github.io/ annotations: artifacthub.io/changes: | - - kind: fixed - description: Align changelog structure to show changelogs on Artifact Hub + - kind: added + description: Multiple sources for Application and ApplicationSet diff --git a/charts/argocd-apps/ci/applications-multiple-sources-values.yaml b/charts/argocd-apps/ci/applications-multiple-sources-values.yaml new file mode 100644 index 000000000..4d21403b4 --- /dev/null +++ b/charts/argocd-apps/ci/applications-multiple-sources-values.yaml @@ -0,0 +1,28 @@ +# Test with multi-source applications + +applications: +- name: argocd-application-multiple-sources + additionalLabels: {} + additionalAnnotations: {} + finalizers: + - resources-finalizer.argocd.argoproj.io + project: default + sources: + - chart: elasticsearch + repoURL: https://helm.elastic.co + targetRevision: 8.5.1 + - repoURL: https://github.com/argoproj/argocd-example-apps.git + path: guestbook + targetRevision: HEAD + destination: + server: https://kubernetes.default.svc + namespace: default + syncPolicy: + automated: + prune: false + selfHeal: false + ignoreDifferences: + - group: apps + kind: Deployment + jsonPointers: + - /spec/replicas diff --git a/charts/argocd-apps/ci/applications-values.yaml b/charts/argocd-apps/ci/applications-values.yaml new file mode 100644 index 000000000..4d708a16f --- /dev/null +++ b/charts/argocd-apps/ci/applications-values.yaml @@ -0,0 +1,30 @@ +# Test with applications + +applications: +- name: argocd-application + additionalLabels: {} + additionalAnnotations: {} + finalizers: + - resources-finalizer.argocd.argoproj.io + project: default + source: + repoURL: https://github.com/argoproj/argocd-example-apps.git + targetRevision: HEAD + path: guestbook + directory: + recurse: true + destination: + server: https://kubernetes.default.svc + namespace: default + syncPolicy: + automated: + prune: false + selfHeal: false + ignoreDifferences: + - group: apps + kind: Deployment + jsonPointers: + - /spec/replicas + info: + - name: url + value: https://argoproj.github.io/ diff --git a/charts/argocd-apps/ci/applicationsets-multiple-sources-values.yaml b/charts/argocd-apps/ci/applicationsets-multiple-sources-values.yaml new file mode 100644 index 000000000..f1dd7cda8 --- /dev/null +++ b/charts/argocd-apps/ci/applicationsets-multiple-sources-values.yaml @@ -0,0 +1,24 @@ +# Test with multi-source applicationsets + +applicationsets: +- name: applicationset-multiple-sources + generators: + - list: + elements: + - cluster: default-cluster + url: https://kubernetes.default.svc + template: + metadata: + name: '{{cluster}}-guestbook' + spec: + project: default + sources: + - chart: elasticsearch + repoURL: https://helm.elastic.co + targetRevision: 8.5.1 + - repoURL: https://github.com/argoproj/argocd-example-apps.git + path: guestbook + targetRevision: HEAD + destination: + server: '{{url}}' + namespace: default diff --git a/charts/argocd-apps/ci/applicationsets-values.yaml b/charts/argocd-apps/ci/applicationsets-values.yaml index a76ed41a5..2258f422b 100644 --- a/charts/argocd-apps/ci/applicationsets-values.yaml +++ b/charts/argocd-apps/ci/applicationsets-values.yaml @@ -1,8 +1,7 @@ # Test with applicationsets applicationsets: -- name: guestbook - namespace: default # Only for test purpose. +- name: applicationset additionalLabels: {} additionalAnnotations: {} # See PR #10026 (ArgoCD v2.5 or later) diff --git a/charts/argocd-apps/templates/applications.yaml b/charts/argocd-apps/templates/applications.yaml index ea63fc25f..fee643d81 100644 --- a/charts/argocd-apps/templates/applications.yaml +++ b/charts/argocd-apps/templates/applications.yaml @@ -23,8 +23,14 @@ metadata: {{- end }} spec: project: {{ tpl .project $ }} + {{- with .source }} source: - {{- toYaml .source | nindent 4 }} + {{- toYaml . | nindent 4 }} + {{- end }} + {{- with .sources }} + sources: + {{- toYaml . | nindent 4 }} + {{- end }} destination: {{- toYaml .destination | nindent 4 }} {{- with .syncPolicy }} diff --git a/charts/argocd-apps/templates/applicationsets.yaml b/charts/argocd-apps/templates/applicationsets.yaml index 20898d0a8..aa7a3b791 100644 --- a/charts/argocd-apps/templates/applicationsets.yaml +++ b/charts/argocd-apps/templates/applicationsets.yaml @@ -52,8 +52,14 @@ spec: {{- with .spec }} spec: project: {{ tpl .project $ }} + {{- with .source }} source: - {{- toYaml .source | nindent 8 }} + {{- toYaml . | nindent 8 }} + {{- end }} + {{- with .sources }} + sources: + {{- toYaml . | nindent 8 }} + {{- end }} destination: {{- toYaml .destination | nindent 8 }} {{- with .syncPolicy }} diff --git a/charts/argocd-apps/values.yaml b/charts/argocd-apps/values.yaml index b3eaa5d21..62a2509c4 100644 --- a/charts/argocd-apps/values.yaml +++ b/charts/argocd-apps/values.yaml @@ -15,6 +15,14 @@ applications: [] # path: guestbook # directory: # recurse: true +# # ArgoCD v2.6 or later +# sources: +# - chart: elasticsearch +# repoURL: https://helm.elastic.co +# targetRevision: 8.5.1 +# - repoURL: https://github.com/argoproj/argocd-example-apps.git +# path: guestbook +# targetRevision: HEAD # destination: # server: https://kubernetes.default.svc # namespace: guestbook From c08fc230d75c85b2c9a07138c5c7b7bc957b98df Mon Sep 17 00:00:00 2001 From: Vlad Losev Date: Thu, 9 Feb 2023 21:31:49 -0800 Subject: [PATCH 072/356] fix(argo-workflows): clean subresource permissions (#1835) --- charts/argo-workflows/Chart.yaml | 4 ++-- .../controller/workflow-controller-cluster-roles.yaml | 7 ++++++- .../templates/server/server-cluster-roles.yaml | 9 +++++++-- 3 files changed, 15 insertions(+), 5 deletions(-) diff --git a/charts/argo-workflows/Chart.yaml b/charts/argo-workflows/Chart.yaml index 8ba37092b..0fe6953a5 100644 --- a/charts/argo-workflows/Chart.yaml +++ b/charts/argo-workflows/Chart.yaml @@ -3,7 +3,7 @@ appVersion: v3.4.5 name: argo-workflows description: A Helm chart for Argo Workflows type: application -version: 0.22.10 +version: 0.22.11 icon: https://raw.githubusercontent.com/argoproj/argo-workflows/master/docs/assets/argo.png home: https://github.com/argoproj/argo-helm sources: @@ -14,4 +14,4 @@ maintainers: annotations: artifacthub.io/changes: | - kind: changed - description: Upgrade Argo Workflows to v3.4.5 + description: Cleaned RBAC permissions for subresources (pods/log, pods/exec). diff --git a/charts/argo-workflows/templates/controller/workflow-controller-cluster-roles.yaml b/charts/argo-workflows/templates/controller/workflow-controller-cluster-roles.yaml index 34f91c0da..bb08306b8 100644 --- a/charts/argo-workflows/templates/controller/workflow-controller-cluster-roles.yaml +++ b/charts/argo-workflows/templates/controller/workflow-controller-cluster-roles.yaml @@ -14,7 +14,6 @@ rules: - "" resources: - pods - - pods/exec verbs: - create - get @@ -23,6 +22,12 @@ rules: - update - patch - delete +- apiGroups: + - "" + resources: + - pods/exec + verbs: + - create - apiGroups: - "" resources: diff --git a/charts/argo-workflows/templates/server/server-cluster-roles.yaml b/charts/argo-workflows/templates/server/server-cluster-roles.yaml index c3c4e6887..c7d18f50c 100644 --- a/charts/argo-workflows/templates/server/server-cluster-roles.yaml +++ b/charts/argo-workflows/templates/server/server-cluster-roles.yaml @@ -23,13 +23,18 @@ rules: - "" resources: - pods - - pods/exec - - pods/log verbs: - get - list - watch - delete +- apiGroups: + - "" + resources: + - pods/log + verbs: + - get + - list {{- if .Values.server.sso }} - apiGroups: - "" From a915e774a53edfb76b654e214aa5de794bf419b2 Mon Sep 17 00:00:00 2001 From: Petr Drastil Date: Mon, 13 Feb 2023 12:22:15 +0100 Subject: [PATCH 073/356] fix(argo-cd): Fix invalid progressive sync parameter (#1839) Signed-off-by: Petr Drastil --- charts/argo-cd/Chart.yaml | 6 +++--- .../argo-cd/templates/argocd-applicationset/deployment.yaml | 2 +- 2 files changed, 4 insertions(+), 4 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index 321bd3527..40aed46fc 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -3,7 +3,7 @@ appVersion: v2.6.1 kubeVersion: ">=1.22.0-0" description: A Helm chart for Argo CD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 5.20.3 +version: 5.20.4 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png sources: @@ -23,5 +23,5 @@ dependencies: condition: redis-ha.enabled annotations: artifacthub.io/changes: | - - kind: changed - description: Upgrade Argo CD to 2.6.1 + - kind: fixed + description: Fixed invalid ApplicationSet progressive sync parameter diff --git a/charts/argo-cd/templates/argocd-applicationset/deployment.yaml b/charts/argo-cd/templates/argocd-applicationset/deployment.yaml index 82324f4d1..ff99bd07e 100644 --- a/charts/argo-cd/templates/argocd-applicationset/deployment.yaml +++ b/charts/argo-cd/templates/argocd-applicationset/deployment.yaml @@ -136,7 +136,7 @@ spec: - name: ARGOCD_APPLICATIONSET_CONTROLLER_ENABLE_PROGRESSIVE_SYNCS valueFrom: configMapKeyRef: - key: applicationsetcontroller.enable.progressive.rollouts + key: applicationsetcontroller.enable.progressive.syncs name: argocd-cmd-params-cm optional: true {{- with .Values.applicationSet.extraEnvFrom }} From 4a56a4d7f019f61a4aa2ee348562998f1aa34870 Mon Sep 17 00:00:00 2001 From: nicogl Date: Tue, 14 Feb 2023 09:21:29 -0300 Subject: [PATCH 074/356] fix(argo-cd): Add quotes on Ingress Host to allow wildcards (#1841) * Add quotes on Ingress Host to allow wildcards Signed-off-by: nicogl * Update Chart.yaml Signed-off-by: nicogl --------- Signed-off-by: nicogl --- charts/argo-cd/Chart.yaml | 4 ++-- charts/argo-cd/templates/argocd-server/ingress.yaml | 2 +- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index 40aed46fc..8bb57d7df 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -3,7 +3,7 @@ appVersion: v2.6.1 kubeVersion: ">=1.22.0-0" description: A Helm chart for Argo CD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 5.20.4 +version: 5.20.5 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png sources: @@ -24,4 +24,4 @@ dependencies: annotations: artifacthub.io/changes: | - kind: fixed - description: Fixed invalid ApplicationSet progressive sync parameter + description: Fixed missing quotes on Ingress host diff --git a/charts/argo-cd/templates/argocd-server/ingress.yaml b/charts/argo-cd/templates/argocd-server/ingress.yaml index 52269d0a1..0e064b0b3 100644 --- a/charts/argo-cd/templates/argocd-server/ingress.yaml +++ b/charts/argo-cd/templates/argocd-server/ingress.yaml @@ -29,7 +29,7 @@ spec: rules: {{- if .Values.server.ingress.hosts }} {{- range $host := .Values.server.ingress.hosts }} - - host: {{ $host }} + - host: {{ $host | quote }} http: paths: {{- with $extraPaths }} From d59ae7bd757f43ad73b118628c732f7da717e7de Mon Sep 17 00:00:00 2001 From: Loris Date: Wed, 15 Feb 2023 01:11:16 +0100 Subject: [PATCH 075/356] feat(argo-cd): Add dnsConfig and dnsPolicy for pods (#1773) feat(argo-cd): Add dnsConfig and dnsPolicy for pods (#1771) Signed-off-by: Loris Torikian Co-authored-by: Loris Torikian Co-authored-by: Marco Kilchhofer --- charts/argo-cd/Chart.yaml | 6 ++-- charts/argo-cd/README.md | 14 +++++++++ charts/argo-cd/README.md.gotmpl | 1 + .../statefulset.yaml | 4 +++ .../argocd-applicationset/deployment.yaml | 5 +++ .../bots/slack/deployment.yaml | 5 +++ .../argocd-notifications/deployment.yaml | 5 +++ .../argocd-repo-server/deployment.yaml | 4 +++ .../templates/argocd-server/deployment.yaml | 4 +++ charts/argo-cd/templates/dex/deployment.yaml | 5 +++ .../argo-cd/templates/redis/deployment.yaml | 5 +++ charts/argo-cd/values.yaml | 31 +++++++++++++++++++ 12 files changed, 86 insertions(+), 3 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index 8bb57d7df..8b857298a 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -3,7 +3,7 @@ appVersion: v2.6.1 kubeVersion: ">=1.22.0-0" description: A Helm chart for Argo CD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 5.20.5 +version: 5.21.0 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png sources: @@ -23,5 +23,5 @@ dependencies: condition: redis-ha.enabled annotations: artifacthub.io/changes: | - - kind: fixed - description: Fixed missing quotes on Ingress host + - kind: added + description: Allow dnsConfig pod configuration diff --git a/charts/argo-cd/README.md b/charts/argo-cd/README.md index 652620e55..fe1252106 100644 --- a/charts/argo-cd/README.md +++ b/charts/argo-cd/README.md @@ -466,6 +466,7 @@ NAME: my-release | controller.clusterRoleRules.rules | list | `[]` | List of custom rules for the application controller's ClusterRole resource | | controller.containerPorts.metrics | int | `8082` | Metrics container port | | controller.containerSecurityContext | object | See [values.yaml] | Application controller container-level security context | +| controller.dnsConfig | object | `{}` | [DNS configuration] | | controller.dnsPolicy | string | `"ClusterFirst"` | Alternative DNS policy for application controller pods | | controller.env | list | `[]` | Environment variables to pass to application controller | | controller.envFrom | list | `[]` (See [values.yaml]) | envFrom to pass to application controller | @@ -547,6 +548,7 @@ NAME: my-release | repoServer.containerPorts.server | int | `8081` | Repo server container port | | repoServer.containerSecurityContext | object | See [values.yaml] | Repo server container-level security context | | repoServer.deploymentAnnotations | object | `{}` | Annotations to be added to repo server Deployment | +| repoServer.dnsConfig | object | `{}` | [DNS configuration] | | repoServer.dnsPolicy | string | `"ClusterFirst"` | Alternative DNS policy for Repo server pods | | repoServer.env | list | `[]` | Environment variables to pass to repo server | | repoServer.envFrom | list | `[]` (See [values.yaml]) | envFrom to pass to repo server | @@ -649,6 +651,7 @@ NAME: my-release | server.containerPorts.server | int | `8080` | Server container port | | server.containerSecurityContext | object | See [values.yaml] | Server container-level security context | | server.deploymentAnnotations | object | `{}` | Annotations to be added to server Deployment | +| server.dnsConfig | object | `{}` | [DNS configuration] | | server.dnsPolicy | string | `"ClusterFirst"` | Alternative DNS policy for Server pods | | server.env | list | `[]` | Environment variables to pass to Argo CD server | | server.envFrom | list | `[]` (See [values.yaml]) | envFrom to pass to Argo CD server | @@ -794,6 +797,8 @@ server: | dex.containerPorts.metrics | int | `5558` | Metrics container port | | dex.containerSecurityContext | object | See [values.yaml] | Dex container-level security context | | dex.deploymentAnnotations | object | `{}` | Annotations to be added to the Dex server Deployment | +| dex.dnsConfig | object | `{}` | [DNS configuration] | +| dex.dnsPolicy | string | `"ClusterFirst"` | Alternative DNS policy for Dex server pods | | dex.enabled | bool | `true` | Enable dex | | dex.env | list | `[]` | Environment variables to pass to the Dex server | | dex.envFrom | list | `[]` (See [values.yaml]) | envFrom to pass to the Dex server | @@ -869,6 +874,8 @@ server: | redis.containerPorts.redis | int | `6379` | Redis container port | | redis.containerSecurityContext | object | See [values.yaml] | Redis container-level security context | | redis.deploymentAnnotations | object | `{}` | Annotations to be added to the Redis server Deployment | +| redis.dnsConfig | object | `{}` | [DNS configuration] | +| redis.dnsPolicy | string | `"ClusterFirst"` | Alternative DNS policy for Redis server pods | | redis.enabled | bool | `true` | Enable redis | | redis.env | list | `[]` | Environment variables to pass to the Redis server | | redis.envFrom | list | `[]` (See [values.yaml]) | envFrom to pass to the Redis server | @@ -979,6 +986,8 @@ If you want to use an existing Redis (eg. a managed service from a cloud provide | applicationSet.containerPorts.webhook | int | `7000` | Webhook container port | | applicationSet.containerSecurityContext | object | See [values.yaml] | ApplicationSet controller container-level security context | | applicationSet.deploymentAnnotations | object | `{}` | Annotations to be added to ApplicationSet controller Deployment | +| applicationSet.dnsConfig | object | `{}` | [DNS configuration] | +| applicationSet.dnsPolicy | string | `"ClusterFirst"` | Alternative DNS policy for ApplicationSet controller pods | | applicationSet.enabled | bool | `true` | Enable ApplicationSet controller | | applicationSet.extraArgs | list | `[]` | List of extra cli args to add | | applicationSet.extraContainers | list | `[]` | Additional containers to be added to the ApplicationSet controller pod | @@ -1058,6 +1067,8 @@ If you want to use an existing Redis (eg. a managed service from a cloud provide | notifications.argocdUrl | string | `nil` | Argo CD dashboard url; used in place of {{.context.argocdUrl}} in templates | | notifications.bots.slack.affinity | object | `{}` | Assign custom [affinity] rules | | notifications.bots.slack.containerSecurityContext | object | See [values.yaml] | Slack bot container-level security Context | +| notifications.bots.slack.dnsConfig | object | `{}` | [DNS configuration] | +| notifications.bots.slack.dnsPolicy | string | `"ClusterFirst"` | Alternative DNS policy for Slack bot pods | | notifications.bots.slack.enabled | bool | `false` | Enable slack bot | | notifications.bots.slack.extraArgs | list | `[]` | List of extra cli args to add for Slack bot | | notifications.bots.slack.image.imagePullPolicy | string | `""` (defaults to global.image.imagePullPolicy) | Image pull policy for the Slack bot | @@ -1085,6 +1096,8 @@ If you want to use an existing Redis (eg. a managed service from a cloud provide | notifications.containerSecurityContext | object | See [values.yaml] | Notification controller container-level security Context | | notifications.context | object | `{}` | Define user-defined context | | notifications.deploymentAnnotations | object | `{}` | Annotations to be applied to the notifications controller Deployment | +| notifications.dnsConfig | object | `{}` | [DNS configuration] | +| notifications.dnsPolicy | string | `"ClusterFirst"` | Alternative DNS policy for notifications controller Pods | | notifications.enabled | bool | `true` | Enable notifications controller | | notifications.extraArgs | list | `[]` | Extra arguments to provide to the notifications controller | | notifications.extraContainers | list | `[]` | Additional containers to be added to the notifications controller pod | @@ -1145,6 +1158,7 @@ Autogenerated from chart metadata using [helm-docs](https://github.com/norwoodj/ [BackendConfigSpec]: https://cloud.google.com/kubernetes-engine/docs/concepts/backendconfig#backendconfigspec_v1beta1_cloudgooglecom [CSS styles]: https://argo-cd.readthedocs.io/en/stable/operator-manual/custom-styles/ [changelog]: https://artifacthub.io/packages/helm/argo/argo-cd?modal=changelog +[DNS configuration]: https://kubernetes.io/docs/concepts/services-networking/dns-pod-service/ [external cluster credentials]: https://argo-cd.readthedocs.io/en/stable/operator-manual/declarative-setup/#clusters [FrontendConfigSpec]: https://cloud.google.com/kubernetes-engine/docs/how-to/ingress-features#configuring_ingress_features_through_frontendconfig_parameters [declarative setup]: https://argo-cd.readthedocs.io/en/stable/operator-manual/declarative-setup diff --git a/charts/argo-cd/README.md.gotmpl b/charts/argo-cd/README.md.gotmpl index fde0c0c88..6cec37321 100644 --- a/charts/argo-cd/README.md.gotmpl +++ b/charts/argo-cd/README.md.gotmpl @@ -521,6 +521,7 @@ Autogenerated from chart metadata using [helm-docs](https://github.com/norwoodj/ [BackendConfigSpec]: https://cloud.google.com/kubernetes-engine/docs/concepts/backendconfig#backendconfigspec_v1beta1_cloudgooglecom [CSS styles]: https://argo-cd.readthedocs.io/en/stable/operator-manual/custom-styles/ [changelog]: https://artifacthub.io/packages/helm/argo/argo-cd?modal=changelog +[DNS configuration]: https://kubernetes.io/docs/concepts/services-networking/dns-pod-service/ [external cluster credentials]: https://argo-cd.readthedocs.io/en/stable/operator-manual/declarative-setup/#clusters [FrontendConfigSpec]: https://cloud.google.com/kubernetes-engine/docs/how-to/ingress-features#configuring_ingress_features_through_frontendconfig_parameters [declarative setup]: https://argo-cd.readthedocs.io/en/stable/operator-manual/declarative-setup diff --git a/charts/argo-cd/templates/argocd-application-controller/statefulset.yaml b/charts/argo-cd/templates/argocd-application-controller/statefulset.yaml index 634431dd3..2ada23b4f 100644 --- a/charts/argo-cd/templates/argocd-application-controller/statefulset.yaml +++ b/charts/argo-cd/templates/argocd-application-controller/statefulset.yaml @@ -313,4 +313,8 @@ spec: priorityClassName: {{ . }} {{- end }} hostNetwork: {{ .Values.controller.hostNetwork }} + {{- with .Values.controller.dnsConfig }} + dnsConfig: + {{- toYaml . | nindent 8 }} + {{- end }} dnsPolicy: {{ .Values.controller.dnsPolicy }} diff --git a/charts/argo-cd/templates/argocd-applicationset/deployment.yaml b/charts/argo-cd/templates/argocd-applicationset/deployment.yaml index ff99bd07e..ca129ffd3 100644 --- a/charts/argo-cd/templates/argocd-applicationset/deployment.yaml +++ b/charts/argo-cd/templates/argocd-applicationset/deployment.yaml @@ -230,4 +230,9 @@ spec: emptyDir: {} - name: tmp emptyDir: {} + {{- with .Values.applicationSet.dnsConfig }} + dnsConfig: + {{- toYaml . | nindent 8 }} + {{- end }} + dnsPolicy: {{ .Values.applicationSet.dnsPolicy }} {{- end }} diff --git a/charts/argo-cd/templates/argocd-notifications/bots/slack/deployment.yaml b/charts/argo-cd/templates/argocd-notifications/bots/slack/deployment.yaml index 90fcf78ce..b9949aab6 100644 --- a/charts/argo-cd/templates/argocd-notifications/bots/slack/deployment.yaml +++ b/charts/argo-cd/templates/argocd-notifications/bots/slack/deployment.yaml @@ -65,4 +65,9 @@ spec: tolerations: {{- toYaml . | nindent 8 }} {{- end }} + {{- with .Values.notifications.bots.slack.dnsConfig }} + dnsConfig: + {{- toYaml . | nindent 8 }} + {{- end }} + dnsPolicy: {{ .Values.notifications.bots.slack.dnsPolicy }} {{ end }} diff --git a/charts/argo-cd/templates/argocd-notifications/deployment.yaml b/charts/argo-cd/templates/argocd-notifications/deployment.yaml index 85d586ccc..474dc01da 100644 --- a/charts/argo-cd/templates/argocd-notifications/deployment.yaml +++ b/charts/argo-cd/templates/argocd-notifications/deployment.yaml @@ -121,4 +121,9 @@ spec: path: tls.key - key: ca.crt path: ca.crt + {{- with .Values.notifications.dnsConfig }} + dnsConfig: + {{- toYaml . | nindent 8 }} + {{- end }} + dnsPolicy: {{ .Values.notifications.dnsPolicy }} {{- end }} diff --git a/charts/argo-cd/templates/argocd-repo-server/deployment.yaml b/charts/argo-cd/templates/argocd-repo-server/deployment.yaml index a39c007c3..67ad60f9e 100755 --- a/charts/argo-cd/templates/argocd-repo-server/deployment.yaml +++ b/charts/argo-cd/templates/argocd-repo-server/deployment.yaml @@ -357,4 +357,8 @@ spec: priorityClassName: {{ . }} {{- end }} hostNetwork: {{ .Values.repoServer.hostNetwork }} + {{- with .Values.repoServer.dnsConfig }} + dnsConfig: + {{- toYaml . | nindent 8 }} + {{- end }} dnsPolicy: {{ .Values.repoServer.dnsPolicy }} diff --git a/charts/argo-cd/templates/argocd-server/deployment.yaml b/charts/argo-cd/templates/argocd-server/deployment.yaml index b0ed47d4a..57d1305b1 100755 --- a/charts/argo-cd/templates/argocd-server/deployment.yaml +++ b/charts/argo-cd/templates/argocd-server/deployment.yaml @@ -422,4 +422,8 @@ spec: priorityClassName: {{ . }} {{- end }} hostNetwork: {{ .Values.server.hostNetwork }} + {{- with .Values.server.dnsConfig }} + dnsConfig: + {{- toYaml . | nindent 8 }} + {{- end }} dnsPolicy: {{ .Values.server.dnsPolicy }} diff --git a/charts/argo-cd/templates/dex/deployment.yaml b/charts/argo-cd/templates/dex/deployment.yaml index 1b3b43380..9acc08711 100755 --- a/charts/argo-cd/templates/dex/deployment.yaml +++ b/charts/argo-cd/templates/dex/deployment.yaml @@ -188,4 +188,9 @@ spec: {{- with .Values.dex.priorityClassName }} priorityClassName: {{ . }} {{- end }} + {{- with .Values.dex.dnsConfig }} + dnsConfig: + {{- toYaml . | nindent 8 }} + {{- end }} + dnsPolicy: {{ .Values.dex.dnsPolicy }} {{- end }} diff --git a/charts/argo-cd/templates/redis/deployment.yaml b/charts/argo-cd/templates/redis/deployment.yaml index 6f23e44e1..ff4b29b1d 100755 --- a/charts/argo-cd/templates/redis/deployment.yaml +++ b/charts/argo-cd/templates/redis/deployment.yaml @@ -128,4 +128,9 @@ spec: volumes: {{- toYaml . | nindent 8}} {{- end }} + {{- with .Values.redis.dnsConfig }} + dnsConfig: + {{- toYaml . | nindent 8 }} + {{- end }} + dnsPolicy: {{ .Values.redis.dnsPolicy }} {{- end }} diff --git a/charts/argo-cd/values.yaml b/charts/argo-cd/values.yaml index 6e885f107..f444e21cf 100755 --- a/charts/argo-cd/values.yaml +++ b/charts/argo-cd/values.yaml @@ -589,6 +589,8 @@ controller: # -- Host Network for application controller pods hostNetwork: false + # -- [DNS configuration] + dnsConfig: {} # -- Alternative DNS policy for application controller pods dnsPolicy: "ClusterFirst" @@ -890,6 +892,11 @@ dex: # -- Metrics container port metrics: 5558 + # -- [DNS configuration] + dnsConfig: {} + # -- Alternative DNS policy for Dex server pods + dnsPolicy: "ClusterFirst" + # -- Dex container-level security context # @default -- See [values.yaml] containerSecurityContext: @@ -1106,6 +1113,11 @@ redis: # -- Metrics container port metrics: 9121 + # -- [DNS configuration] + dnsConfig: {} + # -- Alternative DNS policy for Redis server pods + dnsPolicy: "ClusterFirst" + # -- Redis container-level security context # @default -- See [values.yaml] containerSecurityContext: @@ -1463,6 +1475,8 @@ server: # -- Host Network for Server pods hostNetwork: false + # -- [DNS configuration] + dnsConfig: {} # -- Alternative DNS policy for Server pods dnsPolicy: "ClusterFirst" @@ -1952,6 +1966,8 @@ repoServer: # -- Host Network for Repo server pods hostNetwork: false + # -- [DNS configuration] + dnsConfig: {} # -- Alternative DNS policy for Repo server pods dnsPolicy: "ClusterFirst" @@ -2279,6 +2295,11 @@ applicationSet: # -- Webhook container port webhook: 7000 + # -- [DNS configuration] + dnsConfig: {} + # -- Alternative DNS policy for ApplicationSet controller pods + dnsPolicy: "ClusterFirst" + # -- ApplicationSet controller container-level security context # @default -- See [values.yaml] containerSecurityContext: @@ -2549,6 +2570,11 @@ notifications: # -- Metrics container port metrics: 9001 + # -- [DNS configuration] + dnsConfig: {} + # -- Alternative DNS policy for notifications controller Pods + dnsPolicy: "ClusterFirst" + # -- Notification controller container-level security Context # @default -- See [values.yaml] containerSecurityContext: @@ -2930,6 +2956,11 @@ notifications: # -- Annotations applied to created service account annotations: {} + # -- [DNS configuration] + dnsConfig: {} + # -- Alternative DNS policy for Slack bot pods + dnsPolicy: "ClusterFirst" + # -- Slack bot container-level security Context # @default -- See [values.yaml] containerSecurityContext: From 70fd1b3fe64e127a28780c33dc25b7f9670be753 Mon Sep 17 00:00:00 2001 From: Aikawa Date: Fri, 17 Feb 2023 17:23:33 +0900 Subject: [PATCH 076/356] chore(argo-cd): Upgrade Argo CD to v2.6.2 (#1844) Signed-off-by: yu-croco --- charts/argo-cd/Chart.yaml | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index 8b857298a..7519bc45f 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -1,9 +1,9 @@ apiVersion: v2 -appVersion: v2.6.1 +appVersion: v2.6.2 kubeVersion: ">=1.22.0-0" description: A Helm chart for Argo CD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 5.21.0 +version: 5.21.1 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png sources: @@ -23,5 +23,5 @@ dependencies: condition: redis-ha.enabled annotations: artifacthub.io/changes: | - - kind: added - description: Allow dnsConfig pod configuration + - kind: changed + description: Upgrade Argo CD to v2.6.2 From 51386c69be246d233d106ca97d33fda6b63b0caa Mon Sep 17 00:00:00 2001 From: Petr Drastil Date: Fri, 17 Feb 2023 17:38:17 +0100 Subject: [PATCH 077/356] feat(argo-cd): Add global affinity configuration (#1794) --- charts/argo-cd/Chart.yaml | 6 +-- charts/argo-cd/README.md | 23 +++++--- charts/argo-cd/README.md.gotmpl | 4 ++ charts/argo-cd/templates/_common.tpl | 54 +++++++++++++++++++ .../statefulset.yaml | 6 +-- .../argocd-applicationset/deployment.yaml | 6 +-- .../bots/slack/deployment.yaml | 6 +-- .../argocd-notifications/deployment.yaml | 6 +-- .../argocd-repo-server/deployment.yaml | 6 +-- .../templates/argocd-server/deployment.yaml | 6 +-- charts/argo-cd/templates/dex/deployment.yaml | 4 +- .../argo-cd/templates/redis/deployment.yaml | 4 +- charts/argo-cd/values.yaml | 25 +++++++++ 13 files changed, 115 insertions(+), 41 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index 7519bc45f..76bdbde6a 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -3,7 +3,7 @@ appVersion: v2.6.2 kubeVersion: ">=1.22.0-0" description: A Helm chart for Argo CD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 5.21.1 +version: 5.22.0 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png sources: @@ -23,5 +23,5 @@ dependencies: condition: redis-ha.enabled annotations: artifacthub.io/changes: | - - kind: changed - description: Upgrade Argo CD to v2.6.2 + - kind: added + description: Global affinity configuration diff --git a/charts/argo-cd/README.md b/charts/argo-cd/README.md index fe1252106..2533c1802 100644 --- a/charts/argo-cd/README.md +++ b/charts/argo-cd/README.md @@ -105,6 +105,10 @@ For full list of changes please check ArtifactHub [changelog]. Highlighted versions provide information about additional steps that should be performed by user when upgrading to newer version. +### 5.21.0 + +This versions adds `global.affinity` options that are used as a presets. Override on component level works as before and replaces the default preset completely. + ### 5.19.0 This version consolidates config for custom repository TLS certificates and SSH known hosts. If you provide this values please move them into new `configs.ssh` and `configs.tls` sections. @@ -381,6 +385,9 @@ NAME: my-release | Key | Type | Default | Description | |-----|------|---------|-------------| | global.additionalLabels | object | `{}` | Common labels for the all resources | +| global.affinity.nodeAffinity.matchExpressions | list | `[]` | Default match expressions for node affinity | +| global.affinity.nodeAffinity.type | string | `"hard"` | Default node affinity rules. Either: `soft` or `hard` | +| global.affinity.podAntiAffinity | string | `"soft"` | Default pod anti-affinity rules. Either: `soft` or `hard` | | global.deploymentAnnotations | object | `{}` | Annotations for the all deployed Deployments | | global.hostAliases | list | `[]` | Mapping between IP and hostnames that will be injected as entries in the pod's hosts files | | global.image.imagePullPolicy | string | `"IfNotPresent"` | If defined, a imagePullPolicy applied to all Argo CD deployments | @@ -460,7 +467,7 @@ NAME: my-release | Key | Type | Default | Description | |-----|------|---------|-------------| -| controller.affinity | object | `{}` | Assign custom [affinity] rules to the deployment | +| controller.affinity | object | `{}` (defaults to global.affinity preset) | Assign custom [affinity] rules to the deployment | | controller.args | object | `{}` | DEPRECATED - Application controller commandline flags | | controller.clusterRoleRules.enabled | bool | `false` | Enable custom rules for the application controller's ClusterRole resource | | controller.clusterRoleRules.rules | list | `[]` | List of custom rules for the application controller's ClusterRole resource | @@ -529,7 +536,7 @@ NAME: my-release | Key | Type | Default | Description | |-----|------|---------|-------------| -| repoServer.affinity | object | `{}` | Assign custom [affinity] rules to the deployment | +| repoServer.affinity | object | `{}` (defaults to global.affinity preset) | Assign custom [affinity] rules to the deployment | | repoServer.autoscaling.behavior | object | `{}` | Configures the scaling behavior of the target in both Up and Down directions. This is only available on HPA apiVersion `autoscaling/v2beta2` and newer | | repoServer.autoscaling.enabled | bool | `false` | Enable Horizontal Pod Autoscaler ([HPA]) for the repo server | | repoServer.autoscaling.maxReplicas | int | `5` | Maximum number of replicas for the repo server [HPA] | @@ -622,7 +629,7 @@ NAME: my-release | server.GKEfrontendConfig.spec | object | `{}` | [FrontendConfigSpec] | | server.GKEmanagedCertificate.domains | list | `["argocd.example.com"]` | Domains for the Google Managed Certificate | | server.GKEmanagedCertificate.enabled | bool | `false` | Enable ManagedCertificate custom resource for Google Kubernetes Engine. | -| server.affinity | object | `{}` | Assign custom [affinity] rules to the deployment | +| server.affinity | object | `{}` (defaults to global.affinity preset) | Assign custom [affinity] rules to the deployment | | server.autoscaling.behavior | object | `{}` | Configures the scaling behavior of the target in both Up and Down directions. This is only available on HPA apiVersion `autoscaling/v2beta2` and newer | | server.autoscaling.enabled | bool | `false` | Enable Horizontal Pod Autoscaler ([HPA]) for the Argo CD server | | server.autoscaling.maxReplicas | int | `5` | Maximum number of replicas for the Argo CD server [HPA] | @@ -785,7 +792,7 @@ server: | Key | Type | Default | Description | |-----|------|---------|-------------| -| dex.affinity | object | `{}` | Assign custom [affinity] rules to the deployment | +| dex.affinity | object | `{}` (defaults to global.affinity preset) | Assign custom [affinity] rules to the deployment | | dex.certificateSecret.annotations | object | `{}` | Annotations to be added to argocd-dex-server-tls secret | | dex.certificateSecret.ca | string | `""` | Certificate authority. Required for self-signed certificates. | | dex.certificateSecret.crt | string | `""` | Certificate data. Must contain SANs of Dex service (ie: argocd-dex-server, argocd-dex-server.argo-cd.svc) | @@ -869,7 +876,7 @@ server: | Key | Type | Default | Description | |-----|------|---------|-------------| -| redis.affinity | object | `{}` | Assign custom [affinity] rules to the deployment | +| redis.affinity | object | `{}` (defaults to global.affinity preset) | Assign custom [affinity] rules to the deployment | | redis.containerPorts.metrics | int | `9121` | Metrics container port | | redis.containerPorts.redis | int | `6379` | Redis container port | | redis.containerSecurityContext | object | See [values.yaml] | Redis container-level security context | @@ -979,7 +986,7 @@ If you want to use an existing Redis (eg. a managed service from a cloud provide | Key | Type | Default | Description | |-----|------|---------|-------------| -| applicationSet.affinity | object | `{}` | Assign custom [affinity] rules | +| applicationSet.affinity | object | `{}` (defaults to global.affinity preset) | Assign custom [affinity] rules | | applicationSet.args | object | `{}` | DEPRECATED - ApplicationSet controller command line flags | | applicationSet.containerPorts.metrics | int | `8080` | Metrics container port | | applicationSet.containerPorts.probe | int | `8081` | Probe container port | @@ -1063,9 +1070,9 @@ If you want to use an existing Redis (eg. a managed service from a cloud provide | Key | Type | Default | Description | |-----|------|---------|-------------| -| notifications.affinity | object | `{}` | Assign custom [affinity] rules | +| notifications.affinity | object | `{}` (defaults to global.affinity preset) | Assign custom [affinity] rules | | notifications.argocdUrl | string | `nil` | Argo CD dashboard url; used in place of {{.context.argocdUrl}} in templates | -| notifications.bots.slack.affinity | object | `{}` | Assign custom [affinity] rules | +| notifications.bots.slack.affinity | object | `{}` (defaults to global.affinity preset) | Assign custom [affinity] rules | | notifications.bots.slack.containerSecurityContext | object | See [values.yaml] | Slack bot container-level security Context | | notifications.bots.slack.dnsConfig | object | `{}` | [DNS configuration] | | notifications.bots.slack.dnsPolicy | string | `"ClusterFirst"` | Alternative DNS policy for Slack bot pods | diff --git a/charts/argo-cd/README.md.gotmpl b/charts/argo-cd/README.md.gotmpl index 6cec37321..f450e0e7c 100644 --- a/charts/argo-cd/README.md.gotmpl +++ b/charts/argo-cd/README.md.gotmpl @@ -104,6 +104,10 @@ For full list of changes please check ArtifactHub [changelog]. Highlighted versions provide information about additional steps that should be performed by user when upgrading to newer version. +### 5.21.0 + +This versions adds `global.affinity` options that are used as a presets. Override on component level works as before and replaces the default preset completely. + ### 5.19.0 This version consolidates config for custom repository TLS certificates and SSH known hosts. If you provide this values please move them into new `configs.ssh` and `configs.tls` sections. diff --git a/charts/argo-cd/templates/_common.tpl b/charts/argo-cd/templates/_common.tpl index f5154e47d..2ba53d8cc 100644 --- a/charts/argo-cd/templates/_common.tpl +++ b/charts/argo-cd/templates/_common.tpl @@ -63,3 +63,57 @@ app.kubernetes.io/instance: {{ .context.Release.Name }} app.kubernetes.io/component: {{ .component }} {{- end }} {{- end }} + +{{/* +Common affinity definition +Pod affinity + - Soft prefers different nodes + - Hard requires different nodes and prefers different availibility zones +Node affinity + - Soft prefers given user expressions + - Hard requires given user expressions +*/}} +{{- define "argo-cd.affinity" -}} +{{- with .component.affinity -}} + {{- toYaml . -}} +{{- else -}} +{{- $preset := .context.Values.global.affinity -}} +podAntiAffinity: + preferredDuringSchedulingIgnoredDuringExecution: + {{- if (eq $preset.podAntiAffinity "soft") }} + - weight: 100 + podAffinityTerm: + labelSelector: + matchLabels: + app.kubernetes.io/name: {{ include "argo-cd.name" .context }}-{{ .component.name }} + topologyKey: kubernetes.io/hostname + {{- else }} + - weight: 100 + podAffinityTerm: + labelSelector: + matchLabels: + app.kubernetes.io/name: {{ include "argo-cd.name" .context }}-{{ .component.name }} + topologyKey: topology.kubernetes.io/zone + requiredDuringSchedulingIgnoredDuringExecution: + - labelSelector: + matchLabels: + app.kubernetes.io/name: {{ include "argo-cd.name" .context }}-{{ .component.name }} + topologyKey: kubernetes.io/hostname + {{- end }} +{{- with $preset.nodeAffinity.matchExpressions }} +nodeAffinity: + {{- if (eq $preset.nodeAffinity.type "soft") }} + preferredDuringSchedulingIgnoredDuringExecution: + - weight: 1 + preference: + matchExpressions: + {{- toYaml . | nindent 6 }} + {{- else }} + requiredDuringSchedulingIgnoredDuringExecution: + nodeSelectorTerms: + - matchExpressions: + {{- toYaml . | nindent 6 }} + {{- end }} +{{- end -}} +{{- end -}} +{{- end -}} diff --git a/charts/argo-cd/templates/argocd-application-controller/statefulset.yaml b/charts/argo-cd/templates/argocd-application-controller/statefulset.yaml index 2ada23b4f..0a161362a 100644 --- a/charts/argo-cd/templates/argocd-application-controller/statefulset.yaml +++ b/charts/argo-cd/templates/argocd-application-controller/statefulset.yaml @@ -264,6 +264,8 @@ spec: initContainers: {{- tpl (toYaml .) $ | nindent 6 }} {{- end }} + affinity: + {{- include "argo-cd.affinity" (dict "context" . "component" .Values.controller) | nindent 8 }} {{- with .Values.controller.nodeSelector }} nodeSelector: {{- toYaml . | nindent 8 }} @@ -272,10 +274,6 @@ spec: tolerations: {{- toYaml . | nindent 8 }} {{- end }} - {{- with .Values.controller.affinity }} - affinity: - {{- toYaml . | nindent 8 }} - {{- end }} {{- with .Values.controller.topologySpreadConstraints }} topologySpreadConstraints: {{- range $constraint := . }} diff --git a/charts/argo-cd/templates/argocd-applicationset/deployment.yaml b/charts/argo-cd/templates/argocd-applicationset/deployment.yaml index ca129ffd3..462ebcbaa 100644 --- a/charts/argo-cd/templates/argocd-applicationset/deployment.yaml +++ b/charts/argo-cd/templates/argocd-applicationset/deployment.yaml @@ -198,14 +198,12 @@ spec: initContainers: {{- tpl (toYaml .) $ | nindent 6 }} {{- end }} + affinity: + {{- include "argo-cd.affinity" (dict "context" . "component" .Values.applicationSet) | nindent 8 }} {{- with .Values.applicationSet.nodeSelector }} nodeSelector: {{- toYaml . | nindent 8 }} {{- end }} - {{- with .Values.applicationSet.affinity }} - affinity: - {{- toYaml . | nindent 8 }} - {{- end }} {{- with .Values.applicationSet.tolerations }} tolerations: {{- toYaml . | nindent 8 }} diff --git a/charts/argo-cd/templates/argocd-notifications/bots/slack/deployment.yaml b/charts/argo-cd/templates/argocd-notifications/bots/slack/deployment.yaml index b9949aab6..2749cb2b4 100644 --- a/charts/argo-cd/templates/argocd-notifications/bots/slack/deployment.yaml +++ b/charts/argo-cd/templates/argocd-notifications/bots/slack/deployment.yaml @@ -53,14 +53,12 @@ spec: {{- toYaml .Values.notifications.bots.slack.resources | nindent 12 }} securityContext: {{- toYaml .Values.notifications.bots.slack.containerSecurityContext | nindent 12 }} + affinity: + {{- include "argo-cd.affinity" (dict "context" . "component" .Values.notifications.bots.slack) | nindent 8 }} {{- with .Values.notifications.bots.slack.nodeSelector }} nodeSelector: {{- toYaml . | nindent 8 }} {{- end }} - {{- with .Values.notifications.bots.slack.affinity }} - affinity: - {{- toYaml . | nindent 8 }} - {{- end }} {{- with .Values.notifications.bots.slack.tolerations }} tolerations: {{- toYaml . | nindent 8 }} diff --git a/charts/argo-cd/templates/argocd-notifications/deployment.yaml b/charts/argo-cd/templates/argocd-notifications/deployment.yaml index 474dc01da..5efc09653 100644 --- a/charts/argo-cd/templates/argocd-notifications/deployment.yaml +++ b/charts/argo-cd/templates/argocd-notifications/deployment.yaml @@ -88,14 +88,12 @@ spec: initContainers: {{- tpl (toYaml . ) $ | nindent 8 }} {{- end }} + affinity: + {{- include "argo-cd.affinity" (dict "context" . "component" .Values.notifications) | nindent 8 }} {{- with .Values.notifications.nodeSelector }} nodeSelector: {{- toYaml . | nindent 8 }} {{- end }} - {{- with .Values.notifications.affinity }} - affinity: - {{- toYaml . | nindent 8 }} - {{- end }} {{- with .Values.notifications.tolerations }} tolerations: {{- toYaml . | nindent 8 }} diff --git a/charts/argo-cd/templates/argocd-repo-server/deployment.yaml b/charts/argo-cd/templates/argocd-repo-server/deployment.yaml index 67ad60f9e..00e73d8a2 100755 --- a/charts/argo-cd/templates/argocd-repo-server/deployment.yaml +++ b/charts/argo-cd/templates/argocd-repo-server/deployment.yaml @@ -291,6 +291,8 @@ spec: {{- with .Values.repoServer.initContainers }} {{- tpl (toYaml .) $ | nindent 6 }} {{- end }} + affinity: + {{- include "argo-cd.affinity" (dict "context" . "component" .Values.repoServer) | nindent 8 }} {{- with .Values.repoServer.nodeSelector }} nodeSelector: {{- toYaml . | nindent 8 }} @@ -299,10 +301,6 @@ spec: tolerations: {{- toYaml . | nindent 8 }} {{- end }} - {{- with .Values.repoServer.affinity }} - affinity: - {{- toYaml . | nindent 8 }} - {{- end }} {{- with .Values.repoServer.topologySpreadConstraints }} topologySpreadConstraints: {{- range $constraint := . }} diff --git a/charts/argo-cd/templates/argocd-server/deployment.yaml b/charts/argo-cd/templates/argocd-server/deployment.yaml index 57d1305b1..bb3940065 100755 --- a/charts/argo-cd/templates/argocd-server/deployment.yaml +++ b/charts/argo-cd/templates/argocd-server/deployment.yaml @@ -348,6 +348,8 @@ spec: initContainers: {{- tpl (toYaml .) $ | nindent 6 }} {{- end }} + affinity: + {{- include "argo-cd.affinity" (dict "context" . "component" .Values.server) | nindent 8 }} {{- with .Values.server.nodeSelector }} nodeSelector: {{- toYaml . | nindent 8 }} @@ -356,10 +358,6 @@ spec: tolerations: {{- toYaml . | nindent 8 }} {{- end }} - {{- with .Values.server.affinity }} - affinity: - {{- toYaml . | nindent 8 }} - {{- end }} {{- with .Values.server.topologySpreadConstraints }} topologySpreadConstraints: {{- range $constraint := . }} diff --git a/charts/argo-cd/templates/dex/deployment.yaml b/charts/argo-cd/templates/dex/deployment.yaml index 9acc08711..7fea0b485 100755 --- a/charts/argo-cd/templates/dex/deployment.yaml +++ b/charts/argo-cd/templates/dex/deployment.yaml @@ -146,10 +146,8 @@ spec: tolerations: {{- toYaml . | nindent 8 }} {{- end }} - {{- with .Values.dex.affinity }} affinity: - {{- toYaml . | nindent 8 }} - {{- end }} + {{- include "argo-cd.affinity" (dict "context" . "component" .Values.dex) | nindent 8 }} {{- with .Values.dex.topologySpreadConstraints }} topologySpreadConstraints: {{- range $constraint := . }} diff --git a/charts/argo-cd/templates/redis/deployment.yaml b/charts/argo-cd/templates/redis/deployment.yaml index ff4b29b1d..ffff4badc 100755 --- a/charts/argo-cd/templates/redis/deployment.yaml +++ b/charts/argo-cd/templates/redis/deployment.yaml @@ -106,10 +106,8 @@ spec: tolerations: {{- toYaml . | nindent 8 }} {{- end }} - {{- with .Values.redis.affinity }} affinity: - {{- toYaml . | nindent 8 }} - {{- end }} + {{- include "argo-cd.affinity" (dict "context" . "component" .Values.redis) | nindent 8 }} {{- with .Values.redis.topologySpreadConstraints }} topologySpreadConstraints: {{- range $constraint := . }} diff --git a/charts/argo-cd/values.yaml b/charts/argo-cd/values.yaml index f444e21cf..b3706c5ab 100755 --- a/charts/argo-cd/values.yaml +++ b/charts/argo-cd/values.yaml @@ -92,12 +92,29 @@ global: # hostnames: # - git.myhostname + # Default network policy rules used by all components networkPolicy: # -- Create NetworkPolicy objects for all components create: false # -- Default deny all ingress traffic defaultDenyIngress: false + # Default affinity preset for all components + affinity: + # -- Default pod anti-affinity rules. Either: `soft` or `hard` + podAntiAffinity: soft + # Node affinity rules + nodeAffinity: + # -- Default node affinity rules. Either: `soft` or `hard` + type: hard + # -- Default match expressions for node affinity + matchExpressions: [] + # - key: topology.kubernetes.io/zone + # operator: In + # values: + # - antarctica-east1 + # - antarctica-west1 + ## Argo Configs configs: # General Argo CD configuration @@ -627,6 +644,7 @@ controller: tolerations: [] # -- Assign custom [affinity] rules to the deployment + # @default -- `{}` (defaults to global.affinity preset) affinity: {} # -- Assign custom [TopologySpreadConstraints] rules to the application controller @@ -965,6 +983,7 @@ dex: # -- [Tolerations] for use with node taints tolerations: [] # -- Assign custom [affinity] rules to the deployment + # @default -- `{}` (defaults to global.affinity preset) affinity: {} # -- Assign custom [TopologySpreadConstraints] rules to dex @@ -1136,6 +1155,7 @@ redis: tolerations: [] # -- Assign custom [affinity] rules to the deployment + # @default -- `{}` (defaults to global.affinity preset) affinity: {} # -- Assign custom [TopologySpreadConstraints] rules to redis @@ -1523,6 +1543,7 @@ server: # -- [Tolerations] for use with node taints tolerations: [] # -- Assign custom [affinity] rules to the deployment + # @default -- `{}` (defaults to global.affinity preset) affinity: {} # -- Assign custom [TopologySpreadConstraints] rules to the Argo CD server @@ -2014,6 +2035,7 @@ repoServer: # -- [Tolerations] for use with node taints tolerations: [] # -- Assign custom [affinity] rules to the deployment + # @default -- `{}` (defaults to global.affinity preset) affinity: {} # -- Assign custom [TopologySpreadConstraints] rules to the repo server @@ -2349,6 +2371,7 @@ applicationSet: tolerations: [] # -- Assign custom [affinity] rules + # @default -- `{}` (defaults to global.affinity preset) affinity: {} # -- If specified, indicates the pod's priority. If not specified, the pod priority will be default or zero if there is no default. @@ -2594,6 +2617,7 @@ notifications: tolerations: [] # -- Assign custom [affinity] rules + # @default -- `{}` (defaults to global.affinity preset) affinity: {} # -- Priority class for the notifications controller pods @@ -2983,6 +3007,7 @@ notifications: # memory: 128Mi # -- Assign custom [affinity] rules + # @default -- `{}` (defaults to global.affinity preset) affinity: {} # -- [Tolerations] for use with node taints From 63b741ed580be65282a957855787f94ffc00b3b1 Mon Sep 17 00:00:00 2001 From: Petr Drastil Date: Sun, 19 Feb 2023 13:38:02 +0100 Subject: [PATCH 078/356] chore(argo-cd): Group component templates together (#1847) Signed-off-by: Petr Drastil --- charts/argo-cd/Chart.yaml | 6 +- charts/argo-cd/templates/_helpers.tpl | 100 +++++++++++++------------- 2 files changed, 53 insertions(+), 53 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index 76bdbde6a..efd96096b 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -3,7 +3,7 @@ appVersion: v2.6.2 kubeVersion: ">=1.22.0-0" description: A Helm chart for Argo CD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 5.22.0 +version: 5.22.1 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png sources: @@ -23,5 +23,5 @@ dependencies: condition: redis-ha.enabled annotations: artifacthub.io/changes: | - - kind: added - description: Global affinity configuration + - kind: changed + description: Grouped component templates together diff --git a/charts/argo-cd/templates/_helpers.tpl b/charts/argo-cd/templates/_helpers.tpl index bd99fc9dd..76abc8d28 100644 --- a/charts/argo-cd/templates/_helpers.tpl +++ b/charts/argo-cd/templates/_helpers.tpl @@ -8,6 +8,17 @@ to 63 chars and it includes 10 chars of hash and a separating '-'. {{- printf "%s-%s" (include "argo-cd.fullname" .) .Values.controller.name | trunc 52 | trimSuffix "-" -}} {{- end -}} +{{/* +Create the name of the controller service account to use +*/}} +{{- define "argo-cd.controllerServiceAccountName" -}} +{{- if .Values.controller.serviceAccount.create -}} + {{ default (include "argo-cd.controller.fullname" .) .Values.controller.serviceAccount.name }} +{{- else -}} + {{ default "default" .Values.controller.serviceAccount.name }} +{{- end -}} +{{- end -}} + {{/* Create dex name and version as used by the chart label. */}} @@ -26,6 +37,17 @@ Create Dex server endpoint {{- printf "%s://%s:%d" $scheme $host $port }} {{- end }} +{{/* +Create the name of the dex service account to use +*/}} +{{- define "argo-cd.dexServiceAccountName" -}} +{{- if .Values.dex.serviceAccount.create -}} + {{ default (include "argo-cd.dex.fullname" .) .Values.dex.serviceAccount.name }} +{{- else -}} + {{ default "default" .Values.dex.serviceAccount.name }} +{{- end -}} +{{- end -}} + {{/* Create redis name and version as used by the chart label. */}} @@ -53,56 +75,6 @@ Return Redis server endpoint {{- end }} {{- end -}} -{{/* -Create argocd server name and version as used by the chart label. -*/}} -{{- define "argo-cd.server.fullname" -}} -{{- printf "%s-%s" (include "argo-cd.fullname" .) .Values.server.name | trunc 63 | trimSuffix "-" -}} -{{- end -}} - -{{/* -Create argocd repo-server name and version as used by the chart label. -*/}} -{{- define "argo-cd.repoServer.fullname" -}} -{{- printf "%s-%s" (include "argo-cd.fullname" .) .Values.repoServer.name | trunc 63 | trimSuffix "-" -}} -{{- end -}} - -{{/* -Create argocd application set name and version as used by the chart label. -*/}} -{{- define "argo-cd.applicationSet.fullname" -}} -{{- printf "%s-%s" (include "argo-cd.fullname" .) .Values.applicationSet.name | trunc 63 | trimSuffix "-" -}} -{{- end -}} - -{{/* -Create argocd notifications name and version as used by the chart label. -*/}} -{{- define "argo-cd.notifications.fullname" -}} -{{- printf "%s-%s" (include "argo-cd.fullname" .) .Values.notifications.name | trunc 63 | trimSuffix "-" -}} -{{- end -}} - -{{/* -Create the name of the controller service account to use -*/}} -{{- define "argo-cd.controllerServiceAccountName" -}} -{{- if .Values.controller.serviceAccount.create -}} - {{ default (include "argo-cd.controller.fullname" .) .Values.controller.serviceAccount.name }} -{{- else -}} - {{ default "default" .Values.controller.serviceAccount.name }} -{{- end -}} -{{- end -}} - -{{/* -Create the name of the dex service account to use -*/}} -{{- define "argo-cd.dexServiceAccountName" -}} -{{- if .Values.dex.serviceAccount.create -}} - {{ default (include "argo-cd.dex.fullname" .) .Values.dex.serviceAccount.name }} -{{- else -}} - {{ default "default" .Values.dex.serviceAccount.name }} -{{- end -}} -{{- end -}} - {{/* Create the name of the redis service account to use */}} @@ -114,6 +86,13 @@ Create the name of the redis service account to use {{- end -}} {{- end -}} +{{/* +Create argocd server name and version as used by the chart label. +*/}} +{{- define "argo-cd.server.fullname" -}} +{{- printf "%s-%s" (include "argo-cd.fullname" .) .Values.server.name | trunc 63 | trimSuffix "-" -}} +{{- end -}} + {{/* Create the name of the Argo CD server service account to use */}} @@ -125,6 +104,13 @@ Create the name of the Argo CD server service account to use {{- end -}} {{- end -}} +{{/* +Create argocd repo-server name and version as used by the chart label. +*/}} +{{- define "argo-cd.repoServer.fullname" -}} +{{- printf "%s-%s" (include "argo-cd.fullname" .) .Values.repoServer.name | trunc 63 | trimSuffix "-" -}} +{{- end -}} + {{/* Create the name of the repo-server service account to use */}} @@ -136,6 +122,13 @@ Create the name of the repo-server service account to use {{- end -}} {{- end -}} +{{/* +Create argocd application set name and version as used by the chart label. +*/}} +{{- define "argo-cd.applicationSet.fullname" -}} +{{- printf "%s-%s" (include "argo-cd.fullname" .) .Values.applicationSet.name | trunc 63 | trimSuffix "-" -}} +{{- end -}} + {{/* Create the name of the application set service account to use */}} @@ -147,6 +140,13 @@ Create the name of the application set service account to use {{- end -}} {{- end -}} +{{/* +Create argocd notifications name and version as used by the chart label. +*/}} +{{- define "argo-cd.notifications.fullname" -}} +{{- printf "%s-%s" (include "argo-cd.fullname" .) .Values.notifications.name | trunc 63 | trimSuffix "-" -}} +{{- end -}} + {{/* Create the name of the notifications service account to use */}} From 99932a96c28af3d06432ace85dc00b52abcbae5d Mon Sep 17 00:00:00 2001 From: Vadim Grek Date: Tue, 21 Feb 2023 03:14:33 +0200 Subject: [PATCH 079/356] chore(argo-events): Upgrade Argo Events to v1.7.6 (#1849) --- charts/argo-events/Chart.yaml | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/charts/argo-events/Chart.yaml b/charts/argo-events/Chart.yaml index 160f6cf63..9318cb850 100644 --- a/charts/argo-events/Chart.yaml +++ b/charts/argo-events/Chart.yaml @@ -1,8 +1,8 @@ apiVersion: v2 -appVersion: v1.7.5 +appVersion: v1.7.6 description: A Helm chart for Argo Events, the event-driven workflow automation framework name: argo-events -version: 2.1.2 +version: 2.1.3 home: https://github.com/argoproj/argo-helm icon: https://argoproj.github.io/argo-events/assets/logo.png keywords: @@ -15,5 +15,5 @@ maintainers: url: https://argoproj.github.io/ annotations: artifacthub.io/changes: | - - kind: fixed - description: Align changelog structure to show changelogs on Artifact Hub + - kind: changed + description: Upgrade Argo Events to v1.7.6 From 2ae7e1ad0dc7a7cb64a1bf03c38a151f207291d3 Mon Sep 17 00:00:00 2001 From: Petr Drastil Date: Thu, 23 Feb 2023 17:57:15 +0100 Subject: [PATCH 080/356] chore(argo-cd): Remove notification bot (#1854) Signed-off-by: Petr Drastil --- charts/argo-cd/Chart.yaml | 6 +- charts/argo-cd/README.md | 26 ----- charts/argo-cd/templates/_helpers.tpl | 11 -- .../bots/slack/deployment.yaml | 71 ------------ .../argocd-notifications/bots/slack/pdb.yaml | 26 ----- .../argocd-notifications/bots/slack/role.yaml | 27 ----- .../bots/slack/rolebinding.yaml | 13 --- .../bots/slack/service.yaml | 19 ---- .../bots/slack/serviceaccount.yaml | 15 --- charts/argo-cd/values.yaml | 105 ------------------ 10 files changed, 3 insertions(+), 316 deletions(-) delete mode 100644 charts/argo-cd/templates/argocd-notifications/bots/slack/deployment.yaml delete mode 100644 charts/argo-cd/templates/argocd-notifications/bots/slack/pdb.yaml delete mode 100644 charts/argo-cd/templates/argocd-notifications/bots/slack/role.yaml delete mode 100644 charts/argo-cd/templates/argocd-notifications/bots/slack/rolebinding.yaml delete mode 100644 charts/argo-cd/templates/argocd-notifications/bots/slack/service.yaml delete mode 100644 charts/argo-cd/templates/argocd-notifications/bots/slack/serviceaccount.yaml diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index efd96096b..2d1a2cc3c 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -3,7 +3,7 @@ appVersion: v2.6.2 kubeVersion: ">=1.22.0-0" description: A Helm chart for Argo CD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 5.22.1 +version: 5.23.0 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png sources: @@ -23,5 +23,5 @@ dependencies: condition: redis-ha.enabled annotations: artifacthub.io/changes: | - - kind: changed - description: Grouped component templates together + - kind: removed + description: Removed notification bot that is no longer supported diff --git a/charts/argo-cd/README.md b/charts/argo-cd/README.md index 2533c1802..6b2a88af7 100644 --- a/charts/argo-cd/README.md +++ b/charts/argo-cd/README.md @@ -1072,32 +1072,6 @@ If you want to use an existing Redis (eg. a managed service from a cloud provide |-----|------|---------|-------------| | notifications.affinity | object | `{}` (defaults to global.affinity preset) | Assign custom [affinity] rules | | notifications.argocdUrl | string | `nil` | Argo CD dashboard url; used in place of {{.context.argocdUrl}} in templates | -| notifications.bots.slack.affinity | object | `{}` (defaults to global.affinity preset) | Assign custom [affinity] rules | -| notifications.bots.slack.containerSecurityContext | object | See [values.yaml] | Slack bot container-level security Context | -| notifications.bots.slack.dnsConfig | object | `{}` | [DNS configuration] | -| notifications.bots.slack.dnsPolicy | string | `"ClusterFirst"` | Alternative DNS policy for Slack bot pods | -| notifications.bots.slack.enabled | bool | `false` | Enable slack bot | -| notifications.bots.slack.extraArgs | list | `[]` | List of extra cli args to add for Slack bot | -| notifications.bots.slack.image.imagePullPolicy | string | `""` (defaults to global.image.imagePullPolicy) | Image pull policy for the Slack bot | -| notifications.bots.slack.image.repository | string | `""` (defaults to global.image.repository) | Repository to use for the Slack bot | -| notifications.bots.slack.image.tag | string | `""` (defaults to global.image.tag) | Tag to use for the Slack bot | -| notifications.bots.slack.imagePullSecrets | list | `[]` (defaults to global.imagePullSecrets) | Secrets with credentials to pull images from a private registry | -| notifications.bots.slack.logFormat | string | `""` (defaults to global.logging.format) | Slack bot log format. Either `text` or `json` | -| notifications.bots.slack.logLevel | string | `""` (defaults to global.logging.level) | Slack bot log level. One of: `debug`, `info`, `warn`, `error` | -| notifications.bots.slack.nodeSelector | object | `{}` | [Node selector] | -| notifications.bots.slack.pdb.annotations | object | `{}` | Annotations to be added to Slack bot pdb | -| notifications.bots.slack.pdb.enabled | bool | `false` | Deploy a [PodDisruptionBudget] for the Slack bot | -| notifications.bots.slack.pdb.labels | object | `{}` | Labels to be added to Slack bot pdb | -| notifications.bots.slack.pdb.maxUnavailable | string | `""` | Number of pods that are unavailble after eviction as number or percentage (eg.: 50%). | -| notifications.bots.slack.pdb.minAvailable | string | `""` (defaults to 0 if not specified) | Number of pods that are available after eviction as number or percentage (eg.: 50%) | -| notifications.bots.slack.resources | object | `{}` | Resource limits and requests for the Slack bot | -| notifications.bots.slack.service.annotations | object | `{}` | Service annotations for Slack bot | -| notifications.bots.slack.service.port | int | `80` | Service port for Slack bot | -| notifications.bots.slack.service.type | string | `"LoadBalancer"` | Service type for Slack bot | -| notifications.bots.slack.serviceAccount.annotations | object | `{}` | Annotations applied to created service account | -| notifications.bots.slack.serviceAccount.create | bool | `true` | Specifies whether a service account should be created | -| notifications.bots.slack.serviceAccount.name | string | `"argocd-notifications-bot"` | The name of the service account to use. | -| notifications.bots.slack.tolerations | list | `[]` | [Tolerations] for use with node taints | | notifications.cm.create | bool | `true` | Whether helm chart creates notifications controller config map | | notifications.containerPorts.metrics | int | `9001` | Metrics container port | | notifications.containerSecurityContext | object | See [values.yaml] | Notification controller container-level security Context | diff --git a/charts/argo-cd/templates/_helpers.tpl b/charts/argo-cd/templates/_helpers.tpl index 76abc8d28..377a07e12 100644 --- a/charts/argo-cd/templates/_helpers.tpl +++ b/charts/argo-cd/templates/_helpers.tpl @@ -158,17 +158,6 @@ Create the name of the notifications service account to use {{- end -}} {{- end -}} -{{/* -Create the name of the notifications bots slack service account to use -*/}} -{{- define "argo-cd.notificationsBotsSlackServiceAccountName" -}} -{{- if .Values.notifications.bots.slack.serviceAccount.create -}} - {{ default (include "argo-cd.notifications.fullname" .) .Values.notifications.bots.slack.serviceAccount.name }} -{{- else -}} - {{ default "default" .Values.notifications.bots.slack.serviceAccount.name }} -{{- end -}} -{{- end -}} - {{/* Argo Configuration Preset Values (Incluenced by Values configuration) */}} diff --git a/charts/argo-cd/templates/argocd-notifications/bots/slack/deployment.yaml b/charts/argo-cd/templates/argocd-notifications/bots/slack/deployment.yaml deleted file mode 100644 index 2749cb2b4..000000000 --- a/charts/argo-cd/templates/argocd-notifications/bots/slack/deployment.yaml +++ /dev/null @@ -1,71 +0,0 @@ -{{ if and .Values.notifications.enabled .Values.notifications.bots.slack.enabled }} -apiVersion: apps/v1 -kind: Deployment -metadata: - {{- with (mergeOverwrite (deepCopy .Values.global.deploymentAnnotations) .Values.notifications.deploymentAnnotations) }} - annotations: - {{- range $key, $value := . }} - {{ $key }}: {{ $value | quote }} - {{- end }} - {{- end }} - name: {{ template "argo-cd.notifications.fullname" . }}-bot - labels: - {{- include "argo-cd.labels" (dict "context" . "component" .Values.notifications.bots.slack.name "name" .Values.notifications.bots.slack.name) | nindent 4 }} -spec: - replicas: 1 - revisionHistoryLimit: {{ .Values.global.revisionHistoryLimit }} - strategy: - type: Recreate - selector: - matchLabels: - {{- include "argo-cd.selectorLabels" (dict "context" . "component" .Values.notifications.bots.slack.name "name" "metrics") | nindent 6 }} - template: - metadata: - labels: - {{- include "argo-cd.selectorLabels" (dict "context" . "component" .Values.notifications.bots.slack.name "name" "metrics") | nindent 8 }} - spec: - {{- with .Values.notifications.bots.slack.imagePullSecrets | default .Values.global.imagePullSecrets }} - imagePullSecrets: - {{- toYaml . | nindent 8 }} - {{- end }} - {{- with .Values.global.securityContext }} - securityContext: - {{- toYaml . | nindent 8 }} - {{- end }} - serviceAccountName: {{ include "argo-cd.notificationsBotsSlackServiceAccountName" . }} - containers: - - name: {{ include "argo-cd.notifications.fullname" . }}-bot - image: {{ default .Values.global.image.repository .Values.notifications.bots.slack.image.repository }}:{{ default (include "argo-cd.defaultTag" .) .Values.notifications.bots.slack.image.tag }} - imagePullPolicy: {{ default .Values.global.image.imagePullPolicy .Values.notifications.bots.slack.image.pullPolicy }} - command: - - argocd-notifications - - bot - - --loglevel={{ default .Values.global.logging.level .Values.notifications.bots.slack.logLevel }} - - --logformat={{ default .Values.global.logging.format .Values.notifications.bots.slack.logFormat }} - {{- range .Values.notifications.bots.slack.extraArgs }} - - {{ . | squote }} - {{- end }} - workingDir: /app - ports: - - containerPort: 8080 - name: http - resources: - {{- toYaml .Values.notifications.bots.slack.resources | nindent 12 }} - securityContext: - {{- toYaml .Values.notifications.bots.slack.containerSecurityContext | nindent 12 }} - affinity: - {{- include "argo-cd.affinity" (dict "context" . "component" .Values.notifications.bots.slack) | nindent 8 }} - {{- with .Values.notifications.bots.slack.nodeSelector }} - nodeSelector: - {{- toYaml . | nindent 8 }} - {{- end }} - {{- with .Values.notifications.bots.slack.tolerations }} - tolerations: - {{- toYaml . | nindent 8 }} - {{- end }} - {{- with .Values.notifications.bots.slack.dnsConfig }} - dnsConfig: - {{- toYaml . | nindent 8 }} - {{- end }} - dnsPolicy: {{ .Values.notifications.bots.slack.dnsPolicy }} -{{ end }} diff --git a/charts/argo-cd/templates/argocd-notifications/bots/slack/pdb.yaml b/charts/argo-cd/templates/argocd-notifications/bots/slack/pdb.yaml deleted file mode 100644 index 60df983e8..000000000 --- a/charts/argo-cd/templates/argocd-notifications/bots/slack/pdb.yaml +++ /dev/null @@ -1,26 +0,0 @@ -{{- if and .Values.notifications.enabled .Values.notifications.bots.slack.enabled .Values.notifications.bots.slack.pdb.enabled }} -apiVersion: policy/v1 -kind: PodDisruptionBudget -metadata: - name: {{ include "argo-cd.notifications.fullname" . }}-bot - labels: - {{- include "argo-cd.labels" (dict "context" . "component" .Values.notifications.bots.slack.name "name" .Values.notifications.bots.slack.name) | nindent 4 }} - {{- with .Values.notifications.bots.slack.pdb.labels }} - {{- toYaml . | nindent 4 }} - {{- end }} - {{- with .Values.notifications.bots.slack.pdb.annotations }} - annotations: - {{- range $key, $value := . }} - {{ $key }}: {{ $value | quote }} - {{- end }} - {{- end }} -spec: - {{- with .Values.notifications.bots.slack.pdb.maxUnavailable }} - maxUnavailable: {{ . }} - {{- else }} - minAvailable: {{ .Values.notifications.bots.slack.pdb.minAvailable | default 0 }} - {{- end }} - selector: - matchLabels: - {{- include "argo-cd.selectorLabels" (dict "context" . "component" .Values.notifications.bots.slack.name "name" "metrics") | nindent 6 }} -{{- end }} diff --git a/charts/argo-cd/templates/argocd-notifications/bots/slack/role.yaml b/charts/argo-cd/templates/argocd-notifications/bots/slack/role.yaml deleted file mode 100644 index 26df5b9c7..000000000 --- a/charts/argo-cd/templates/argocd-notifications/bots/slack/role.yaml +++ /dev/null @@ -1,27 +0,0 @@ -{{ if and .Values.notifications.enabled .Values.notifications.bots.slack.enabled }} -apiVersion: rbac.authorization.k8s.io/v1 -kind: Role -metadata: - name: {{ template "argo-cd.notifications.fullname" . }}-bot -rules: -- apiGroups: - - "" - resources: - - secrets - - configmaps - verbs: - - get - - list - - watch -- apiGroups: - - argoproj.io - resources: - - applications - - appprojects - verbs: - - get - - list - - watch - - update - - patch -{{ end }} diff --git a/charts/argo-cd/templates/argocd-notifications/bots/slack/rolebinding.yaml b/charts/argo-cd/templates/argocd-notifications/bots/slack/rolebinding.yaml deleted file mode 100644 index 80813f5e4..000000000 --- a/charts/argo-cd/templates/argocd-notifications/bots/slack/rolebinding.yaml +++ /dev/null @@ -1,13 +0,0 @@ -{{ if and .Values.notifications.enabled .Values.notifications.bots.slack.enabled }} -apiVersion: rbac.authorization.k8s.io/v1 -kind: RoleBinding -metadata: - name: {{ template "argo-cd.notifications.fullname" . }}-bot -roleRef: - apiGroup: rbac.authorization.k8s.io - kind: Role - name: {{ template "argo-cd.notifications.fullname" . }}-bot -subjects: -- kind: ServiceAccount - name: {{ template "argo-cd.notificationsBotsSlackServiceAccountName" . }} -{{ end }} diff --git a/charts/argo-cd/templates/argocd-notifications/bots/slack/service.yaml b/charts/argo-cd/templates/argocd-notifications/bots/slack/service.yaml deleted file mode 100644 index 5cbbd2b14..000000000 --- a/charts/argo-cd/templates/argocd-notifications/bots/slack/service.yaml +++ /dev/null @@ -1,19 +0,0 @@ -{{ if and .Values.notifications.enabled .Values.notifications.bots.slack.enabled }} -apiVersion: v1 -kind: Service -metadata: - name: {{ template "argo-cd.notifications.fullname" . }}-bot - {{- if .Values.notifications.bots.slack.service.annotations }} - annotations: - {{- toYaml .Values.notifications.bots.slack.service.annotations | nindent 4 }} - {{- end }} -spec: - ports: - - name: http - port: {{ .Values.notifications.bots.slack.service.port }} - protocol: TCP - targetPort: http - selector: - {{- include "argo-cd.selectorLabels" (dict "context" . "component" .Values.notifications.bots.slack.name "name" "metrics") | nindent 6 }} - type: {{ .Values.notifications.bots.slack.service.type }} -{{ end }} diff --git a/charts/argo-cd/templates/argocd-notifications/bots/slack/serviceaccount.yaml b/charts/argo-cd/templates/argocd-notifications/bots/slack/serviceaccount.yaml deleted file mode 100644 index bdffa2cf8..000000000 --- a/charts/argo-cd/templates/argocd-notifications/bots/slack/serviceaccount.yaml +++ /dev/null @@ -1,15 +0,0 @@ -{{- if and .Values.notifications.enabled .Values.notifications.bots.slack.enabled .Values.notifications.bots.slack.serviceAccount.create }} -apiVersion: v1 -kind: ServiceAccount -automountServiceAccountToken: {{ .Values.notifications.bots.slack.serviceAccount.automountServiceAccountToken }} -metadata: - name: {{ template "argo-cd.notificationsBotsSlackServiceAccountName" . }} -{{- if .Values.notifications.bots.slack.serviceAccount.annotations }} - annotations: - {{- range $key, $value := .Values.notifications.bots.slack.serviceAccount.annotations }} - {{ $key }}: {{ $value | quote }} - {{- end }} -{{- end }} - labels: - {{- include "argo-cd.labels" (dict "context" . "component" .Values.notifications.bots.slack.name "name" .Values.notifications.bots.slack.name) | nindent 4 }} -{{- end }} diff --git a/charts/argo-cd/values.yaml b/charts/argo-cd/values.yaml index b3706c5ab..1c6837d7a 100755 --- a/charts/argo-cd/values.yaml +++ b/charts/argo-cd/values.yaml @@ -2910,108 +2910,3 @@ notifications: # For more information: https://argocd-notifications.readthedocs.io/en/stable/triggers/#default-triggers # defaultTriggers: | # - on-sync-status-unknown - - ## The optional bot component simplifies managing subscriptions - ## For more information: https://argocd-notifications.readthedocs.io/en/stable/bots/overview/ - bots: - slack: - # -- Enable slack bot - ## You have to set secret.notifiers.slack.signingSecret - enabled: false - - ## Slack bot Pod Disruption Budget - ## Ref: https://kubernetes.io/docs/tasks/run-application/configure-pdb/ - pdb: - # -- Deploy a [PodDisruptionBudget] for the Slack bot - enabled: false - # -- Labels to be added to Slack bot pdb - labels: {} - # -- Annotations to be added to Slack bot pdb - annotations: {} - # -- Number of pods that are available after eviction as number or percentage (eg.: 50%) - # @default -- `""` (defaults to 0 if not specified) - minAvailable: "" - # -- Number of pods that are unavailble after eviction as number or percentage (eg.: 50%). - ## Has higher precedence over `notifications.bots.slack.pdb.minAvailable` - maxUnavailable: "" - - ## Slack bot image - image: - # -- Repository to use for the Slack bot - # @default -- `""` (defaults to global.image.repository) - repository: "" - # -- Tag to use for the Slack bot - # @default -- `""` (defaults to global.image.tag) - tag: "" - # -- Image pull policy for the Slack bot - # @default -- `""` (defaults to global.image.imagePullPolicy) - imagePullPolicy: "" - - # -- Secrets with credentials to pull images from a private registry - # @default -- `[]` (defaults to global.imagePullSecrets) - imagePullSecrets: [] - - # -- Slack bot log format. Either `text` or `json` - # @default -- `""` (defaults to global.logging.format) - logFormat: "" - # -- Slack bot log level. One of: `debug`, `info`, `warn`, `error` - # @default -- `""` (defaults to global.logging.level) - logLevel: "" - - # -- List of extra cli args to add for Slack bot - extraArgs: [] - - service: - # -- Service annotations for Slack bot - annotations: {} - # -- Service port for Slack bot - port: 80 - # -- Service type for Slack bot - type: LoadBalancer - - serviceAccount: - # -- Specifies whether a service account should be created - create: true - - # -- The name of the service account to use. - ## If not set and create is true, a name is generated using the fullname template - name: argocd-notifications-bot - - # -- Annotations applied to created service account - annotations: {} - - # -- [DNS configuration] - dnsConfig: {} - # -- Alternative DNS policy for Slack bot pods - dnsPolicy: "ClusterFirst" - - # -- Slack bot container-level security Context - # @default -- See [values.yaml] - containerSecurityContext: - runAsNonRoot: true - readOnlyRootFilesystem: true - allowPrivilegeEscalation: false - seccompProfile: - type: RuntimeDefault - capabilities: - drop: - - ALL - - # -- Resource limits and requests for the Slack bot - resources: {} - # limits: - # cpu: 100m - # memory: 128Mi - # requests: - # cpu: 100m - # memory: 128Mi - - # -- Assign custom [affinity] rules - # @default -- `{}` (defaults to global.affinity preset) - affinity: {} - - # -- [Tolerations] for use with node taints - tolerations: [] - - # -- [Node selector] - nodeSelector: {} From 4735ea5cfb536a67392a4efc1ca8d4387639384f Mon Sep 17 00:00:00 2001 From: Jason Meridth Date: Thu, 23 Feb 2023 11:44:01 -0600 Subject: [PATCH 081/356] chore(argo-workflows): Update docs to mention why CRDs are in templates folder (#1857) Closes #1785 Borrowed `Custom resource definition` from argo-cd helm chart README and added it to argo-workflows helm chart README Signed-off-by: jmeridth --- CONTRIBUTING.md | 2 +- README.md | 21 +++++++++++++++++++-- charts/argo-workflows/Chart.yaml | 4 ++-- charts/argo-workflows/README.md | 15 +++++++++++++++ charts/argo-workflows/README.md.gotmpl | 15 +++++++++++++++ 5 files changed, 52 insertions(+), 5 deletions(-) diff --git a/CONTRIBUTING.md b/CONTRIBUTING.md index 535bbbb39..1f7745b5f 100644 --- a/CONTRIBUTING.md +++ b/CONTRIBUTING.md @@ -122,7 +122,7 @@ helm install charts/argo-workflows -n argo argo version ``` -Follow this instructions for running a hello world workflow. +Follow [these](https://argoproj.github.io/argo-workflows/quick-start/#submitting-an-example-workflow) instructions for running a hello world workflow. ### Testing Argo CD Changes diff --git a/README.md b/README.md index 1d96a35fa..210b9a83a 100644 --- a/README.md +++ b/README.md @@ -7,7 +7,7 @@ Argo Helm is a collection of **community maintained** charts for [https://argoproj.github.io](https://argoproj.github.io) projects. The charts can be added using following command: -``` +```bash helm repo add argo https://argoproj.github.io/argo-helm ``` @@ -15,10 +15,27 @@ helm repo add argo https://argoproj.github.io/argo-helm We'd love to have you contribute! Please refer to our [contribution guidelines](CONTRIBUTING.md) for details. +### Custom resource definitions + +Some users would prefer to install the CRDs _outside_ of the chart. You can disable the CRD installation of the main four charts (argo-cd, argo-workflows, argo-events, argo-rollouts) by using `--set crds.install=false` when installing the chart. + +Helm cannot upgrade custom resource definitions in the `/crds` folder [by design](https://helm.sh/docs/chart_best_practices/custom_resource_definitions/#some-caveats-and-explanations). Our CRDs have been moved to `/templates` to address this design decision. + +If you are using versions of a chart that have the CRDs in the root of the chart or have elected to manage the Argo Workflows CRDs outside of the chart, please use `kubectl` to upgrade CRDs manually from [templates/crds](templates/crds/) folder or via the manifests from the upstream project repo: + +Example: + +```bash +kubectl apply -k "https://github.com/argoproj/argo-cd/manifests/crds?ref=" + +# Eg. version v2.4.9 +kubectl apply -k "https://github.com/argoproj/argo-cd/manifests/crds?ref=v2.4.9" +``` + ### Security Policy If you have a security concern relating to either this project repo or an individual helm chart, please [open an issue](https://github.com/argoproj/argo-helm/issues/new/choose) or [start a discussion](https://github.com/argoproj/argo-helm/discussions/new). ### Changelog -Releases are managed independently for each helm chart, and changelogs are tracked on each release. Read more about this process [here](https://github.com/argoproj/argo-helm/blob/main/CONTRIBUTING.md#changelog). \ No newline at end of file +Releases are managed independently for each helm chart, and changelogs are tracked on each release. Read more about this process [here](https://github.com/argoproj/argo-helm/blob/main/CONTRIBUTING.md#changelog). diff --git a/charts/argo-workflows/Chart.yaml b/charts/argo-workflows/Chart.yaml index 0fe6953a5..5891ca58b 100644 --- a/charts/argo-workflows/Chart.yaml +++ b/charts/argo-workflows/Chart.yaml @@ -3,7 +3,7 @@ appVersion: v3.4.5 name: argo-workflows description: A Helm chart for Argo Workflows type: application -version: 0.22.11 +version: 0.22.12 icon: https://raw.githubusercontent.com/argoproj/argo-workflows/master/docs/assets/argo.png home: https://github.com/argoproj/argo-helm sources: @@ -14,4 +14,4 @@ maintainers: annotations: artifacthub.io/changes: | - kind: changed - description: Cleaned RBAC permissions for subresources (pods/log, pods/exec). + description: Update documentation to explain why CRDs are in templates folder diff --git a/charts/argo-workflows/README.md b/charts/argo-workflows/README.md index 19bc0ee21..78d5780b4 100644 --- a/charts/argo-workflows/README.md +++ b/charts/argo-workflows/README.md @@ -13,6 +13,21 @@ A few options are: - Manually create a ServiceAccount in the Namespace in which your release will be deployed w/ appropriate bindings to perform this action and set the `serviceAccountName` field in the Workflow spec - Augment the `default` ServiceAccount permissions in the Namespace in which your Release is deployed to have the appropriate permissions +### Custom resource definitions + +Some users would prefer to install the CRDs _outside_ of the chart. You can disable the CRD installation of this chart by using `--set crds.install=false` when installing the chart. + +Helm cannot upgrade custom resource definitions in the `/crds` folder [by design](https://helm.sh/docs/chart_best_practices/custom_resource_definitions/#some-caveats-and-explanations). Starting with 3.4.0 (chart version 0.19.0), the CRDs have been moved to `/templates` to address this design decision. + +If you are using Argo Workflows chart version prior to 3.4.0 (chart version 0.19.0) or have elected to manage the Argo Workflows CRDs outside of the chart, please use `kubectl` to upgrade CRDs manually from [templates/crds](templates/crds/) folder or via the manifests from the upstream project repo: + +```bash +kubectl apply -k "https://github.com/argoproj/argo-workflows/manifests/base/crds/full?ref=" + +# Eg. version v3.3.9 +kubectl apply -k "https://github.com/argoproj/argo-workflows/manifests/base/crds/full?ref=v3.3.9" +``` + ## Changelog For full list of changes, please check ArtifactHub [changelog]. diff --git a/charts/argo-workflows/README.md.gotmpl b/charts/argo-workflows/README.md.gotmpl index a263139bd..0a441821f 100644 --- a/charts/argo-workflows/README.md.gotmpl +++ b/charts/argo-workflows/README.md.gotmpl @@ -13,6 +13,21 @@ A few options are: - Manually create a ServiceAccount in the Namespace in which your release will be deployed w/ appropriate bindings to perform this action and set the `serviceAccountName` field in the Workflow spec - Augment the `default` ServiceAccount permissions in the Namespace in which your Release is deployed to have the appropriate permissions +### Custom resource definitions + +Some users would prefer to install the CRDs _outside_ of the chart. You can disable the CRD installation of this chart by using `--set crds.install=false` when installing the chart. + +Helm cannot upgrade custom resource definitions in the `/crds` folder [by design](https://helm.sh/docs/chart_best_practices/custom_resource_definitions/#some-caveats-and-explanations). Starting with 3.4.0 (chart version 0.19.0), the CRDs have been moved to `/templates` to address this design decision. + +If you are using Argo Workflows chart version prior to 3.4.0 (chart version 0.19.0) or have elected to manage the Argo Workflows CRDs outside of the chart, please use `kubectl` to upgrade CRDs manually from [templates/crds](templates/crds/) folder or via the manifests from the upstream project repo: + +```bash +kubectl apply -k "https://github.com/argoproj/argo-workflows/manifests/base/crds/full?ref=" + +# Eg. version v3.3.9 +kubectl apply -k "https://github.com/argoproj/argo-workflows/manifests/base/crds/full?ref=v3.3.9" +``` + ## Changelog For full list of changes, please check ArtifactHub [changelog]. From 88b92909e6b97bddce6c61f655a9ae677c743600 Mon Sep 17 00:00:00 2001 From: Petr Drastil Date: Thu, 23 Feb 2023 19:11:54 +0100 Subject: [PATCH 082/356] chore(argo-cd): Add missing hostAliases to all components (#1848) Signed-off-by: Petr Drastil --- charts/argo-cd/Chart.yaml | 6 +++--- .../argocd-application-controller/statefulset.yaml | 10 +++++----- .../templates/argocd-applicationset/deployment.yaml | 8 ++++---- .../templates/argocd-notifications/deployment.yaml | 4 ++++ .../templates/argocd-repo-server/deployment.yaml | 11 +++++------ .../argo-cd/templates/argocd-server/deployment.yaml | 10 +++++----- charts/argo-cd/templates/dex/deployment.yaml | 10 +++++----- charts/argo-cd/templates/redis/deployment.yaml | 4 ++++ 8 files changed, 35 insertions(+), 28 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index 2d1a2cc3c..2998c691e 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -3,7 +3,7 @@ appVersion: v2.6.2 kubeVersion: ">=1.22.0-0" description: A Helm chart for Argo CD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 5.23.0 +version: 5.23.1 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png sources: @@ -23,5 +23,5 @@ dependencies: condition: redis-ha.enabled annotations: artifacthub.io/changes: | - - kind: removed - description: Removed notification bot that is no longer supported + - kind: added + description: Missing hostAliases for notification controller and redis diff --git a/charts/argo-cd/templates/argocd-application-controller/statefulset.yaml b/charts/argo-cd/templates/argocd-application-controller/statefulset.yaml index 0a161362a..f8460906b 100644 --- a/charts/argo-cd/templates/argocd-application-controller/statefulset.yaml +++ b/charts/argo-cd/templates/argocd-application-controller/statefulset.yaml @@ -37,10 +37,15 @@ spec: imagePullSecrets: {{- toYaml . | nindent 8 }} {{- end }} + {{- with .Values.global.hostAliases }} + hostAliases: + {{- toYaml . | nindent 8 }} + {{- end }} {{- with .Values.global.securityContext }} securityContext: {{- toYaml . | nindent 8 }} {{- end }} + serviceAccountName: {{ include "argo-cd.controllerServiceAccountName" . }} containers: - command: - argocd-application-controller @@ -285,11 +290,6 @@ spec: {{- end }} {{- end }} {{- end }} - serviceAccountName: {{ template "argo-cd.controllerServiceAccountName" . }} - {{- with .Values.global.hostAliases }} - hostAliases: - {{- toYaml . | nindent 6 }} - {{- end }} volumes: {{- with .Values.controller.volumes }} {{- toYaml . | nindent 6 }} diff --git a/charts/argo-cd/templates/argocd-applicationset/deployment.yaml b/charts/argo-cd/templates/argocd-applicationset/deployment.yaml index 462ebcbaa..6011cd0ba 100644 --- a/charts/argo-cd/templates/argocd-applicationset/deployment.yaml +++ b/charts/argo-cd/templates/argocd-applicationset/deployment.yaml @@ -35,15 +35,15 @@ spec: imagePullSecrets: {{- toYaml . | nindent 8 }} {{- end }} + {{- with .Values.global.hostAliases }} + hostAliases: + {{- toYaml . | nindent 8 }} + {{- end }} {{- with .Values.global.securityContext }} securityContext: {{- toYaml . | nindent 8 }} {{- end }} serviceAccountName: {{ include "argo-cd.applicationSetServiceAccountName" . }} - {{- with .Values.global.hostAliases }} - hostAliases: - {{- toYaml . | nindent 6 }} - {{- end }} containers: - name: {{ .Values.applicationSet.name }} image: {{ default .Values.global.image.repository .Values.applicationSet.image.repository }}:{{ default (include "argo-cd.defaultTag" .) .Values.applicationSet.image.tag }} diff --git a/charts/argo-cd/templates/argocd-notifications/deployment.yaml b/charts/argo-cd/templates/argocd-notifications/deployment.yaml index 5efc09653..e3e7968b7 100644 --- a/charts/argo-cd/templates/argocd-notifications/deployment.yaml +++ b/charts/argo-cd/templates/argocd-notifications/deployment.yaml @@ -37,6 +37,10 @@ spec: imagePullSecrets: {{- toYaml . | nindent 8 }} {{- end }} + {{- with .Values.global.hostAliases }} + hostAliases: + {{- toYaml . | nindent 8 }} + {{- end }} {{- with .Values.global.securityContext }} securityContext: {{- toYaml . | nindent 8 }} diff --git a/charts/argo-cd/templates/argocd-repo-server/deployment.yaml b/charts/argo-cd/templates/argocd-repo-server/deployment.yaml index 00e73d8a2..28bd3b6dc 100755 --- a/charts/argo-cd/templates/argocd-repo-server/deployment.yaml +++ b/charts/argo-cd/templates/argocd-repo-server/deployment.yaml @@ -40,11 +40,15 @@ spec: imagePullSecrets: {{- toYaml . | nindent 8 }} {{- end }} - automountServiceAccountToken: {{ .Values.repoServer.serviceAccount.automountServiceAccountToken }} + {{- with .Values.global.hostAliases }} + hostAliases: + {{- toYaml . | nindent 8 }} + {{- end }} {{- with .Values.global.securityContext }} securityContext: {{- toYaml . | nindent 8 }} {{- end }} + serviceAccountName: {{ include "argo-cd.repoServerServiceAccountName" . }} containers: - name: {{ .Values.repoServer.name }} image: {{ default .Values.global.image.repository .Values.repoServer.image.repository }}:{{ default (include "argo-cd.defaultTag" .) .Values.repoServer.image.tag }} @@ -312,11 +316,6 @@ spec: {{- end }} {{- end }} {{- end }} - serviceAccountName: {{ template "argo-cd.repoServerServiceAccountName" . }} - {{- with .Values.global.hostAliases }} - hostAliases: - {{- toYaml . | nindent 6 }} - {{- end }} volumes: {{- with .Values.repoServer.volumes }} {{- toYaml . | nindent 6 }} diff --git a/charts/argo-cd/templates/argocd-server/deployment.yaml b/charts/argo-cd/templates/argocd-server/deployment.yaml index bb3940065..ea3d3a6ed 100755 --- a/charts/argo-cd/templates/argocd-server/deployment.yaml +++ b/charts/argo-cd/templates/argocd-server/deployment.yaml @@ -37,10 +37,15 @@ spec: imagePullSecrets: {{- toYaml . | nindent 8 }} {{- end }} + {{- with .Values.global.hostAliases }} + hostAliases: + {{- toYaml . | nindent 8 }} + {{- end }} {{- with .Values.global.securityContext }} securityContext: {{- toYaml . | nindent 8 }} {{- end }} + serviceAccountName: {{ include "argo-cd.serverServiceAccountName" . }} containers: - name: {{ .Values.server.name }} image: {{ default .Values.global.image.repository .Values.server.image.repository }}:{{ default (include "argo-cd.defaultTag" .) .Values.server.image.tag }} @@ -369,11 +374,6 @@ spec: {{- end }} {{- end }} {{- end }} - serviceAccountName: {{ template "argo-cd.serverServiceAccountName" . }} - {{- with .Values.global.hostAliases }} - hostAliases: - {{- toYaml . | nindent 6 }} - {{- end }} volumes: {{- with .Values.server.volumes }} {{- toYaml . | nindent 6}} diff --git a/charts/argo-cd/templates/dex/deployment.yaml b/charts/argo-cd/templates/dex/deployment.yaml index 7fea0b485..d2189cc37 100755 --- a/charts/argo-cd/templates/dex/deployment.yaml +++ b/charts/argo-cd/templates/dex/deployment.yaml @@ -39,10 +39,15 @@ spec: imagePullSecrets: {{- toYaml . | nindent 8 }} {{- end }} + {{- with .Values.global.hostAliases }} + hostAliases: + {{- toYaml . | nindent 8 }} + {{- end }} {{- with.Values.global.securityContext }} securityContext: {{- toYaml . | nindent 8 }} {{- end }} + serviceAccountName: {{ include "argo-cd.dexServiceAccountName" . }} containers: - name: {{ .Values.dex.name }} image: {{ .Values.dex.image.repository }}:{{ .Values.dex.image.tag }} @@ -159,11 +164,6 @@ spec: {{- end }} {{- end }} {{- end }} - serviceAccountName: {{ template "argo-cd.dexServiceAccountName" . }} - {{- with .Values.global.hostAliases }} - hostAliases: - {{- toYaml . | nindent 6 }} - {{- end }} volumes: - name: static-files emptyDir: {} diff --git a/charts/argo-cd/templates/redis/deployment.yaml b/charts/argo-cd/templates/redis/deployment.yaml index ffff4badc..e23fe46ca 100755 --- a/charts/argo-cd/templates/redis/deployment.yaml +++ b/charts/argo-cd/templates/redis/deployment.yaml @@ -36,6 +36,10 @@ spec: imagePullSecrets: {{- toYaml . | nindent 8 }} {{- end }} + {{- with .Values.global.hostAliases }} + hostAliases: + {{- toYaml . | nindent 8 }} + {{- end }} {{- with .Values.redis.securityContext }} securityContext: {{- toYaml . | nindent 8 }} From f66c40319a280abcf1e831f57ed1190ec264a05b Mon Sep 17 00:00:00 2001 From: Jonathan Muller Date: Fri, 24 Feb 2023 22:56:41 +0100 Subject: [PATCH 083/356] chore(argo-workflows): expose option to control the log format/level (#1855) * Allow to change the log format to json Signed-off-by: Jonathan Muller * Documentation, version Signed-off-by: Jonathan Muller --------- Signed-off-by: Jonathan Muller --- charts/argo-workflows/Chart.yaml | 12 +++++++++--- charts/argo-workflows/README.md | 4 ++++ .../controller/workflow-controller-deployment.yaml | 2 ++ .../templates/server/server-deployment.yaml | 6 ++++++ charts/argo-workflows/values.yaml | 10 ++++++++++ 5 files changed, 31 insertions(+), 3 deletions(-) diff --git a/charts/argo-workflows/Chart.yaml b/charts/argo-workflows/Chart.yaml index 5891ca58b..b5f882111 100644 --- a/charts/argo-workflows/Chart.yaml +++ b/charts/argo-workflows/Chart.yaml @@ -3,7 +3,7 @@ appVersion: v3.4.5 name: argo-workflows description: A Helm chart for Argo Workflows type: application -version: 0.22.12 +version: 0.22.13 icon: https://raw.githubusercontent.com/argoproj/argo-workflows/master/docs/assets/argo.png home: https://github.com/argoproj/argo-helm sources: @@ -13,5 +13,11 @@ maintainers: url: https://argoproj.github.io/ annotations: artifacthub.io/changes: | - - kind: changed - description: Update documentation to explain why CRDs are in templates folder + - kind: added + description: Added workflow startup option --log-format (defaults to 'text'). + - kind: added + description: Added server startup option --log-format (defaults to 'text'). + - kind: added + description: Added server startup option --loglevel (defaults to 'info'). + - kind: added + description: Added server startup option --gloglevel (defaults to '0'). diff --git a/charts/argo-workflows/README.md b/charts/argo-workflows/README.md index 78d5780b4..d6fa862c0 100644 --- a/charts/argo-workflows/README.md +++ b/charts/argo-workflows/README.md @@ -106,6 +106,7 @@ Fields to note: | controller.links | list | `[]` | Configure Argo Server to show custom [links] | | controller.livenessProbe | object | See [values.yaml] | Configure liveness [probe] for the controller | | controller.loadBalancerSourceRanges | list | `[]` | Source ranges to allow access to service from. Only applies to service type `LoadBalancer` | +| controller.logging.format | string | `"text"` | Set the logging format (one of: `text`, `json`) | | controller.logging.globallevel | string | `"0"` | Set the glog logging level | | controller.logging.level | string | `"info"` | Set the logging level (one of: `debug`, `info`, `warn`, `error`) | | controller.metricsConfig.enabled | bool | `false` | Enables prometheus metrics server | @@ -214,6 +215,9 @@ Fields to note: | server.ingress.tls | list | `[]` | Ingress TLS configuration | | server.loadBalancerIP | string | `""` | Static IP address to assign to loadBalancer service type `LoadBalancer` | | server.loadBalancerSourceRanges | list | `[]` | Source ranges to allow access to service from. Only applies to service type `LoadBalancer` | +| server.logging.format | string | `"text"` | Set the logging format (one of: `text`, `json`) | +| server.logging.globallevel | string | `"0"` | Set the glog logging level | +| server.logging.level | string | `"info"` | Set the logging level (one of: `debug`, `info`, `warn`, `error`) | | server.name | string | `"server"` | Server name string | | server.nodeSelector | object | `{"kubernetes.io/os":"linux"}` | [Node selector] | | server.pdb.enabled | bool | `false` | Configure [Pod Disruption Budget] for the server pods | diff --git a/charts/argo-workflows/templates/controller/workflow-controller-deployment.yaml b/charts/argo-workflows/templates/controller/workflow-controller-deployment.yaml index b90122ca2..8f4f783f2 100644 --- a/charts/argo-workflows/templates/controller/workflow-controller-deployment.yaml +++ b/charts/argo-workflows/templates/controller/workflow-controller-deployment.yaml @@ -46,6 +46,8 @@ spec: - "{{ .Values.controller.logging.level }}" - "--gloglevel" - "{{ .Values.controller.logging.globallevel }}" + - "--log-format" + - "{{ .Values.controller.logging.format }}" {{- if .Values.singleNamespace }} - "--namespaced" {{- end }} diff --git a/charts/argo-workflows/templates/server/server-deployment.yaml b/charts/argo-workflows/templates/server/server-deployment.yaml index 70b1495c8..e5230cd0d 100644 --- a/charts/argo-workflows/templates/server/server-deployment.yaml +++ b/charts/argo-workflows/templates/server/server-deployment.yaml @@ -49,6 +49,12 @@ spec: {{- if .Values.singleNamespace }} - "--namespaced" {{- end }} + - "--loglevel" + - "{{ .Values.server.logging.level }}" + - "--gloglevel" + - "{{ .Values.server.logging.globallevel }}" + - "--log-format" + - "{{ .Values.server.logging.format }}" ports: - name: web containerPort: 2746 diff --git a/charts/argo-workflows/values.yaml b/charts/argo-workflows/values.yaml index bb102c8be..904d766b5 100644 --- a/charts/argo-workflows/values.yaml +++ b/charts/argo-workflows/values.yaml @@ -216,6 +216,8 @@ controller: level: info # -- Set the glog logging level globallevel: "0" + # -- Set the logging format (one of: `text`, `json`) + format: "text" # -- Service type of the controller Service serviceType: ClusterIP @@ -469,6 +471,14 @@ server: # extraArgs: # - --auth-mode=server + logging: + # -- Set the logging level (one of: `debug`, `info`, `warn`, `error`) + level: info + # -- Set the glog logging level + globallevel: "0" + # -- Set the logging format (one of: `text`, `json`) + format: "text" + # -- Additional volume mounts to the server main container. volumeMounts: [] # -- Additional volumes to the server pod. From 4f48352af1067cd18908cccf8a1e2e9ebb386cd8 Mon Sep 17 00:00:00 2001 From: Jason Meridth Date: Fri, 24 Feb 2023 18:26:24 -0600 Subject: [PATCH 084/356] fix(github): Replace deprecated set-output from github-actions (#1860) fix(github): Remove deprecated set-output from github-actions Warning in GitHub Actions: ``` Warning: The `set-output` command is deprecated and will be disabled soon. Please upgrade to using Environment Files. For more information see: https://github.blog/changelog/2022-10-11-github-actions-deprecating-save-state-and-set-output-commands/ Warning: The `set-output` command is deprecated and will be disabled soon. Please upgrade to using Environment Files. For more information see: https://github.blog/changelog/2022-10-11-github-actions-deprecating-save-state-and-set-output-commands/ ``` Signed-off-by: jmeridth --- .github/workflows/lint-and-test.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/.github/workflows/lint-and-test.yml b/.github/workflows/lint-and-test.yml index 33942db01..0158f3fa3 100644 --- a/.github/workflows/lint-and-test.yml +++ b/.github/workflows/lint-and-test.yml @@ -38,8 +38,8 @@ jobs: changed=$(ct --config ./.github/configs/ct-lint.yaml list-changed) charts=$(echo "$changed" | tr '\n' ' ' | xargs) if [[ -n "$changed" ]]; then - echo "::set-output name=changed::true" - echo "::set-output name=changed_charts::$charts" + echo "changed=true" >> $GITHUB_STATE + echo "changed_charts=$charts" >> $GITHUB_STATE fi - name: Run chart-testing (lint) From 3a6617ce8f76284776486007cf3279501068cc83 Mon Sep 17 00:00:00 2001 From: Juan Carrillo Date: Sun, 26 Feb 2023 10:34:01 -0600 Subject: [PATCH 085/356] fix(argo-cd): Fix typo in values.yaml (#1862) Signed-off-by: Juan Carrillo --- charts/argo-cd/Chart.yaml | 6 +++--- charts/argo-cd/README.md | 14 +++++++------- charts/argo-cd/values.yaml | 18 +++++++++--------- 3 files changed, 19 insertions(+), 19 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index 2998c691e..138e7c666 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -3,7 +3,7 @@ appVersion: v2.6.2 kubeVersion: ">=1.22.0-0" description: A Helm chart for Argo CD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 5.23.1 +version: 5.23.2 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png sources: @@ -23,5 +23,5 @@ dependencies: condition: redis-ha.enabled annotations: artifacthub.io/changes: | - - kind: added - description: Missing hostAliases for notification controller and redis + - kind: fixed + description: Fixed typos in values.yaml and README.md diff --git a/charts/argo-cd/README.md b/charts/argo-cd/README.md index 6b2a88af7..3cc94e791 100644 --- a/charts/argo-cd/README.md +++ b/charts/argo-cd/README.md @@ -509,7 +509,7 @@ NAME: my-release | controller.pdb.annotations | object | `{}` | Annotations to be added to application controller pdb | | controller.pdb.enabled | bool | `false` | Deploy a [PodDisruptionBudget] for the application controller | | controller.pdb.labels | object | `{}` | Labels to be added to application controller pdb | -| controller.pdb.maxUnavailable | string | `""` | Number of pods that are unavailble after eviction as number or percentage (eg.: 50%). | +| controller.pdb.maxUnavailable | string | `""` | Number of pods that are unavailable after eviction as number or percentage (eg.: 50%). | | controller.pdb.minAvailable | string | `""` (defaults to 0 if not specified) | Number of pods that are available after eviction as number or percentage (eg.: 50%) | | controller.podAnnotations | object | `{}` | Annotations to be added to application controller pods | | controller.podLabels | object | `{}` | Labels to be added to application controller pods | @@ -592,7 +592,7 @@ NAME: my-release | repoServer.pdb.annotations | object | `{}` | Annotations to be added to repo server pdb | | repoServer.pdb.enabled | bool | `false` | Deploy a [PodDisruptionBudget] for the repo server | | repoServer.pdb.labels | object | `{}` | Labels to be added to repo server pdb | -| repoServer.pdb.maxUnavailable | string | `""` | Number of pods that are unavailble after eviction as number or percentage (eg.: 50%). | +| repoServer.pdb.maxUnavailable | string | `""` | Number of pods that are unavailable after eviction as number or percentage (eg.: 50%). | | repoServer.pdb.minAvailable | string | `""` (defaults to 0 if not specified) | Number of pods that are available after eviction as number or percentage (eg.: 50%) | | repoServer.podAnnotations | object | `{}` | Annotations to be added to repo server pods | | repoServer.podLabels | object | `{}` | Labels to be added to repo server pods | @@ -642,7 +642,7 @@ NAME: my-release | server.certificate.enabled | bool | `false` | Deploy a Certificate resource (requires cert-manager) | | server.certificate.issuer.group | string | `""` | Certificate issuer group. Set if using an external issuer. Eg. `cert-manager.io` | | server.certificate.issuer.kind | string | `""` | Certificate issuer kind. Either `Issuer` or `ClusterIssuer` | -| server.certificate.issuer.name | string | `""` | Certificate isser name. Eg. `letsencrypt` | +| server.certificate.issuer.name | string | `""` | Certificate issuer name. Eg. `letsencrypt` | | server.certificate.privateKey.algorithm | string | `"RSA"` | Algorithm used to generate certificate private key. One of: `RSA`, `Ed25519` or `ECDSA` | | server.certificate.privateKey.encoding | string | `"PKCS1"` | The private key cryptography standards (PKCS) encoding for private key. Either: `PCKS1` or `PKCS8` | | server.certificate.privateKey.rotationPolicy | string | `"Never"` | Rotation policy of private key when certificate is re-issued. Either: `Never` or `Always` | @@ -725,7 +725,7 @@ NAME: my-release | server.pdb.annotations | object | `{}` | Annotations to be added to Argo CD server pdb | | server.pdb.enabled | bool | `false` | Deploy a [PodDisruptionBudget] for the Argo CD server | | server.pdb.labels | object | `{}` | Labels to be added to Argo CD server pdb | -| server.pdb.maxUnavailable | string | `""` | Number of pods that are unavailble after eviction as number or percentage (eg.: 50%). | +| server.pdb.maxUnavailable | string | `""` | Number of pods that are unavailable after eviction as number or percentage (eg.: 50%). | | server.pdb.minAvailable | string | `""` (defaults to 0 if not specified) | Number of pods that are available after eviction as number or percentage (eg.: 50%) | | server.podAnnotations | object | `{}` | Annotations to be added to server pods | | server.podLabels | object | `{}` | Labels to be added to server pods | @@ -955,7 +955,7 @@ The main options are listed here: | redis-ha.haproxy.enabled | bool | `true` | Enabled HAProxy LoadBalancing/Proxy | | redis-ha.haproxy.metrics.enabled | bool | `true` | HAProxy enable prometheus metric scraping | | redis-ha.image.tag | string | `"7.0.7-alpine"` | Redis tag | -| redis-ha.persistentVolume.enabled | bool | `false` | Configures persistency on Redis nodes | +| redis-ha.persistentVolume.enabled | bool | `false` | Configures persistence on Redis nodes | | redis-ha.redis.config | object | See [values.yaml] | Any valid redis config options in this section will be applied to each server (see `redis-ha` chart) | | redis-ha.redis.config.save | string | `'""'` | Will save the DB if both the given number of seconds and the given number of write operations against the DB occurred. `""` is disabled | | redis-ha.redis.masterGroupName | string | `"argocd"` | Redis convention for naming the cluster group: must match `^[\\w-\\.]+$` and can be templated | @@ -1033,7 +1033,7 @@ If you want to use an existing Redis (eg. a managed service from a cloud provide | applicationSet.pdb.annotations | object | `{}` | Annotations to be added to ApplicationSet controller pdb | | applicationSet.pdb.enabled | bool | `false` | Deploy a [PodDisruptionBudget] for the ApplicationSet controller | | applicationSet.pdb.labels | object | `{}` | Labels to be added to ApplicationSet controller pdb | -| applicationSet.pdb.maxUnavailable | string | `""` | Number of pods that are unavailble after eviction as number or percentage (eg.: 50%). | +| applicationSet.pdb.maxUnavailable | string | `""` | Number of pods that are unavailable after eviction as number or percentage (eg.: 50%). | | applicationSet.pdb.minAvailable | string | `""` (defaults to 0 if not specified) | Number of pods that are available after eviction as number or percentage (eg.: 50%) | | applicationSet.podAnnotations | object | `{}` | Annotations for the ApplicationSet controller pods | | applicationSet.podLabels | object | `{}` | Labels for the ApplicationSet controller pods | @@ -1112,7 +1112,7 @@ If you want to use an existing Redis (eg. a managed service from a cloud provide | notifications.pdb.annotations | object | `{}` | Annotations to be added to notifications controller pdb | | notifications.pdb.enabled | bool | `false` | Deploy a [PodDisruptionBudget] for the notifications controller | | notifications.pdb.labels | object | `{}` | Labels to be added to notifications controller pdb | -| notifications.pdb.maxUnavailable | string | `""` | Number of pods that are unavailble after eviction as number or percentage (eg.: 50%). | +| notifications.pdb.maxUnavailable | string | `""` | Number of pods that are unavailable after eviction as number or percentage (eg.: 50%). | | notifications.pdb.minAvailable | string | `""` (defaults to 0 if not specified) | Number of pods that are available after eviction as number or percentage (eg.: 50%) | | notifications.podAnnotations | object | `{}` | Annotations to be applied to the notifications controller Pods | | notifications.podLabels | object | `{}` | Labels to be applied to the notifications controller Pods | diff --git a/charts/argo-cd/values.yaml b/charts/argo-cd/values.yaml index 1c6837d7a..d7c5c8536 100755 --- a/charts/argo-cd/values.yaml +++ b/charts/argo-cd/values.yaml @@ -499,7 +499,7 @@ controller: # -- Number of pods that are available after eviction as number or percentage (eg.: 50%) # @default -- `""` (defaults to 0 if not specified) minAvailable: "" - # -- Number of pods that are unavailble after eviction as number or percentage (eg.: 50%). + # -- Number of pods that are unavailable after eviction as number or percentage (eg.: 50%). ## Has higher precedence over `controller.pdb.minAvailable` maxUnavailable: "" @@ -623,7 +623,7 @@ controller: drop: - ALL - # Rediness probe for application controller + # Readiness probe for application controller ## Ref: https://kubernetes.io/docs/tasks/configure-pod-container/configure-liveness-readiness-probes/ readinessProbe: # -- Minimum consecutive failures for the [probe] to be considered failed after having succeeded @@ -1243,7 +1243,7 @@ redis-ha: # -- Tag to use for the redis-exporter tag: 1.45.0 persistentVolume: - # -- Configures persistency on Redis nodes + # -- Configures persistence on Redis nodes enabled: false redis: # -- Redis convention for naming the cluster group: must match `^[\\w-\\.]+$` and can be templated @@ -1342,7 +1342,7 @@ server: # -- Number of pods that are available after eviction as number or percentage (eg.: 50%) # @default -- `""` (defaults to 0 if not specified) minAvailable: "" - # -- Number of pods that are unavailble after eviction as number or percentage (eg.: 50%). + # -- Number of pods that are unavailable after eviction as number or percentage (eg.: 50%). ## Has higher precedence over `server.pdb.minAvailable` maxUnavailable: "" @@ -1380,7 +1380,7 @@ server: lifecycle: {} ## Argo UI extensions - ## This function in tech preview stage, do expect unstability or breaking changes in newer versions. + ## This function in tech preview stage, do expect instability or breaking changes in newer versions. ## Ref: https://github.com/argoproj-labs/argocd-extensions extensions: # -- Enable support for Argo UI extensions @@ -1583,7 +1583,7 @@ server: group: "" # -- Certificate issuer kind. Either `Issuer` or `ClusterIssuer` kind: "" - # -- Certificate isser name. Eg. `letsencrypt` + # -- Certificate issuer name. Eg. `letsencrypt` name: "" # Private key of the certificate privateKey: @@ -1885,7 +1885,7 @@ repoServer: # -- Number of pods that are available after eviction as number or percentage (eg.: 50%) # @default -- `""` (defaults to 0 if not specified) minAvailable: "" - # -- Number of pods that are unavailble after eviction as number or percentage (eg.: 50%). + # -- Number of pods that are unavailable after eviction as number or percentage (eg.: 50%). ## Has higher precedence over `repoServer.pdb.minAvailable` maxUnavailable: "" @@ -2171,7 +2171,7 @@ applicationSet: # -- Number of pods that are available after eviction as number or percentage (eg.: 50%) # @default -- `""` (defaults to 0 if not specified) minAvailable: "" - # -- Number of pods that are unavailble after eviction as number or percentage (eg.: 50%). + # -- Number of pods that are unavailable after eviction as number or percentage (eg.: 50%). ## Has higher precedence over `applicationSet.pdb.minAvailable` maxUnavailable: "" @@ -2445,7 +2445,7 @@ notifications: # -- Number of pods that are available after eviction as number or percentage (eg.: 50%) # @default -- `""` (defaults to 0 if not specified) minAvailable: "" - # -- Number of pods that are unavailble after eviction as number or percentage (eg.: 50%). + # -- Number of pods that are unavailable after eviction as number or percentage (eg.: 50%). ## Has higher precedence over `notifications.pdb.minAvailable` maxUnavailable: "" From fdebbabf173f5b1f78f78d8113be0399c09f653c Mon Sep 17 00:00:00 2001 From: Aikawa Date: Tue, 28 Feb 2023 17:31:51 +0900 Subject: [PATCH 086/356] chore(argo-cd): Upgrade Argo CD to v2.6.3 (#1868) Signed-off-by: yu-croco --- charts/argo-cd/Chart.yaml | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index 138e7c666..5d082b2bd 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -1,9 +1,9 @@ apiVersion: v2 -appVersion: v2.6.2 +appVersion: v2.6.3 kubeVersion: ">=1.22.0-0" description: A Helm chart for Argo CD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 5.23.2 +version: 5.23.3 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png sources: @@ -23,5 +23,5 @@ dependencies: condition: redis-ha.enabled annotations: artifacthub.io/changes: | - - kind: fixed - description: Fixed typos in values.yaml and README.md + - kind: changed + description: Upgrade Argo CD to v.2.6.3 From c21aa4c86ab4b03f52653b6b35087ce1fec29cd0 Mon Sep 17 00:00:00 2001 From: ugoogalizer Date: Wed, 1 Mar 2023 08:53:17 +1100 Subject: [PATCH 087/356] fix(argo-cd): Added pod exec permission to argo-server Role when exec.enabled is True. (#1867) * Added pods exec to role permissions The argocd-server Role requires the pods/exec create permission in order to be able to start the web based terminal as per: https://argo-cd.readthedocs.io/en/stable/operator-manual/web_based_terminal/ This brings the Role in line with the ClusterRole change already made Signed-off-by: ugoogalizer * bumped version Signed-off-by: ugoogalizer * Added description of change Signed-off-by: ugoogalizer * Removed trailing whitespace Signed-off-by: ugoogalizer --------- Signed-off-by: ugoogalizer Signed-off-by: Petr Drastil Co-authored-by: Petr Drastil --- charts/argo-cd/Chart.yaml | 6 +++--- charts/argo-cd/templates/argocd-server/role.yaml | 8 ++++++++ 2 files changed, 11 insertions(+), 3 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index 5d082b2bd..cd17b7ce3 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -3,7 +3,7 @@ appVersion: v2.6.3 kubeVersion: ">=1.22.0-0" description: A Helm chart for Argo CD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 5.23.3 +version: 5.23.4 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png sources: @@ -23,5 +23,5 @@ dependencies: condition: redis-ha.enabled annotations: artifacthub.io/changes: | - - kind: changed - description: Upgrade Argo CD to v.2.6.3 + - kind: added + description: Added pod exec permission to argo-server Role when exec.enabled is True. diff --git a/charts/argo-cd/templates/argocd-server/role.yaml b/charts/argo-cd/templates/argocd-server/role.yaml index f4c5d533e..477aa7a30 100644 --- a/charts/argo-cd/templates/argocd-server/role.yaml +++ b/charts/argo-cd/templates/argocd-server/role.yaml @@ -42,3 +42,11 @@ rules: verbs: - create - list +{{- if eq (toString (index (coalesce .Values.server.config .Values.configs.cm) "exec.enabled")) "true" }} +- apiGroups: + - "" +resources: + - pods/exec +verbs: + - create +{{- end }} From 7b499adc8b59a0561962c6cf4310507e4bb26b2a Mon Sep 17 00:00:00 2001 From: Petr Drastil Date: Wed, 1 Mar 2023 00:30:03 +0100 Subject: [PATCH 088/356] fix(argo-cd): Fix indentation for argocd-server role (#1871) --- charts/argo-cd/Chart.yaml | 6 +++--- charts/argo-cd/templates/argocd-server/role.yaml | 4 ++-- 2 files changed, 5 insertions(+), 5 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index cd17b7ce3..412180ce5 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -3,7 +3,7 @@ appVersion: v2.6.3 kubeVersion: ">=1.22.0-0" description: A Helm chart for Argo CD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 5.23.4 +version: 5.23.5 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png sources: @@ -23,5 +23,5 @@ dependencies: condition: redis-ha.enabled annotations: artifacthub.io/changes: | - - kind: added - description: Added pod exec permission to argo-server Role when exec.enabled is True. + - kind: fixed + description: Indentation for argo-server role when exec.enabled is True. diff --git a/charts/argo-cd/templates/argocd-server/role.yaml b/charts/argo-cd/templates/argocd-server/role.yaml index 477aa7a30..16164a9a4 100644 --- a/charts/argo-cd/templates/argocd-server/role.yaml +++ b/charts/argo-cd/templates/argocd-server/role.yaml @@ -45,8 +45,8 @@ rules: {{- if eq (toString (index (coalesce .Values.server.config .Values.configs.cm) "exec.enabled")) "true" }} - apiGroups: - "" -resources: + resources: - pods/exec -verbs: + verbs: - create {{- end }} From 053a338ea9f2c85ed5df37409d4ab1352c43c419 Mon Sep 17 00:00:00 2001 From: Petr Drastil Date: Thu, 2 Mar 2023 15:28:23 +0100 Subject: [PATCH 089/356] feat(argo-cd): Add additional global parameters for scheduling (#1846) Signed-off-by: Petr Drastil --- charts/argo-cd/Chart.yaml | 16 ++- charts/argo-cd/README.md | 69 ++++++---- charts/argo-cd/README.md.gotmpl | 7 +- charts/argo-cd/templates/_common.tpl | 15 +- .../statefulset.yaml | 16 ++- .../argocd-applicationset/deployment.yaml | 19 ++- .../argocd-notifications/deployment.yaml | 23 +++- .../argocd-repo-server/deployment.yaml | 16 ++- .../templates/argocd-server/deployment.yaml | 16 ++- charts/argo-cd/templates/dex/deployment.yaml | 20 +-- .../argo-cd/templates/redis/deployment.yaml | 16 ++- charts/argo-cd/values.yaml | 130 +++++++++++++----- 12 files changed, 248 insertions(+), 115 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index 412180ce5..2760c828b 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -3,7 +3,7 @@ appVersion: v2.6.3 kubeVersion: ">=1.22.0-0" description: A Helm chart for Argo CD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 5.23.5 +version: 5.24.0 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png sources: @@ -23,5 +23,15 @@ dependencies: condition: redis-ha.enabled annotations: artifacthub.io/changes: | - - kind: fixed - description: Indentation for argo-server role when exec.enabled is True. + - kind: added + description: Global nodeSelector configuration + - kind: added + description: Global tolerations configuration + - kind: added + description: Global topologySpreadConstraints configuration + - kind: added + description: Missing component level topologySpreadConstraints configuration + - kind: added + description: Missing component level priorityClassName configuration + - kind: changed + description: Global affinity preset can be disabled diff --git a/charts/argo-cd/README.md b/charts/argo-cd/README.md index 3cc94e791..21a945fa8 100644 --- a/charts/argo-cd/README.md +++ b/charts/argo-cd/README.md @@ -105,7 +105,12 @@ For full list of changes please check ArtifactHub [changelog]. Highlighted versions provide information about additional steps that should be performed by user when upgrading to newer version. -### 5.21.0 +### 5.24.0 + +This versions adds additional global parameters for scheduling (`nodeSelector`, `tolerations`, `topologySpreadConstraints`). +Default `global.affinity` rules can be disabled when `none` value is used for the preset. + +### 5.22.0 This versions adds `global.affinity` options that are used as a presets. Override on component level works as before and replaces the default preset completely. @@ -386,8 +391,8 @@ NAME: my-release |-----|------|---------|-------------| | global.additionalLabels | object | `{}` | Common labels for the all resources | | global.affinity.nodeAffinity.matchExpressions | list | `[]` | Default match expressions for node affinity | -| global.affinity.nodeAffinity.type | string | `"hard"` | Default node affinity rules. Either: `soft` or `hard` | -| global.affinity.podAntiAffinity | string | `"soft"` | Default pod anti-affinity rules. Either: `soft` or `hard` | +| global.affinity.nodeAffinity.type | string | `"hard"` | Default node affinity rules. Either: `none`, `soft` or `hard` | +| global.affinity.podAntiAffinity | string | `"soft"` | Default pod anti-affinity rules. Either: `none`, `soft` or `hard` | | global.deploymentAnnotations | object | `{}` | Annotations for the all deployed Deployments | | global.hostAliases | list | `[]` | Mapping between IP and hostnames that will be injected as entries in the pod's hosts files | | global.image.imagePullPolicy | string | `"IfNotPresent"` | If defined, a imagePullPolicy applied to all Argo CD deployments | @@ -398,11 +403,15 @@ NAME: my-release | global.logging.level | string | `"info"` | Set the global logging level. One of: `debug`, `info`, `warn` or `error` | | global.networkPolicy.create | bool | `false` | Create NetworkPolicy objects for all components | | global.networkPolicy.defaultDenyIngress | bool | `false` | Default deny all ingress traffic | +| global.nodeSelector | object | `{}` | Default node selector for all components | | global.podAnnotations | object | `{}` | Annotations for the all deployed pods | | global.podLabels | object | `{}` | Labels for the all deployed pods | +| global.priorityClassName | string | `""` | Default priority class for all components | | global.revisionHistoryLimit | int | `3` | Number of old deployment ReplicaSets to retain. The rest will be garbage collected. | | global.securityContext | object | `{}` (See [values.yaml]) | Toggle and define pod-level security context. | | global.statefulsetAnnotations | object | `{}` | Annotations for the all deployed Statefulsets | +| global.tolerations | object | `{}` | Default tolerations for all components | +| global.topologySpreadConstraints | list | `[]` | Default [TopologySpreadConstraints] rules for all components | ## Argo CD Configs @@ -505,7 +514,7 @@ NAME: my-release | controller.metrics.serviceMonitor.selector | object | `{}` | Prometheus ServiceMonitor selector | | controller.metrics.serviceMonitor.tlsConfig | object | `{}` | Prometheus ServiceMonitor tlsConfig | | controller.name | string | `"application-controller"` | Application controller name string | -| controller.nodeSelector | object | `{}` | [Node selector] | +| controller.nodeSelector | object | `{}` (defaults to global.nodeSelector) | [Node selector] | | controller.pdb.annotations | object | `{}` | Annotations to be added to application controller pdb | | controller.pdb.enabled | bool | `false` | Deploy a [PodDisruptionBudget] for the application controller | | controller.pdb.labels | object | `{}` | Labels to be added to application controller pdb | @@ -513,7 +522,7 @@ NAME: my-release | controller.pdb.minAvailable | string | `""` (defaults to 0 if not specified) | Number of pods that are available after eviction as number or percentage (eg.: 50%) | | controller.podAnnotations | object | `{}` | Annotations to be added to application controller pods | | controller.podLabels | object | `{}` | Labels to be added to application controller pods | -| controller.priorityClassName | string | `""` | Priority class for the application controller pods | +| controller.priorityClassName | string | `""` (defaults to global.priorityClassName) | Priority class for the application controller pods | | controller.readinessProbe.failureThreshold | int | `3` | Minimum consecutive failures for the [probe] to be considered failed after having succeeded | | controller.readinessProbe.initialDelaySeconds | int | `10` | Number of seconds after the container has started before [probe] is initiated | | controller.readinessProbe.periodSeconds | int | `10` | How often (in seconds) to perform the [probe] | @@ -527,8 +536,8 @@ NAME: my-release | controller.serviceAccount.labels | object | `{}` | Labels applied to created service account | | controller.serviceAccount.name | string | `"argocd-application-controller"` | Service account name | | controller.statefulsetAnnotations | object | `{}` | Annotations for the application controller StatefulSet | -| controller.tolerations | list | `[]` | [Tolerations] for use with node taints | -| controller.topologySpreadConstraints | list | `[]` | Assign custom [TopologySpreadConstraints] rules to the application controller | +| controller.tolerations | list | `[]` (defaults to global.tolerations) | [Tolerations] for use with node taints | +| controller.topologySpreadConstraints | list | `[]` (defaults to global.topologySpreadConstraints) | Assign custom [TopologySpreadConstraints] rules to the application controller | | controller.volumeMounts | list | `[]` | Additional volumeMounts to the application controller main container | | controller.volumes | list | `[]` | Additional volumes to the application controller pod | @@ -588,7 +597,7 @@ NAME: my-release | repoServer.metrics.serviceMonitor.selector | object | `{}` | Prometheus ServiceMonitor selector | | repoServer.metrics.serviceMonitor.tlsConfig | object | `{}` | Prometheus ServiceMonitor tlsConfig | | repoServer.name | string | `"repo-server"` | Repo server name | -| repoServer.nodeSelector | object | `{}` | [Node selector] | +| repoServer.nodeSelector | object | `{}` (defaults to global.nodeSelector) | [Node selector] | | repoServer.pdb.annotations | object | `{}` | Annotations to be added to repo server pdb | | repoServer.pdb.enabled | bool | `false` | Deploy a [PodDisruptionBudget] for the repo server | | repoServer.pdb.labels | object | `{}` | Labels to be added to repo server pdb | @@ -596,7 +605,7 @@ NAME: my-release | repoServer.pdb.minAvailable | string | `""` (defaults to 0 if not specified) | Number of pods that are available after eviction as number or percentage (eg.: 50%) | | repoServer.podAnnotations | object | `{}` | Annotations to be added to repo server pods | | repoServer.podLabels | object | `{}` | Labels to be added to repo server pods | -| repoServer.priorityClassName | string | `""` | Priority class for the repo server | +| repoServer.priorityClassName | string | `""` (defaults to global.priorityClassName) | Priority class for the repo server pods | | repoServer.rbac | list | `[]` | Repo server rbac rules | | repoServer.readinessProbe.failureThreshold | int | `3` | Minimum consecutive failures for the [probe] to be considered failed after having succeeded | | repoServer.readinessProbe.initialDelaySeconds | int | `10` | Number of seconds after the container has started before [probe] is initiated | @@ -614,8 +623,8 @@ NAME: my-release | repoServer.serviceAccount.create | bool | `true` | Create repo server service account | | repoServer.serviceAccount.labels | object | `{}` | Labels applied to created service account | | repoServer.serviceAccount.name | string | `""` | Repo server service account name | -| repoServer.tolerations | list | `[]` | [Tolerations] for use with node taints | -| repoServer.topologySpreadConstraints | list | `[]` | Assign custom [TopologySpreadConstraints] rules to the repo server | +| repoServer.tolerations | list | `[]` (defaults to global.tolerations) | [Tolerations] for use with node taints | +| repoServer.topologySpreadConstraints | list | `[]` (defaults to global.topologySpreadConstraints) | Assign custom [TopologySpreadConstraints] rules to the repo server | | repoServer.volumeMounts | list | `[]` | Additional volumeMounts to the repo server main container | | repoServer.volumes | list | `[]` | Additional volumes to the repo server pod | @@ -721,7 +730,7 @@ NAME: my-release | server.metrics.serviceMonitor.selector | object | `{}` | Prometheus ServiceMonitor selector | | server.metrics.serviceMonitor.tlsConfig | object | `{}` | Prometheus ServiceMonitor tlsConfig | | server.name | string | `"server"` | Argo CD server name | -| server.nodeSelector | object | `{}` | [Node selector] | +| server.nodeSelector | object | `{}` (defaults to global.nodeSelector) | [Node selector] | | server.pdb.annotations | object | `{}` | Annotations to be added to Argo CD server pdb | | server.pdb.enabled | bool | `false` | Deploy a [PodDisruptionBudget] for the Argo CD server | | server.pdb.labels | object | `{}` | Labels to be added to Argo CD server pdb | @@ -729,7 +738,7 @@ NAME: my-release | server.pdb.minAvailable | string | `""` (defaults to 0 if not specified) | Number of pods that are available after eviction as number or percentage (eg.: 50%) | | server.podAnnotations | object | `{}` | Annotations to be added to server pods | | server.podLabels | object | `{}` | Labels to be added to server pods | -| server.priorityClassName | string | `""` | Priority class for the Argo CD server | +| server.priorityClassName | string | `""` (defaults to global.priorityClassName) | Priority class for the Argo CD server pods | | server.readinessProbe.failureThreshold | int | `3` | Minimum consecutive failures for the [probe] to be considered failed after having succeeded | | server.readinessProbe.initialDelaySeconds | int | `10` | Number of seconds after the container has started before [probe] is initiated | | server.readinessProbe.periodSeconds | int | `10` | How often (in seconds) to perform the [probe] | @@ -761,8 +770,8 @@ NAME: my-release | server.serviceAccount.create | bool | `true` | Create server service account | | server.serviceAccount.labels | object | `{}` | Labels applied to created service account | | server.serviceAccount.name | string | `"argocd-server"` | Server service account name | -| server.tolerations | list | `[]` | [Tolerations] for use with node taints | -| server.topologySpreadConstraints | list | `[]` | Assign custom [TopologySpreadConstraints] rules to the Argo CD server | +| server.tolerations | list | `[]` (defaults to global.tolerations) | [Tolerations] for use with node taints | +| server.topologySpreadConstraints | list | `[]` (defaults to global.topologySpreadConstraints) | Assign custom [TopologySpreadConstraints] rules to the Argo CD server | | server.volumeMounts | list | `[]` | Additional volumeMounts to the server main container | | server.volumes | list | `[]` | Additional volumes to the server pod | @@ -840,7 +849,7 @@ server: | dex.metrics.serviceMonitor.selector | object | `{}` | Prometheus ServiceMonitor selector | | dex.metrics.serviceMonitor.tlsConfig | object | `{}` | Prometheus ServiceMonitor tlsConfig | | dex.name | string | `"dex-server"` | Dex name | -| dex.nodeSelector | object | `{}` | [Node selector] | +| dex.nodeSelector | object | `{}` (defaults to global.nodeSelector) | [Node selector] | | dex.pdb.annotations | object | `{}` | Annotations to be added to Dex server pdb | | dex.pdb.enabled | bool | `false` | Deploy a [PodDisruptionBudget] for the Dex server | | dex.pdb.labels | object | `{}` | Labels to be added to Dex server pdb | @@ -848,7 +857,7 @@ server: | dex.pdb.minAvailable | string | `""` (defaults to 0 if not specified) | Number of pods that are available after eviction as number or percentage (eg.: 50%) | | dex.podAnnotations | object | `{}` | Annotations to be added to the Dex server pods | | dex.podLabels | object | `{}` | Labels to be added to the Dex server pods | -| dex.priorityClassName | string | `""` | Priority class for dex | +| dex.priorityClassName | string | `""` (defaults to global.priorityClassName) | Priority class for the dex pods | | dex.readinessProbe.enabled | bool | `false` | Enable Kubernetes readiness probe for Dex >= 2.28.0 | | dex.readinessProbe.failureThreshold | int | `3` | Minimum consecutive failures for the [probe] to be considered failed after having succeeded | | dex.readinessProbe.initialDelaySeconds | int | `10` | Number of seconds after the container has started before [probe] is initiated | @@ -865,8 +874,8 @@ server: | dex.servicePortHttp | int | `5556` | Service port for HTTP access | | dex.servicePortHttpName | string | `"http"` | Service port name for HTTP access | | dex.servicePortMetrics | int | `5558` | Service port for metrics access | -| dex.tolerations | list | `[]` | [Tolerations] for use with node taints | -| dex.topologySpreadConstraints | list | `[]` | Assign custom [TopologySpreadConstraints] rules to dex | +| dex.tolerations | list | `[]` (defaults to global.tolerations) | [Tolerations] for use with node taints | +| dex.topologySpreadConstraints | list | `[]` (defaults to global.topologySpreadConstraints) | Assign custom [TopologySpreadConstraints] rules to dex | | dex.volumeMounts | list | `[]` | Additional volumeMounts to the dex main container | | dex.volumes | list | `[]` | Additional volumes to the dex pod | @@ -917,7 +926,7 @@ server: | redis.metrics.serviceMonitor.selector | object | `{}` | Prometheus ServiceMonitor selector | | redis.metrics.serviceMonitor.tlsConfig | object | `{}` | Prometheus ServiceMonitor tlsConfig | | redis.name | string | `"redis"` | Redis name | -| redis.nodeSelector | object | `{}` | [Node selector] | +| redis.nodeSelector | object | `{}` (defaults to global.nodeSelector) | [Node selector] | | redis.pdb.annotations | object | `{}` | Annotations to be added to Redis pdb | | redis.pdb.enabled | bool | `false` | Deploy a [PodDisruptionBudget] for the Redis | | redis.pdb.labels | object | `{}` | Labels to be added to Redis pdb | @@ -925,7 +934,7 @@ server: | redis.pdb.minAvailable | string | `""` (defaults to 0 if not specified) | Number of pods that are available after eviction as number or percentage (eg.: 50%) | | redis.podAnnotations | object | `{}` | Annotations to be added to the Redis server pods | | redis.podLabels | object | `{}` | Labels to be added to the Redis server pods | -| redis.priorityClassName | string | `""` | Priority class for redis | +| redis.priorityClassName | string | `""` (defaults to global.priorityClassName) | Priority class for redis pods | | redis.resources | object | `{}` | Resource limits and requests for redis | | redis.securityContext | object | See [values.yaml] | Redis pod-level security context | | redis.service.annotations | object | `{}` | Redis service annotations | @@ -935,8 +944,8 @@ server: | redis.serviceAccount.create | bool | `false` | Create a service account for the redis pod | | redis.serviceAccount.name | string | `""` | Service account name for redis pod | | redis.servicePort | int | `6379` | Redis service port | -| redis.tolerations | list | `[]` | [Tolerations] for use with node taints | -| redis.topologySpreadConstraints | list | `[]` | Assign custom [TopologySpreadConstraints] rules to redis | +| redis.tolerations | list | `[]` (defaults to global.tolerations) | [Tolerations] for use with node taints | +| redis.topologySpreadConstraints | list | `[]` (defaults to global.topologySpreadConstraints) | Assign custom [TopologySpreadConstraints] rules to redis | | redis.volumeMounts | list | `[]` | Additional volumeMounts to the redis container | | redis.volumes | list | `[]` | Additional volumes to the redis pod | @@ -1029,7 +1038,7 @@ If you want to use an existing Redis (eg. a managed service from a cloud provide | applicationSet.metrics.serviceMonitor.selector | object | `{}` | Prometheus ServiceMonitor selector | | applicationSet.metrics.serviceMonitor.tlsConfig | object | `{}` | Prometheus ServiceMonitor tlsConfig | | applicationSet.name | string | `"applicationset-controller"` | ApplicationSet controller name string | -| applicationSet.nodeSelector | object | `{}` | [Node selector] | +| applicationSet.nodeSelector | object | `{}` (defaults to global.nodeSelector) | [Node selector] | | applicationSet.pdb.annotations | object | `{}` | Annotations to be added to ApplicationSet controller pdb | | applicationSet.pdb.enabled | bool | `false` | Deploy a [PodDisruptionBudget] for the ApplicationSet controller | | applicationSet.pdb.labels | object | `{}` | Labels to be added to ApplicationSet controller pdb | @@ -1037,7 +1046,7 @@ If you want to use an existing Redis (eg. a managed service from a cloud provide | applicationSet.pdb.minAvailable | string | `""` (defaults to 0 if not specified) | Number of pods that are available after eviction as number or percentage (eg.: 50%) | | applicationSet.podAnnotations | object | `{}` | Annotations for the ApplicationSet controller pods | | applicationSet.podLabels | object | `{}` | Labels for the ApplicationSet controller pods | -| applicationSet.priorityClassName | string | `""` | If specified, indicates the pod's priority. If not specified, the pod priority will be default or zero if there is no default. | +| applicationSet.priorityClassName | string | `""` (defaults to global.priorityClassName) | Priority class for the ApplicationSet controller pods | | applicationSet.readinessProbe.enabled | bool | `false` | Enable Kubernetes liveness probe for ApplicationSet controller | | applicationSet.readinessProbe.failureThreshold | int | `3` | Minimum consecutive failures for the [probe] to be considered failed after having succeeded | | applicationSet.readinessProbe.initialDelaySeconds | int | `10` | Number of seconds after the container has started before [probe] is initiated | @@ -1055,7 +1064,8 @@ If you want to use an existing Redis (eg. a managed service from a cloud provide | applicationSet.serviceAccount.create | bool | `true` | Create ApplicationSet controller service account | | applicationSet.serviceAccount.labels | object | `{}` | Labels applied to created service account | | applicationSet.serviceAccount.name | string | `"argocd-applicationset-controller"` | ApplicationSet controller service account name | -| applicationSet.tolerations | list | `[]` | [Tolerations] for use with node taints | +| applicationSet.tolerations | list | `[]` (defaults to global.tolerations) | [Tolerations] for use with node taints | +| applicationSet.topologySpreadConstraints | list | `[]` (defaults to global.topologySpreadConstraints) | Assign custom [TopologySpreadConstraints] rules to the ApplicationSet controller | | applicationSet.webhook.ingress.annotations | object | `{}` | Additional ingress annotations | | applicationSet.webhook.ingress.enabled | bool | `false` | Enable an ingress resource for Webhooks | | applicationSet.webhook.ingress.extraPaths | list | `[]` | Additional ingress paths | @@ -1107,7 +1117,7 @@ If you want to use an existing Redis (eg. a managed service from a cloud provide | notifications.metrics.serviceMonitor.selector | object | `{}` | Prometheus ServiceMonitor selector | | notifications.metrics.serviceMonitor.tlsConfig | object | `{}` | Prometheus ServiceMonitor tlsConfig | | notifications.name | string | `"notifications-controller"` | Notifications controller name string | -| notifications.nodeSelector | object | `{}` | [Node selector] | +| notifications.nodeSelector | object | `{}` (defaults to global.nodeSelector) | [Node selector] | | notifications.notifiers | object | See [values.yaml] | Configures notification services such as slack, email or custom webhook | | notifications.pdb.annotations | object | `{}` | Annotations to be added to notifications controller pdb | | notifications.pdb.enabled | bool | `false` | Deploy a [PodDisruptionBudget] for the notifications controller | @@ -1116,7 +1126,7 @@ If you want to use an existing Redis (eg. a managed service from a cloud provide | notifications.pdb.minAvailable | string | `""` (defaults to 0 if not specified) | Number of pods that are available after eviction as number or percentage (eg.: 50%) | | notifications.podAnnotations | object | `{}` | Annotations to be applied to the notifications controller Pods | | notifications.podLabels | object | `{}` | Labels to be applied to the notifications controller Pods | -| notifications.priorityClassName | string | `""` | Priority class for the notifications controller pods | +| notifications.priorityClassName | string | `""` (defaults to global.priorityClassName) | Priority class for the notifications controller pods | | notifications.resources | object | `{}` | Resource limits and requests for the notifications controller | | notifications.secret.annotations | object | `{}` | key:value pairs of annotations to be added to the secret | | notifications.secret.create | bool | `true` | Whether helm chart creates notifications controller secret | @@ -1128,7 +1138,8 @@ If you want to use an existing Redis (eg. a managed service from a cloud provide | notifications.serviceAccount.name | string | `"argocd-notifications-controller"` | Notification controller service account name | | notifications.subscriptions | list | `[]` | Contains centrally managed global application subscriptions | | notifications.templates | object | `{}` | The notification template is used to generate the notification content | -| notifications.tolerations | list | `[]` | [Tolerations] for use with node taints | +| notifications.tolerations | list | `[]` (defaults to global.tolerations) | [Tolerations] for use with node taints | +| notifications.topologySpreadConstraints | list | `[]` (defaults to global.topologySpreadConstraints) | Assign custom [TopologySpreadConstraints] rules to the application controller | | notifications.triggers | object | `{}` | The trigger defines the condition when the notification should be sent | ---------------------------------------------- diff --git a/charts/argo-cd/README.md.gotmpl b/charts/argo-cd/README.md.gotmpl index f450e0e7c..945bab728 100644 --- a/charts/argo-cd/README.md.gotmpl +++ b/charts/argo-cd/README.md.gotmpl @@ -104,7 +104,12 @@ For full list of changes please check ArtifactHub [changelog]. Highlighted versions provide information about additional steps that should be performed by user when upgrading to newer version. -### 5.21.0 +### 5.24.0 + +This versions adds additional global parameters for scheduling (`nodeSelector`, `tolerations`, `topologySpreadConstraints`). +Default `global.affinity` rules can be disabled when `none` value is used for the preset. + +### 5.22.0 This versions adds `global.affinity` options that are used as a presets. Override on component level works as before and replaces the default preset completely. diff --git a/charts/argo-cd/templates/_common.tpl b/charts/argo-cd/templates/_common.tpl index 2ba53d8cc..dd43d0d5f 100644 --- a/charts/argo-cd/templates/_common.tpl +++ b/charts/argo-cd/templates/_common.tpl @@ -78,16 +78,18 @@ Node affinity {{- toYaml . -}} {{- else -}} {{- $preset := .context.Values.global.affinity -}} +{{- if (eq $preset.podAntiAffinity "soft") }} podAntiAffinity: preferredDuringSchedulingIgnoredDuringExecution: - {{- if (eq $preset.podAntiAffinity "soft") }} - weight: 100 podAffinityTerm: labelSelector: matchLabels: app.kubernetes.io/name: {{ include "argo-cd.name" .context }}-{{ .component.name }} topologyKey: kubernetes.io/hostname - {{- else }} +{{- else if (eq $preset.podAntiAffinity "hard") }} +podAntiAffinity: + preferredDuringSchedulingIgnoredDuringExecution: - weight: 100 podAffinityTerm: labelSelector: @@ -99,21 +101,22 @@ podAntiAffinity: matchLabels: app.kubernetes.io/name: {{ include "argo-cd.name" .context }}-{{ .component.name }} topologyKey: kubernetes.io/hostname - {{- end }} +{{- end }} {{- with $preset.nodeAffinity.matchExpressions }} +{{- if (eq $preset.nodeAffinity.type "soft") }} nodeAffinity: - {{- if (eq $preset.nodeAffinity.type "soft") }} preferredDuringSchedulingIgnoredDuringExecution: - weight: 1 preference: matchExpressions: {{- toYaml . | nindent 6 }} - {{- else }} +{{- else if (eq $preset.nodeAffinity.type "hard") }} +nodeAffinity: requiredDuringSchedulingIgnoredDuringExecution: nodeSelectorTerms: - matchExpressions: {{- toYaml . | nindent 6 }} - {{- end }} +{{- end }} {{- end -}} {{- end -}} {{- end -}} diff --git a/charts/argo-cd/templates/argocd-application-controller/statefulset.yaml b/charts/argo-cd/templates/argocd-application-controller/statefulset.yaml index f8460906b..ad8cbc1b7 100644 --- a/charts/argo-cd/templates/argocd-application-controller/statefulset.yaml +++ b/charts/argo-cd/templates/argocd-application-controller/statefulset.yaml @@ -45,6 +45,9 @@ spec: securityContext: {{- toYaml . | nindent 8 }} {{- end }} + {{- with .Values.controller.priorityClassName | default .Values.global.priorityClassName }} + priorityClassName: {{ . }} + {{- end }} serviceAccountName: {{ include "argo-cd.controllerServiceAccountName" . }} containers: - command: @@ -269,17 +272,19 @@ spec: initContainers: {{- tpl (toYaml .) $ | nindent 6 }} {{- end }} + {{- with include "argo-cd.affinity" (dict "context" . "component" .Values.controller) }} affinity: - {{- include "argo-cd.affinity" (dict "context" . "component" .Values.controller) | nindent 8 }} - {{- with .Values.controller.nodeSelector }} + {{- trim . | nindent 8 }} + {{- end }} + {{- with .Values.controller.nodeSelector | default .Values.global.nodeSelector }} nodeSelector: {{- toYaml . | nindent 8 }} {{- end }} - {{- with .Values.controller.tolerations }} + {{- with .Values.controller.tolerations | default .Values.global.tolerations }} tolerations: {{- toYaml . | nindent 8 }} {{- end }} - {{- with .Values.controller.topologySpreadConstraints }} + {{- with .Values.controller.topologySpreadConstraints | default .Values.global.topologySpreadConstraints }} topologySpreadConstraints: {{- range $constraint := . }} - {{ toYaml $constraint | nindent 8 | trim }} @@ -307,9 +312,6 @@ spec: path: tls.key - key: ca.crt path: ca.crt - {{- with .Values.controller.priorityClassName }} - priorityClassName: {{ . }} - {{- end }} hostNetwork: {{ .Values.controller.hostNetwork }} {{- with .Values.controller.dnsConfig }} dnsConfig: diff --git a/charts/argo-cd/templates/argocd-applicationset/deployment.yaml b/charts/argo-cd/templates/argocd-applicationset/deployment.yaml index 6011cd0ba..bbf8d160d 100644 --- a/charts/argo-cd/templates/argocd-applicationset/deployment.yaml +++ b/charts/argo-cd/templates/argocd-applicationset/deployment.yaml @@ -43,6 +43,9 @@ spec: securityContext: {{- toYaml . | nindent 8 }} {{- end }} + {{- with .Values.applicationSet.priorityClassName | default .Values.global.priorityClassName }} + priorityClassName: {{ . }} + {{- end }} serviceAccountName: {{ include "argo-cd.applicationSetServiceAccountName" . }} containers: - name: {{ .Values.applicationSet.name }} @@ -198,8 +201,10 @@ spec: initContainers: {{- tpl (toYaml .) $ | nindent 6 }} {{- end }} + {{- with include "argo-cd.affinity" (dict "context" . "component" .Values.applicationSet) }} affinity: - {{- include "argo-cd.affinity" (dict "context" . "component" .Values.applicationSet) | nindent 8 }} + {{- trim . | nindent 8 }} + {{- end }} {{- with .Values.applicationSet.nodeSelector }} nodeSelector: {{- toYaml . | nindent 8 }} @@ -208,8 +213,16 @@ spec: tolerations: {{- toYaml . | nindent 8 }} {{- end }} - {{- with .Values.applicationSet.priorityClassName }} - priorityClassName: {{ . }} + {{- with .Values.applicationSet.topologySpreadConstraints | default .Values.global.topologySpreadConstraints }} + topologySpreadConstraints: + {{- range $constraint := . }} + - {{ toYaml $constraint | nindent 8 | trim }} + {{- if not $constraint.labelSelector }} + labelSelector: + matchLabels: + {{- include "argo-cd.selectorLabels" (dict "context" $ "name" $.Values.applicationSet.name) | nindent 12 }} + {{- end }} + {{- end }} {{- end }} volumes: {{- with .Values.applicationSet.extraVolumes }} diff --git a/charts/argo-cd/templates/argocd-notifications/deployment.yaml b/charts/argo-cd/templates/argocd-notifications/deployment.yaml index e3e7968b7..45ba1de0b 100644 --- a/charts/argo-cd/templates/argocd-notifications/deployment.yaml +++ b/charts/argo-cd/templates/argocd-notifications/deployment.yaml @@ -45,6 +45,9 @@ spec: securityContext: {{- toYaml . | nindent 8 }} {{- end }} + {{- with .Values.notifications.priorityClassName | default .Values.global.priorityClassName }} + priorityClassName: {{ . }} + {{- end }} serviceAccountName: {{ include "argo-cd.notificationsServiceAccountName" . }} containers: - name: {{ .Values.notifications.name }} @@ -92,18 +95,28 @@ spec: initContainers: {{- tpl (toYaml . ) $ | nindent 8 }} {{- end }} + {{- with include "argo-cd.affinity" (dict "context" . "component" .Values.notifications) }} affinity: - {{- include "argo-cd.affinity" (dict "context" . "component" .Values.notifications) | nindent 8 }} - {{- with .Values.notifications.nodeSelector }} + {{- trim . | nindent 8 }} + {{- end }} + {{- with .Values.notifications.nodeSelector | default .Values.global.nodeSelector }} nodeSelector: {{- toYaml . | nindent 8 }} {{- end }} - {{- with .Values.notifications.tolerations }} + {{- with .Values.notifications.tolerations | default .Values.global.tolerations }} tolerations: {{- toYaml . | nindent 8 }} {{- end }} - {{- with .Values.notifications.priorityClassName }} - priorityClassName: {{ . }} + {{- with .Values.notifications.topologySpreadConstraints | default .Values.global.topologySpreadConstraints }} + topologySpreadConstraints: + {{- range $constraint := . }} + - {{ toYaml $constraint | nindent 8 | trim }} + {{- if not $constraint.labelSelector }} + labelSelector: + matchLabels: + {{- include "argo-cd.selectorLabels" (dict "context" $ "name" $.Values.notifications.name) | nindent 12 }} + {{- end }} + {{- end }} {{- end }} volumes: {{- with .Values.notifications.extraVolumes }} diff --git a/charts/argo-cd/templates/argocd-repo-server/deployment.yaml b/charts/argo-cd/templates/argocd-repo-server/deployment.yaml index 28bd3b6dc..3e22a00d4 100755 --- a/charts/argo-cd/templates/argocd-repo-server/deployment.yaml +++ b/charts/argo-cd/templates/argocd-repo-server/deployment.yaml @@ -48,6 +48,9 @@ spec: securityContext: {{- toYaml . | nindent 8 }} {{- end }} + {{- with .Values.repoServer.priorityClassName | default .Values.global.priorityClassName }} + priorityClassName: {{ . }} + {{- end }} serviceAccountName: {{ include "argo-cd.repoServerServiceAccountName" . }} containers: - name: {{ .Values.repoServer.name }} @@ -295,17 +298,19 @@ spec: {{- with .Values.repoServer.initContainers }} {{- tpl (toYaml .) $ | nindent 6 }} {{- end }} + {{- with include "argo-cd.affinity" (dict "context" . "component" .Values.repoServer) }} affinity: - {{- include "argo-cd.affinity" (dict "context" . "component" .Values.repoServer) | nindent 8 }} - {{- with .Values.repoServer.nodeSelector }} + {{- trim . | nindent 8 }} + {{- end }} + {{- with .Values.repoServer.nodeSelector | default .Values.global.nodeSelector }} nodeSelector: {{- toYaml . | nindent 8 }} {{- end }} - {{- with .Values.repoServer.tolerations }} + {{- with .Values.repoServer.tolerations | default .Values.global.tolerations }} tolerations: {{- toYaml . | nindent 8 }} {{- end }} - {{- with .Values.repoServer.topologySpreadConstraints }} + {{- with .Values.repoServer.topologySpreadConstraints | default .Values.global.topologySpreadConstraints }} topologySpreadConstraints: {{- range $constraint := . }} - {{ toYaml $constraint | nindent 8 | trim }} @@ -350,9 +355,6 @@ spec: path: tls.key - key: ca.crt path: ca.crt - {{- with .Values.repoServer.priorityClassName }} - priorityClassName: {{ . }} - {{- end }} hostNetwork: {{ .Values.repoServer.hostNetwork }} {{- with .Values.repoServer.dnsConfig }} dnsConfig: diff --git a/charts/argo-cd/templates/argocd-server/deployment.yaml b/charts/argo-cd/templates/argocd-server/deployment.yaml index ea3d3a6ed..bb2f750b4 100755 --- a/charts/argo-cd/templates/argocd-server/deployment.yaml +++ b/charts/argo-cd/templates/argocd-server/deployment.yaml @@ -45,6 +45,9 @@ spec: securityContext: {{- toYaml . | nindent 8 }} {{- end }} + {{- with .Values.server.priorityClassName | default .Values.global.priorityClassName }} + priorityClassName: {{ . }} + {{- end }} serviceAccountName: {{ include "argo-cd.serverServiceAccountName" . }} containers: - name: {{ .Values.server.name }} @@ -353,17 +356,19 @@ spec: initContainers: {{- tpl (toYaml .) $ | nindent 6 }} {{- end }} + {{- with include "argo-cd.affinity" (dict "context" . "component" .Values.server) }} affinity: - {{- include "argo-cd.affinity" (dict "context" . "component" .Values.server) | nindent 8 }} - {{- with .Values.server.nodeSelector }} + {{- trim . | nindent 8 }} + {{- end }} + {{- with .Values.server.nodeSelector | default .Values.global.nodeSelector }} nodeSelector: {{- toYaml . | nindent 8 }} {{- end }} - {{- with .Values.server.tolerations }} + {{- with .Values.server.tolerations | default .Values.global.tolerations }} tolerations: {{- toYaml . | nindent 8 }} {{- end }} - {{- with .Values.server.topologySpreadConstraints }} + {{- with .Values.server.topologySpreadConstraints | default .Values.global.topologySpreadConstraints }} topologySpreadConstraints: {{- range $constraint := . }} - {{ toYaml $constraint | nindent 8 | trim }} @@ -416,9 +421,6 @@ spec: path: tls.crt - key: ca.crt path: ca.crt - {{- with .Values.server.priorityClassName }} - priorityClassName: {{ . }} - {{- end }} hostNetwork: {{ .Values.server.hostNetwork }} {{- with .Values.server.dnsConfig }} dnsConfig: diff --git a/charts/argo-cd/templates/dex/deployment.yaml b/charts/argo-cd/templates/dex/deployment.yaml index d2189cc37..fd5e00d9d 100755 --- a/charts/argo-cd/templates/dex/deployment.yaml +++ b/charts/argo-cd/templates/dex/deployment.yaml @@ -47,7 +47,10 @@ spec: securityContext: {{- toYaml . | nindent 8 }} {{- end }} - serviceAccountName: {{ include "argo-cd.dexServiceAccountName" . }} + {{- with .Values.dex.priorityClassName | default .Values.global.priorityClassName }} + priorityClassName: {{ . }} + {{- end }} + serviceAccountName: {{ template "argo-cd.dexServiceAccountName" . }} containers: - name: {{ .Values.dex.name }} image: {{ .Values.dex.image.repository }}:{{ .Values.dex.image.tag }} @@ -143,17 +146,19 @@ spec: {{- with .Values.dex.initContainers }} {{- tpl (toYaml .) $ | nindent 6 }} {{- end }} - {{- with .Values.dex.nodeSelector }} + {{- with include "argo-cd.affinity" (dict "context" . "component" .Values.dex) }} + affinity: + {{- trim . | nindent 8 }} + {{- end }} + {{- with .Values.dex.nodeSelector | default .Values.global.nodeSelector }} nodeSelector: {{- toYaml . | nindent 8 }} {{- end }} - {{- with .Values.dex.tolerations }} + {{- with .Values.dex.tolerations | default .Values.global.tolerations }} tolerations: {{- toYaml . | nindent 8 }} {{- end }} - affinity: - {{- include "argo-cd.affinity" (dict "context" . "component" .Values.dex) | nindent 8 }} - {{- with .Values.dex.topologySpreadConstraints }} + {{- with .Values.dex.topologySpreadConstraints | default .Values.global.topologySpreadConstraints }} topologySpreadConstraints: {{- range $constraint := . }} - {{ toYaml $constraint | nindent 8 | trim }} @@ -183,9 +188,6 @@ spec: {{- with .Values.dex.volumes }} {{- toYaml . | nindent 6 }} {{- end }} - {{- with .Values.dex.priorityClassName }} - priorityClassName: {{ . }} - {{- end }} {{- with .Values.dex.dnsConfig }} dnsConfig: {{- toYaml . | nindent 8 }} diff --git a/charts/argo-cd/templates/redis/deployment.yaml b/charts/argo-cd/templates/redis/deployment.yaml index e23fe46ca..389cf678a 100755 --- a/charts/argo-cd/templates/redis/deployment.yaml +++ b/charts/argo-cd/templates/redis/deployment.yaml @@ -44,6 +44,9 @@ spec: securityContext: {{- toYaml . | nindent 8 }} {{- end }} + {{- with .Values.redis.priorityClassName | default .Values.global.priorityClassName }} + priorityClassName: {{ . }} + {{- end }} serviceAccountName: {{ include "argo-cd.redisServiceAccountName" . }} containers: - name: {{ .Values.redis.name }} @@ -102,17 +105,19 @@ spec: initContainers: {{- tpl (toYaml .) $ | nindent 6 }} {{- end }} - {{- with .Values.redis.nodeSelector }} + {{- with .Values.redis.nodeSelector | default .Values.global.nodeSelector }} nodeSelector: {{- toYaml . | nindent 8 }} {{- end }} - {{- with .Values.redis.tolerations }} + {{- with .Values.redis.tolerations | default .Values.global.tolerations }} tolerations: {{- toYaml . | nindent 8 }} {{- end }} + {{- with include "argo-cd.affinity" (dict "context" . "component" .Values.redis) }} affinity: - {{- include "argo-cd.affinity" (dict "context" . "component" .Values.redis) | nindent 8 }} - {{- with .Values.redis.topologySpreadConstraints }} + {{- trim . | nindent 8 }} + {{- end }} + {{- with .Values.redis.topologySpreadConstraints | default .Values.global.topologySpreadConstraints }} topologySpreadConstraints: {{- range $constraint := . }} - {{ toYaml $constraint | nindent 8 | trim }} @@ -123,9 +128,6 @@ spec: {{- end }} {{- end }} {{- end }} - {{- with .Values.redis.priorityClassName }} - priorityClassName: {{ . }} - {{- end }} {{- with .Values.redis.volumes }} volumes: {{- toYaml . | nindent 8}} diff --git a/charts/argo-cd/values.yaml b/charts/argo-cd/values.yaml index d7c5c8536..3cc933a62 100755 --- a/charts/argo-cd/values.yaml +++ b/charts/argo-cd/values.yaml @@ -99,13 +99,22 @@ global: # -- Default deny all ingress traffic defaultDenyIngress: false + # -- Default priority class for all components + priorityClassName: "" + + # -- Default node selector for all components + nodeSelector: {} + + # -- Default tolerations for all components + tolerations: {} + # Default affinity preset for all components affinity: - # -- Default pod anti-affinity rules. Either: `soft` or `hard` + # -- Default pod anti-affinity rules. Either: `none`, `soft` or `hard` podAntiAffinity: soft # Node affinity rules nodeAffinity: - # -- Default node affinity rules. Either: `soft` or `hard` + # -- Default node affinity rules. Either: `none`, `soft` or `hard` type: hard # -- Default match expressions for node affinity matchExpressions: [] @@ -115,6 +124,15 @@ global: # - antarctica-east1 # - antarctica-west1 + # -- Default [TopologySpreadConstraints] rules for all components + ## Ref: https://kubernetes.io/docs/concepts/workloads/pods/pod-topology-spread-constraints/ + ## If labelSelector is left out, it will default to the labelSelector of the component + topologySpreadConstraints: [] + # - maxSkew: 1 + # topologyKey: topology.kubernetes.io/zone + # whenUnsatisfiable: DoNotSchedule + + ## Argo Configs configs: # General Argo CD configuration @@ -637,10 +655,16 @@ controller: # -- Number of seconds after which the [probe] times out timeoutSeconds: 1 + # -- Priority class for the application controller pods + # @default -- `""` (defaults to global.priorityClassName) + priorityClassName: "" + # -- [Node selector] + # @default -- `{}` (defaults to global.nodeSelector) nodeSelector: {} # -- [Tolerations] for use with node taints + # @default -- `[]` (defaults to global.tolerations) tolerations: [] # -- Assign custom [affinity] rules to the deployment @@ -648,15 +672,13 @@ controller: affinity: {} # -- Assign custom [TopologySpreadConstraints] rules to the application controller + # @default -- `[]` (defaults to global.topologySpreadConstraints) ## Ref: https://kubernetes.io/docs/concepts/workloads/pods/pod-topology-spread-constraints/ ## If labelSelector is left out, it will default to the labelSelector configuration of the deployment topologySpreadConstraints: [] - # - maxSkew: 1 - # topologyKey: topology.kubernetes.io/zone - # whenUnsatisfiable: DoNotSchedule - - # -- Priority class for the application controller pods - priorityClassName: "" + # - maxSkew: 1 + # topologyKey: topology.kubernetes.io/zone + # whenUnsatisfiable: DoNotSchedule serviceAccount: # -- Create a service account for the application controller @@ -978,24 +1000,30 @@ dex: # -- Service port for metrics access servicePortMetrics: 5558 + # -- Priority class for the dex pods + # @default -- `""` (defaults to global.priorityClassName) + priorityClassName: "" + # -- [Node selector] + # @default -- `{}` (defaults to global.nodeSelector) nodeSelector: {} + # -- [Tolerations] for use with node taints + # @default -- `[]` (defaults to global.tolerations) tolerations: [] + # -- Assign custom [affinity] rules to the deployment # @default -- `{}` (defaults to global.affinity preset) affinity: {} # -- Assign custom [TopologySpreadConstraints] rules to dex + # @default -- `[]` (defaults to global.topologySpreadConstraints) ## Ref: https://kubernetes.io/docs/concepts/workloads/pods/pod-topology-spread-constraints/ ## If labelSelector is left out, it will default to the labelSelector configuration of the deployment topologySpreadConstraints: [] - # - maxSkew: 1 - # topologyKey: topology.kubernetes.io/zone - # whenUnsatisfiable: DoNotSchedule - - # -- Priority class for dex - priorityClassName: "" + # - maxSkew: 1 + # topologyKey: topology.kubernetes.io/zone + # whenUnsatisfiable: DoNotSchedule ## Redis redis: @@ -1148,10 +1176,16 @@ redis: # -- Redis service port servicePort: 6379 + # -- Priority class for redis pods + # @default -- `""` (defaults to global.priorityClassName) + priorityClassName: "" + # -- [Node selector] + # @default -- `{}` (defaults to global.nodeSelector) nodeSelector: {} # -- [Tolerations] for use with node taints + # @default -- `[]` (defaults to global.tolerations) tolerations: [] # -- Assign custom [affinity] rules to the deployment @@ -1159,15 +1193,13 @@ redis: affinity: {} # -- Assign custom [TopologySpreadConstraints] rules to redis + # @default -- `[]` (defaults to global.topologySpreadConstraints) ## Ref: https://kubernetes.io/docs/concepts/workloads/pods/pod-topology-spread-constraints/ ## If labelSelector is left out, it will default to the labelSelector configuration of the deployment topologySpreadConstraints: [] - # - maxSkew: 1 - # topologyKey: topology.kubernetes.io/zone - # whenUnsatisfiable: DoNotSchedule - - # -- Priority class for redis - priorityClassName: "" + # - maxSkew: 1 + # topologyKey: topology.kubernetes.io/zone + # whenUnsatisfiable: DoNotSchedule serviceAccount: # -- Create a service account for the redis pod @@ -1538,24 +1570,30 @@ server: # -- Number of seconds after which the [probe] times out timeoutSeconds: 1 + # -- Priority class for the Argo CD server pods + # @default -- `""` (defaults to global.priorityClassName) + priorityClassName: "" + # -- [Node selector] + # @default -- `{}` (defaults to global.nodeSelector) nodeSelector: {} + # -- [Tolerations] for use with node taints + # @default -- `[]` (defaults to global.tolerations) tolerations: [] + # -- Assign custom [affinity] rules to the deployment # @default -- `{}` (defaults to global.affinity preset) affinity: {} # -- Assign custom [TopologySpreadConstraints] rules to the Argo CD server + # @default -- `[]` (defaults to global.topologySpreadConstraints) ## Ref: https://kubernetes.io/docs/concepts/workloads/pods/pod-topology-spread-constraints/ ## If labelSelector is left out, it will default to the labelSelector configuration of the deployment topologySpreadConstraints: [] - # - maxSkew: 1 - # topologyKey: topology.kubernetes.io/zone - # whenUnsatisfiable: DoNotSchedule - - # -- Priority class for the Argo CD server - priorityClassName: "" + # - maxSkew: 1 + # topologyKey: topology.kubernetes.io/zone + # whenUnsatisfiable: DoNotSchedule # TLS certificate configuration via cert-manager ## Ref: https://argo-cd.readthedocs.io/en/stable/operator-manual/tls/#tls-certificates-used-by-argocd-server @@ -2031,22 +2069,28 @@ repoServer: timeoutSeconds: 1 # -- [Node selector] + # @default -- `{}` (defaults to global.nodeSelector) nodeSelector: {} + # -- [Tolerations] for use with node taints + # @default -- `[]` (defaults to global.tolerations) tolerations: [] + # -- Assign custom [affinity] rules to the deployment # @default -- `{}` (defaults to global.affinity preset) affinity: {} # -- Assign custom [TopologySpreadConstraints] rules to the repo server + # @default -- `[]` (defaults to global.topologySpreadConstraints) ## Ref: https://kubernetes.io/docs/concepts/workloads/pods/pod-topology-spread-constraints/ ## If labelSelector is left out, it will default to the labelSelector configuration of the deployment topologySpreadConstraints: [] - # - maxSkew: 1 - # topologyKey: topology.kubernetes.io/zone - # whenUnsatisfiable: DoNotSchedule + # - maxSkew: 1 + # topologyKey: topology.kubernetes.io/zone + # whenUnsatisfiable: DoNotSchedule - # -- Priority class for the repo server + # -- Priority class for the repo server pods + # @default -- `""` (defaults to global.priorityClassName) priorityClassName: "" # TLS certificate configuration via Secret @@ -2365,16 +2409,28 @@ applicationSet: failureThreshold: 3 # -- [Node selector] + # @default -- `{}` (defaults to global.nodeSelector) nodeSelector: {} # -- [Tolerations] for use with node taints + # @default -- `[]` (defaults to global.tolerations) tolerations: [] # -- Assign custom [affinity] rules # @default -- `{}` (defaults to global.affinity preset) affinity: {} - # -- If specified, indicates the pod's priority. If not specified, the pod priority will be default or zero if there is no default. + # -- Assign custom [TopologySpreadConstraints] rules to the ApplicationSet controller + # @default -- `[]` (defaults to global.topologySpreadConstraints) + ## Ref: https://kubernetes.io/docs/concepts/workloads/pods/pod-topology-spread-constraints/ + ## If labelSelector is left out, it will default to the labelSelector configuration of the deployment + topologySpreadConstraints: [] + # - maxSkew: 1 + # topologyKey: topology.kubernetes.io/zone + # whenUnsatisfiable: DoNotSchedule + + # -- Priority class for the ApplicationSet controller pods + # @default -- `""` (defaults to global.priorityClassName) priorityClassName: "" ## Webhook for the Git Generator @@ -2611,16 +2667,28 @@ notifications: - ALL # -- [Node selector] + # @default -- `{}` (defaults to global.nodeSelector) nodeSelector: {} # -- [Tolerations] for use with node taints + # @default -- `[]` (defaults to global.tolerations) tolerations: [] # -- Assign custom [affinity] rules # @default -- `{}` (defaults to global.affinity preset) affinity: {} + # -- Assign custom [TopologySpreadConstraints] rules to the application controller + # @default -- `[]` (defaults to global.topologySpreadConstraints) + ## Ref: https://kubernetes.io/docs/concepts/workloads/pods/pod-topology-spread-constraints/ + ## If labelSelector is left out, it will default to the labelSelector configuration of the deployment + topologySpreadConstraints: [] + # - maxSkew: 1 + # topologyKey: topology.kubernetes.io/zone + # whenUnsatisfiable: DoNotSchedule + # -- Priority class for the notifications controller pods + # @default -- `""` (defaults to global.priorityClassName) priorityClassName: "" serviceAccount: From 037d3a9e769749ac49d3d6e7dac5417fd673ac7f Mon Sep 17 00:00:00 2001 From: Sergi Alonso <45431066+sergialonsaco@users.noreply.github.com> Date: Thu, 2 Mar 2023 15:56:41 +0100 Subject: [PATCH 090/356] fix(argocd-apps): Add revisionHistoryLimit option to apps (#1874) --- charts/argocd-apps/Chart.yaml | 2 +- charts/argocd-apps/ci/applications-values.yaml | 1 + charts/argocd-apps/templates/applications.yaml | 3 +++ charts/argocd-apps/values.yaml | 1 + 4 files changed, 6 insertions(+), 1 deletion(-) diff --git a/charts/argocd-apps/Chart.yaml b/charts/argocd-apps/Chart.yaml index 1a2c09148..2f7a6d5cc 100644 --- a/charts/argocd-apps/Chart.yaml +++ b/charts/argocd-apps/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v2 name: argocd-apps description: A Helm chart for managing additional Argo CD Applications and Projects type: application -version: 0.0.8 +version: 0.0.9 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png keywords: diff --git a/charts/argocd-apps/ci/applications-values.yaml b/charts/argocd-apps/ci/applications-values.yaml index 4d708a16f..9d8b21bfb 100644 --- a/charts/argocd-apps/ci/applications-values.yaml +++ b/charts/argocd-apps/ci/applications-values.yaml @@ -20,6 +20,7 @@ applications: automated: prune: false selfHeal: false + revisionHistoryLimit: null ignoreDifferences: - group: apps kind: Deployment diff --git a/charts/argocd-apps/templates/applications.yaml b/charts/argocd-apps/templates/applications.yaml index fee643d81..df0ea5eb8 100644 --- a/charts/argocd-apps/templates/applications.yaml +++ b/charts/argocd-apps/templates/applications.yaml @@ -37,6 +37,9 @@ spec: syncPolicy: {{- toYaml . | nindent 4 }} {{- end }} + {{- with .revisionHistoryLimit }} + revisionHistoryLimit: {{ . }} + {{- end }} {{- with .ignoreDifferences }} ignoreDifferences: {{- toYaml . | nindent 4 }} diff --git a/charts/argocd-apps/values.yaml b/charts/argocd-apps/values.yaml index 62a2509c4..eb0767b95 100644 --- a/charts/argocd-apps/values.yaml +++ b/charts/argocd-apps/values.yaml @@ -30,6 +30,7 @@ applications: [] # automated: # prune: false # selfHeal: false +# revisionHistoryLimit: null # ignoreDifferences: # - group: apps # kind: Deployment From 9663ca2fbdc060166fba7ce19898431c3e5e2b85 Mon Sep 17 00:00:00 2001 From: Aikawa Date: Fri, 3 Mar 2023 00:02:33 +0900 Subject: [PATCH 091/356] chore(argo-rollouts): Upgrade Argo Rollouts to v.1.4.1 (#1877) * chore(argo-rollouts): Upgrade Argo Rollouts to v.1.4.1 Signed-off-by: yu-croco * chore(argo-rollouts): Add update information Signed-off-by: yu-croco --------- Co-authored-by: Jason Meridth --- charts/argo-rollouts/Chart.yaml | 10 ++++++---- charts/argo-rollouts/README.md | 5 +++++ charts/argo-rollouts/README.md.gotmpl | 5 +++++ 3 files changed, 16 insertions(+), 4 deletions(-) diff --git a/charts/argo-rollouts/Chart.yaml b/charts/argo-rollouts/Chart.yaml index 2beb83ffa..a5e8e9c59 100644 --- a/charts/argo-rollouts/Chart.yaml +++ b/charts/argo-rollouts/Chart.yaml @@ -1,8 +1,8 @@ apiVersion: v2 -appVersion: v1.4.0 +appVersion: v1.4.1 description: A Helm chart for Argo Rollouts name: argo-rollouts -version: 2.22.2 +version: 2.22.3 home: https://github.com/argoproj/argo-helm icon: https://argoproj.github.io/argo-rollouts/assets/logo.png keywords: @@ -15,5 +15,7 @@ maintainers: url: https://argoproj.github.io/ annotations: artifacthub.io/changes: | - - kind: fixed - description: Align changelog structure to show changelogs on Artifact Hub + - kind: changed + description: Upgrade Argo Rollouts to v.1.4.1 + - kind: added + description: Put Changelog URL on README.md diff --git a/charts/argo-rollouts/README.md b/charts/argo-rollouts/README.md index 73581f4ee..ee3821bf0 100644 --- a/charts/argo-rollouts/README.md +++ b/charts/argo-rollouts/README.md @@ -33,6 +33,10 @@ If dashboard is installed by `--set dashboard.enabled=true`, checkout the argo-r |:---------------------------------------------------------------------------| | The chart provides an option to change the service type (`dashboard.service.type`). Also it provides the ability to expose the dashboard via Ingress. Dashboard was never intended to be exposed as an administrative console -- it started out as a local view available via CLI. It should be protected by something (e.g. network access or even better an oauth proxy). | +## Changelog + +For full list of changes please check ArtifactHub [changelog]. + ## Chart Values ### General parameters @@ -188,3 +192,4 @@ Autogenerated from chart metadata using [helm-docs](https://github.com/norwoodj/ [priorityClassName]: https://kubernetes.io/docs/concepts/scheduling-eviction/pod-priority-preemption/ [Pod Disruption Budget]: https://kubernetes.io/docs/concepts/workloads/pods/disruptions/#pod-disruption-budgets [values.yaml]: values.yaml +[changelog]: https://artifacthub.io/packages/helm/argo/argo-rollouts?modal=changelog diff --git a/charts/argo-rollouts/README.md.gotmpl b/charts/argo-rollouts/README.md.gotmpl index 1a587350f..735dae2c5 100644 --- a/charts/argo-rollouts/README.md.gotmpl +++ b/charts/argo-rollouts/README.md.gotmpl @@ -33,6 +33,10 @@ If dashboard is installed by `--set dashboard.enabled=true`, checkout the argo-r |:---------------------------------------------------------------------------| | The chart provides an option to change the service type (`dashboard.service.type`). Also it provides the ability to expose the dashboard via Ingress. Dashboard was never intended to be exposed as an administrative console -- it started out as a local view available via CLI. It should be protected by something (e.g. network access or even better an oauth proxy). | +## Changelog + +For full list of changes please check ArtifactHub [changelog]. + ## Chart Values ### General parameters @@ -100,3 +104,4 @@ Autogenerated from chart metadata using [helm-docs](https://github.com/norwoodj/ [priorityClassName]: https://kubernetes.io/docs/concepts/scheduling-eviction/pod-priority-preemption/ [Pod Disruption Budget]: https://kubernetes.io/docs/concepts/workloads/pods/disruptions/#pod-disruption-budgets [values.yaml]: values.yaml +[changelog]: https://artifacthub.io/packages/helm/argo/argo-rollouts?modal=changelog From 77d9214543eda5c963ab80c2da99b295c6489bba Mon Sep 17 00:00:00 2001 From: Ian Martin Date: Fri, 3 Mar 2023 10:53:18 -0700 Subject: [PATCH 092/356] fix(argo-cd): ApplicationSet deployment uses global tolerations (#1881) * ApplicationSet deployment uses global tolerations Fixes #1880 Signed-off-by: Ian Martin * Bump chart version, add artifacthub annotations Signed-off-by: Ian Martin * correct change entry Signed-off-by: Ian Martin --------- Signed-off-by: Ian Martin --- charts/argo-cd/Chart.yaml | 16 +++------------- .../argocd-applicationset/deployment.yaml | 2 +- 2 files changed, 4 insertions(+), 14 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index 2760c828b..8e1e29f65 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -3,7 +3,7 @@ appVersion: v2.6.3 kubeVersion: ">=1.22.0-0" description: A Helm chart for Argo CD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 5.24.0 +version: 5.24.1 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png sources: @@ -23,15 +23,5 @@ dependencies: condition: redis-ha.enabled annotations: artifacthub.io/changes: | - - kind: added - description: Global nodeSelector configuration - - kind: added - description: Global tolerations configuration - - kind: added - description: Global topologySpreadConstraints configuration - - kind: added - description: Missing component level topologySpreadConstraints configuration - - kind: added - description: Missing component level priorityClassName configuration - - kind: changed - description: Global affinity preset can be disabled + - kind: fixed + description: ApplicationSet utilizes global tolerations diff --git a/charts/argo-cd/templates/argocd-applicationset/deployment.yaml b/charts/argo-cd/templates/argocd-applicationset/deployment.yaml index bbf8d160d..c737fb5ea 100644 --- a/charts/argo-cd/templates/argocd-applicationset/deployment.yaml +++ b/charts/argo-cd/templates/argocd-applicationset/deployment.yaml @@ -209,7 +209,7 @@ spec: nodeSelector: {{- toYaml . | nindent 8 }} {{- end }} - {{- with .Values.applicationSet.tolerations }} + {{- with .Values.applicationSet.tolerations | default .Values.global.tolerations }} tolerations: {{- toYaml . | nindent 8 }} {{- end }} From a7a4294a99f20bedc9e90baadfb19a058298703a Mon Sep 17 00:00:00 2001 From: Jason Meridth Date: Mon, 6 Mar 2023 13:00:30 -0600 Subject: [PATCH 093/356] chore(github): Add slack button to README (#1887) * chore(github): Add slack button to README Signed-off-by: jmeridth * Update README.md Co-authored-by: Marco Kilchhofer Signed-off-by: Jason Meridth --------- Signed-off-by: jmeridth Signed-off-by: Jason Meridth Co-authored-by: Marco Kilchhofer --- README.md | 1 + 1 file changed, 1 insertion(+) diff --git a/README.md b/README.md index 210b9a83a..ac71eb3ef 100644 --- a/README.md +++ b/README.md @@ -1,5 +1,6 @@ # Argo Helm Charts +[![Slack](https://img.shields.io/badge/slack-%23argo--helm--charts-brightgreen.svg?logo=slack)](https://argoproj.github.io/community/join-slack) [![License](https://img.shields.io/badge/License-Apache%202.0-blue.svg)](https://opensource.org/licenses/Apache-2.0) [![Chart Publish](https://github.com/argoproj/argo-helm/actions/workflows/publish.yml/badge.svg?branch=main)](https://github.com/argoproj/argo-helm/actions/workflows/publish.yml) [![Artifact HUB](https://img.shields.io/endpoint?url=https://artifacthub.io/badge/repository/argo)](https://artifacthub.io/packages/search?repo=argo) From 16fe47b908909141d46046d6cc98b1141f9dfd7a Mon Sep 17 00:00:00 2001 From: Aikawa Date: Wed, 8 Mar 2023 16:12:58 +0900 Subject: [PATCH 094/356] chore(argo-cd): Upgrade Argo CD v2.6.4 (#1891) Signed-off-by: yu-croco --- charts/argo-cd/Chart.yaml | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index 8e1e29f65..cc699d336 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -1,9 +1,9 @@ apiVersion: v2 -appVersion: v2.6.3 +appVersion: v2.6.4 kubeVersion: ">=1.22.0-0" description: A Helm chart for Argo CD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 5.24.1 +version: 5.24.2 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png sources: @@ -23,5 +23,5 @@ dependencies: condition: redis-ha.enabled annotations: artifacthub.io/changes: | - - kind: fixed - description: ApplicationSet utilizes global tolerations + - kind: changed + description: Upgrade Argo CD v2.6.4 From 832a1e5c109fe6e4b0134a3bd7371671dbf0ddca Mon Sep 17 00:00:00 2001 From: TheRealNoob Date: Wed, 8 Mar 2023 01:46:33 -0600 Subject: [PATCH 095/356] fix(argo-cd): Clarify syntax in values.yaml (#1864) --- charts/argo-cd/Chart.yaml | 6 +++--- charts/argo-cd/README.md | 4 ++++ charts/argo-cd/values.yaml | 16 +++++++++++----- 3 files changed, 18 insertions(+), 8 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index cc699d336..bf4ed7375 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -3,7 +3,7 @@ appVersion: v2.6.4 kubeVersion: ">=1.22.0-0" description: A Helm chart for Argo CD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 5.24.2 +version: 5.24.3 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png sources: @@ -23,5 +23,5 @@ dependencies: condition: redis-ha.enabled annotations: artifacthub.io/changes: | - - kind: changed - description: Upgrade Argo CD v2.6.4 + - kind: fixed + description: Clarify syntax in values.yaml diff --git a/charts/argo-cd/README.md b/charts/argo-cd/README.md index 21a945fa8..63806eb26 100644 --- a/charts/argo-cd/README.md +++ b/charts/argo-cd/README.md @@ -497,7 +497,11 @@ NAME: my-release | controller.metrics.applicationLabels.enabled | bool | `false` | Enables additional labels in argocd_app_labels metric | | controller.metrics.applicationLabels.labels | list | `[]` | Additional labels | | controller.metrics.enabled | bool | `false` | Deploy metrics service | +| controller.metrics.rules.additionalLabels | object | `{}` | PrometheusRule labels | +| controller.metrics.rules.annotations | object | `{}` | PrometheusRule annotations | | controller.metrics.rules.enabled | bool | `false` | Deploy a PrometheusRule for the application controller | +| controller.metrics.rules.namespace | string | `""` | PrometheusRule namespace | +| controller.metrics.rules.selector | object | `{}` | PrometheusRule selector | | controller.metrics.rules.spec | list | `[]` | PrometheusRule.Spec for the application controller | | controller.metrics.service.annotations | object | `{}` | Metrics service annotations | | controller.metrics.service.labels | object | `{}` | Metrics service labels | diff --git a/charts/argo-cd/values.yaml b/charts/argo-cd/values.yaml index 3cc933a62..f0da2fcb8 100755 --- a/charts/argo-cd/values.yaml +++ b/charts/argo-cd/values.yaml @@ -736,6 +736,17 @@ controller: rules: # -- Deploy a PrometheusRule for the application controller enabled: false + # -- PrometheusRule namespace + namespace: "" # "monitoring" + # -- PrometheusRule selector + selector: {} + # prometheus: kube-prometheus + + # -- PrometheusRule labels + additionalLabels: {} + # -- PrometheusRule annotations + annotations: {} + # -- PrometheusRule.Spec for the application controller spec: [] # - alert: ArgoAppMissing @@ -762,11 +773,6 @@ controller: # The application [{{`{{$labels.name}}`}} has not been synchronized for over # 12 hours which means that the state of this cloud has drifted away from the # state inside Git. - # selector: - # prometheus: kube-prometheus - # namespace: monitoring - # additionalLabels: {} - # annotations: {} ## Enable this and set the rules: to whatever custom rules you want for the Cluster Role resource. ## Defaults to off From 71f61651aedc798598fd1501f00869e8fa20ab49 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Tom=C3=A1=C5=A1=20Kukr=C3=A1l?= Date: Thu, 9 Mar 2023 11:48:22 +0100 Subject: [PATCH 096/356] fix(argo-cd): skip empty configmap params (#1892) --- charts/argo-cd/Chart.yaml | 4 ++-- charts/argo-cd/templates/_helpers.tpl | 5 ++++- 2 files changed, 6 insertions(+), 3 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index bf4ed7375..17ea8a45f 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -3,7 +3,7 @@ appVersion: v2.6.4 kubeVersion: ">=1.22.0-0" description: A Helm chart for Argo CD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 5.24.3 +version: 5.24.4 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png sources: @@ -24,4 +24,4 @@ dependencies: annotations: artifacthub.io/changes: | - kind: fixed - description: Clarify syntax in values.yaml + description: Updated argocd-cm to skip empty values diff --git a/charts/argo-cd/templates/_helpers.tpl b/charts/argo-cd/templates/_helpers.tpl index 377a07e12..2338d1c03 100644 --- a/charts/argo-cd/templates/_helpers.tpl +++ b/charts/argo-cd/templates/_helpers.tpl @@ -174,7 +174,10 @@ Merge Argo Configuration with Preset Configuration {{- $config := (mergeOverwrite (deepCopy (omit .Values.configs.cm "create" "annotations")) (.Values.server.config | default dict)) -}} {{- $preset := include "argo-cd.config.cm.presets" . | fromYaml | default dict -}} {{- range $key, $value := mergeOverwrite $preset $config }} -{{ $key }}: {{ toString $value | toYaml }} +{{- $fmted := $value | toString }} +{{- if not (eq $fmted "") }} +{{ $key }}: {{ $fmted | toYaml }} +{{- end }} {{- end }} {{- end -}} From 9781abdfd8e5b612dcec58f664aea45a4e26c382 Mon Sep 17 00:00:00 2001 From: Christian Groschupp Date: Thu, 9 Mar 2023 13:05:01 +0100 Subject: [PATCH 097/356] feat(argo-cd): add parameter env to redis exporter (#1876) Signed-off-by: Christian Groschupp --- charts/argo-cd/Chart.yaml | 6 +++--- charts/argo-cd/README.md | 1 + charts/argo-cd/templates/redis/deployment.yaml | 3 +++ charts/argo-cd/values.yaml | 2 ++ 4 files changed, 9 insertions(+), 3 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index 17ea8a45f..663a10815 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -3,7 +3,7 @@ appVersion: v2.6.4 kubeVersion: ">=1.22.0-0" description: A Helm chart for Argo CD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 5.24.4 +version: 5.25.0 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png sources: @@ -23,5 +23,5 @@ dependencies: condition: redis-ha.enabled annotations: artifacthub.io/changes: | - - kind: fixed - description: Updated argocd-cm to skip empty values + - kind: added + description: Add parameter env to redis exporter diff --git a/charts/argo-cd/README.md b/charts/argo-cd/README.md index 63806eb26..b5e4adba0 100644 --- a/charts/argo-cd/README.md +++ b/charts/argo-cd/README.md @@ -901,6 +901,7 @@ server: | redis.envFrom | list | `[]` (See [values.yaml]) | envFrom to pass to the Redis server | | redis.exporter.containerSecurityContext | object | See [values.yaml] | Redis exporter security context | | redis.exporter.enabled | bool | `false` | Enable Prometheus redis-exporter sidecar | +| redis.exporter.env | list | `[]` | Environment variables to pass to the Redis exporter | | redis.exporter.image.imagePullPolicy | string | `""` (defaults to global.image.imagePullPolicy) | Image pull policy for the redis-exporter | | redis.exporter.image.repository | string | `"public.ecr.aws/bitnami/redis-exporter"` | Repository to use for the redis-exporter | | redis.exporter.image.tag | string | `"1.45.0"` | Tag to use for the redis-exporter | diff --git a/charts/argo-cd/templates/redis/deployment.yaml b/charts/argo-cd/templates/redis/deployment.yaml index 389cf678a..3376d7323 100755 --- a/charts/argo-cd/templates/redis/deployment.yaml +++ b/charts/argo-cd/templates/redis/deployment.yaml @@ -89,6 +89,9 @@ spec: value: {{ printf "redis://localhost:%v" .Values.redis.containerPorts.redis }} - name: REDIS_EXPORTER_WEB_LISTEN_ADDRESS value: {{ printf "0.0.0.0:%v" .Values.redis.containerPorts.metrics }} + {{- with .Values.redis.exporter.env }} + {{- toYaml . | nindent 8 }} + {{- end }} ports: - name: metrics containerPort: {{ .Values.redis.containerPorts.metrics }} diff --git a/charts/argo-cd/values.yaml b/charts/argo-cd/values.yaml index f0da2fcb8..a5b5a9899 100755 --- a/charts/argo-cd/values.yaml +++ b/charts/argo-cd/values.yaml @@ -1068,6 +1068,8 @@ redis: exporter: # -- Enable Prometheus redis-exporter sidecar enabled: false + # -- Environment variables to pass to the Redis exporter + env: [] ## Prometheus redis-exporter image image: # -- Repository to use for the redis-exporter From 0845b604805ba32db3994e0759d46108dc18428b Mon Sep 17 00:00:00 2001 From: Saad Ali Date: Sun, 12 Mar 2023 19:00:24 +0500 Subject: [PATCH 098/356] feat(argo-cd): Added Config Management Plugins cm (#1865) * feat(argo-cd): Added Config Management Plugins cm using sidecar approach Signed-off-by: Saad Ali * fix(argo-cd): Set ConfigMap creation for CMP using sidecar approach to false by default Signed-off-by: Saad Ali --------- Signed-off-by: Saad Ali Signed-off-by: Petr Drastil Co-authored-by: Petr Drastil --- charts/argo-cd/Chart.yaml | 6 +- charts/argo-cd/README.md | 3 + .../argocd-configs/argocd-cmp-cm.yaml | 24 ++++ charts/argo-cd/values.yaml | 108 ++++++++++++++---- 4 files changed, 115 insertions(+), 26 deletions(-) create mode 100644 charts/argo-cd/templates/argocd-configs/argocd-cmp-cm.yaml diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index 663a10815..ea4a432a4 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -3,7 +3,7 @@ appVersion: v2.6.4 kubeVersion: ">=1.22.0-0" description: A Helm chart for Argo CD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 5.25.0 +version: 5.26.0 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png sources: @@ -23,5 +23,5 @@ dependencies: condition: redis-ha.enabled annotations: artifacthub.io/changes: | - - kind: added - description: Add parameter env to redis exporter + - kind: Added + description: ConfigMap for Config Management Plugins using sidecar approach diff --git a/charts/argo-cd/README.md b/charts/argo-cd/README.md index b5e4adba0..9606ee6c3 100644 --- a/charts/argo-cd/README.md +++ b/charts/argo-cd/README.md @@ -427,6 +427,9 @@ NAME: my-release | configs.cm.annotations | object | `{}` | Annotations to be added to argocd-cm configmap | | configs.cm.create | bool | `true` | Create the argocd-cm configmap for [declarative setup] | | configs.cm.url | string | `""` | Argo CD's externally facing base URL (optional). Required when configuring SSO | +| configs.cmp.annotations | object | `{}` | Annotations to be added to argocd-cmp-cm configmap | +| configs.cmp.create | bool | `false` | Create the argocd-cmp-cm configmap | +| configs.cmp.plugins | object | `{}` | Plugin yaml files to be added to argocd-cmp-cm | | configs.credentialTemplates | object | `{}` | Repository credentials to be used as Templates for other repos | | configs.credentialTemplatesAnnotations | object | `{}` | Annotations to be added to `configs.credentialTemplates` Secret | | configs.gpg.annotations | object | `{}` | Annotations to be added to argocd-gpg-keys-cm configmap | diff --git a/charts/argo-cd/templates/argocd-configs/argocd-cmp-cm.yaml b/charts/argo-cd/templates/argocd-configs/argocd-cmp-cm.yaml new file mode 100644 index 000000000..39a6db6b6 --- /dev/null +++ b/charts/argo-cd/templates/argocd-configs/argocd-cmp-cm.yaml @@ -0,0 +1,24 @@ +{{- if .Values.configs.cmp.create }} +apiVersion: v1 +kind: ConfigMap +metadata: + name: argocd-cmp-cm + labels: + {{- include "argo-cd.labels" (dict "context" . "component" .Values.repoServer.name "name" "cmp-cm") | nindent 4 }} + {{- with .Values.configs.cmp.annotations }} + annotations: + {{- range $key, $value := . }} + {{ $key }}: {{ $value | quote }} + {{- end }} + {{- end }} +data: + {{- range $cmp_plugin, $cmp_plugin_config := .Values.configs.cmp.plugins }} + {{ $cmp_plugin }}.yaml: | + apiVersion: argoproj.io/v1alpha1 + kind: ConfigManagementPlugin + metadata: + name: {{ $cmp_plugin }} + spec: + {{- toYaml $cmp_plugin_config | nindent 6 }} + {{- end }} +{{- end }} diff --git a/charts/argo-cd/values.yaml b/charts/argo-cd/values.yaml index a5b5a9899..c1a693a4e 100755 --- a/charts/argo-cd/values.yaml +++ b/charts/argo-cd/values.yaml @@ -331,6 +331,49 @@ configs: # ... # -----END CERTIFICATE----- + # ConfigMap for Config Management Plugins + # Ref: https://argo-cd.readthedocs.io/en/stable/operator-manual/config-management-plugins/ + cmp: + # -- Create the argocd-cmp-cm configmap + create: false + + # -- Annotations to be added to argocd-cmp-cm configmap + annotations: {} + + # -- Plugin yaml files to be added to argocd-cmp-cm + plugins: {} + # --- First plugin + # my-plugin: + # init: + # command: [sh] + # args: [-c, 'echo "Initializing..."'] + # generate: + # command: [sh, -c] + # args: + # - | + # echo "{\"kind\": \"ConfigMap\", \"apiVersion\": \"v1\", \"metadata\": { \"name\": \"$ARGOCD_APP_NAME\", \"namespace\": \"$ARGOCD_APP_NAMESPACE\", \"annotations\": {\"Foo\": \"$ARGOCD_ENV_FOO\", \"KubeVersion\": \"$KUBE_VERSION\", \"KubeApiVersion\": \"$KUBE_API_VERSIONS\",\"Bar\": \"baz\"}}}" + # discover: + # fileName: "./subdir/s*.yaml" + # find: + # glob: "**/Chart.yaml" + # command: [sh, -c, find . -name env.yaml] + + # --- Second plugin + # my-plugin2: + # init: + # command: [sh] + # args: [-c, 'echo "Initializing..."'] + # generate: + # command: [sh, -c] + # args: + # - | + # echo "{\"kind\": \"ConfigMap\", \"apiVersion\": \"v1\", \"metadata\": { \"name\": \"$ARGOCD_APP_NAME\", \"namespace\": \"$ARGOCD_APP_NAMESPACE\", \"annotations\": {\"Foo\": \"$ARGOCD_ENV_FOO\", \"KubeVersion\": \"$KUBE_VERSION\", \"KubeApiVersion\": \"$KUBE_API_VERSIONS\",\"Bar\": \"baz\"}}}" + # discover: + # fileName: "./subdir/s*.yaml" + # find: + # glob: "**/Chart.yaml" + # command: [sh, -c, find . -name env.yaml] + # -- Provide one or multiple [external cluster credentials] # @default -- `[]` (See [values.yaml]) ## Ref: @@ -1969,27 +2012,46 @@ repoServer: ## Ref: https://argo-cd.readthedocs.io/en/stable/user-guide/config-management-plugins/ ## Note: Supports use of custom Helm templates extraContainers: [] - # - name: cmp - # # Entrypoint should be Argo CD lightweight CMP server i.e. argocd-cmp-server - # command: [/var/run/argocd/argocd-cmp-server] - # # This can be off-the-shelf or custom-built image - # image: busybox - # securityContext: - # runAsNonRoot: true - # runAsUser: 999 - # volumeMounts: - # - mountPath: /var/run/argocd - # name: var-files - # - mountPath: /home/argocd/cmp-server/plugins - # name: plugins - # # Remove this volumeMount if you've chosen to bake the config file into the sidecar image. - # - mountPath: /home/argocd/cmp-server/config/plugin.yaml - # subPath: plugin.yaml - # name: cmp-plugin - # # Starting with v2.4, do NOT mount the same tmp volume as the repo-server container. The filesystem separation helps - # # mitigate path traversal attacks. - # - mountPath: /tmp - # name: cmp-tmp + # - name: cmp-my-plugin + # command: + # - "/var/run/argocd/argocd-cmp-server" + # image: busybox + # securityContext: + # runAsNonRoot: true + # runAsUser: 999 + # volumeMounts: + # - mountPath: /var/run/argocd + # name: var-files + # - mountPath: /home/argocd/cmp-server/plugins + # name: plugins + # # Remove this volumeMount if you've chosen to bake the config file into the sidecar image. + # - mountPath: /home/argocd/cmp-server/config/plugin.yaml + # subPath: my-plugin.yaml + # name: argocd-cmp-cm + # # Starting with v2.4, do NOT mount the same tmp volume as the repo-server container. The filesystem separation helps + # # mitigate path traversal attacks. + # - mountPath: /tmp + # name: cmp-tmp + # - name: cmp-my-plugin2 + # command: + # - "/var/run/argocd/argocd-cmp-server" + # image: busybox + # securityContext: + # runAsNonRoot: true + # runAsUser: 999 + # volumeMounts: + # - mountPath: /var/run/argocd + # name: var-files + # # Remove this volumeMount if you've chosen to bake the config file into the sidecar image. + # - mountPath: /home/argocd/cmp-server/plugins + # name: plugins + # - mountPath: /home/argocd/cmp-server/config/plugin.yaml + # subPath: my-plugin2.yaml + # name: argocd-cmp-cm + # # Starting with v2.4, do NOT mount the same tmp volume as the repo-server container. The filesystem separation helps + # # mitigate path traversal attacks. + # - mountPath: /tmp + # name: cmp-tmp # -- Init containers to add to the repo server pods initContainers: [] @@ -1999,9 +2061,9 @@ repoServer: # -- Additional volumes to the repo server pod volumes: [] - # - name: cmp-plugin + # - name: argocd-cmp-cm # configMap: - # name: cmp-plugin + # name: argocd-cmp-cm # - name: cmp-tmp # emptyDir: {} From b629a3a0960e466a46bbdabaff4325f5f40bd082 Mon Sep 17 00:00:00 2001 From: Aikawa Date: Wed, 15 Mar 2023 03:36:13 +0900 Subject: [PATCH 099/356] chore(argo-cd): Upgrade Argo CD v2.6.5 (#1900) Signed-off-by: yu-croco --- charts/argo-cd/Chart.yaml | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index ea4a432a4..ccf6f5cdc 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -1,9 +1,9 @@ apiVersion: v2 -appVersion: v2.6.4 +appVersion: v2.6.5 kubeVersion: ">=1.22.0-0" description: A Helm chart for Argo CD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 5.26.0 +version: 5.26.1 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png sources: @@ -23,5 +23,5 @@ dependencies: condition: redis-ha.enabled annotations: artifacthub.io/changes: | - - kind: Added - description: ConfigMap for Config Management Plugins using sidecar approach + - kind: changed + description: Upgrade Argo CD v2.6.5 From fca26f9e95486edc29e18f2b9263f56dbdb88ad0 Mon Sep 17 00:00:00 2001 From: Marco Kilchhofer Date: Wed, 15 Mar 2023 12:31:24 +0100 Subject: [PATCH 100/356] ci(github): Fix CI testing (#1904) Signed-off-by: Marco Kilchhofer --- .github/workflows/lint-and-test.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/.github/workflows/lint-and-test.yml b/.github/workflows/lint-and-test.yml index 0158f3fa3..5899b5596 100644 --- a/.github/workflows/lint-and-test.yml +++ b/.github/workflows/lint-and-test.yml @@ -38,8 +38,8 @@ jobs: changed=$(ct --config ./.github/configs/ct-lint.yaml list-changed) charts=$(echo "$changed" | tr '\n' ' ' | xargs) if [[ -n "$changed" ]]; then - echo "changed=true" >> $GITHUB_STATE - echo "changed_charts=$charts" >> $GITHUB_STATE + echo "changed=true" >> $GITHUB_OUTPUT + echo "changed_charts=$charts" >> $GITHUB_OUTPUT fi - name: Run chart-testing (lint) From 21f4ac8d53a94ada50c91951a4fff2c9a1761bb2 Mon Sep 17 00:00:00 2001 From: Julien Aubert Date: Wed, 15 Mar 2023 14:55:32 +0100 Subject: [PATCH 101/356] fix(argo-cd): Use nodeSelector global property as default on ApplicationSet (#1907) fix(argo-cd): Use nodeSelector global property as default value on ApplicationSet Deployment according to the documentation. Signed-off-by: Julien Aubert Co-authored-by: Aikawa --- charts/argo-cd/Chart.yaml | 4 ++-- .../argo-cd/templates/argocd-applicationset/deployment.yaml | 2 +- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index ccf6f5cdc..ccb4f7c4f 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -3,7 +3,7 @@ appVersion: v2.6.5 kubeVersion: ">=1.22.0-0" description: A Helm chart for Argo CD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 5.26.1 +version: 5.26.2 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png sources: @@ -24,4 +24,4 @@ dependencies: annotations: artifacthub.io/changes: | - kind: changed - description: Upgrade Argo CD v2.6.5 + description: Use global.nodeSelector value as default value for nodeSelector on ApplicationSet diff --git a/charts/argo-cd/templates/argocd-applicationset/deployment.yaml b/charts/argo-cd/templates/argocd-applicationset/deployment.yaml index c737fb5ea..6d8e54609 100644 --- a/charts/argo-cd/templates/argocd-applicationset/deployment.yaml +++ b/charts/argo-cd/templates/argocd-applicationset/deployment.yaml @@ -205,7 +205,7 @@ spec: affinity: {{- trim . | nindent 8 }} {{- end }} - {{- with .Values.applicationSet.nodeSelector }} + {{- with .Values.applicationSet.nodeSelector | default .Values.global.nodeSelector }} nodeSelector: {{- toYaml . | nindent 8 }} {{- end }} From 96182b4d088b7f759f894abe9e9a2e6cdfd9f6ff Mon Sep 17 00:00:00 2001 From: Aikawa Date: Thu, 16 Mar 2023 02:34:22 +0900 Subject: [PATCH 102/356] chore(argo-events): Add install guide on README (#1909) Signed-off-by: yu-croco --- charts/argo-events/Chart.yaml | 6 +++--- charts/argo-events/README.md | 13 +++++++++++++ charts/argo-events/README.md.gotmpl | 13 +++++++++++++ 3 files changed, 29 insertions(+), 3 deletions(-) diff --git a/charts/argo-events/Chart.yaml b/charts/argo-events/Chart.yaml index 9318cb850..f577f2576 100644 --- a/charts/argo-events/Chart.yaml +++ b/charts/argo-events/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v2 appVersion: v1.7.6 description: A Helm chart for Argo Events, the event-driven workflow automation framework name: argo-events -version: 2.1.3 +version: 2.1.4 home: https://github.com/argoproj/argo-helm icon: https://argoproj.github.io/argo-events/assets/logo.png keywords: @@ -15,5 +15,5 @@ maintainers: url: https://argoproj.github.io/ annotations: artifacthub.io/changes: | - - kind: changed - description: Upgrade Argo Events to v1.7.6 + - kind: added + description: Add install guide on README diff --git a/charts/argo-events/README.md b/charts/argo-events/README.md index 48597a864..f06f9d3ac 100644 --- a/charts/argo-events/README.md +++ b/charts/argo-events/README.md @@ -17,6 +17,19 @@ To regenerate this document, please run: ./scripts/helm-docs.sh ``` +## Installing the Chart + +To install the chart with the release name `my-release`: + +```console +$ helm repo add argo https://argoproj.github.io/argo-helm +"argo" has been added to your repositories + +$ helm install my-release argo/argo-events +NAME: my-release +... +``` + ## Upgrading ### Custom resource definitions diff --git a/charts/argo-events/README.md.gotmpl b/charts/argo-events/README.md.gotmpl index 7ee5cefee..c25a3e977 100644 --- a/charts/argo-events/README.md.gotmpl +++ b/charts/argo-events/README.md.gotmpl @@ -17,6 +17,19 @@ To regenerate this document, please run: ./scripts/helm-docs.sh ``` +## Installing the Chart + +To install the chart with the release name `my-release`: + +```console +$ helm repo add argo https://argoproj.github.io/argo-helm +"argo" has been added to your repositories + +$ helm install my-release argo/argo-events +NAME: my-release +... +``` + ## Upgrading ### Custom resource definitions From b34b555b7af250d82717431c561d869c819ad29e Mon Sep 17 00:00:00 2001 From: Marco Kilchhofer Date: Wed, 15 Mar 2023 20:27:34 +0100 Subject: [PATCH 103/356] fix(argo-cd): Use default metrics port for APIServer (#1911) fix(argo-cd): Use default metrics port for argocd-server Signed-off-by: Marco Kilchhofer --- charts/argo-cd/Chart.yaml | 6 +++--- charts/argo-cd/README.md | 2 +- charts/argo-cd/values.yaml | 2 +- 3 files changed, 5 insertions(+), 5 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index ccb4f7c4f..b0d0065da 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -3,7 +3,7 @@ appVersion: v2.6.5 kubeVersion: ">=1.22.0-0" description: A Helm chart for Argo CD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 5.26.2 +version: 5.26.3 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png sources: @@ -23,5 +23,5 @@ dependencies: condition: redis-ha.enabled annotations: artifacthub.io/changes: | - - kind: changed - description: Use global.nodeSelector value as default value for nodeSelector on ApplicationSet + - kind: fixed + description: Use default metrics port for argocd-server diff --git a/charts/argo-cd/README.md b/charts/argo-cd/README.md index 9606ee6c3..a71687ed1 100644 --- a/charts/argo-cd/README.md +++ b/charts/argo-cd/README.md @@ -670,7 +670,7 @@ NAME: my-release | server.certificateSecret.enabled | bool | `false` | Create argocd-server-tls secret | | server.certificateSecret.key | string | `""` | Private Key of the certificate | | server.certificateSecret.labels | object | `{}` | Labels to be added to argocd-server-tls secret | -| server.containerPorts.metrics | int | `8082` | Metrics container port | +| server.containerPorts.metrics | int | `8083` | Metrics container port | | server.containerPorts.server | int | `8080` | Server container port | | server.containerSecurityContext | object | See [values.yaml] | Server container-level security context | | server.deploymentAnnotations | object | `{}` | Annotations to be added to server Deployment | diff --git a/charts/argo-cd/values.yaml b/charts/argo-cd/values.yaml index c1a693a4e..31eda2f6f 100755 --- a/charts/argo-cd/values.yaml +++ b/charts/argo-cd/values.yaml @@ -1573,7 +1573,7 @@ server: # -- Server container port server: 8080 # -- Metrics container port - metrics: 8082 + metrics: 8083 # -- Host Network for Server pods hostNetwork: false From fa17c46a7398a9ec85b30b4e280b935561e2a3df Mon Sep 17 00:00:00 2001 From: Marco Kilchhofer Date: Thu, 16 Mar 2023 01:08:55 +0100 Subject: [PATCH 104/356] feat(argo-cd): Add ability to add project scoped cluster(s) (#1913) Signed-off-by: Marco Kilchhofer --- charts/argo-cd/Chart.yaml | 6 +++--- .../templates/argocd-configs/cluster-secrets.yaml | 3 +++ charts/argo-cd/values.yaml | 11 +++++++++++ 3 files changed, 17 insertions(+), 3 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index b0d0065da..2f77e8181 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -3,7 +3,7 @@ appVersion: v2.6.5 kubeVersion: ">=1.22.0-0" description: A Helm chart for Argo CD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 5.26.3 +version: 5.27.0 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png sources: @@ -23,5 +23,5 @@ dependencies: condition: redis-ha.enabled annotations: artifacthub.io/changes: | - - kind: fixed - description: Use default metrics port for argocd-server + - kind: added + description: Ability to add project scoped cluster(s) diff --git a/charts/argo-cd/templates/argocd-configs/cluster-secrets.yaml b/charts/argo-cd/templates/argocd-configs/cluster-secrets.yaml index aba14db7e..c1aaa531a 100644 --- a/charts/argo-cd/templates/argocd-configs/cluster-secrets.yaml +++ b/charts/argo-cd/templates/argocd-configs/cluster-secrets.yaml @@ -26,6 +26,9 @@ stringData: clusterResources: {{ .clusterResources | quote }} {{- end }} {{- end }} + {{- if .project }} + project: {{ .project | quote }} + {{- end }} config: | {{- required "A valid .Values.configs.clusterCredentials[].config entry is required!" .config | toRawJson | nindent 4 }} {{- end }} diff --git a/charts/argo-cd/values.yaml b/charts/argo-cd/values.yaml index 31eda2f6f..cad9a1b65 100755 --- a/charts/argo-cd/values.yaml +++ b/charts/argo-cd/values.yaml @@ -379,6 +379,7 @@ configs: ## Ref: ## - https://argo-cd.readthedocs.io/en/stable/operator-manual/declarative-setup/#clusters ## - https://argo-cd.readthedocs.io/en/stable/operator-manual/security/#external-cluster-credentials + ## - https://argo-cd.readthedocs.io/en/stable/user-guide/projects/#project-scoped-repositories-and-clusters clusterCredentials: [] # - name: mycluster # server: https://mycluster.com @@ -400,6 +401,16 @@ configs: # tlsClientConfig: # insecure: false # caData: "" + # - name: mycluster3-project-scoped + # server: https://mycluster3.com + # labels: {} + # annotations: {} + # project: my-project1 + # config: + # bearerToken: "" + # tlsClientConfig: + # insecure: false + # caData: "" # DEPRECATED - Moved to configs.ssh.annotations # knownHostsAnnotations: {} From 69c3e6086ba86a4b31f5306cb1b75c334279dfeb Mon Sep 17 00:00:00 2001 From: Aikawa Date: Thu, 16 Mar 2023 20:04:52 +0900 Subject: [PATCH 105/356] chore(argo-workflows): Add install guide on README (#1908) Signed-off-by: yu-croco Co-authored-by: Marco Kilchhofer --- charts/argo-workflows/Chart.yaml | 10 ++-------- charts/argo-workflows/README.md | 13 +++++++++++++ charts/argo-workflows/README.md.gotmpl | 13 +++++++++++++ 3 files changed, 28 insertions(+), 8 deletions(-) diff --git a/charts/argo-workflows/Chart.yaml b/charts/argo-workflows/Chart.yaml index b5f882111..a69edb0d5 100644 --- a/charts/argo-workflows/Chart.yaml +++ b/charts/argo-workflows/Chart.yaml @@ -3,7 +3,7 @@ appVersion: v3.4.5 name: argo-workflows description: A Helm chart for Argo Workflows type: application -version: 0.22.13 +version: 0.22.14 icon: https://raw.githubusercontent.com/argoproj/argo-workflows/master/docs/assets/argo.png home: https://github.com/argoproj/argo-helm sources: @@ -14,10 +14,4 @@ maintainers: annotations: artifacthub.io/changes: | - kind: added - description: Added workflow startup option --log-format (defaults to 'text'). - - kind: added - description: Added server startup option --log-format (defaults to 'text'). - - kind: added - description: Added server startup option --loglevel (defaults to 'info'). - - kind: added - description: Added server startup option --gloglevel (defaults to '0'). + description: Add install guide on README. diff --git a/charts/argo-workflows/README.md b/charts/argo-workflows/README.md index d6fa862c0..a9f05ab4b 100644 --- a/charts/argo-workflows/README.md +++ b/charts/argo-workflows/README.md @@ -28,6 +28,19 @@ kubectl apply -k "https://github.com/argoproj/argo-workflows/manifests/base/crds kubectl apply -k "https://github.com/argoproj/argo-workflows/manifests/base/crds/full?ref=v3.3.9" ``` +## Installing the Chart + +To install the chart with the release name `my-release`: + +```console +$ helm repo add argo https://argoproj.github.io/argo-helm +"argo" has been added to your repositories + +$ helm install my-release argo/argo-workflows +NAME: my-release +... +``` + ## Changelog For full list of changes, please check ArtifactHub [changelog]. diff --git a/charts/argo-workflows/README.md.gotmpl b/charts/argo-workflows/README.md.gotmpl index 0a441821f..95c626e26 100644 --- a/charts/argo-workflows/README.md.gotmpl +++ b/charts/argo-workflows/README.md.gotmpl @@ -28,6 +28,19 @@ kubectl apply -k "https://github.com/argoproj/argo-workflows/manifests/base/crds kubectl apply -k "https://github.com/argoproj/argo-workflows/manifests/base/crds/full?ref=v3.3.9" ``` +## Installing the Chart + +To install the chart with the release name `my-release`: + +```console +$ helm repo add argo https://argoproj.github.io/argo-helm +"argo" has been added to your repositories + +$ helm install my-release argo/argo-workflows +NAME: my-release +... +``` + ## Changelog For full list of changes, please check ArtifactHub [changelog]. From 2563d1e6f94e7102fb403bfa1ca6ece9ca39e3c3 Mon Sep 17 00:00:00 2001 From: Aikawa Date: Fri, 17 Mar 2023 17:24:44 +0900 Subject: [PATCH 106/356] chore(argo-cd): Upgrade Argo CD to v2.6.6 (#1915) Signed-off-by: yu-croco --- charts/argo-cd/Chart.yaml | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index 2f77e8181..051155f23 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -1,9 +1,9 @@ apiVersion: v2 -appVersion: v2.6.5 +appVersion: v2.6.6 kubeVersion: ">=1.22.0-0" description: A Helm chart for Argo CD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 5.27.0 +version: 5.27.1 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png sources: @@ -23,5 +23,5 @@ dependencies: condition: redis-ha.enabled annotations: artifacthub.io/changes: | - - kind: added - description: Ability to add project scoped cluster(s) + - kind: changed + description: Upgrade Argo CD to v2.6.6 From 7e0d69737a9c1d6b3025dd83c439b27990dbc274 Mon Sep 17 00:00:00 2001 From: Ilia Medvedev Date: Wed, 22 Mar 2023 08:22:39 +0200 Subject: [PATCH 107/356] merge 5.27.1 --- charts/argo-cd/values.yaml | 20 -------------------- 1 file changed, 20 deletions(-) diff --git a/charts/argo-cd/values.yaml b/charts/argo-cd/values.yaml index 4de9ae366..9fd288e3f 100755 --- a/charts/argo-cd/values.yaml +++ b/charts/argo-cd/values.yaml @@ -1564,9 +1564,6 @@ server: # -- Annotations to be added to server Deployment deploymentAnnotations: {} - # -- Annotations to be added to server Deployment - deploymentAnnotations: {} - # -- Annotations to be added to server pods podAnnotations: {} @@ -2177,23 +2174,6 @@ repoServer: # @default -- `""` (defaults to global.priorityClassName) priorityClassName: "" - # TLS certificate configuration via Secret - ## Ref: https://argo-cd.readthedocs.io/en/stable/operator-manual/tls/#configuring-tls-to-argocd-repo-server - ## Note: Issuing certificates via cert-manager in not supported right now because it's not possible to restart repo server automatically without extra controllers. - certificateSecret: - # -- Create argocd-repo-server-tls secret - enabled: false - # -- Annotations to be added to argocd-repo-server-tls secret - annotations: {} - # -- Labels to be added to argocd-repo-server-tls secret - labels: {} - # -- Certificate authority. Required for self-signed certificates. - ca: '' - # -- Certificate private key - key: '' - # -- Certificate data. Must contain SANs of Repo service (ie: argocd-repo-server, argocd-repo-server.argo-cd.svc) - crt: '' - # TLS certificate configuration via Secret ## Ref: https://argo-cd.readthedocs.io/en/stable/operator-manual/tls/#configuring-tls-to-argocd-repo-server ## Note: Issuing certificates via cert-manager in not supported right now because it's not possible to restart repo server automatically without extra controllers. From 27e4ddb9a8522a229d06d8235796320046c8bffa Mon Sep 17 00:00:00 2001 From: Ilia Medvedev Date: Wed, 22 Mar 2023 08:25:55 +0200 Subject: [PATCH 108/356] merge 5.27.1 --- charts/argo-cd/README.md | 7 ------- 1 file changed, 7 deletions(-) diff --git a/charts/argo-cd/README.md b/charts/argo-cd/README.md index 8f67cf742..f98df7d14 100644 --- a/charts/argo-cd/README.md +++ b/charts/argo-cd/README.md @@ -560,16 +560,10 @@ NAME: my-release | repoServer.autoscaling.targetCPUUtilizationPercentage | int | `50` | Average CPU utilization percentage for the repo server [HPA] | | repoServer.autoscaling.targetMemoryUtilizationPercentage | int | `50` | Average memory utilization percentage for the repo server [HPA] | | repoServer.certificateSecret.annotations | object | `{}` | Annotations to be added to argocd-repo-server-tls secret | -| repoServer.certificateSecret.annotations | object | `{}` | Annotations to be added to argocd-repo-server-tls secret | -| repoServer.certificateSecret.ca | string | `""` | Certificate authority. Required for self-signed certificates. | | repoServer.certificateSecret.ca | string | `""` | Certificate authority. Required for self-signed certificates. | | repoServer.certificateSecret.crt | string | `""` | Certificate data. Must contain SANs of Repo service (ie: argocd-repo-server, argocd-repo-server.argo-cd.svc) | -| repoServer.certificateSecret.crt | string | `""` | Certificate data. Must contain SANs of Repo service (ie: argocd-repo-server, argocd-repo-server.argo-cd.svc) | -| repoServer.certificateSecret.enabled | bool | `false` | Create argocd-repo-server-tls secret | | repoServer.certificateSecret.enabled | bool | `false` | Create argocd-repo-server-tls secret | | repoServer.certificateSecret.key | string | `""` | Certificate private key | -| repoServer.certificateSecret.key | string | `""` | Certificate private key | -| repoServer.certificateSecret.labels | object | `{}` | Labels to be added to argocd-repo-server-tls secret | | repoServer.certificateSecret.labels | object | `{}` | Labels to be added to argocd-repo-server-tls secret | | repoServer.clusterRoleRules.enabled | bool | `false` | Enable custom rules for the Repo server's Cluster Role resource | | repoServer.clusterRoleRules.rules | list | `[]` | List of custom rules for the Repo server's Cluster Role resource | @@ -680,7 +674,6 @@ NAME: my-release | server.containerPorts.server | int | `8080` | Server container port | | server.containerSecurityContext | object | See [values.yaml] | Server container-level security context | | server.deploymentAnnotations | object | `{}` | Annotations to be added to server Deployment | -| server.deploymentAnnotations | object | `{}` | Annotations to be added to server Deployment | | server.dnsConfig | object | `{}` | [DNS configuration] | | server.dnsPolicy | string | `"ClusterFirst"` | Alternative DNS policy for Server pods | | server.env | list | `[]` | Environment variables to pass to Argo CD server | From 2d193be5c0694dbe5e1568217a86bbe972bb091d Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Emil=20Smole=C5=84ski?= <20775179+moleskin-smile@users.noreply.github.com> Date: Thu, 23 Mar 2023 08:09:03 +0100 Subject: [PATCH 109/356] feat(argo-workflows): Add ability to use memoization (#1924) --- charts/argo-workflows/Chart.yaml | 4 ++-- charts/argo-workflows/README.md | 1 + .../controller/workflow-controller-cluster-roles.yaml | 4 ++++ charts/argo-workflows/values.yaml | 2 ++ 4 files changed, 9 insertions(+), 2 deletions(-) diff --git a/charts/argo-workflows/Chart.yaml b/charts/argo-workflows/Chart.yaml index a69edb0d5..b89837396 100644 --- a/charts/argo-workflows/Chart.yaml +++ b/charts/argo-workflows/Chart.yaml @@ -3,7 +3,7 @@ appVersion: v3.4.5 name: argo-workflows description: A Helm chart for Argo Workflows type: application -version: 0.22.14 +version: 0.22.15 icon: https://raw.githubusercontent.com/argoproj/argo-workflows/master/docs/assets/argo.png home: https://github.com/argoproj/argo-helm sources: @@ -14,4 +14,4 @@ maintainers: annotations: artifacthub.io/changes: | - kind: added - description: Add install guide on README. + description: Ability to use memoization feature. diff --git a/charts/argo-workflows/README.md b/charts/argo-workflows/README.md index a9f05ab4b..0c4dd649b 100644 --- a/charts/argo-workflows/README.md +++ b/charts/argo-workflows/README.md @@ -147,6 +147,7 @@ Fields to note: | controller.priorityClassName | string | `""` | Leverage a PriorityClass to ensure your pods survive resource shortages. | | controller.rbac.create | bool | `true` | Adds Role and RoleBinding for the controller. | | controller.rbac.secretWhitelist | list | `[]` | Allows controller to get, list, and watch certain k8s secrets | +| controller.rbac.writeConfigMaps | bool | `false` | Allows controller to create and update ConfigMaps. Enables memoization feature | | controller.replicas | int | `1` | The number of controller pods to run | | controller.resourceRateLimit | object | `{}` | Globally limits the rate at which pods are created. This is intended to mitigate flooding of the Kubernetes API server by workflows with a large amount of parallel nodes. | | controller.resources | object | `{}` | Resource limits and requests for the controller | diff --git a/charts/argo-workflows/templates/controller/workflow-controller-cluster-roles.yaml b/charts/argo-workflows/templates/controller/workflow-controller-cluster-roles.yaml index bb08306b8..6b1a724e8 100644 --- a/charts/argo-workflows/templates/controller/workflow-controller-cluster-roles.yaml +++ b/charts/argo-workflows/templates/controller/workflow-controller-cluster-roles.yaml @@ -36,6 +36,10 @@ rules: - get - watch - list + {{- if .Values.controller.rbac.writeConfigMaps }} + - create + - update + {{- end}} - apiGroups: - "" resources: diff --git a/charts/argo-workflows/values.yaml b/charts/argo-workflows/values.yaml index 904d766b5..3537ac894 100644 --- a/charts/argo-workflows/values.yaml +++ b/charts/argo-workflows/values.yaml @@ -74,6 +74,8 @@ controller: create: true # -- Allows controller to get, list, and watch certain k8s secrets secretWhitelist: [] + # -- Allows controller to create and update ConfigMaps. Enables memoization feature + writeConfigMaps: false # -- Limits the maximum number of incomplete workflows in a namespace namespaceParallelism: From ccef4448748601bb253a89fa86ed036b0e620cc1 Mon Sep 17 00:00:00 2001 From: Marco Kilchhofer Date: Fri, 24 Mar 2023 01:08:45 +0100 Subject: [PATCH 110/356] chore(argo-cd): Upgrade to appVersion v2.6.7 (#1926) Signed-off-by: Marco Kilchhofer --- charts/argo-cd/Chart.yaml | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index 051155f23..273a65f70 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -1,9 +1,9 @@ apiVersion: v2 -appVersion: v2.6.6 +appVersion: v2.6.7 kubeVersion: ">=1.22.0-0" description: A Helm chart for Argo CD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 5.27.1 +version: 5.27.2 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png sources: @@ -24,4 +24,4 @@ dependencies: annotations: artifacthub.io/changes: | - kind: changed - description: Upgrade Argo CD to v2.6.6 + description: Upgrade Argo CD to v2.6.7 From ceb6011cb666d64c9e36e7daf058102c5f64b6ba Mon Sep 17 00:00:00 2001 From: Miles Armstrong Date: Fri, 24 Mar 2023 09:57:01 +0000 Subject: [PATCH 111/356] chore(argo-cd): Update to use Github's new RSA SSH public key (#1927) --- charts/argo-cd/Chart.yaml | 4 ++-- charts/argo-cd/values.yaml | 2 +- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index 273a65f70..853553644 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -3,7 +3,7 @@ appVersion: v2.6.7 kubeVersion: ">=1.22.0-0" description: A Helm chart for Argo CD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 5.27.2 +version: 5.27.3 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png sources: @@ -24,4 +24,4 @@ dependencies: annotations: artifacthub.io/changes: | - kind: changed - description: Upgrade Argo CD to v2.6.7 + description: Update Github RSA SSH public key diff --git a/charts/argo-cd/values.yaml b/charts/argo-cd/values.yaml index cad9a1b65..8a558c6c0 100755 --- a/charts/argo-cd/values.yaml +++ b/charts/argo-cd/values.yaml @@ -307,7 +307,7 @@ configs: bitbucket.org ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAQEAubiN81eDcafrgMeLzaFPsw2kNvEcqTKl/VqLat/MaB33pZy0y3rJZtnqwR2qOOvbwKZYKiEO1O6VqNEBxKvJJelCq0dTXWT5pbO2gDXC6h6QDXCaHo6pOHGPUy+YBaGQRGuSusMEASYiWunYN0vCAI8QaXnWMXNMdFP3jHAJH0eDsoiGnLPBlBp4TNm6rYI74nMzgz3B9IikW4WVK+dc8KZJZWYjAuORU3jc1c/NPskD2ASinf8v3xnfXeukU0sJ5N6m5E8VLjObPEO+mN2t/FZTMZLiFqPWc/ALSqnMnnhwrNi2rbfg/rd/IpL8Le3pSBne8+seeFVBoGqzHM9yXw== github.com ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBEmKSENjQEezOmxkZMy7opKgwFB9nkt5YRrYMjNuG5N87uRgg6CLrbo5wAdT/y6v0mKV0U2w0WZ2YB/++Tpockg= github.com ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIOMqqnkVzrm0SdG6UOoqKLsabgH5C9okWi0dh2l9GKJl - github.com ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAQEAq2A7hRGmdnm9tUDbO9IDSwBK6TbQa+PXYPCPy6rbTrTtw7PHkccKrpp0yVhp5HdEIcKr6pLlVDBfOLX9QUsyCOV0wzfjIJNlGEYsdlLJizHhbn2mUjvSAHQqZETYP81eFzLQNnPHt4EVVUh7VfDESU84KezmD5QlWpXLmvU31/yMf+Se8xhHTvKSCZIFImWwoG6mbUoWf9nzpIoaSjB+weqqUUmpaaasXVal72J+UX2B+2RPW3RcT0eOzQgqlJL3RKrTJvdsjE3JEAvGq3lGHSZXy28G3skua2SmVi/w4yCE6gbODqnTWlg7+wC604ydGXA8VJiS5ap43JXiUFFAaQ== + github.com ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABgQCj7ndNxQowgcQnjshcLrqPEiiphnt+VTTvDP6mHBL9j1aNUkY4Ue1gvwnGLVlOhGeYrnZaMgRK6+PKCUXaDbC7qtbW8gIkhL7aGCsOr/C56SJMy/BCZfxd1nWzAOxSDPgVsmerOBYfNqltV9/hWCqBywINIR+5dIg6JTJ72pcEpEjcYgXkE2YEFXV1JHnsKgbLWNlhScqb2UmyRkQyytRLtL+38TGxkxCflmO+5Z8CSSNY7GidjMIZ7Q4zMjA2n1nGrlTDkzwDCsw+wqFPGQA179cnfGWOWRVruj16z6XyvxvjJwbz0wQZ75XK5tKSb7FNyeIEs4TT4jk+S4dhPeAUC5y+bDYirYgM4GC7uEnztnZyaVWQ7B381AK4Qdrwt51ZqExKbQpTUNn+EjqoTwvqNj4kqx5QUCI0ThS/YkOxJCXmPUWZbhjpCg56i+2aB6CmK2JGhn57K5mj0MNdBXA4/WnwH6XoPWJzK5Nyu2zB3nAZp+S5hpQs+p1vN1/wsjk= gitlab.com ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBFSMqzJeV9rUzU4kWitGjeR4PWSa29SPqJ1fVkhtj3Hw9xjLVXVYrU9QlYWrOLXBpQ6KWjbjTDTdDkoohFzgbEY= gitlab.com ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIAfuCHKVTjquxvt6CM6tdG4SLp1Btn/nOeHHE5UOzRdf gitlab.com ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCsj2bNKTBSpIYDEGk9KxsGh3mySTRgMtXL583qmBpzeQ+jqCMRgBqB98u3z++J1sKlXHWfM9dyhSevkMwSbhoR8XIq/U0tCNyokEi/ueaBMCvbcTHhO7FcwzY92WK4Yt0aGROY5qX2UKSeOvuP4D6TPqKF1onrSzH9bx9XUf2lEdWT/ia1NEKjunUqu1xOB/StKDHMoX4/OKyIzuS0q/T1zOATthvasJFoPrAjkohTyaDUz2LN5JoH839hViyEG82yB+MjcFV5MU3N1l1QL3cVUCh93xSaua1N85qivl+siMkPGbO5xR/En4iEY6K2XPASUEMaieWVNTRCtJ4S8H+9 From b8c86dd91461fb39342074da1e8417f813b74994 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Sat, 25 Mar 2023 15:27:19 +0100 Subject: [PATCH 112/356] chore(github): bump actions/stale from 7 to 8 (#1931) chore(deps): bump actions/stale from 7 to 8 Bumps [actions/stale](https://github.com/actions/stale) from 7 to 8. - [Release notes](https://github.com/actions/stale/releases) - [Changelog](https://github.com/actions/stale/blob/main/CHANGELOG.md) - [Commits](https://github.com/actions/stale/compare/v7...v8) --- updated-dependencies: - dependency-name: actions/stale dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> --- .github/workflows/stale.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/stale.yml b/.github/workflows/stale.yml index 3a8e77d1f..9b4053bb7 100644 --- a/.github/workflows/stale.yml +++ b/.github/workflows/stale.yml @@ -14,7 +14,7 @@ jobs: pull-requests: write # for actions/stale to close stale PRs runs-on: ubuntu-latest steps: - - uses: actions/stale@v7 + - uses: actions/stale@v8 with: repo-token: ${{ secrets.GITHUB_TOKEN }} # Number of days of inactivity before an issue becomes stale From d959c79775204facd6d413e7af53999b0fd3f776 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Sat, 25 Mar 2023 15:28:31 +0100 Subject: [PATCH 113/356] chore(github): bump helm/chart-testing-action from 2.3.1 to 2.4.0 (#1930) chore(deps): bump helm/chart-testing-action from 2.3.1 to 2.4.0 Bumps [helm/chart-testing-action](https://github.com/helm/chart-testing-action) from 2.3.1 to 2.4.0. - [Release notes](https://github.com/helm/chart-testing-action/releases) - [Commits](https://github.com/helm/chart-testing-action/compare/v2.3.1...v2.4.0) --- updated-dependencies: - dependency-name: helm/chart-testing-action dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Petr Drastil --- .github/workflows/lint-and-test.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/lint-and-test.yml b/.github/workflows/lint-and-test.yml index 5899b5596..97684b86d 100644 --- a/.github/workflows/lint-and-test.yml +++ b/.github/workflows/lint-and-test.yml @@ -26,7 +26,7 @@ jobs: - name: Setup Chart Linting id: lint - uses: helm/chart-testing-action@v2.3.1 + uses: helm/chart-testing-action@v2.4.0 with: # Note: Also update in scripts/lint.sh version: v3.7.1 From d34a3765682b52c6d02726b144759b796e9e3b07 Mon Sep 17 00:00:00 2001 From: LucasBoisserie Date: Tue, 28 Mar 2023 15:48:09 +0200 Subject: [PATCH 114/356] fix(argo-cd): Disable hostNetwork field when is set to false (#1934) * fix(argo-cd): fix host network configuration Signed-off-by: LucasBoisserie * update changelog Signed-off-by: LucasBoisserie --------- Signed-off-by: LucasBoisserie --- charts/argo-cd/Chart.yaml | 6 +++--- .../argocd-application-controller/statefulset.yaml | 2 ++ charts/argo-cd/templates/argocd-repo-server/deployment.yaml | 2 ++ charts/argo-cd/templates/argocd-server/deployment.yaml | 2 ++ 4 files changed, 9 insertions(+), 3 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index 853553644..bf4000b52 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -3,7 +3,7 @@ appVersion: v2.6.7 kubeVersion: ">=1.22.0-0" description: A Helm chart for Argo CD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 5.27.3 +version: 5.27.4 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png sources: @@ -23,5 +23,5 @@ dependencies: condition: redis-ha.enabled annotations: artifacthub.io/changes: | - - kind: changed - description: Update Github RSA SSH public key + - kind: fixed + description: Surround with if hostNetwork field to disable it when is set to false diff --git a/charts/argo-cd/templates/argocd-application-controller/statefulset.yaml b/charts/argo-cd/templates/argocd-application-controller/statefulset.yaml index ad8cbc1b7..0bef6ced9 100644 --- a/charts/argo-cd/templates/argocd-application-controller/statefulset.yaml +++ b/charts/argo-cd/templates/argocd-application-controller/statefulset.yaml @@ -312,7 +312,9 @@ spec: path: tls.key - key: ca.crt path: ca.crt + {{- if .Values.controller.hostNetwork }} hostNetwork: {{ .Values.controller.hostNetwork }} + {{- end }} {{- with .Values.controller.dnsConfig }} dnsConfig: {{- toYaml . | nindent 8 }} diff --git a/charts/argo-cd/templates/argocd-repo-server/deployment.yaml b/charts/argo-cd/templates/argocd-repo-server/deployment.yaml index 3e22a00d4..4d5fd8dc9 100755 --- a/charts/argo-cd/templates/argocd-repo-server/deployment.yaml +++ b/charts/argo-cd/templates/argocd-repo-server/deployment.yaml @@ -355,7 +355,9 @@ spec: path: tls.key - key: ca.crt path: ca.crt + {{- if .Values.repoServer.hostNetwork }} hostNetwork: {{ .Values.repoServer.hostNetwork }} + {{- end }} {{- with .Values.repoServer.dnsConfig }} dnsConfig: {{- toYaml . | nindent 8 }} diff --git a/charts/argo-cd/templates/argocd-server/deployment.yaml b/charts/argo-cd/templates/argocd-server/deployment.yaml index bb2f750b4..ddd23a02c 100755 --- a/charts/argo-cd/templates/argocd-server/deployment.yaml +++ b/charts/argo-cd/templates/argocd-server/deployment.yaml @@ -421,7 +421,9 @@ spec: path: tls.crt - key: ca.crt path: ca.crt + {{- if .Values.server.hostNetwork }} hostNetwork: {{ .Values.server.hostNetwork }} + {{- end }} {{- with .Values.server.dnsConfig }} dnsConfig: {{- toYaml . | nindent 8 }} From af90fd665f82ab314d4fad77b4c6ecbd51ae54ac Mon Sep 17 00:00:00 2001 From: Khanh Ngo Date: Wed, 29 Mar 2023 11:16:34 +0200 Subject: [PATCH 115/356] feat(argo-rollouts): support setting pod annotations separately on controller and dashboard (#1928) --- charts/argo-rollouts/Chart.yaml | 6 ++---- charts/argo-rollouts/README.md | 4 +++- charts/argo-rollouts/templates/controller/deployment.yaml | 6 ++++-- charts/argo-rollouts/templates/dashboard/deployment.yaml | 6 ++++-- charts/argo-rollouts/values.yaml | 6 +++++- 5 files changed, 18 insertions(+), 10 deletions(-) diff --git a/charts/argo-rollouts/Chart.yaml b/charts/argo-rollouts/Chart.yaml index a5e8e9c59..64cc3539d 100644 --- a/charts/argo-rollouts/Chart.yaml +++ b/charts/argo-rollouts/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v2 appVersion: v1.4.1 description: A Helm chart for Argo Rollouts name: argo-rollouts -version: 2.22.3 +version: 2.23.0 home: https://github.com/argoproj/argo-helm icon: https://argoproj.github.io/argo-rollouts/assets/logo.png keywords: @@ -15,7 +15,5 @@ maintainers: url: https://argoproj.github.io/ annotations: artifacthub.io/changes: | - - kind: changed - description: Upgrade Argo Rollouts to v.1.4.1 - kind: added - description: Put Changelog URL on README.md + description: Added the ability to set pod annotations separately on controller and dashboard deployment diff --git a/charts/argo-rollouts/README.md b/charts/argo-rollouts/README.md index ee3821bf0..1e8a29f09 100644 --- a/charts/argo-rollouts/README.md +++ b/charts/argo-rollouts/README.md @@ -95,13 +95,14 @@ For full list of changes please check ArtifactHub [changelog]. | controller.pdb.labels | object | `{}` | Labels to be added to controller [Pod Disruption Budget] | | controller.pdb.maxUnavailable | string | `nil` | Maximum number / percentage of pods that may be made unavailable | | controller.pdb.minAvailable | string | `nil` | Minimum number / percentage of pods that should remain scheduled | +| controller.podAnnotations | object | `{}` | Annotations to be added to application controller pods | | controller.priorityClassName | string | `""` | [priorityClassName] for the controller | | controller.readinessProbe | object | See [values.yaml] | Configure readiness [probe] for the controller | | controller.replicas | int | `2` | The number of controller pods to run | | controller.resources | object | `{}` | Resource limits and requests for the controller pods. | | controller.tolerations | list | `[]` | [Tolerations] for use with node taints | | controller.topologySpreadConstraints | list | `[]` | Assign custom [TopologySpreadConstraints] rules to the controller | -| podAnnotations | object | `{}` | Annotations to be added to the Rollout pods | +| podAnnotations | object | `{}` | Annotations for the all deployed pods | | podLabels | object | `{}` | Labels to be added to the Rollout pods | | podSecurityContext | object | `{"runAsNonRoot":true}` | Security Context to set on pod level | | serviceAccount.annotations | object | `{}` | Annotations to add to the service account | @@ -139,6 +140,7 @@ For full list of changes please check ArtifactHub [changelog]. | dashboard.pdb.labels | object | `{}` | Labels to be added to dashboard [Pod Disruption Budget] | | dashboard.pdb.maxUnavailable | string | `nil` | Maximum number / percentage of pods that may be made unavailable | | dashboard.pdb.minAvailable | string | `nil` | Minimum number / percentage of pods that should remain scheduled | +| dashboard.podAnnotations | object | `{}` | Annotations to be added to application dashboard pods | | dashboard.podSecurityContext | object | `{"runAsNonRoot":true}` | Security Context to set on pod level | | dashboard.priorityClassName | string | `""` | [priorityClassName] for the dashboard server | | dashboard.readonly | bool | `false` | Set cluster role to readonly | diff --git a/charts/argo-rollouts/templates/controller/deployment.yaml b/charts/argo-rollouts/templates/controller/deployment.yaml index d6adf9cfa..ee118e5a8 100644 --- a/charts/argo-rollouts/templates/controller/deployment.yaml +++ b/charts/argo-rollouts/templates/controller/deployment.yaml @@ -15,9 +15,11 @@ spec: replicas: {{ .Values.controller.replicas }} template: metadata: - {{- with .Values.podAnnotations }} + {{- with (mergeOverwrite (deepCopy .Values.podAnnotations) .Values.controller.podAnnotations) }} annotations: - {{- toYaml . | nindent 8 }} + {{- range $key, $value := . }} + {{ $key }}: {{ $value | quote }} + {{- end }} {{- end }} labels: {{- include "argo-rollouts.selectorLabels" . | nindent 8 }} diff --git a/charts/argo-rollouts/templates/dashboard/deployment.yaml b/charts/argo-rollouts/templates/dashboard/deployment.yaml index ebf9ce8b2..0d2109347 100644 --- a/charts/argo-rollouts/templates/dashboard/deployment.yaml +++ b/charts/argo-rollouts/templates/dashboard/deployment.yaml @@ -16,9 +16,11 @@ spec: replicas: {{ .Values.dashboard.replicas }} template: metadata: - {{- with .Values.podAnnotations }} + {{- with (mergeOverwrite (deepCopy .Values.podAnnotations) .Values.dashboard.podAnnotations) }} annotations: - {{- toYaml . | nindent 8 }} + {{- range $key, $value := . }} + {{ $key }}: {{ $value | quote }} + {{- end }} {{- end }} labels: {{- include "argo-rollouts.selectorLabels" . | nindent 8 }} diff --git a/charts/argo-rollouts/values.yaml b/charts/argo-rollouts/values.yaml index eb077221d..d92e93041 100644 --- a/charts/argo-rollouts/values.yaml +++ b/charts/argo-rollouts/values.yaml @@ -41,6 +41,8 @@ extraObjects: [] controller: # -- Value of label `app.kubernetes.io/component` component: rollouts-controller + # -- Annotations to be added to application controller pods + podAnnotations: {} # -- [Node selector] nodeSelector: {} # -- [Tolerations] for use with node taints @@ -164,7 +166,7 @@ serviceAccount: # -- Annotations to be added to all CRDs crdAnnotations: {} -# -- Annotations to be added to the Rollout pods +# -- Annotations for the all deployed pods podAnnotations: {} # -- Security Context to set on pod level @@ -217,6 +219,8 @@ dashboard: readonly: false # -- Value of label `app.kubernetes.io/component` component: rollouts-dashboard + # -- Annotations to be added to application dashboard pods + podAnnotations: {} # -- [Node selector] nodeSelector: {} # -- [Tolerations] for use with node taints From 3c24d55fa4029f83543308a055577457b492e719 Mon Sep 17 00:00:00 2001 From: Gergely Czuczy Date: Thu, 30 Mar 2023 18:33:14 +0200 Subject: [PATCH 116/356] feat(argo-cd): Entrypoint can be configured now (#1898) * Entrypoint can be configured now Signed-off-by: Gergely Czuczy * Updated charts.lock after following master Signed-off-by: Gergely Czuczy * Bump version Signed-off-by: Gergely Czuczy --------- Signed-off-by: Gergely Czuczy Signed-off-by: Gergely Czuczy --- charts/argo-cd/Chart.lock | 6 +++--- charts/argo-cd/Chart.yaml | 8 ++++---- charts/argo-cd/README.md | 2 ++ .../templates/argocd-applicationset/deployment.yaml | 5 ++++- .../argo-cd/templates/argocd-repo-server/deployment.yaml | 4 +++- charts/argo-cd/values.yaml | 8 ++++++++ 6 files changed, 24 insertions(+), 9 deletions(-) mode change 100755 => 100644 charts/argo-cd/values.yaml diff --git a/charts/argo-cd/Chart.lock b/charts/argo-cd/Chart.lock index a2a5011e3..e21296c6c 100644 --- a/charts/argo-cd/Chart.lock +++ b/charts/argo-cd/Chart.lock @@ -1,6 +1,6 @@ dependencies: - name: redis-ha repository: https://dandydeveloper.github.io/charts/ - version: 4.22.4 -digest: sha256:5df60910862b364ebfb82cba2b2f0951c39ad36446647fb3f501bdeadc92fbd7 -generated: "2022-12-26T22:58:11.561184+09:00" + version: 4.22.5 +digest: sha256:d2e927511e515fb862f23dd413ee3a356c855d808f6f9ad1d345ee62b8c7ea16 +generated: "2023-03-30T08:25:32.738257836+02:00" diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index bf4000b52..059c9250b 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -3,7 +3,7 @@ appVersion: v2.6.7 kubeVersion: ">=1.22.0-0" description: A Helm chart for Argo CD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 5.27.4 +version: 5.27.5 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png sources: @@ -18,10 +18,10 @@ maintainers: url: https://argoproj.github.io/ dependencies: - name: redis-ha - version: 4.22.4 + version: 4.22.5 repository: https://dandydeveloper.github.io/charts/ condition: redis-ha.enabled annotations: artifacthub.io/changes: | - - kind: fixed - description: Surround with if hostNetwork field to disable it when is set to false + - kind: changed + description: entrypoint usage can be configured diff --git a/charts/argo-cd/README.md b/charts/argo-cd/README.md index a71687ed1..2b7d4ea3c 100644 --- a/charts/argo-cd/README.md +++ b/charts/argo-cd/README.md @@ -394,6 +394,8 @@ NAME: my-release | global.affinity.nodeAffinity.type | string | `"hard"` | Default node affinity rules. Either: `none`, `soft` or `hard` | | global.affinity.podAntiAffinity | string | `"soft"` | Default pod anti-affinity rules. Either: `none`, `soft` or `hard` | | global.deploymentAnnotations | object | `{}` | Annotations for the all deployed Deployments | +| global.entrypoint.entrypoint | string | `"entrypoint.sh"` | The entrypoint to use for the containers. | +| global.entrypoint.useImplicit | bool | `false` | Implicitly use the docker image's entrypoint. This requires the image to have ENTRYPOINT set properly | | global.hostAliases | list | `[]` | Mapping between IP and hostnames that will be injected as entries in the pod's hosts files | | global.image.imagePullPolicy | string | `"IfNotPresent"` | If defined, a imagePullPolicy applied to all Argo CD deployments | | global.image.repository | string | `"quay.io/argoproj/argocd"` | If defined, a repository applied to all Argo CD deployments | diff --git a/charts/argo-cd/templates/argocd-applicationset/deployment.yaml b/charts/argo-cd/templates/argocd-applicationset/deployment.yaml index 6d8e54609..e4e865700 100644 --- a/charts/argo-cd/templates/argocd-applicationset/deployment.yaml +++ b/charts/argo-cd/templates/argocd-applicationset/deployment.yaml @@ -51,8 +51,11 @@ spec: - name: {{ .Values.applicationSet.name }} image: {{ default .Values.global.image.repository .Values.applicationSet.image.repository }}:{{ default (include "argo-cd.defaultTag" .) .Values.applicationSet.image.tag }} imagePullPolicy: {{ default .Values.global.image.imagePullPolicy .Values.applicationSet.image.imagePullPolicy }} + {{- if not .Values.global.entrypoint.useImplicit }} command: - - entrypoint.sh + - {{ .Values.global.entrypoint.entrypoint | quote }} + {{- end }} + args: - argocd-applicationset-controller - --metrics-addr=:{{ .Values.applicationSet.containerPorts.metrics }} - --probe-addr=:{{ .Values.applicationSet.containerPorts.probe }} diff --git a/charts/argo-cd/templates/argocd-repo-server/deployment.yaml b/charts/argo-cd/templates/argocd-repo-server/deployment.yaml index 4d5fd8dc9..01a792046 100755 --- a/charts/argo-cd/templates/argocd-repo-server/deployment.yaml +++ b/charts/argo-cd/templates/argocd-repo-server/deployment.yaml @@ -56,8 +56,10 @@ spec: - name: {{ .Values.repoServer.name }} image: {{ default .Values.global.image.repository .Values.repoServer.image.repository }}:{{ default (include "argo-cd.defaultTag" .) .Values.repoServer.image.tag }} imagePullPolicy: {{ default .Values.global.image.imagePullPolicy .Values.repoServer.image.imagePullPolicy }} + {{- if not .Values.global.entrypoint.useImplicit }} command: - - entrypoint.sh + - {{ .Values.global.entrypoint.entrypoint | quote }} + {{- end }} args: - argocd-repo-server - --port={{ .Values.repoServer.containerPorts.server }} diff --git a/charts/argo-cd/values.yaml b/charts/argo-cd/values.yaml old mode 100755 new mode 100644 index 8a558c6c0..418153142 --- a/charts/argo-cd/values.yaml +++ b/charts/argo-cd/values.yaml @@ -132,6 +132,14 @@ global: # topologyKey: topology.kubernetes.io/zone # whenUnsatisfiable: DoNotSchedule + # POD entrypoint configuration + entrypoint: + # -- Implicitly use the docker image's entrypoint. This requires the image to have + # ENTRYPOINT set properly + useImplicit: false + # -- The entrypoint to use for the containers. + entrypoint: "entrypoint.sh" + ## Argo Configs configs: From 0697ab1e4b15a0f323469a65f858622a5692f0e5 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Rafa=C5=82=20Boniecki?= Date: Sat, 1 Apr 2023 20:40:02 +0000 Subject: [PATCH 117/356] fix(argo-events): wire up priorityClassName (#1940) --- charts/argo-events/Chart.yaml | 6 +++--- .../templates/argo-events-controller/deployment.yaml | 3 +++ .../templates/argo-events-webhook/deployment.yaml | 3 +++ 3 files changed, 9 insertions(+), 3 deletions(-) diff --git a/charts/argo-events/Chart.yaml b/charts/argo-events/Chart.yaml index f577f2576..a702a6255 100644 --- a/charts/argo-events/Chart.yaml +++ b/charts/argo-events/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v2 appVersion: v1.7.6 description: A Helm chart for Argo Events, the event-driven workflow automation framework name: argo-events -version: 2.1.4 +version: 2.1.5 home: https://github.com/argoproj/argo-helm icon: https://argoproj.github.io/argo-events/assets/logo.png keywords: @@ -15,5 +15,5 @@ maintainers: url: https://argoproj.github.io/ annotations: artifacthub.io/changes: | - - kind: added - description: Add install guide on README + - kind: fixed + description: priorityClassName was not being set on pods. diff --git a/charts/argo-events/templates/argo-events-controller/deployment.yaml b/charts/argo-events/templates/argo-events-controller/deployment.yaml index ab41c26b4..0ca65ee2f 100644 --- a/charts/argo-events/templates/argo-events-controller/deployment.yaml +++ b/charts/argo-events/templates/argo-events-controller/deployment.yaml @@ -27,6 +27,9 @@ spec: {{- toYaml . | nindent 8 }} {{- end }} spec: + {{- with .Values.controller.priorityClassName }} + priorityClassName: {{ . }} + {{- end }} {{- with .Values.global.imagePullSecrets }} imagePullSecrets: {{- toYaml . | nindent 8 }} diff --git a/charts/argo-events/templates/argo-events-webhook/deployment.yaml b/charts/argo-events/templates/argo-events-webhook/deployment.yaml index 2f0478afd..e3839caf8 100644 --- a/charts/argo-events/templates/argo-events-webhook/deployment.yaml +++ b/charts/argo-events/templates/argo-events-webhook/deployment.yaml @@ -27,6 +27,9 @@ spec: {{- toYaml . | nindent 8 }} {{- end }} spec: + {{- with .Values.webhook.priorityClassName }} + priorityClassName: {{ . }} + {{- end }} {{- with .Values.global.imagePullSecrets }} imagePullSecrets: {{- toYaml . | nindent 8 }} From 4ea0119321d9c58c75eaef889033f98994af40a6 Mon Sep 17 00:00:00 2001 From: Laurent Lavaud Date: Mon, 3 Apr 2023 11:58:50 +0200 Subject: [PATCH 118/356] feat(argo-cd): Add support for custom Deployment strategy (#1918) Signed-off-by: Laurent Lavaud --- charts/argo-cd/Chart.yaml | 6 +-- charts/argo-cd/README.md | 6 +++ charts/argo-cd/templates/_common.tpl | 17 +++++++++ .../argocd-applicationset/deployment.yaml | 4 ++ .../argocd-notifications/deployment.yaml | 4 +- .../argocd-repo-server/deployment.yaml | 4 ++ .../templates/argocd-server/deployment.yaml | 4 ++ charts/argo-cd/templates/dex/deployment.yaml | 4 ++ charts/argo-cd/values.yaml | 38 +++++++++++++++++++ 9 files changed, 83 insertions(+), 4 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index 059c9250b..09552820b 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -3,7 +3,7 @@ appVersion: v2.6.7 kubeVersion: ">=1.22.0-0" description: A Helm chart for Argo CD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 5.27.5 +version: 5.28.0 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png sources: @@ -23,5 +23,5 @@ dependencies: condition: redis-ha.enabled annotations: artifacthub.io/changes: | - - kind: changed - description: entrypoint usage can be configured + - kind: added + description: Add support for custom Deployment strategy diff --git a/charts/argo-cd/README.md b/charts/argo-cd/README.md index 2b7d4ea3c..faa370222 100644 --- a/charts/argo-cd/README.md +++ b/charts/argo-cd/README.md @@ -394,6 +394,7 @@ NAME: my-release | global.affinity.nodeAffinity.type | string | `"hard"` | Default node affinity rules. Either: `none`, `soft` or `hard` | | global.affinity.podAntiAffinity | string | `"soft"` | Default pod anti-affinity rules. Either: `none`, `soft` or `hard` | | global.deploymentAnnotations | object | `{}` | Annotations for the all deployed Deployments | +| global.deploymentStrategy | object | `{}` | Deployment strategy for the all deployed Deployments | | global.entrypoint.entrypoint | string | `"entrypoint.sh"` | The entrypoint to use for the containers. | | global.entrypoint.useImplicit | bool | `false` | Implicitly use the docker image's entrypoint. This requires the image to have ENTRYPOINT set properly | | global.hostAliases | list | `[]` | Mapping between IP and hostnames that will be injected as entries in the pod's hosts files | @@ -573,6 +574,7 @@ NAME: my-release | repoServer.containerPorts.server | int | `8081` | Repo server container port | | repoServer.containerSecurityContext | object | See [values.yaml] | Repo server container-level security context | | repoServer.deploymentAnnotations | object | `{}` | Annotations to be added to repo server Deployment | +| repoServer.deploymentStrategy | object | `{}` | Deployment strategy to be added to the repo server Deployment | | repoServer.dnsConfig | object | `{}` | [DNS configuration] | | repoServer.dnsPolicy | string | `"ClusterFirst"` | Alternative DNS policy for Repo server pods | | repoServer.env | list | `[]` | Environment variables to pass to repo server | @@ -676,6 +678,7 @@ NAME: my-release | server.containerPorts.server | int | `8080` | Server container port | | server.containerSecurityContext | object | See [values.yaml] | Server container-level security context | | server.deploymentAnnotations | object | `{}` | Annotations to be added to server Deployment | +| server.deploymentStrategy | object | `{}` | Deployment strategy to be added to the server Deployment | | server.dnsConfig | object | `{}` | [DNS configuration] | | server.dnsPolicy | string | `"ClusterFirst"` | Alternative DNS policy for Server pods | | server.env | list | `[]` | Environment variables to pass to Argo CD server | @@ -822,6 +825,7 @@ server: | dex.containerPorts.metrics | int | `5558` | Metrics container port | | dex.containerSecurityContext | object | See [values.yaml] | Dex container-level security context | | dex.deploymentAnnotations | object | `{}` | Annotations to be added to the Dex server Deployment | +| dex.deploymentStrategy | object | `{}` | Deployment strategy to be added to the Dex server Deployment | | dex.dnsConfig | object | `{}` | [DNS configuration] | | dex.dnsPolicy | string | `"ClusterFirst"` | Alternative DNS policy for Dex server pods | | dex.enabled | bool | `true` | Enable dex | @@ -1012,6 +1016,7 @@ If you want to use an existing Redis (eg. a managed service from a cloud provide | applicationSet.containerPorts.webhook | int | `7000` | Webhook container port | | applicationSet.containerSecurityContext | object | See [values.yaml] | ApplicationSet controller container-level security context | | applicationSet.deploymentAnnotations | object | `{}` | Annotations to be added to ApplicationSet controller Deployment | +| applicationSet.deploymentStrategy | object | `{}` | Deployment strategy to be added to the ApplicationSet controller Deployment | | applicationSet.dnsConfig | object | `{}` | [DNS configuration] | | applicationSet.dnsPolicy | string | `"ClusterFirst"` | Alternative DNS policy for ApplicationSet controller pods | | applicationSet.enabled | bool | `true` | Enable ApplicationSet controller | @@ -1097,6 +1102,7 @@ If you want to use an existing Redis (eg. a managed service from a cloud provide | notifications.containerSecurityContext | object | See [values.yaml] | Notification controller container-level security Context | | notifications.context | object | `{}` | Define user-defined context | | notifications.deploymentAnnotations | object | `{}` | Annotations to be applied to the notifications controller Deployment | +| notifications.deploymentStrategy | object | `{"type":"Recreate"}` | Deployment strategy to be added to the notifications controller Deployment | | notifications.dnsConfig | object | `{}` | [DNS configuration] | | notifications.dnsPolicy | string | `"ClusterFirst"` | Alternative DNS policy for notifications controller Pods | | notifications.enabled | bool | `true` | Enable notifications controller | diff --git a/charts/argo-cd/templates/_common.tpl b/charts/argo-cd/templates/_common.tpl index dd43d0d5f..bf0c1e842 100644 --- a/charts/argo-cd/templates/_common.tpl +++ b/charts/argo-cd/templates/_common.tpl @@ -120,3 +120,20 @@ nodeAffinity: {{- end -}} {{- end -}} {{- end -}} + +{{/* +Common deployment strategy definition +- Recreate don't have additional fields, we need to remove them if added by the mergeOverwrite +*/}} +{{- define "argo-cd.strategy" -}} +{{- $preset := . -}} +{{- if (eq $preset.type "Recreate") }} +type: Recreate +{{- else if (eq $preset.type "RollingUpdate") }} +type: RollingUpdate +{{- with $preset.rollingUpdate }} +rollingUpdate: + {{- toYaml . | nindent 2 }} +{{- end }} +{{- end }} +{{- end -}} diff --git a/charts/argo-cd/templates/argocd-applicationset/deployment.yaml b/charts/argo-cd/templates/argocd-applicationset/deployment.yaml index e4e865700..76d77b424 100644 --- a/charts/argo-cd/templates/argocd-applicationset/deployment.yaml +++ b/charts/argo-cd/templates/argocd-applicationset/deployment.yaml @@ -12,6 +12,10 @@ metadata: labels: {{- include "argo-cd.labels" (dict "context" . "component" .Values.applicationSet.name "name" .Values.applicationSet.name) | nindent 4 }} spec: + {{- with include "argo-cd.strategy" (mergeOverwrite (deepCopy .Values.global.deploymentStrategy) .Values.applicationSet.deploymentStrategy) }} + strategy: + {{- trim . | nindent 4 }} + {{- end }} replicas: {{ .Values.applicationSet.replicaCount }} revisionHistoryLimit: {{ .Values.global.revisionHistoryLimit }} selector: diff --git a/charts/argo-cd/templates/argocd-notifications/deployment.yaml b/charts/argo-cd/templates/argocd-notifications/deployment.yaml index 45ba1de0b..fc51bb002 100644 --- a/charts/argo-cd/templates/argocd-notifications/deployment.yaml +++ b/charts/argo-cd/templates/argocd-notifications/deployment.yaml @@ -14,8 +14,10 @@ metadata: spec: replicas: 1 revisionHistoryLimit: {{ .Values.global.revisionHistoryLimit }} + {{- with include "argo-cd.strategy" (mergeOverwrite (deepCopy .Values.global.deploymentStrategy) .Values.notifications.deploymentStrategy) }} strategy: - type: Recreate + {{- trim . | nindent 4 }} + {{- end }} selector: matchLabels: {{- include "argo-cd.selectorLabels" (dict "context" . "name" .Values.notifications.name) | nindent 6 }} diff --git a/charts/argo-cd/templates/argocd-repo-server/deployment.yaml b/charts/argo-cd/templates/argocd-repo-server/deployment.yaml index 01a792046..906a544fb 100755 --- a/charts/argo-cd/templates/argocd-repo-server/deployment.yaml +++ b/charts/argo-cd/templates/argocd-repo-server/deployment.yaml @@ -11,6 +11,10 @@ metadata: labels: {{- include "argo-cd.labels" (dict "context" . "component" .Values.repoServer.name "name" .Values.repoServer.name) | nindent 4 }} spec: + {{- with include "argo-cd.strategy" (mergeOverwrite (deepCopy .Values.global.deploymentStrategy) .Values.repoServer.deploymentStrategy) }} + strategy: + {{- trim . | nindent 4 }} + {{- end }} {{- if not .Values.repoServer.autoscaling.enabled }} replicas: {{ .Values.repoServer.replicas }} {{- end }} diff --git a/charts/argo-cd/templates/argocd-server/deployment.yaml b/charts/argo-cd/templates/argocd-server/deployment.yaml index ddd23a02c..a5bea81be 100755 --- a/charts/argo-cd/templates/argocd-server/deployment.yaml +++ b/charts/argo-cd/templates/argocd-server/deployment.yaml @@ -11,6 +11,10 @@ metadata: labels: {{- include "argo-cd.labels" (dict "context" . "component" .Values.server.name "name" .Values.server.name) | nindent 4 }} spec: + {{- with include "argo-cd.strategy" (mergeOverwrite (deepCopy .Values.global.deploymentStrategy) .Values.server.deploymentStrategy) }} + strategy: + {{- trim . | nindent 4 }} + {{- end }} {{- if not .Values.server.autoscaling.enabled }} replicas: {{ .Values.server.replicas }} {{- end }} diff --git a/charts/argo-cd/templates/dex/deployment.yaml b/charts/argo-cd/templates/dex/deployment.yaml index fd5e00d9d..af6523d50 100755 --- a/charts/argo-cd/templates/dex/deployment.yaml +++ b/charts/argo-cd/templates/dex/deployment.yaml @@ -12,6 +12,10 @@ metadata: labels: {{- include "argo-cd.labels" (dict "context" . "component" .Values.dex.name "name" .Values.dex.name) | nindent 4 }} spec: + {{- with include "argo-cd.strategy" (mergeOverwrite (deepCopy .Values.global.deploymentStrategy) .Values.dex.deploymentStrategy) }} + strategy: + {{- trim . | nindent 4 }} + {{- end }} replicas: 1 revisionHistoryLimit: {{ .Values.global.revisionHistoryLimit }} selector: diff --git a/charts/argo-cd/values.yaml b/charts/argo-cd/values.yaml index 418153142..640f1a48a 100644 --- a/charts/argo-cd/values.yaml +++ b/charts/argo-cd/values.yaml @@ -140,6 +140,12 @@ global: # -- The entrypoint to use for the containers. entrypoint: "entrypoint.sh" + # -- Deployment strategy for the all deployed Deployments + deploymentStrategy: {} + # type: RollingUpdate + # rollingUpdate: + # maxSurge: 25% + # maxUnavailable: 25% ## Argo Configs configs: @@ -1093,6 +1099,13 @@ dex: # topologyKey: topology.kubernetes.io/zone # whenUnsatisfiable: DoNotSchedule + # -- Deployment strategy to be added to the Dex server Deployment + deploymentStrategy: {} + # type: RollingUpdate + # rollingUpdate: + # maxSurge: 25% + # maxUnavailable: 25% + ## Redis redis: # -- Enable redis @@ -1665,6 +1678,13 @@ server: # topologyKey: topology.kubernetes.io/zone # whenUnsatisfiable: DoNotSchedule + # -- Deployment strategy to be added to the server Deployment + deploymentStrategy: {} + # type: RollingUpdate + # rollingUpdate: + # maxSurge: 25% + # maxUnavailable: 25% + # TLS certificate configuration via cert-manager ## Ref: https://argo-cd.readthedocs.io/en/stable/operator-manual/tls/#tls-certificates-used-by-argocd-server certificate: @@ -2178,6 +2198,13 @@ repoServer: # topologyKey: topology.kubernetes.io/zone # whenUnsatisfiable: DoNotSchedule + # -- Deployment strategy to be added to the repo server Deployment + deploymentStrategy: {} + # type: RollingUpdate + # rollingUpdate: + # maxSurge: 25% + # maxUnavailable: 25% + # -- Priority class for the repo server pods # @default -- `""` (defaults to global.priorityClassName) priorityClassName: "" @@ -2518,6 +2545,13 @@ applicationSet: # topologyKey: topology.kubernetes.io/zone # whenUnsatisfiable: DoNotSchedule + # -- Deployment strategy to be added to the ApplicationSet controller Deployment + deploymentStrategy: {} + # type: RollingUpdate + # rollingUpdate: + # maxSurge: 25% + # maxUnavailable: 25% + # -- Priority class for the ApplicationSet controller pods # @default -- `""` (defaults to global.priorityClassName) priorityClassName: "" @@ -2776,6 +2810,10 @@ notifications: # topologyKey: topology.kubernetes.io/zone # whenUnsatisfiable: DoNotSchedule + # -- Deployment strategy to be added to the notifications controller Deployment + deploymentStrategy: + type: Recreate + # -- Priority class for the notifications controller pods # @default -- `""` (defaults to global.priorityClassName) priorityClassName: "" From a012bd41c9d070d71633aa65d64c644146f719cf Mon Sep 17 00:00:00 2001 From: Aikawa Date: Tue, 4 Apr 2023 20:10:13 +0900 Subject: [PATCH 119/356] chore(argo-workflows): Upgrade Argo Workflows to v3.4.6 (#1942) Signed-off-by: yu-croco Co-authored-by: Jason Meridth --- charts/argo-workflows/Chart.yaml | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/charts/argo-workflows/Chart.yaml b/charts/argo-workflows/Chart.yaml index b89837396..6524a4726 100644 --- a/charts/argo-workflows/Chart.yaml +++ b/charts/argo-workflows/Chart.yaml @@ -1,9 +1,9 @@ apiVersion: v2 -appVersion: v3.4.5 +appVersion: v3.4.6 name: argo-workflows description: A Helm chart for Argo Workflows type: application -version: 0.22.15 +version: 0.22.16 icon: https://raw.githubusercontent.com/argoproj/argo-workflows/master/docs/assets/argo.png home: https://github.com/argoproj/argo-helm sources: @@ -13,5 +13,5 @@ maintainers: url: https://argoproj.github.io/ annotations: artifacthub.io/changes: | - - kind: added - description: Ability to use memoization feature. + - kind: changed + description: Upgrade Argo Workflows to v3.4.6. From c3759febbd4b6fee5a09aa75f194a018b88869f2 Mon Sep 17 00:00:00 2001 From: Ilia Lazebnik Date: Thu, 6 Apr 2023 16:52:19 +0300 Subject: [PATCH 120/356] feat(argocd-image-updater): Add support for pod labels (#1944) Signed-off-by: drfaust92 --- charts/argocd-image-updater/Chart.yaml | 4 ++-- charts/argocd-image-updater/README.md | 1 + charts/argocd-image-updater/templates/deployment.yaml | 3 +++ charts/argocd-image-updater/values.yaml | 3 +++ 4 files changed, 9 insertions(+), 2 deletions(-) diff --git a/charts/argocd-image-updater/Chart.yaml b/charts/argocd-image-updater/Chart.yaml index 5d599c41b..f64d558be 100644 --- a/charts/argocd-image-updater/Chart.yaml +++ b/charts/argocd-image-updater/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v2 name: argocd-image-updater description: A Helm chart for Argo CD Image Updater, a tool to automatically update the container images of Kubernetes workloads which are managed by Argo CD type: application -version: 0.8.4 +version: 0.8.5 appVersion: v0.12.2 home: https://github.com/argoproj-labs/argocd-image-updater icon: https://argocd-image-updater.readthedocs.io/en/stable/assets/logo.png @@ -16,4 +16,4 @@ maintainers: annotations: artifacthub.io/changes: | - kind: changed - description: Update Argo CD Image Updater to v0.12.2 + description: Added support for pod labels diff --git a/charts/argocd-image-updater/README.md b/charts/argocd-image-updater/README.md index 10259e19c..5d5c72537 100644 --- a/charts/argocd-image-updater/README.md +++ b/charts/argocd-image-updater/README.md @@ -106,6 +106,7 @@ The `config.registries` value can be used exactly as it looks in the documentati | nameOverride | string | `""` | Global name (argocd-image-updater.name in _helpers.tpl) override | | nodeSelector | object | `{}` | Kubernetes nodeSelector settings for the deployment | | podAnnotations | object | `{}` | Pod Annotations for the deployment | +| podLabels | object | `{}` | Pod Labels for the deployment | | podSecurityContext | object | `{}` | Pod security context settings for the deployment | | rbac.enabled | bool | `true` | Enable RBAC creation | | replicaCount | int | `1` | Replica count for the deployment. It is not advised to run more than one replica. | diff --git a/charts/argocd-image-updater/templates/deployment.yaml b/charts/argocd-image-updater/templates/deployment.yaml index 61136fb8f..936a4a708 100644 --- a/charts/argocd-image-updater/templates/deployment.yaml +++ b/charts/argocd-image-updater/templates/deployment.yaml @@ -19,6 +19,9 @@ spec: {{- end }} checksum/config: {{ include (print $.Template.BasePath "/configmap.yaml") . | sha256sum }} labels: + {{- with .Values.podLabels }} + {{- toYaml . | nindent 8 }} + {{- end }} {{- include "argocd-image-updater.selectorLabels" . | nindent 8 }} spec: {{- with .Values.imagePullSecrets }} diff --git a/charts/argocd-image-updater/values.yaml b/charts/argocd-image-updater/values.yaml index 9ac3e1ef0..90498e269 100644 --- a/charts/argocd-image-updater/values.yaml +++ b/charts/argocd-image-updater/values.yaml @@ -156,6 +156,9 @@ serviceAccount: # -- Pod Annotations for the deployment podAnnotations: {} +# -- Pod Labels for the deployment +podLabels: {} + # -- Pod security context settings for the deployment podSecurityContext: {} # fsGroup: 2000 From b19beee4f8cea0c1b9a37511c92a5e9b09a8e141 Mon Sep 17 00:00:00 2001 From: Aikawa Date: Fri, 7 Apr 2023 01:16:40 +0900 Subject: [PATCH 121/356] fix(argo-cd): Change default value for global.tolerations, from object to array (#1947) Signed-off-by: yu-croco --- charts/argo-cd/Chart.yaml | 6 +++--- charts/argo-cd/README.md | 2 +- charts/argo-cd/values.yaml | 2 +- 3 files changed, 5 insertions(+), 5 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index 09552820b..fc35d6b42 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -3,7 +3,7 @@ appVersion: v2.6.7 kubeVersion: ">=1.22.0-0" description: A Helm chart for Argo CD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 5.28.0 +version: 5.28.1 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png sources: @@ -23,5 +23,5 @@ dependencies: condition: redis-ha.enabled annotations: artifacthub.io/changes: | - - kind: added - description: Add support for custom Deployment strategy + - kind: fixed + description: Change default value for global.tolerations, from object to array. diff --git a/charts/argo-cd/README.md b/charts/argo-cd/README.md index faa370222..a3e43b0fc 100644 --- a/charts/argo-cd/README.md +++ b/charts/argo-cd/README.md @@ -413,7 +413,7 @@ NAME: my-release | global.revisionHistoryLimit | int | `3` | Number of old deployment ReplicaSets to retain. The rest will be garbage collected. | | global.securityContext | object | `{}` (See [values.yaml]) | Toggle and define pod-level security context. | | global.statefulsetAnnotations | object | `{}` | Annotations for the all deployed Statefulsets | -| global.tolerations | object | `{}` | Default tolerations for all components | +| global.tolerations | list | `[]` | Default tolerations for all components | | global.topologySpreadConstraints | list | `[]` | Default [TopologySpreadConstraints] rules for all components | ## Argo CD Configs diff --git a/charts/argo-cd/values.yaml b/charts/argo-cd/values.yaml index 640f1a48a..40eee8cb6 100644 --- a/charts/argo-cd/values.yaml +++ b/charts/argo-cd/values.yaml @@ -106,7 +106,7 @@ global: nodeSelector: {} # -- Default tolerations for all components - tolerations: {} + tolerations: [] # Default affinity preset for all components affinity: From 56136f65185ba97ac14543d49413626dd49e3f78 Mon Sep 17 00:00:00 2001 From: Justin Sievenpiper Date: Thu, 6 Apr 2023 16:43:01 -0700 Subject: [PATCH 122/356] feat(argo-workflows): add the ability to declare initContainers (#1923) feat(argo-workflows): add the ability to declare initContainers to server and controller deployments Signed-off-by: Justin Sievenpiper --- charts/argo-workflows/Chart.yaml | 6 +++--- charts/argo-workflows/README.md | 2 ++ .../controller/workflow-controller-deployment.yaml | 4 ++++ .../argo-workflows/templates/server/server-deployment.yaml | 4 ++++ charts/argo-workflows/values.yaml | 6 ++++++ 5 files changed, 19 insertions(+), 3 deletions(-) diff --git a/charts/argo-workflows/Chart.yaml b/charts/argo-workflows/Chart.yaml index 6524a4726..59a8a66aa 100644 --- a/charts/argo-workflows/Chart.yaml +++ b/charts/argo-workflows/Chart.yaml @@ -3,7 +3,7 @@ appVersion: v3.4.6 name: argo-workflows description: A Helm chart for Argo Workflows type: application -version: 0.22.16 +version: 0.23.0 icon: https://raw.githubusercontent.com/argoproj/argo-workflows/master/docs/assets/argo.png home: https://github.com/argoproj/argo-helm sources: @@ -13,5 +13,5 @@ maintainers: url: https://argoproj.github.io/ annotations: artifacthub.io/changes: | - - kind: changed - description: Upgrade Argo Workflows to v3.4.6. + - kind: added + description: Added the ability to deploy init containers alongside the controller and server deployments. diff --git a/charts/argo-workflows/README.md b/charts/argo-workflows/README.md index 0c4dd649b..0cd083191 100644 --- a/charts/argo-workflows/README.md +++ b/charts/argo-workflows/README.md @@ -108,6 +108,7 @@ Fields to note: | controller.extraArgs | list | `[]` | Extra arguments to be added to the controller | | controller.extraContainers | list | `[]` | Extra containers to be added to the controller deployment | | controller.extraEnv | list | `[]` | Extra environment variables to provide to the controller container | +| controller.extraInitContainers | list | `[]` | Enables init containers to be added to the controller deployment | | controller.image.registry | string | `"quay.io"` | Registry to use for the controller | | controller.image.repository | string | `"argoproj/workflow-controller"` | Registry to use for the controller | | controller.image.tag | string | `""` | Image tag for the workflow controller. Defaults to `.Values.images.tag`. | @@ -215,6 +216,7 @@ Fields to note: | server.extraArgs | list | `[]` | Extra arguments to provide to the Argo server binary, such as for disabling authentication. | | server.extraContainers | list | `[]` | Extra containers to be added to the server deployment | | server.extraEnv | list | `[]` | Extra environment variables to provide to the argo-server container | +| server.extraInitContainers | list | `[]` | Enables init containers to be added to the server deployment | | server.image.registry | string | `"quay.io"` | Registry to use for the server | | server.image.repository | string | `"argoproj/argocli"` | Repository to use for the server | | server.image.tag | string | `""` | Image tag for the Argo Workflows server. Defaults to `.Values.images.tag`. | diff --git a/charts/argo-workflows/templates/controller/workflow-controller-deployment.yaml b/charts/argo-workflows/templates/controller/workflow-controller-deployment.yaml index 8f4f783f2..021a2e76a 100644 --- a/charts/argo-workflows/templates/controller/workflow-controller-deployment.yaml +++ b/charts/argo-workflows/templates/controller/workflow-controller-deployment.yaml @@ -32,6 +32,10 @@ spec: securityContext: {{- toYaml . | nindent 8 }} {{- end }} + {{- with .Values.controller.extraInitContainers }} + initContainers: + {{- toYaml . | nindent 8 }} + {{- end }} containers: - name: controller image: "{{- include "argo-workflows.image" (dict "context" . "image" .Values.controller.image) }}:{{ default (include "argo-workflows.defaultTag" .) .Values.controller.image.tag }}" diff --git a/charts/argo-workflows/templates/server/server-deployment.yaml b/charts/argo-workflows/templates/server/server-deployment.yaml index e5230cd0d..552c7d052 100644 --- a/charts/argo-workflows/templates/server/server-deployment.yaml +++ b/charts/argo-workflows/templates/server/server-deployment.yaml @@ -33,6 +33,10 @@ spec: securityContext: {{- toYaml . | nindent 8 }} {{- end }} + {{- with .Values.server.extraInitContainers }} + initContainers: + {{- toYaml . | nindent 8 }} + {{- end }} containers: - name: argo-server image: "{{- include "argo-workflows.image" (dict "context" . "image" .Values.server.image) }}:{{ default (include "argo-workflows.defaultTag" .) .Values.server.image.tag }}" diff --git a/charts/argo-workflows/values.yaml b/charts/argo-workflows/values.yaml index 3537ac894..155a0acd9 100644 --- a/charts/argo-workflows/values.yaml +++ b/charts/argo-workflows/values.yaml @@ -295,6 +295,9 @@ controller: # -- Extra containers to be added to the controller deployment extraContainers: [] + # -- Enables init containers to be added to the controller deployment + extraInitContainers: [] + # -- Workflow retention by number of workflows retentionPolicy: {} # completed: 10 @@ -570,6 +573,9 @@ server: # -- Extra containers to be added to the server deployment extraContainers: [] + # -- Enables init containers to be added to the server deployment + extraInitContainers: [] + # -- Array of extra K8s manifests to deploy extraObjects: [] # - apiVersion: secrets-store.csi.x-k8s.io/v1 From 950c5be7256b0f2a4360de275d56c644e7e8fb42 Mon Sep 17 00:00:00 2001 From: Shawqi <74347460+shaw8ii@users.noreply.github.com> Date: Fri, 7 Apr 2023 15:45:35 +0300 Subject: [PATCH 123/356] fix(argo-events): missing argument for toYaml function in deployment template (#1933) * fix(argo-events): missing argument for toYaml function in deployment template Signed-off-by: Shawqi <74347460+shaw8ii@users.noreply.github.com> * Add description to Chart.yaml Signed-off-by: Shawqi <74347460+shaw8ii@users.noreply.github.com> * bump version Signed-off-by: Shawqi <74347460+shaw8ii@users.noreply.github.com> --------- Signed-off-by: Shawqi <74347460+shaw8ii@users.noreply.github.com> Co-authored-by: Petr Drastil --- charts/argo-events/Chart.yaml | 4 ++-- .../templates/argo-events-controller/deployment.yaml | 2 +- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/charts/argo-events/Chart.yaml b/charts/argo-events/Chart.yaml index a702a6255..f11e6a0af 100644 --- a/charts/argo-events/Chart.yaml +++ b/charts/argo-events/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v2 appVersion: v1.7.6 description: A Helm chart for Argo Events, the event-driven workflow automation framework name: argo-events -version: 2.1.5 +version: 2.1.6 home: https://github.com/argoproj/argo-helm icon: https://argoproj.github.io/argo-events/assets/logo.png keywords: @@ -16,4 +16,4 @@ maintainers: annotations: artifacthub.io/changes: | - kind: fixed - description: priorityClassName was not being set on pods. + description: fix toYaml function in deployment template for envFrom block diff --git a/charts/argo-events/templates/argo-events-controller/deployment.yaml b/charts/argo-events/templates/argo-events-controller/deployment.yaml index 0ca65ee2f..6f6a965b9 100644 --- a/charts/argo-events/templates/argo-events-controller/deployment.yaml +++ b/charts/argo-events/templates/argo-events-controller/deployment.yaml @@ -63,7 +63,7 @@ spec: {{- end }} {{- with .Values.controller.envFrom }} envFrom: - {{- toYaml | nindent 8 }} + {{- toYaml . | nindent 8 }} {{- end }} volumeMounts: - name: config From 09e6ec4d252fcf693a0fc2ff86a1e3a4e3aab3e8 Mon Sep 17 00:00:00 2001 From: Ilia Medvedev Date: Sun, 9 Apr 2023 16:40:46 +0300 Subject: [PATCH 124/356] align applicationset with upstream --- charts/argo-cd/Chart.yaml | 2 +- charts/argo-cd/README.md | 79 ++++--- .../argocd-applicationset/deployment.yaml | 166 +++++++++++--- charts/argo-cd/values.yaml | 212 +++++++++++------- 4 files changed, 316 insertions(+), 143 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index b3b755301..e358a44be 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v2 appVersion: v2.6.0-cap-CR-17237 description: A Helm chart for Argo CD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 5.27.1-1-cap-CR-17237 +version: 5.27.1-2-cap-CR-17237 kubeVersion: ">=1.22.0-0" home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png diff --git a/charts/argo-cd/README.md b/charts/argo-cd/README.md index f98df7d14..cfe076ff8 100644 --- a/charts/argo-cd/README.md +++ b/charts/argo-cd/README.md @@ -1003,26 +1003,33 @@ If you want to use an existing Redis (eg. a managed service from a cloud provide | Key | Type | Default | Description | |-----|------|---------|-------------| -| applicationSet.affinity | object | `{}` | Assign custom [affinity] rules | -| applicationSet.args.debug | bool | `false` | Print debug logs | -| applicationSet.args.dryRun | bool | `false` | Enable dry run mode | -| applicationSet.args.enableLeaderElection | bool | `false` | The default leader election setting | -| applicationSet.args.metricsAddr | string | `":8080"` | The default metric address | -| applicationSet.args.policy | string | `"sync"` | How application is synced between the generator and the cluster | -| applicationSet.args.probeBindAddr | string | `":8081"` | The default health check port | +| applicationSet.affinity | object | `{}` (defaults to global.affinity preset) | Assign custom [affinity] rules | +| applicationSet.args | object | `{}` | DEPRECATED - ApplicationSet controller command line flags | +| applicationSet.containerPorts.metrics | int | `8080` | Metrics container port | +| applicationSet.containerPorts.probe | int | `8081` | Probe container port | +| applicationSet.containerPorts.webhook | int | `7000` | Webhook container port | +| applicationSet.containerSecurityContext | object | See [values.yaml] | ApplicationSet controller container-level security context | +| applicationSet.deploymentAnnotations | object | `{}` | Annotations to be added to ApplicationSet controller Deployment | +| applicationSet.dnsConfig | object | `{}` | [DNS configuration] | +| applicationSet.dnsPolicy | string | `"ClusterFirst"` | Alternative DNS policy for ApplicationSet controller pods | | applicationSet.enabled | bool | `true` | Enable ApplicationSet controller | | applicationSet.extraArgs | list | `[]` | List of extra cli args to add | -| applicationSet.extraContainers | list | `[]` | Additional containers to be added to the applicationset controller pod | -| applicationSet.extraEnv | list | `[]` | Environment variables to pass to the controller | -| applicationSet.extraEnvFrom | list | `[]` (See [values.yaml]) | envFrom to pass to the controller | +| applicationSet.extraContainers | list | `[]` | Additional containers to be added to the ApplicationSet controller pod | +| applicationSet.extraEnv | list | `[]` | Environment variables to pass to the ApplicationSet controller | +| applicationSet.extraEnvFrom | list | `[]` (See [values.yaml]) | envFrom to pass to the ApplicationSet controller | | applicationSet.extraVolumeMounts | list | `[]` | List of extra mounts to add (normally used with extraVolumes) | | applicationSet.extraVolumes | list | `[]` | List of extra volumes to add | -| applicationSet.image.imagePullPolicy | string | `""` (defaults to global.image.imagePullPolicy) | Image pull policy for the application set controller | -| applicationSet.image.repository | string | `""` (defaults to global.image.repository) | Repository to use for the application set controller | -| applicationSet.image.tag | string | `""` (defaults to global.image.tag) | Tag to use for the application set controller | +| applicationSet.image.imagePullPolicy | string | `""` (defaults to global.image.imagePullPolicy) | Image pull policy for the ApplicationSet controller | +| applicationSet.image.repository | string | `""` (defaults to global.image.repository) | Repository to use for the ApplicationSet controller | +| applicationSet.image.tag | string | `""` (defaults to global.image.tag) | Tag to use for the ApplicationSet controller | | applicationSet.imagePullSecrets | list | `[]` (defaults to global.imagePullSecrets) | If defined, uses a Secret to pull an image from a private Docker registry or repository. | -| applicationSet.logFormat | string | `""` (defaults to global.logging.format) | ApplicationSet controller log format. Either `text` or `json` | -| applicationSet.logLevel | string | `""` (defaults to global.logging.level) | ApplicationSet controller log level. One of: `debug`, `info`, `warn`, `error` | +| applicationSet.initContainers | list | `[]` | Init containers to add to the ApplicationSet controller pod | +| applicationSet.livenessProbe.enabled | bool | `false` | Enable Kubernetes liveness probe for ApplicationSet controller | +| applicationSet.livenessProbe.failureThreshold | int | `3` | Minimum consecutive failures for the [probe] to be considered failed after having succeeded | +| applicationSet.livenessProbe.initialDelaySeconds | int | `10` | Number of seconds after the container has started before [probe] is initiated | +| applicationSet.livenessProbe.periodSeconds | int | `10` | How often (in seconds) to perform the [probe] | +| applicationSet.livenessProbe.successThreshold | int | `1` | Minimum consecutive successes for the [probe] to be considered successful after having failed | +| applicationSet.livenessProbe.timeoutSeconds | int | `1` | Number of seconds after which the [probe] times out | | applicationSet.metrics.enabled | bool | `false` | Deploy metrics service | | applicationSet.metrics.service.annotations | object | `{}` | Metrics service annotations | | applicationSet.metrics.service.labels | object | `{}` | Metrics service labels | @@ -1038,34 +1045,40 @@ If you want to use an existing Redis (eg. a managed service from a cloud provide | applicationSet.metrics.serviceMonitor.scheme | string | `""` | Prometheus ServiceMonitor scheme | | applicationSet.metrics.serviceMonitor.selector | object | `{}` | Prometheus ServiceMonitor selector | | applicationSet.metrics.serviceMonitor.tlsConfig | object | `{}` | Prometheus ServiceMonitor tlsConfig | -| applicationSet.name | string | `"applicationset-controller"` | Application Set controller name string | -| applicationSet.nodeSelector | object | `{}` | [Node selector] | +| applicationSet.name | string | `"applicationset-controller"` | ApplicationSet controller name string | +| applicationSet.nodeSelector | object | `{}` (defaults to global.nodeSelector) | [Node selector] | | applicationSet.pdb.annotations | object | `{}` | Annotations to be added to ApplicationSet controller pdb | | applicationSet.pdb.enabled | bool | `false` | Deploy a [PodDisruptionBudget] for the ApplicationSet controller | | applicationSet.pdb.labels | object | `{}` | Labels to be added to ApplicationSet controller pdb | -| applicationSet.pdb.maxUnavailable | string | `""` | Number of pods that are unavailble after eviction as number or percentage (eg.: 50%). | +| applicationSet.pdb.maxUnavailable | string | `""` | Number of pods that are unavailable after eviction as number or percentage (eg.: 50%). | | applicationSet.pdb.minAvailable | string | `""` (defaults to 0 if not specified) | Number of pods that are available after eviction as number or percentage (eg.: 50%) | -| applicationSet.podAnnotations | object | `{}` | Annotations for the controller pods | -| applicationSet.podLabels | object | `{}` | Labels for the controller pods | -| applicationSet.podSecurityContext | object | `{}` | Pod Security Context | -| applicationSet.priorityClassName | string | `""` | If specified, indicates the pod's priority. If not specified, the pod priority will be default or zero if there is no default. | +| applicationSet.podAnnotations | object | `{}` | Annotations for the ApplicationSet controller pods | +| applicationSet.podLabels | object | `{}` | Labels for the ApplicationSet controller pods | +| applicationSet.priorityClassName | string | `""` (defaults to global.priorityClassName) | Priority class for the ApplicationSet controller pods | +| applicationSet.readinessProbe.enabled | bool | `false` | Enable Kubernetes liveness probe for ApplicationSet controller | +| applicationSet.readinessProbe.failureThreshold | int | `3` | Minimum consecutive failures for the [probe] to be considered failed after having succeeded | +| applicationSet.readinessProbe.initialDelaySeconds | int | `10` | Number of seconds after the container has started before [probe] is initiated | +| applicationSet.readinessProbe.periodSeconds | int | `10` | How often (in seconds) to perform the [probe] | +| applicationSet.readinessProbe.successThreshold | int | `1` | Minimum consecutive successes for the [probe] to be considered successful after having failed | +| applicationSet.readinessProbe.timeoutSeconds | int | `1` | Number of seconds after which the [probe] times out | | applicationSet.replicaCount | int | `1` | The number of ApplicationSet controller pods to run | -| applicationSet.resources | object | `{}` | Resource limits and requests for the controller pods. | -| applicationSet.securityContext | object | `{}` | Security Context | -| applicationSet.service.annotations | object | `{}` | Application set service annotations | -| applicationSet.service.labels | object | `{}` | Application set service labels | -| applicationSet.service.port | int | `7000` | Application set service port | -| applicationSet.service.portName | string | `"webhook"` | Application set service port name | -| applicationSet.serviceAccount.annotations | object | `{}` | Annotations to add to the service account | -| applicationSet.serviceAccount.create | bool | `true` | Specifies whether a service account should be created | +| applicationSet.resources | object | `{}` | Resource limits and requests for the ApplicationSet controller pods. | +| applicationSet.service.annotations | object | `{}` | ApplicationSet service annotations | +| applicationSet.service.labels | object | `{}` | ApplicationSet service labels | +| applicationSet.service.port | int | `7000` | ApplicationSet service port | +| applicationSet.service.portName | string | `"webhook"` | ApplicationSet service port name | +| applicationSet.serviceAccount.annotations | object | `{}` | Annotations applied to created service account | +| applicationSet.serviceAccount.automountServiceAccountToken | bool | `true` | Automount API credentials for the Service Account | +| applicationSet.serviceAccount.create | bool | `true` | Create ApplicationSet controller service account | | applicationSet.serviceAccount.labels | object | `{}` | Labels applied to created service account | -| applicationSet.serviceAccount.name | string | `""` | The name of the service account to use. If not set and create is true, a name is generated using the fullname template | -| applicationSet.tolerations | list | `[]` | [Tolerations] for use with node taints | +| applicationSet.serviceAccount.name | string | `"argocd-applicationset-controller"` | ApplicationSet controller service account name | +| applicationSet.tolerations | list | `[]` (defaults to global.tolerations) | [Tolerations] for use with node taints | +| applicationSet.topologySpreadConstraints | list | `[]` (defaults to global.topologySpreadConstraints) | Assign custom [TopologySpreadConstraints] rules to the ApplicationSet controller | | applicationSet.webhook.ingress.annotations | object | `{}` | Additional ingress annotations | | applicationSet.webhook.ingress.enabled | bool | `false` | Enable an ingress resource for Webhooks | | applicationSet.webhook.ingress.extraPaths | list | `[]` | Additional ingress paths | | applicationSet.webhook.ingress.hosts | list | `[]` | List of ingress hosts | -| applicationSet.webhook.ingress.ingressClassName | string | `""` | Defines which ingress controller will implement the resource | +| applicationSet.webhook.ingress.ingressClassName | string | `""` | Defines which ingress ApplicationSet controller will implement the resource | | applicationSet.webhook.ingress.labels | object | `{}` | Additional ingress labels | | applicationSet.webhook.ingress.pathType | string | `"Prefix"` | Ingress path type. One of `Exact`, `Prefix` or `ImplementationSpecific` | | applicationSet.webhook.ingress.paths | list | `["/api/webhook"]` | List of ingress paths | diff --git a/charts/argo-cd/templates/argocd-applicationset/deployment.yaml b/charts/argo-cd/templates/argocd-applicationset/deployment.yaml index 853a7ee63..d76b2e449 100644 --- a/charts/argo-cd/templates/argocd-applicationset/deployment.yaml +++ b/charts/argo-cd/templates/argocd-applicationset/deployment.yaml @@ -2,11 +2,18 @@ apiVersion: apps/v1 kind: Deployment metadata: + {{- with (mergeOverwrite (deepCopy .Values.global.deploymentAnnotations) .Values.applicationSet.deploymentAnnotations) }} + annotations: + {{- range $key, $value := . }} + {{ $key }}: {{ $value | quote }} + {{- end }} + {{- end }} name: {{ include "argo-cd.applicationSet.fullname" . }} labels: {{- include "argo-cd.labels" (dict "context" . "component" .Values.applicationSet.name "name" .Values.applicationSet.name) | nindent 4 }} spec: replicas: {{ .Values.applicationSet.replicaCount }} + revisionHistoryLimit: {{ .Values.global.revisionHistoryLimit }} selector: matchLabels: {{- include "argo-cd.selectorLabels" (dict "context" . "name" .Values.applicationSet.name) | nindent 6 }} @@ -28,8 +35,17 @@ spec: imagePullSecrets: {{- toYaml . | nindent 8 }} {{- end }} + {{- with .Values.global.hostAliases }} + hostAliases: + {{- toYaml . | nindent 8 }} + {{- end }} + {{- with .Values.global.securityContext }} securityContext: - {{- toYaml (mergeOverwrite (deepCopy .Values.global.securityContext) .Values.applicationSet.podSecurityContext) | nindent 8 }} + {{- toYaml . | nindent 8 }} + {{- end }} + {{- with .Values.applicationSet.priorityClassName | default .Values.global.priorityClassName }} + priorityClassName: {{ . }} + {{- end }} serviceAccountName: {{ include "argo-cd.applicationSetServiceAccountName" . }} containers: - name: {{ .Values.applicationSet.name }} @@ -37,21 +53,24 @@ spec: imagePullPolicy: {{ default .Values.global.image.imagePullPolicy .Values.applicationSet.image.imagePullPolicy }} command: - entrypoint.sh - {{/* Codefresh - change argocd-applicationset-controller to applicationset-controller*/}} - - applicationset-controller + - argocd-applicationset-controller + - --metrics-addr=:{{ .Values.applicationSet.containerPorts.metrics }} + - --probe-addr=:{{ .Values.applicationSet.containerPorts.probe }} + - --webhook-addr=:{{ .Values.applicationSet.containerPorts.webhook }} + {{- with .Values.applicationSet.args.policy }} + - --policy={{ . }} + {{- end }} + {{- with .Values.applicationSet.args.dryRun }} + - --dry-run={{ . }} + {{- end }} + {{- with .Values.applicationSet.logFormat }} - --logformat - - {{ default .Values.global.logging.format .Values.applicationSet.logFormat }} + - {{ . }} + {{- end }} + {{- with .Values.applicationSet.logLevel }} - --loglevel - - {{ default .Values.global.logging.level .Values.applicationSet.logLevel }} - - --metrics-addr={{ .Values.applicationSet.args.metricsAddr }} - - --probe-addr={{ .Values.applicationSet.args.probeBindAddr }} - {{- if or (gt ( .Values.applicationSet.replicaCount | int64) 1) .Values.applicationSet.args.enableLeaderElection }} - - --enable-leader-election=true + - {{ . }} {{- end }} - - --argocd-repo-server={{ template "argo-cd.repoServer.fullname" . }}:{{ .Values.repoServer.service.port }} - - --policy={{ .Values.applicationSet.args.policy }} - - --debug={{ .Values.applicationSet.args.debug }} - - --dry-run={{ .Values.applicationSet.args.dryRun }} {{- with .Values.applicationSet.extraArgs }} {{- toYaml . | nindent 12 }} {{- end }} @@ -63,24 +82,104 @@ spec: valueFrom: fieldRef: fieldPath: metadata.namespace + - name: ARGOCD_APPLICATIONSET_CONTROLLER_ENABLE_LEADER_ELECTION + valueFrom: + configMapKeyRef: + key: applicationsetcontroller.enable.leader.election + name: argocd-cmd-params-cm + optional: true + - name: ARGOCD_APPLICATIONSET_CONTROLLER_NAMESPACE + valueFrom: + configMapKeyRef: + key: applicationsetcontroller.namespace + name: argocd-cmd-params-cm + optional: true + - name: ARGOCD_APPLICATIONSET_CONTROLLER_REPO_SERVER + valueFrom: + configMapKeyRef: + key: repo.server + name: argocd-cmd-params-cm + optional: true + - name: ARGOCD_APPLICATIONSET_CONTROLLER_POLICY + valueFrom: + configMapKeyRef: + key: applicationsetcontroller.policy + name: argocd-cmd-params-cm + optional: true + - name: ARGOCD_APPLICATIONSET_CONTROLLER_DEBUG + valueFrom: + configMapKeyRef: + key: applicationsetcontroller.debug + name: argocd-cmd-params-cm + optional: true + - name: ARGOCD_APPLICATIONSET_CONTROLLER_LOGFORMAT + valueFrom: + configMapKeyRef: + key: applicationsetcontroller.log.format + name: argocd-cmd-params-cm + optional: true + - name: ARGOCD_APPLICATIONSET_CONTROLLER_LOGLEVEL + valueFrom: + configMapKeyRef: + key: applicationsetcontroller.log.level + name: argocd-cmd-params-cm + optional: true + - name: ARGOCD_APPLICATIONSET_CONTROLLER_DRY_RUN + valueFrom: + configMapKeyRef: + key: applicationsetcontroller.dryrun + name: argocd-cmd-params-cm + optional: true + - name: ARGOCD_GIT_MODULES_ENABLED + valueFrom: + configMapKeyRef: + key: applicationsetcontroller.enable.git.submodule + name: argocd-cmd-params-cm + optional: true + - name: ARGOCD_APPLICATIONSET_CONTROLLER_ENABLE_PROGRESSIVE_SYNCS + valueFrom: + configMapKeyRef: + key: applicationsetcontroller.enable.progressive.syncs + name: argocd-cmd-params-cm + optional: true {{- with .Values.applicationSet.extraEnvFrom }} envFrom: {{- toYaml . | nindent 12 }} {{- end }} ports: - name: metrics - containerPort: {{ (split ":" .Values.applicationSet.args.metricsAddr)._1 }} + containerPort: {{ .Values.applicationSet.containerPorts.metrics }} protocol: TCP - name: probe - containerPort: {{ (split ":" .Values.applicationSet.args.probeBindAddr)._1 }} + containerPort: {{ .Values.applicationSet.containerPorts.probe }} protocol: TCP - name: webhook - containerPort: 7000 + containerPort: {{ .Values.applicationSet.containerPorts.webhook }} protocol: TCP + {{- if .Values.applicationSet.livenessProbe.enabled }} + livenessProbe: + tcpSocket: + port: probe + initialDelaySeconds: {{ .Values.applicationSet.livenessProbe.initialDelaySeconds }} + periodSeconds: {{ .Values.applicationSet.livenessProbe.periodSeconds }} + timeoutSeconds: {{ .Values.applicationSet.livenessProbe.timeoutSeconds }} + successThreshold: {{ .Values.applicationSet.livenessProbe.successThreshold }} + failureThreshold: {{ .Values.applicationSet.livenessProbe.failureThreshold }} + {{- end }} + {{- if .Values.applicationSet.readinessProbe.enabled }} + readinessProbe: + tcpSocket: + port: probe + initialDelaySeconds: {{ .Values.applicationSet.readinessProbe.initialDelaySeconds }} + periodSeconds: {{ .Values.applicationSet.readinessProbe.periodSeconds }} + timeoutSeconds: {{ .Values.applicationSet.readinessProbe.timeoutSeconds }} + successThreshold: {{ .Values.applicationSet.readinessProbe.successThreshold }} + failureThreshold: {{ .Values.applicationSet.readinessProbe.failureThreshold }} + {{- end }} resources: {{- toYaml .Values.applicationSet.resources | nindent 12 }} securityContext: - {{- toYaml .Values.applicationSet.securityContext | nindent 12 }} + {{- toYaml .Values.applicationSet.containerSecurityContext | nindent 12 }} volumeMounts: {{- with .Values.applicationSet.extraVolumeMounts }} {{- toYaml . | nindent 12 }} @@ -96,22 +195,34 @@ spec: - mountPath: /tmp name: tmp {{- with .Values.applicationSet.extraContainers }} - {{- toYaml . | nindent 8 }} + {{- tpl (toYaml .) $ | nindent 8 }} {{- end }} - {{- with .Values.applicationSet.nodeSelector }} - nodeSelector: - {{- toYaml . | nindent 8 }} + {{- with .Values.applicationSet.initContainers }} + initContainers: + {{- tpl (toYaml .) $ | nindent 6 }} {{- end }} - {{- with .Values.applicationSet.affinity }} + {{- with include "argo-cd.affinity" (dict "context" . "component" .Values.applicationSet) }} affinity: + {{- trim . | nindent 8 }} + {{- end }} + {{- with .Values.applicationSet.nodeSelector | default .Values.global.nodeSelector }} + nodeSelector: {{- toYaml . | nindent 8 }} {{- end }} - {{- with .Values.applicationSet.tolerations }} + {{- with .Values.applicationSet.tolerations | default .Values.global.tolerations }} tolerations: {{- toYaml . | nindent 8 }} {{- end }} - {{- with .Values.applicationSet.priorityClassName }} - priorityClassName: {{ . }} + {{- with .Values.applicationSet.topologySpreadConstraints | default .Values.global.topologySpreadConstraints }} + topologySpreadConstraints: + {{- range $constraint := . }} + - {{ toYaml $constraint | nindent 8 | trim }} + {{- if not $constraint.labelSelector }} + labelSelector: + matchLabels: + {{- include "argo-cd.selectorLabels" (dict "context" $ "name" $.Values.applicationSet.name) | nindent 12 }} + {{- end }} + {{- end }} {{- end }} volumes: {{- with .Values.applicationSet.extraVolumes }} @@ -130,4 +241,9 @@ spec: emptyDir: {} - name: tmp emptyDir: {} + {{- with .Values.applicationSet.dnsConfig }} + dnsConfig: + {{- toYaml . | nindent 8 }} + {{- end }} + dnsPolicy: {{ .Values.applicationSet.dnsPolicy }} {{- end }} \ No newline at end of file diff --git a/charts/argo-cd/values.yaml b/charts/argo-cd/values.yaml index 9fd288e3f..768130a16 100755 --- a/charts/argo-cd/values.yaml +++ b/charts/argo-cd/values.yaml @@ -2278,7 +2278,7 @@ applicationSet: # -- Enable ApplicationSet controller enabled: true - # -- Application Set controller name string + # -- ApplicationSet controller name string name: applicationset-controller # -- The number of ApplicationSet controller pods to run @@ -2296,19 +2296,19 @@ applicationSet: # -- Number of pods that are available after eviction as number or percentage (eg.: 50%) # @default -- `""` (defaults to 0 if not specified) minAvailable: "" - # -- Number of pods that are unavailble after eviction as number or percentage (eg.: 50%). + # -- Number of pods that are unavailable after eviction as number or percentage (eg.: 50%). ## Has higher precedence over `applicationSet.pdb.minAvailable` maxUnavailable: "" ## ApplicationSet controller image image: - # -- Repository to use for the application set controller + # -- Repository to use for the ApplicationSet controller # @default -- `""` (defaults to global.image.repository) - repository: "quay.io/codefresh/applicationset" - # -- Tag to use for the application set controller + repository: "" + # -- Tag to use for the ApplicationSet controller # @default -- `""` (defaults to global.image.tag) - tag: "v0.4.2-CR-13254-remove-private-logs" - # -- Image pull policy for the application set controller + tag: "" + # -- Image pull policy for the ApplicationSet controller # @default -- `""` (defaults to global.image.imagePullPolicy) imagePullPolicy: "" @@ -2316,30 +2316,45 @@ applicationSet: # @default -- `[]` (defaults to global.imagePullSecrets) imagePullSecrets: [] - args: - # -- The default metric address - metricsAddr: :8080 - # -- The default health check port - probeBindAddr: :8081 - # -- The default leader election setting - enableLeaderElection: false + # -- DEPRECATED - ApplicationSet controller command line flags + args: {} + # DEPRECATED - Use configs.params.applicationsetcontroller.policy to override # -- How application is synced between the generator and the cluster - policy: sync - # -- Print debug logs - debug: false + # policy: sync + # DEPRECATED - Use configs.params.applicationsetcontroller.dryrun to override # -- Enable dry run mode - dryRun: false + # dryRun: false - # -- ApplicationSet controller log format. Either `text` or `json` - # @default -- `""` (defaults to global.logging.format) - logFormat: "" - # -- ApplicationSet controller log level. One of: `debug`, `info`, `warn`, `error` - # @default -- `""` (defaults to global.logging.level) - logLevel: "" + # -- List of extra cli args to add + extraArgs: [] + + # -- Environment variables to pass to the ApplicationSet controller + extraEnv: [] + # - name: "MY_VAR" + # value: "value" - # -- Additional containers to be added to the applicationset controller pod + # -- envFrom to pass to the ApplicationSet controller + # @default -- `[]` (See [values.yaml]) + extraEnvFrom: [] + # - configMapRef: + # name: config-map-name + # - secretRef: + # name: secret-name + + # -- Additional containers to be added to the ApplicationSet controller pod + ## Note: Supports use of custom Helm templates extraContainers: [] + # -- Init containers to add to the ApplicationSet controller pod + ## Note: Supports use of custom Helm templates + initContainers: [] + + # -- List of extra mounts to add (normally used with extraVolumes) + extraVolumeMounts: [] + + # -- List of extra volumes to add + extraVolumes: [] + ## Metrics service configuration metrics: # -- Deploy metrics service @@ -2377,53 +2392,40 @@ applicationSet: # -- Prometheus ServiceMonitor annotations annotations: {} - ## Application set service configuration + ## ApplicationSet service configuration service: - # -- Application set service annotations + # -- ApplicationSet service annotations annotations: {} - # -- Application set service labels + # -- ApplicationSet service labels labels: {} - # -- Application set service port + # -- ApplicationSet service port port: 7000 - # -- Application set service port name + # -- ApplicationSet service port name portName: webhook serviceAccount: - # -- Specifies whether a service account should be created + # -- Create ApplicationSet controller service account create: true - # -- Annotations to add to the service account + # -- ApplicationSet controller service account name + name: argocd-applicationset-controller + # -- Annotations applied to created service account annotations: {} # -- Labels applied to created service account labels: {} - # -- The name of the service account to use. - # If not set and create is true, a name is generated using the fullname template - name: "" + # -- Automount API credentials for the Service Account + automountServiceAccountToken: true + + # -- Annotations to be added to ApplicationSet controller Deployment + deploymentAnnotations: {} - # -- Annotations for the controller pods + # -- Annotations for the ApplicationSet controller pods podAnnotations: {} - # -- Labels for the controller pods + # -- Labels for the ApplicationSet controller pods podLabels: {} - # -- Pod Security Context - podSecurityContext: {} - # fsGroup: 2000 - - # -- Security Context - securityContext: {} - # capabilities: - # drop: - # - ALL - # readOnlyRootFilesystem: true - # runAsNonRoot: true - # runAsUser: 1000 - - # -- Resource limits and requests for the controller pods. + # -- Resource limits and requests for the ApplicationSet controller pods. resources: {} - # We usually recommend not to specify default resources and to leave this as a conscious - # choice for the user. This also increases chances charts run on environments with little - # resources, such as Minikube. If you do want to specify resources, uncomment the following - # lines, adjust them as necessary, and remove the curly braces after 'resources:'. # limits: # cpu: 100m # memory: 128Mi @@ -2431,43 +2433,86 @@ applicationSet: # cpu: 100m # memory: 128Mi + # ApplicationSet controller container ports + containerPorts: + # -- Metrics container port + metrics: 8080 + # -- Probe container port + probe: 8081 + # -- Webhook container port + webhook: 7000 + + # -- [DNS configuration] + dnsConfig: {} + # -- Alternative DNS policy for ApplicationSet controller pods + dnsPolicy: "ClusterFirst" + + # -- ApplicationSet controller container-level security context + # @default -- See [values.yaml] + containerSecurityContext: + runAsNonRoot: true + readOnlyRootFilesystem: true + allowPrivilegeEscalation: false + seccompProfile: + type: RuntimeDefault + capabilities: + drop: + - ALL + + ## Probes for ApplicationSet controller (optional) + ## Ref: https://kubernetes.io/docs/tasks/configure-pod-container/configure-liveness-readiness-probes/ + readinessProbe: + # -- Enable Kubernetes liveness probe for ApplicationSet controller + enabled: false + # -- Number of seconds after the container has started before [probe] is initiated + initialDelaySeconds: 10 + # -- How often (in seconds) to perform the [probe] + periodSeconds: 10 + # -- Number of seconds after which the [probe] times out + timeoutSeconds: 1 + # -- Minimum consecutive successes for the [probe] to be considered successful after having failed + successThreshold: 1 + # -- Minimum consecutive failures for the [probe] to be considered failed after having succeeded + failureThreshold: 3 + + livenessProbe: + # -- Enable Kubernetes liveness probe for ApplicationSet controller + enabled: false + # -- Number of seconds after the container has started before [probe] is initiated + initialDelaySeconds: 10 + # -- How often (in seconds) to perform the [probe] + periodSeconds: 10 + # -- Number of seconds after which the [probe] times out + timeoutSeconds: 1 + # -- Minimum consecutive successes for the [probe] to be considered successful after having failed + successThreshold: 1 + # -- Minimum consecutive failures for the [probe] to be considered failed after having succeeded + failureThreshold: 3 + # -- [Node selector] + # @default -- `{}` (defaults to global.nodeSelector) nodeSelector: {} # -- [Tolerations] for use with node taints + # @default -- `[]` (defaults to global.tolerations) tolerations: [] # -- Assign custom [affinity] rules + # @default -- `{}` (defaults to global.affinity preset) affinity: {} - # -- If specified, indicates the pod's priority. If not specified, the pod priority will be default or zero if there is no default. - priorityClassName: "" - - # -- List of extra mounts to add (normally used with extraVolumes) - extraVolumeMounts: [] - # - mountPath: /tmp/foobar - # name: foobar - - # -- List of extra volumes to add - extraVolumes: [] - # - name: foobar - # emptyDir: {} - - # -- List of extra cli args to add - extraArgs: [] - - # -- Environment variables to pass to the controller - extraEnv: [] - # - name: "MY_VAR" - # value: "value" + # -- Assign custom [TopologySpreadConstraints] rules to the ApplicationSet controller + # @default -- `[]` (defaults to global.topologySpreadConstraints) + ## Ref: https://kubernetes.io/docs/concepts/workloads/pods/pod-topology-spread-constraints/ + ## If labelSelector is left out, it will default to the labelSelector configuration of the deployment + topologySpreadConstraints: [] + # - maxSkew: 1 + # topologyKey: topology.kubernetes.io/zone + # whenUnsatisfiable: DoNotSchedule - # -- envFrom to pass to the controller - # @default -- `[]` (See [values.yaml]) - extraEnvFrom: [] - # - configMapRef: - # name: config-map-name - # - secretRef: - # name: secret-name + # -- Priority class for the ApplicationSet controller pods + # @default -- `""` (defaults to global.priorityClassName) + priorityClassName: "" ## Webhook for the Git Generator ## Ref: https://argocd-applicationset.readthedocs.io/en/master/Generators-Git/#webhook-configuration) @@ -2479,7 +2524,7 @@ applicationSet: annotations: {} # -- Additional ingress labels labels: {} - # -- Defines which ingress controller will implement the resource + # -- Defines which ingress ApplicationSet controller will implement the resource ingressClassName: "" # -- List of ingress hosts @@ -2514,7 +2559,6 @@ applicationSet: # hosts: # - argocd-applicationset.example.com - ## Notifications controller notifications: # -- Enable notifications controller From 7eafaa742e6c14f3ed0d21614f53826848044ec4 Mon Sep 17 00:00:00 2001 From: Aikawa Date: Tue, 11 Apr 2023 22:33:49 +0900 Subject: [PATCH 125/356] chore(argo-cd): Add log format and log level to dex (#1951) Signed-off-by: yu-croco --- charts/argo-cd/Chart.yaml | 6 +++--- charts/argo-cd/README.md | 2 ++ charts/argo-cd/templates/dex/deployment.yaml | 2 ++ charts/argo-cd/values.yaml | 7 +++++++ 4 files changed, 14 insertions(+), 3 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index fc35d6b42..be815df3d 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -3,7 +3,7 @@ appVersion: v2.6.7 kubeVersion: ">=1.22.0-0" description: A Helm chart for Argo CD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 5.28.1 +version: 5.28.2 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png sources: @@ -23,5 +23,5 @@ dependencies: condition: redis-ha.enabled annotations: artifacthub.io/changes: | - - kind: fixed - description: Change default value for global.tolerations, from object to array. + - kind: added + description: Add log format and log level to dex. diff --git a/charts/argo-cd/README.md b/charts/argo-cd/README.md index a3e43b0fc..b90af7afa 100644 --- a/charts/argo-cd/README.md +++ b/charts/argo-cd/README.md @@ -847,6 +847,8 @@ server: | dex.livenessProbe.periodSeconds | int | `10` | How often (in seconds) to perform the [probe] | | dex.livenessProbe.successThreshold | int | `1` | Minimum consecutive successes for the [probe] to be considered successful after having failed | | dex.livenessProbe.timeoutSeconds | int | `1` | Number of seconds after which the [probe] times out | +| dex.logFormat | string | `""` (defaults to global.logging.format) | Dex log format. Either `text` or `json` | +| dex.logLevel | string | `""` (defaults to global.logging.level) | Dex log level. One of: `debug`, `info`, `warn`, `error` | | dex.metrics.enabled | bool | `false` | Deploy metrics service | | dex.metrics.service.annotations | object | `{}` | Metrics service annotations | | dex.metrics.service.labels | object | `{}` | Metrics service labels | diff --git a/charts/argo-cd/templates/dex/deployment.yaml b/charts/argo-cd/templates/dex/deployment.yaml index af6523d50..f83422331 100755 --- a/charts/argo-cd/templates/dex/deployment.yaml +++ b/charts/argo-cd/templates/dex/deployment.yaml @@ -61,6 +61,8 @@ spec: imagePullPolicy: {{ default .Values.global.image.imagePullPolicy .Values.dex.image.imagePullPolicy }} command: - /shared/argocd-dex + - --logformat={{ default .Values.global.logging.format .Values.dex.logFormat }} + - --loglevel={{ default .Values.global.logging.level .Values.dex.logLevel }} args: - rundex {{- with .Values.dex.extraArgs }} diff --git a/charts/argo-cd/values.yaml b/charts/argo-cd/values.yaml index 40eee8cb6..32b9060c9 100644 --- a/charts/argo-cd/values.yaml +++ b/charts/argo-cd/values.yaml @@ -1106,6 +1106,13 @@ dex: # maxSurge: 25% # maxUnavailable: 25% + # -- Dex log format. Either `text` or `json` + # @default -- `""` (defaults to global.logging.format) + logFormat: "" + # -- Dex log level. One of: `debug`, `info`, `warn`, `error` + # @default -- `""` (defaults to global.logging.level) + logLevel: "" + ## Redis redis: # -- Enable redis From 633954386f82ff86fe1504afbdc92b7673246ff7 Mon Sep 17 00:00:00 2001 From: Aikawa Date: Tue, 11 Apr 2023 22:50:22 +0900 Subject: [PATCH 126/356] fix(argo-workflows): Update outdated content on README (#1948) fix(argo-workflows): Remove outdated content on README Signed-off-by: yu-croco --- charts/argo-workflows/Chart.yaml | 6 ++-- charts/argo-workflows/README.md | 42 +++++++++++++++++++++----- charts/argo-workflows/README.md.gotmpl | 42 +++++++++++++++++++++----- 3 files changed, 73 insertions(+), 17 deletions(-) diff --git a/charts/argo-workflows/Chart.yaml b/charts/argo-workflows/Chart.yaml index 59a8a66aa..e648478f5 100644 --- a/charts/argo-workflows/Chart.yaml +++ b/charts/argo-workflows/Chart.yaml @@ -3,7 +3,7 @@ appVersion: v3.4.6 name: argo-workflows description: A Helm chart for Argo Workflows type: application -version: 0.23.0 +version: 0.23.1 icon: https://raw.githubusercontent.com/argoproj/argo-workflows/master/docs/assets/argo.png home: https://github.com/argoproj/argo-helm sources: @@ -13,5 +13,5 @@ maintainers: url: https://argoproj.github.io/ annotations: artifacthub.io/changes: | - - kind: added - description: Added the ability to deploy init containers alongside the controller and server deployments. + - kind: fixed + description: Update outdated content on README. diff --git a/charts/argo-workflows/README.md b/charts/argo-workflows/README.md index 0cd083191..2c8ceb70c 100644 --- a/charts/argo-workflows/README.md +++ b/charts/argo-workflows/README.md @@ -6,13 +6,6 @@ If you want your deployment of this helm chart to most closely match the [argo C ## Pre-Requisites -This chart uses an install hook to configure the CRD definition. Installation of CRDs is a somewhat privileged process in itself and in RBAC enabled clusters the `default` service account for namespaces does not typically have the ability to create these. - -A few options are: - -- Manually create a ServiceAccount in the Namespace in which your release will be deployed w/ appropriate bindings to perform this action and set the `serviceAccountName` field in the Workflow spec -- Augment the `default` ServiceAccount permissions in the Namespace in which your Release is deployed to have the appropriate permissions - ### Custom resource definitions Some users would prefer to install the CRDs _outside_ of the chart. You can disable the CRD installation of this chart by using `--set crds.install=false` when installing the chart. @@ -28,6 +21,41 @@ kubectl apply -k "https://github.com/argoproj/argo-workflows/manifests/base/crds kubectl apply -k "https://github.com/argoproj/argo-workflows/manifests/base/crds/full?ref=v3.3.9" ``` +### ServiceAccount for Workflow Spec +In order for each Workflow run, you create ServiceAccount via `values.yaml` like below. + +```yaml +workflow: + serviceAccount: + create: true + name: "argo-workflow" + rbac: + create: true +controller: + workflowNamespaces: + - default + - foo + - bar +``` + +Set ServiceAccount on Workflow. + +```yaml +apiVersion: argoproj.io/v1alpha1 +kind: Workflow +metadata: + generateName: hello-world- +spec: + entrypoint: whalesay + serviceAccountName: argo-workflow # Set ServiceAccount + templates: + - name: whalesay + container: + image: docker/whalesay + command: [ cowsay ] + args: [ "hello world" ] +``` + ## Installing the Chart To install the chart with the release name `my-release`: diff --git a/charts/argo-workflows/README.md.gotmpl b/charts/argo-workflows/README.md.gotmpl index 95c626e26..398a8788e 100644 --- a/charts/argo-workflows/README.md.gotmpl +++ b/charts/argo-workflows/README.md.gotmpl @@ -6,13 +6,6 @@ If you want your deployment of this helm chart to most closely match the [argo C ## Pre-Requisites -This chart uses an install hook to configure the CRD definition. Installation of CRDs is a somewhat privileged process in itself and in RBAC enabled clusters the `default` service account for namespaces does not typically have the ability to create these. - -A few options are: - -- Manually create a ServiceAccount in the Namespace in which your release will be deployed w/ appropriate bindings to perform this action and set the `serviceAccountName` field in the Workflow spec -- Augment the `default` ServiceAccount permissions in the Namespace in which your Release is deployed to have the appropriate permissions - ### Custom resource definitions Some users would prefer to install the CRDs _outside_ of the chart. You can disable the CRD installation of this chart by using `--set crds.install=false` when installing the chart. @@ -28,6 +21,41 @@ kubectl apply -k "https://github.com/argoproj/argo-workflows/manifests/base/crds kubectl apply -k "https://github.com/argoproj/argo-workflows/manifests/base/crds/full?ref=v3.3.9" ``` +### ServiceAccount for Workflow Spec +In order for each Workflow run, you create ServiceAccount via `values.yaml` like below. + +```yaml +workflow: + serviceAccount: + create: true + name: "argo-workflow" + rbac: + create: true +controller: + workflowNamespaces: + - default + - foo + - bar +``` + +Set ServiceAccount on Workflow. + +```yaml +apiVersion: argoproj.io/v1alpha1 +kind: Workflow +metadata: + generateName: hello-world- +spec: + entrypoint: whalesay + serviceAccountName: argo-workflow # Set ServiceAccount + templates: + - name: whalesay + container: + image: docker/whalesay + command: [ cowsay ] + args: [ "hello world" ] +``` + ## Installing the Chart To install the chart with the release name `my-release`: From 1d17840549a7956e437069132b0513f6d2e4824a Mon Sep 17 00:00:00 2001 From: Julien Duchesne Date: Wed, 12 Apr 2023 00:52:28 -0400 Subject: [PATCH 127/356] chore(argo-workflows): Upgrade Argo Workflows to v3.4.7 (#1954) --- charts/argo-workflows/Chart.yaml | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/charts/argo-workflows/Chart.yaml b/charts/argo-workflows/Chart.yaml index e648478f5..bde79c697 100644 --- a/charts/argo-workflows/Chart.yaml +++ b/charts/argo-workflows/Chart.yaml @@ -1,9 +1,9 @@ apiVersion: v2 -appVersion: v3.4.6 +appVersion: v3.4.7 name: argo-workflows description: A Helm chart for Argo Workflows type: application -version: 0.23.1 +version: 0.23.2 icon: https://raw.githubusercontent.com/argoproj/argo-workflows/master/docs/assets/argo.png home: https://github.com/argoproj/argo-helm sources: @@ -13,5 +13,5 @@ maintainers: url: https://argoproj.github.io/ annotations: artifacthub.io/changes: | - - kind: fixed - description: Update outdated content on README. + - kind: changed + description: Upgrade Argo Workflows to v3.4.7. From 7eeb70f7117df0e25ebf30ed193c11a3b9960e24 Mon Sep 17 00:00:00 2001 From: Aikawa Date: Thu, 13 Apr 2023 18:25:06 +0900 Subject: [PATCH 128/356] fix(argo-workflows): Add namespace field to all namespace scoped resources (#1956) Reason: `helm template` doesn't add the namespace field automatically * fix(argo-workflows): Add namespace field to all namespace scoped resources because `helm template` doesn't add the namespace filed automatically Signed-off-by: yu-croco * chore(argo-workflows): bump minor version Signed-off-by: yu-croco * refactor(argo-workflows): reflect review points Signed-off-by: yu-croco --- charts/argo-workflows/Chart.yaml | 6 +++--- .../controller/workflow-controller-cluster-roles.yaml | 3 +++ .../controller/workflow-controller-config-map.yaml | 1 + .../templates/controller/workflow-controller-crb.yaml | 7 +++++-- .../controller/workflow-controller-deployment-pdb.yaml | 1 + .../controller/workflow-controller-deployment.yaml | 1 + .../templates/controller/workflow-controller-sa.yaml | 1 + .../templates/controller/workflow-controller-service.yaml | 1 + .../controller/workflow-controller-servicemonitor.yaml | 6 ++---- .../templates/server/server-cluster-roles.yaml | 3 +++ charts/argo-workflows/templates/server/server-crb.yaml | 7 +++++-- .../templates/server/server-deployment-pdb.yaml | 1 + .../argo-workflows/templates/server/server-deployment.yaml | 1 + charts/argo-workflows/templates/server/server-ingress.yaml | 1 + charts/argo-workflows/templates/server/server-sa.yaml | 1 + charts/argo-workflows/templates/server/server-service.yaml | 1 + 16 files changed, 31 insertions(+), 11 deletions(-) diff --git a/charts/argo-workflows/Chart.yaml b/charts/argo-workflows/Chart.yaml index bde79c697..69cbe88f2 100644 --- a/charts/argo-workflows/Chart.yaml +++ b/charts/argo-workflows/Chart.yaml @@ -3,7 +3,7 @@ appVersion: v3.4.7 name: argo-workflows description: A Helm chart for Argo Workflows type: application -version: 0.23.2 +version: 0.24.0 icon: https://raw.githubusercontent.com/argoproj/argo-workflows/master/docs/assets/argo.png home: https://github.com/argoproj/argo-helm sources: @@ -13,5 +13,5 @@ maintainers: url: https://argoproj.github.io/ annotations: artifacthub.io/changes: | - - kind: changed - description: Upgrade Argo Workflows to v3.4.7. + - kind: fixed + description: Add namespace field to all namespace scoped resources because `helm template` doesn't add the namespace filed automatically. diff --git a/charts/argo-workflows/templates/controller/workflow-controller-cluster-roles.yaml b/charts/argo-workflows/templates/controller/workflow-controller-cluster-roles.yaml index 6b1a724e8..b5d78afa0 100644 --- a/charts/argo-workflows/templates/controller/workflow-controller-cluster-roles.yaml +++ b/charts/argo-workflows/templates/controller/workflow-controller-cluster-roles.yaml @@ -7,6 +7,9 @@ kind: ClusterRole {{- end }} metadata: name: {{ template "argo-workflows.controller.fullname" . }} + {{- if .Values.singleNamespace }} + namespace: {{ .Release.Namespace | quote }} + {{- end }} labels: {{- include "argo-workflows.labels" (dict "context" . "component" .Values.controller.name "name" .Values.controller.name) | nindent 4 }} rules: diff --git a/charts/argo-workflows/templates/controller/workflow-controller-config-map.yaml b/charts/argo-workflows/templates/controller/workflow-controller-config-map.yaml index 125f48d37..7327ecac1 100644 --- a/charts/argo-workflows/templates/controller/workflow-controller-config-map.yaml +++ b/charts/argo-workflows/templates/controller/workflow-controller-config-map.yaml @@ -2,6 +2,7 @@ apiVersion: v1 kind: ConfigMap metadata: name: {{ template "argo-workflows.controller.fullname" . }}-configmap + namespace: {{ .Release.Namespace | quote }} labels: {{- include "argo-workflows.labels" (dict "context" . "component" .Values.controller.name "name" "cm") | nindent 4 }} data: diff --git a/charts/argo-workflows/templates/controller/workflow-controller-crb.yaml b/charts/argo-workflows/templates/controller/workflow-controller-crb.yaml index c630bac69..9fa7a7f6f 100644 --- a/charts/argo-workflows/templates/controller/workflow-controller-crb.yaml +++ b/charts/argo-workflows/templates/controller/workflow-controller-crb.yaml @@ -7,6 +7,9 @@ kind: ClusterRoleBinding {{- end }} metadata: name: {{ template "argo-workflows.controller.fullname" . }} + {{- if .Values.singleNamespace }} + namespace: {{ .Release.Namespace | quote }} + {{- end }} labels: {{- include "argo-workflows.labels" (dict "context" . "component" .Values.controller.name "name" .Values.controller.name) | nindent 4 }} roleRef: @@ -20,7 +23,7 @@ roleRef: subjects: - kind: ServiceAccount name: {{ template "argo-workflows.controllerServiceAccountName" . }} - namespace: {{ .Release.Namespace }} + namespace: {{ .Release.Namespace | quote }} {{- if .Values.controller.clusterWorkflowTemplates.enabled }} --- @@ -37,6 +40,6 @@ roleRef: subjects: - kind: ServiceAccount name: {{ template "argo-workflows.controllerServiceAccountName" . }} - namespace: {{ .Release.Namespace }} + namespace: {{ .Release.Namespace | quote }} {{- end }} {{- end }} diff --git a/charts/argo-workflows/templates/controller/workflow-controller-deployment-pdb.yaml b/charts/argo-workflows/templates/controller/workflow-controller-deployment-pdb.yaml index 4e7545c73..ee38445f2 100644 --- a/charts/argo-workflows/templates/controller/workflow-controller-deployment-pdb.yaml +++ b/charts/argo-workflows/templates/controller/workflow-controller-deployment-pdb.yaml @@ -3,6 +3,7 @@ apiVersion: policy/v1 kind: PodDisruptionBudget metadata: name: {{ template "argo-workflows.controller.fullname" . }} + namespace: {{ .Release.Namespace | quote }} labels: {{- include "argo-workflows.labels" (dict "context" . "component" .Values.controller.name "name" .Values.controller.name) | nindent 4 }} spec: diff --git a/charts/argo-workflows/templates/controller/workflow-controller-deployment.yaml b/charts/argo-workflows/templates/controller/workflow-controller-deployment.yaml index 021a2e76a..4ee117b8b 100644 --- a/charts/argo-workflows/templates/controller/workflow-controller-deployment.yaml +++ b/charts/argo-workflows/templates/controller/workflow-controller-deployment.yaml @@ -2,6 +2,7 @@ apiVersion: apps/v1 kind: Deployment metadata: name: {{ template "argo-workflows.controller.fullname" . }} + namespace: {{ .Release.Namespace | quote }} labels: {{- include "argo-workflows.labels" (dict "context" . "component" .Values.controller.name "name" .Values.controller.name) | nindent 4 }} app.kubernetes.io/version: {{ include "argo-workflows.controller_chart_version_label" . }} diff --git a/charts/argo-workflows/templates/controller/workflow-controller-sa.yaml b/charts/argo-workflows/templates/controller/workflow-controller-sa.yaml index 362459005..c6a8bf663 100644 --- a/charts/argo-workflows/templates/controller/workflow-controller-sa.yaml +++ b/charts/argo-workflows/templates/controller/workflow-controller-sa.yaml @@ -3,6 +3,7 @@ apiVersion: v1 kind: ServiceAccount metadata: name: {{ template "argo-workflows.controllerServiceAccountName" . }} + namespace: {{ .Release.Namespace | quote }} labels: {{- include "argo-workflows.labels" (dict "context" . "component" .Values.controller.name "name" .Values.controller.name) | nindent 4 }} {{- with .Values.controller.serviceAccount.labels }} diff --git a/charts/argo-workflows/templates/controller/workflow-controller-service.yaml b/charts/argo-workflows/templates/controller/workflow-controller-service.yaml index 3ca1afad6..5ade3d401 100644 --- a/charts/argo-workflows/templates/controller/workflow-controller-service.yaml +++ b/charts/argo-workflows/templates/controller/workflow-controller-service.yaml @@ -3,6 +3,7 @@ apiVersion: v1 kind: Service metadata: name: {{ template "argo-workflows.controller.fullname" . }} + namespace: {{ .Release.Namespace | quote }} labels: {{- include "argo-workflows.labels" (dict "context" . "component" .Values.controller.name "name" .Values.controller.name) | nindent 4 }} app.kubernetes.io/version: {{ default (include "argo-workflows.defaultTag" .) .Values.controller.image.tag | trunc 63 | quote }} diff --git a/charts/argo-workflows/templates/controller/workflow-controller-servicemonitor.yaml b/charts/argo-workflows/templates/controller/workflow-controller-servicemonitor.yaml index f71d35077..29fe1b59e 100644 --- a/charts/argo-workflows/templates/controller/workflow-controller-servicemonitor.yaml +++ b/charts/argo-workflows/templates/controller/workflow-controller-servicemonitor.yaml @@ -3,9 +3,7 @@ apiVersion: monitoring.coreos.com/v1 kind: ServiceMonitor metadata: name: {{ template "argo-workflows.controller.fullname" . }} - {{- with .Values.controller.serviceMonitor.namespace }} - namespace: {{ . }} - {{- end }} + namespace: {{ default .Release.Namespace .Values.controller.serviceMonitor.namespace | quote }} labels: {{- include "argo-workflows.labels" (dict "context" . "component" .Values.controller.name "name" .Values.controller.name) | nindent 4 }} {{- with .Values.controller.serviceMonitor.additionalLabels }} @@ -25,7 +23,7 @@ spec: {{- end }} namespaceSelector: matchNames: - - {{ .Release.Namespace }} + - {{ .Release.Namespace | quote }} selector: matchLabels: {{- include "argo-workflows.selectorLabels" (dict "context" . "name" .Values.controller.name) | nindent 6 }} diff --git a/charts/argo-workflows/templates/server/server-cluster-roles.yaml b/charts/argo-workflows/templates/server/server-cluster-roles.yaml index c7d18f50c..96f12bfa0 100644 --- a/charts/argo-workflows/templates/server/server-cluster-roles.yaml +++ b/charts/argo-workflows/templates/server/server-cluster-roles.yaml @@ -7,6 +7,9 @@ kind: ClusterRole {{- end }} metadata: name: {{ template "argo-workflows.server.fullname" . }} + {{- if .Values.singleNamespace }} + namespace: {{ .Release.Namespace | quote }} + {{- end }} labels: {{- include "argo-workflows.labels" (dict "context" . "component" .Values.server.name "name" .Values.server.name) | nindent 4 }} rules: diff --git a/charts/argo-workflows/templates/server/server-crb.yaml b/charts/argo-workflows/templates/server/server-crb.yaml index 6ac17aef4..ec4f6435a 100644 --- a/charts/argo-workflows/templates/server/server-crb.yaml +++ b/charts/argo-workflows/templates/server/server-crb.yaml @@ -7,6 +7,9 @@ kind: ClusterRoleBinding {{- end }} metadata: name: {{ template "argo-workflows.server.fullname" . }} + {{- if .Values.singleNamespace }} + namespace: {{ .Release.Namespace | quote }} + {{- end }} labels: {{- include "argo-workflows.labels" (dict "context" . "component" .Values.server.name "name" .Values.server.name) | nindent 4 }} roleRef: @@ -20,7 +23,7 @@ roleRef: subjects: - kind: ServiceAccount name: {{ template "argo-workflows.serverServiceAccountName" . }} - namespace: {{ .Release.Namespace }} + namespace: {{ .Release.Namespace | quote }} {{- if .Values.server.clusterWorkflowTemplates.enabled }} --- @@ -37,6 +40,6 @@ roleRef: subjects: - kind: ServiceAccount name: {{ template "argo-workflows.serverServiceAccountName" . }} - namespace: {{ .Release.Namespace }} + namespace: {{ .Release.Namespace | quote }} {{- end -}} {{- end -}} diff --git a/charts/argo-workflows/templates/server/server-deployment-pdb.yaml b/charts/argo-workflows/templates/server/server-deployment-pdb.yaml index d92a40830..7ea6d465f 100644 --- a/charts/argo-workflows/templates/server/server-deployment-pdb.yaml +++ b/charts/argo-workflows/templates/server/server-deployment-pdb.yaml @@ -3,6 +3,7 @@ apiVersion: policy/v1 kind: PodDisruptionBudget metadata: name: {{ template "argo-workflows.server.fullname" . }} + namespace: {{ .Release.Namespace | quote }} labels: {{- include "argo-workflows.labels" (dict "context" . "component" .Values.server.name "name" .Values.server.name) | nindent 4 }} spec: diff --git a/charts/argo-workflows/templates/server/server-deployment.yaml b/charts/argo-workflows/templates/server/server-deployment.yaml index 552c7d052..e9da0a1de 100644 --- a/charts/argo-workflows/templates/server/server-deployment.yaml +++ b/charts/argo-workflows/templates/server/server-deployment.yaml @@ -3,6 +3,7 @@ apiVersion: apps/v1 kind: Deployment metadata: name: {{ template "argo-workflows.server.fullname" . }} + namespace: {{ .Release.Namespace | quote }} labels: {{- include "argo-workflows.labels" (dict "context" . "component" .Values.server.name "name" .Values.server.name) | nindent 4 }} app.kubernetes.io/version: {{ include "argo-workflows.server_chart_version_label" . }} diff --git a/charts/argo-workflows/templates/server/server-ingress.yaml b/charts/argo-workflows/templates/server/server-ingress.yaml index 969676e14..36209f5b0 100644 --- a/charts/argo-workflows/templates/server/server-ingress.yaml +++ b/charts/argo-workflows/templates/server/server-ingress.yaml @@ -14,6 +14,7 @@ metadata: {{- end }} {{- end }} name: {{ template "argo-workflows.server.fullname" . }} + namespace: {{ .Release.Namespace | quote }} labels: {{- include "argo-workflows.labels" (dict "context" . "component" .Values.server.name "name" .Values.server.name) | nindent 4 }} {{- if .Values.server.ingress.labels }} diff --git a/charts/argo-workflows/templates/server/server-sa.yaml b/charts/argo-workflows/templates/server/server-sa.yaml index 2f6644edb..382d565ee 100644 --- a/charts/argo-workflows/templates/server/server-sa.yaml +++ b/charts/argo-workflows/templates/server/server-sa.yaml @@ -3,6 +3,7 @@ apiVersion: v1 kind: ServiceAccount metadata: name: {{ template "argo-workflows.serverServiceAccountName" . }} + namespace: {{ .Release.Namespace | quote }} labels: {{- include "argo-workflows.labels" (dict "context" . "component" .Values.server.name "name" .Values.server.name) | nindent 4 }} {{- with .Values.server.serviceAccount.labels }} diff --git a/charts/argo-workflows/templates/server/server-service.yaml b/charts/argo-workflows/templates/server/server-service.yaml index 22fc2b01d..f7096a8df 100644 --- a/charts/argo-workflows/templates/server/server-service.yaml +++ b/charts/argo-workflows/templates/server/server-service.yaml @@ -3,6 +3,7 @@ apiVersion: v1 kind: Service metadata: name: {{ template "argo-workflows.server.fullname" . }} + namespace: {{ .Release.Namespace | quote }} labels: {{- include "argo-workflows.labels" (dict "context" . "component" .Values.server.name "name" .Values.server.name) | nindent 4 }} app.kubernetes.io/version: {{ include "argo-workflows.server_chart_version_label" . }} From 88d690ef62e40547e951d708bcbd6806e8d579ae Mon Sep 17 00:00:00 2001 From: Jakub Oskera Date: Thu, 13 Apr 2023 16:08:34 +0200 Subject: [PATCH 129/356] fix(argo-cd): add namespace field for namespace scoped resources (#1937) --- charts/argo-cd/Chart.yaml | 6 +++--- .../templates/argocd-application-controller/metrics.yaml | 1 + .../argocd-application-controller/networkpolicy.yaml | 1 + .../templates/argocd-application-controller/pdb.yaml | 1 + .../argocd-application-controller/prometheusrule.yaml | 4 +--- .../templates/argocd-application-controller/role.yaml | 1 + .../argocd-application-controller/rolebinding.yaml | 1 + .../argocd-application-controller/serviceaccount.yaml | 1 + .../argocd-application-controller/servicemonitor.yaml | 4 +--- .../argocd-application-controller/statefulset.yaml | 1 + .../argo-cd/templates/argocd-applicationset/deployment.yaml | 1 + charts/argo-cd/templates/argocd-applicationset/metrics.yaml | 1 + .../templates/argocd-applicationset/networkpolicy.yaml | 1 + charts/argo-cd/templates/argocd-applicationset/pdb.yaml | 1 + charts/argo-cd/templates/argocd-applicationset/role.yaml | 1 + .../templates/argocd-applicationset/rolebinding.yaml | 1 + charts/argo-cd/templates/argocd-applicationset/service.yaml | 1 + .../templates/argocd-applicationset/serviceaccount.yaml | 1 + .../templates/argocd-applicationset/servicemonitor.yaml | 4 +--- .../templates/argocd-applicationset/webhook-ingress.yaml | 1 + charts/argo-cd/templates/argocd-configs/argocd-cm.yaml | 1 + .../templates/argocd-configs/argocd-cmd-params-cm.yaml | 1 + charts/argo-cd/templates/argocd-configs/argocd-cmp-cm.yaml | 1 + .../argocd-configs/argocd-dex-server-tls-secret.yaml | 1 + .../templates/argocd-configs/argocd-gpg-keys-cm.yaml | 1 + .../templates/argocd-configs/argocd-notifications-cm.yaml | 1 + .../argocd-configs/argocd-notifications-secret.yaml | 1 + charts/argo-cd/templates/argocd-configs/argocd-rbac-cm.yaml | 1 + .../argocd-configs/argocd-repo-server-tls-secret.yaml | 1 + charts/argo-cd/templates/argocd-configs/argocd-secret.yaml | 1 + .../templates/argocd-configs/argocd-server-tls-secret.yaml | 1 + .../templates/argocd-configs/argocd-ssh-known-hosts-cm.yaml | 1 + .../argo-cd/templates/argocd-configs/argocd-styles-cm.yaml | 1 + .../templates/argocd-configs/argocd-tls-certs-cm.yaml | 1 + .../argo-cd/templates/argocd-configs/cluster-secrets.yaml | 1 + .../templates/argocd-configs/externalredis-secret.yaml | 1 + .../argocd-configs/repository-credentials-secret.yaml | 1 + .../argo-cd/templates/argocd-configs/repository-secret.yaml | 1 + .../argo-cd/templates/argocd-notifications/deployment.yaml | 1 + charts/argo-cd/templates/argocd-notifications/metrics.yaml | 1 + .../templates/argocd-notifications/networkpolicy.yaml | 1 + charts/argo-cd/templates/argocd-notifications/pdb.yaml | 1 + charts/argo-cd/templates/argocd-notifications/role.yaml | 1 + .../argo-cd/templates/argocd-notifications/rolebinding.yaml | 1 + .../templates/argocd-notifications/serviceaccount.yaml | 1 + .../templates/argocd-notifications/servicemonitor.yaml | 4 +--- charts/argo-cd/templates/argocd-repo-server/deployment.yaml | 1 + charts/argo-cd/templates/argocd-repo-server/hpa.yaml | 1 + charts/argo-cd/templates/argocd-repo-server/metrics.yaml | 1 + .../argo-cd/templates/argocd-repo-server/networkpolicy.yaml | 1 + charts/argo-cd/templates/argocd-repo-server/pdb.yaml | 1 + charts/argo-cd/templates/argocd-repo-server/role.yaml | 1 + .../argo-cd/templates/argocd-repo-server/rolebinding.yaml | 1 + charts/argo-cd/templates/argocd-repo-server/service.yaml | 1 + .../templates/argocd-repo-server/serviceaccount.yaml | 1 + .../templates/argocd-repo-server/servicemonitor.yaml | 4 +--- charts/argo-cd/templates/argocd-server/aws/service.yaml | 1 + charts/argo-cd/templates/argocd-server/certificate.yaml | 1 + charts/argo-cd/templates/argocd-server/deployment.yaml | 1 + .../argo-cd/templates/argocd-server/gke/backendconfig.yaml | 1 + .../argo-cd/templates/argocd-server/gke/frontendconfig.yaml | 1 + .../templates/argocd-server/gke/managedcertificate.yaml | 1 + charts/argo-cd/templates/argocd-server/hpa.yaml | 1 + charts/argo-cd/templates/argocd-server/ingress-grpc.yaml | 1 + charts/argo-cd/templates/argocd-server/ingress.yaml | 1 + charts/argo-cd/templates/argocd-server/metrics.yaml | 1 + charts/argo-cd/templates/argocd-server/networkpolicy.yaml | 1 + charts/argo-cd/templates/argocd-server/openshift/route.yaml | 1 + charts/argo-cd/templates/argocd-server/pdb.yaml | 1 + charts/argo-cd/templates/argocd-server/role.yaml | 1 + charts/argo-cd/templates/argocd-server/rolebinding.yaml | 1 + charts/argo-cd/templates/argocd-server/service.yaml | 1 + charts/argo-cd/templates/argocd-server/serviceaccount.yaml | 1 + charts/argo-cd/templates/argocd-server/servicemonitor.yaml | 4 +--- charts/argo-cd/templates/dex/deployment.yaml | 1 + charts/argo-cd/templates/dex/networkpolicy.yaml | 1 + charts/argo-cd/templates/dex/pdb.yaml | 1 + charts/argo-cd/templates/dex/role.yaml | 1 + charts/argo-cd/templates/dex/rolebinding.yaml | 1 + charts/argo-cd/templates/dex/service.yaml | 1 + charts/argo-cd/templates/dex/serviceaccount.yaml | 1 + charts/argo-cd/templates/dex/servicemonitor.yaml | 4 +--- charts/argo-cd/templates/networkpolicy-default-deny.yaml | 1 + charts/argo-cd/templates/redis/deployment.yaml | 1 + charts/argo-cd/templates/redis/metrics.yaml | 1 + charts/argo-cd/templates/redis/networkpolicy.yaml | 1 + charts/argo-cd/templates/redis/pdb.yaml | 1 + charts/argo-cd/templates/redis/service.yaml | 1 + charts/argo-cd/templates/redis/serviceaccount.yaml | 1 + charts/argo-cd/templates/redis/servicemonitor.yaml | 4 +--- 90 files changed, 92 insertions(+), 27 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index be815df3d..81666537d 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -3,7 +3,7 @@ appVersion: v2.6.7 kubeVersion: ">=1.22.0-0" description: A Helm chart for Argo CD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 5.28.2 +version: 5.29.0 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png sources: @@ -23,5 +23,5 @@ dependencies: condition: redis-ha.enabled annotations: artifacthub.io/changes: | - - kind: added - description: Add log format and log level to dex. + - kind: fixed + description: Add namespace field for namespace scoped resources diff --git a/charts/argo-cd/templates/argocd-application-controller/metrics.yaml b/charts/argo-cd/templates/argocd-application-controller/metrics.yaml index 88827a850..754b8490a 100644 --- a/charts/argo-cd/templates/argocd-application-controller/metrics.yaml +++ b/charts/argo-cd/templates/argocd-application-controller/metrics.yaml @@ -3,6 +3,7 @@ apiVersion: v1 kind: Service metadata: name: {{ include "argo-cd.controller.fullname" . }}-metrics + namespace: {{ .Release.Namespace | quote }} labels: {{- include "argo-cd.labels" (dict "context" . "component" .Values.controller.name "name" "metrics") | nindent 4 }} {{- with .Values.controller.metrics.service.labels }} diff --git a/charts/argo-cd/templates/argocd-application-controller/networkpolicy.yaml b/charts/argo-cd/templates/argocd-application-controller/networkpolicy.yaml index bbb6b324b..e7448c52f 100644 --- a/charts/argo-cd/templates/argocd-application-controller/networkpolicy.yaml +++ b/charts/argo-cd/templates/argocd-application-controller/networkpolicy.yaml @@ -5,6 +5,7 @@ metadata: labels: {{- include "argo-cd.labels" (dict "context" . "component" .Values.controller.name "name" .Values.controller.name) | nindent 4 }} name: {{ template "argo-cd.controller.fullname" . }} + namespace: {{ .Release.Namespace | quote }} spec: ingress: - from: diff --git a/charts/argo-cd/templates/argocd-application-controller/pdb.yaml b/charts/argo-cd/templates/argocd-application-controller/pdb.yaml index b6804c549..7eaf28e18 100644 --- a/charts/argo-cd/templates/argocd-application-controller/pdb.yaml +++ b/charts/argo-cd/templates/argocd-application-controller/pdb.yaml @@ -3,6 +3,7 @@ apiVersion: policy/v1 kind: PodDisruptionBudget metadata: name: {{ include "argo-cd.controller.fullname" . }} + namespace: {{ .Release.Namespace | quote }} labels: {{- include "argo-cd.labels" (dict "context" . "component" .Values.controller.name "name" .Values.controller.name) | nindent 4 }} {{- with .Values.controller.pdb.labels }} diff --git a/charts/argo-cd/templates/argocd-application-controller/prometheusrule.yaml b/charts/argo-cd/templates/argocd-application-controller/prometheusrule.yaml index c44a63f5a..86d665648 100644 --- a/charts/argo-cd/templates/argocd-application-controller/prometheusrule.yaml +++ b/charts/argo-cd/templates/argocd-application-controller/prometheusrule.yaml @@ -3,9 +3,7 @@ apiVersion: monitoring.coreos.com/v1 kind: PrometheusRule metadata: name: {{ template "argo-cd.controller.fullname" . }} - {{- if .Values.controller.metrics.rules.namespace }} - namespace: {{ .Values.controller.metrics.rules.namespace }} - {{- end }} + namespace: {{ default .Release.Namespace .Values.controller.metrics.rules.namespace | quote }} labels: {{- include "argo-cd.labels" (dict "context" . "component" .Values.controller.name "name" .Values.controller.name) | nindent 4 }} {{- if .Values.controller.metrics.rules.selector }} diff --git a/charts/argo-cd/templates/argocd-application-controller/role.yaml b/charts/argo-cd/templates/argocd-application-controller/role.yaml index 75aec8dbb..56ef17b5d 100644 --- a/charts/argo-cd/templates/argocd-application-controller/role.yaml +++ b/charts/argo-cd/templates/argocd-application-controller/role.yaml @@ -2,6 +2,7 @@ apiVersion: rbac.authorization.k8s.io/v1 kind: Role metadata: name: {{ template "argo-cd.controller.fullname" . }} + namespace: {{ .Release.Namespace | quote }} labels: {{- include "argo-cd.labels" (dict "context" . "component" .Values.controller.name "name" .Values.controller.name) | nindent 4 }} rules: diff --git a/charts/argo-cd/templates/argocd-application-controller/rolebinding.yaml b/charts/argo-cd/templates/argocd-application-controller/rolebinding.yaml index f37f4b0ca..5f07f1090 100644 --- a/charts/argo-cd/templates/argocd-application-controller/rolebinding.yaml +++ b/charts/argo-cd/templates/argocd-application-controller/rolebinding.yaml @@ -2,6 +2,7 @@ apiVersion: rbac.authorization.k8s.io/v1 kind: RoleBinding metadata: name: {{ template "argo-cd.controller.fullname" . }} + namespace: {{ .Release.Namespace | quote }} labels: {{- include "argo-cd.labels" (dict "context" . "component" .Values.controller.name "name" .Values.controller.name) | nindent 4 }} roleRef: diff --git a/charts/argo-cd/templates/argocd-application-controller/serviceaccount.yaml b/charts/argo-cd/templates/argocd-application-controller/serviceaccount.yaml index 96d786cd7..fe56d3767 100644 --- a/charts/argo-cd/templates/argocd-application-controller/serviceaccount.yaml +++ b/charts/argo-cd/templates/argocd-application-controller/serviceaccount.yaml @@ -4,6 +4,7 @@ kind: ServiceAccount automountServiceAccountToken: {{ .Values.controller.serviceAccount.automountServiceAccountToken }} metadata: name: {{ template "argo-cd.controllerServiceAccountName" . }} + namespace: {{ .Release.Namespace | quote }} {{- if .Values.controller.serviceAccount.annotations }} annotations: {{- range $key, $value := .Values.controller.serviceAccount.annotations }} diff --git a/charts/argo-cd/templates/argocd-application-controller/servicemonitor.yaml b/charts/argo-cd/templates/argocd-application-controller/servicemonitor.yaml index 3c8b0ca47..10ba77678 100644 --- a/charts/argo-cd/templates/argocd-application-controller/servicemonitor.yaml +++ b/charts/argo-cd/templates/argocd-application-controller/servicemonitor.yaml @@ -3,9 +3,7 @@ apiVersion: monitoring.coreos.com/v1 kind: ServiceMonitor metadata: name: {{ template "argo-cd.controller.fullname" . }} - {{- with .Values.controller.metrics.serviceMonitor.namespace }} - namespace: {{ . }} - {{- end }} + namespace: {{ default .Release.Namespace .Values.controller.metrics.serviceMonitor.namespace | quote }} labels: {{- include "argo-cd.labels" (dict "context" . "component" .Values.controller.name "name" .Values.controller.name) | nindent 4 }} {{- with .Values.controller.metrics.serviceMonitor.selector }} diff --git a/charts/argo-cd/templates/argocd-application-controller/statefulset.yaml b/charts/argo-cd/templates/argocd-application-controller/statefulset.yaml index 0bef6ced9..2a067a63f 100644 --- a/charts/argo-cd/templates/argocd-application-controller/statefulset.yaml +++ b/charts/argo-cd/templates/argocd-application-controller/statefulset.yaml @@ -8,6 +8,7 @@ metadata: {{- end }} {{- end }} name: {{ template "argo-cd.controller.fullname" . }} + namespace: {{ .Release.Namespace | quote }} labels: {{- include "argo-cd.labels" (dict "context" . "component" .Values.controller.name "name" .Values.controller.name) | nindent 4 }} spec: diff --git a/charts/argo-cd/templates/argocd-applicationset/deployment.yaml b/charts/argo-cd/templates/argocd-applicationset/deployment.yaml index 76d77b424..90863cce6 100644 --- a/charts/argo-cd/templates/argocd-applicationset/deployment.yaml +++ b/charts/argo-cd/templates/argocd-applicationset/deployment.yaml @@ -9,6 +9,7 @@ metadata: {{- end }} {{- end }} name: {{ include "argo-cd.applicationSet.fullname" . }} + namespace: {{ .Release.Namespace | quote }} labels: {{- include "argo-cd.labels" (dict "context" . "component" .Values.applicationSet.name "name" .Values.applicationSet.name) | nindent 4 }} spec: diff --git a/charts/argo-cd/templates/argocd-applicationset/metrics.yaml b/charts/argo-cd/templates/argocd-applicationset/metrics.yaml index 7a9397cdc..fdac0bcf3 100644 --- a/charts/argo-cd/templates/argocd-applicationset/metrics.yaml +++ b/charts/argo-cd/templates/argocd-applicationset/metrics.yaml @@ -3,6 +3,7 @@ apiVersion: v1 kind: Service metadata: name: {{ include "argo-cd.applicationSet.fullname" . }}-metrics + namespace: {{ .Release.Namespace | quote }} labels: {{- include "argo-cd.labels" (dict "context" . "component" .Values.applicationSet.name "name" "metrics") | nindent 4 }} {{- with .Values.applicationSet.metrics.service.labels }} diff --git a/charts/argo-cd/templates/argocd-applicationset/networkpolicy.yaml b/charts/argo-cd/templates/argocd-applicationset/networkpolicy.yaml index 176de64b0..81020f54c 100644 --- a/charts/argo-cd/templates/argocd-applicationset/networkpolicy.yaml +++ b/charts/argo-cd/templates/argocd-applicationset/networkpolicy.yaml @@ -3,6 +3,7 @@ apiVersion: networking.k8s.io/v1 kind: NetworkPolicy metadata: name: {{ template "argo-cd.applicationSet.fullname" . }} + namespace: {{ .Release.Namespace | quote }} labels: {{- include "argo-cd.labels" (dict "context" . "component" .Values.applicationSet.name "name" .Values.applicationSet.name) | nindent 4 }} spec: diff --git a/charts/argo-cd/templates/argocd-applicationset/pdb.yaml b/charts/argo-cd/templates/argocd-applicationset/pdb.yaml index 51974356d..8f179032a 100644 --- a/charts/argo-cd/templates/argocd-applicationset/pdb.yaml +++ b/charts/argo-cd/templates/argocd-applicationset/pdb.yaml @@ -3,6 +3,7 @@ apiVersion: policy/v1 kind: PodDisruptionBudget metadata: name: {{ include "argo-cd.applicationSet.fullname" . }} + namespace: {{ .Release.Namespace | quote }} labels: {{- include "argo-cd.labels" (dict "context" . "component" .Values.applicationSet.name "name" .Values.applicationSet.name) | nindent 4 }} {{- with .Values.applicationSet.pdb.labels }} diff --git a/charts/argo-cd/templates/argocd-applicationset/role.yaml b/charts/argo-cd/templates/argocd-applicationset/role.yaml index a9ec2f92b..f8f55405f 100644 --- a/charts/argo-cd/templates/argocd-applicationset/role.yaml +++ b/charts/argo-cd/templates/argocd-applicationset/role.yaml @@ -3,6 +3,7 @@ apiVersion: rbac.authorization.k8s.io/v1 kind: Role metadata: name: {{ include "argo-cd.applicationSet.fullname" . }} + namespace: {{ .Release.Namespace | quote }} labels: {{- include "argo-cd.labels" (dict "context" . "component" .Values.applicationSet.name "name" .Values.applicationSet.name) | nindent 4 }} rules: diff --git a/charts/argo-cd/templates/argocd-applicationset/rolebinding.yaml b/charts/argo-cd/templates/argocd-applicationset/rolebinding.yaml index 91cddeae9..8a70526c6 100644 --- a/charts/argo-cd/templates/argocd-applicationset/rolebinding.yaml +++ b/charts/argo-cd/templates/argocd-applicationset/rolebinding.yaml @@ -3,6 +3,7 @@ apiVersion: rbac.authorization.k8s.io/v1 kind: RoleBinding metadata: name: {{ template "argo-cd.applicationSet.fullname" . }} + namespace: {{ .Release.Namespace | quote }} labels: {{- include "argo-cd.labels" (dict "context" . "component" .Values.applicationSet.name "name" .Values.applicationSet.name) | nindent 4 }} roleRef: diff --git a/charts/argo-cd/templates/argocd-applicationset/service.yaml b/charts/argo-cd/templates/argocd-applicationset/service.yaml index 9e0de5339..640b195a7 100644 --- a/charts/argo-cd/templates/argocd-applicationset/service.yaml +++ b/charts/argo-cd/templates/argocd-applicationset/service.yaml @@ -9,6 +9,7 @@ metadata: {{- end }} {{- end }} name: {{ template "argo-cd.applicationSet.fullname" . }} + namespace: {{ .Release.Namespace | quote }} labels: {{- include "argo-cd.labels" (dict "context" . "component" .Values.applicationSet.name "name" .Values.applicationSet.name) | nindent 4 }} {{- with .Values.applicationSet.service.labels }} diff --git a/charts/argo-cd/templates/argocd-applicationset/serviceaccount.yaml b/charts/argo-cd/templates/argocd-applicationset/serviceaccount.yaml index cf5c0ef51..a196626eb 100644 --- a/charts/argo-cd/templates/argocd-applicationset/serviceaccount.yaml +++ b/charts/argo-cd/templates/argocd-applicationset/serviceaccount.yaml @@ -4,6 +4,7 @@ kind: ServiceAccount automountServiceAccountToken: {{ .Values.applicationSet.serviceAccount.automountServiceAccountToken }} metadata: name: {{ template "argo-cd.applicationSetServiceAccountName" . }} + namespace: {{ .Release.Namespace | quote }} {{- if .Values.applicationSet.serviceAccount.annotations }} annotations: {{- range $key, $value := .Values.applicationSet.serviceAccount.annotations }} diff --git a/charts/argo-cd/templates/argocd-applicationset/servicemonitor.yaml b/charts/argo-cd/templates/argocd-applicationset/servicemonitor.yaml index b836ccc5b..bb814a254 100644 --- a/charts/argo-cd/templates/argocd-applicationset/servicemonitor.yaml +++ b/charts/argo-cd/templates/argocd-applicationset/servicemonitor.yaml @@ -4,9 +4,7 @@ apiVersion: monitoring.coreos.com/v1 kind: ServiceMonitor metadata: name: {{ template "argo-cd.applicationSet.fullname" . }} - {{- with .Values.applicationSet.metrics.serviceMonitor.namespace }} - namespace: {{ . }} - {{- end }} + namespace: {{ default .Release.Namespace .Values.applicationSet.metrics.serviceMonitor.namespace | quote }} labels: {{- include "argo-cd.labels" (dict "context" . "component" .Values.applicationSet.name "name" .Values.applicationSet.name) | nindent 4 }} {{- with .Values.applicationSet.metrics.serviceMonitor.selector }} diff --git a/charts/argo-cd/templates/argocd-applicationset/webhook-ingress.yaml b/charts/argo-cd/templates/argocd-applicationset/webhook-ingress.yaml index 5285c6f2d..d98f94237 100644 --- a/charts/argo-cd/templates/argocd-applicationset/webhook-ingress.yaml +++ b/charts/argo-cd/templates/argocd-applicationset/webhook-ingress.yaml @@ -7,6 +7,7 @@ apiVersion: networking.k8s.io/v1 kind: Ingress metadata: name: {{ include "argo-cd.applicationSet.fullname" . }} + namespace: {{ .Release.Namespace | quote }} labels: {{- include "argo-cd.labels" (dict "context" . "component" .Values.applicationSet.name "name" .Values.applicationSet.name) | nindent 4 }} {{- with .Values.applicationSet.webhook.ingress.labels }} diff --git a/charts/argo-cd/templates/argocd-configs/argocd-cm.yaml b/charts/argo-cd/templates/argocd-configs/argocd-cm.yaml index a9ff71d9f..829a67769 100644 --- a/charts/argo-cd/templates/argocd-configs/argocd-cm.yaml +++ b/charts/argo-cd/templates/argocd-configs/argocd-cm.yaml @@ -3,6 +3,7 @@ apiVersion: v1 kind: ConfigMap metadata: name: argocd-cm + namespace: {{ .Release.Namespace | quote }} labels: {{- include "argo-cd.labels" (dict "context" . "component" .Values.server.name "name" "cm") | nindent 4 }} {{- with (mergeOverwrite (deepCopy .Values.configs.cm.annotations) (.Values.server.configAnnotations | default dict)) }} diff --git a/charts/argo-cd/templates/argocd-configs/argocd-cmd-params-cm.yaml b/charts/argo-cd/templates/argocd-configs/argocd-cmd-params-cm.yaml index 0628ff9c8..18fead9bb 100644 --- a/charts/argo-cd/templates/argocd-configs/argocd-cmd-params-cm.yaml +++ b/charts/argo-cd/templates/argocd-configs/argocd-cmd-params-cm.yaml @@ -2,6 +2,7 @@ apiVersion: v1 kind: ConfigMap metadata: name: argocd-cmd-params-cm + namespace: {{ .Release.Namespace | quote }} labels: {{- include "argo-cd.labels" (dict "context" . "component" .Values.server.name "name" "cmd-params-cm") | nindent 4 }} {{- if .Values.configs.params.annotations }} diff --git a/charts/argo-cd/templates/argocd-configs/argocd-cmp-cm.yaml b/charts/argo-cd/templates/argocd-configs/argocd-cmp-cm.yaml index 39a6db6b6..a3400605e 100644 --- a/charts/argo-cd/templates/argocd-configs/argocd-cmp-cm.yaml +++ b/charts/argo-cd/templates/argocd-configs/argocd-cmp-cm.yaml @@ -3,6 +3,7 @@ apiVersion: v1 kind: ConfigMap metadata: name: argocd-cmp-cm + namespace: {{ .Release.Namespace | quote }} labels: {{- include "argo-cd.labels" (dict "context" . "component" .Values.repoServer.name "name" "cmp-cm") | nindent 4 }} {{- with .Values.configs.cmp.annotations }} diff --git a/charts/argo-cd/templates/argocd-configs/argocd-dex-server-tls-secret.yaml b/charts/argo-cd/templates/argocd-configs/argocd-dex-server-tls-secret.yaml index 7e3ae6b0a..c543e8a74 100644 --- a/charts/argo-cd/templates/argocd-configs/argocd-dex-server-tls-secret.yaml +++ b/charts/argo-cd/templates/argocd-configs/argocd-dex-server-tls-secret.yaml @@ -3,6 +3,7 @@ apiVersion: v1 kind: Secret metadata: name: argocd-dex-server-tls + namespace: {{ .Release.Namespace | quote }} labels: {{- include "argo-cd.labels" (dict "context" . "component" .Values.dex.name "name" "dex-server-tls") | nindent 4 }} {{- with .Values.dex.certificateSecret.labels }} diff --git a/charts/argo-cd/templates/argocd-configs/argocd-gpg-keys-cm.yaml b/charts/argo-cd/templates/argocd-configs/argocd-gpg-keys-cm.yaml index 72f9823b5..982867f92 100644 --- a/charts/argo-cd/templates/argocd-configs/argocd-gpg-keys-cm.yaml +++ b/charts/argo-cd/templates/argocd-configs/argocd-gpg-keys-cm.yaml @@ -2,6 +2,7 @@ apiVersion: v1 kind: ConfigMap metadata: name: argocd-gpg-keys-cm + namespace: {{ .Release.Namespace | quote }} labels: {{- include "argo-cd.labels" (dict "context" . "name" "gpg-keys-cm") | nindent 4 }} {{ with (mergeOverwrite (deepCopy .Values.configs.gpg.annotations) (.Values.configs.gpgKeysAnnotations | default dict)) -}} diff --git a/charts/argo-cd/templates/argocd-configs/argocd-notifications-cm.yaml b/charts/argo-cd/templates/argocd-configs/argocd-notifications-cm.yaml index 593da721c..c8cdefc4c 100644 --- a/charts/argo-cd/templates/argocd-configs/argocd-notifications-cm.yaml +++ b/charts/argo-cd/templates/argocd-configs/argocd-notifications-cm.yaml @@ -3,6 +3,7 @@ apiVersion: v1 kind: ConfigMap metadata: name: argocd-notifications-cm + namespace: {{ .Release.Namespace | quote }} labels: {{- include "argo-cd.labels" (dict "context" . "component" .Values.notifications.name "name" .Values.notifications.name) | nindent 4 }} data: diff --git a/charts/argo-cd/templates/argocd-configs/argocd-notifications-secret.yaml b/charts/argo-cd/templates/argocd-configs/argocd-notifications-secret.yaml index dc5bd383c..cde4d555b 100644 --- a/charts/argo-cd/templates/argocd-configs/argocd-notifications-secret.yaml +++ b/charts/argo-cd/templates/argocd-configs/argocd-notifications-secret.yaml @@ -3,6 +3,7 @@ apiVersion: v1 kind: Secret metadata: name: argocd-notifications-secret + namespace: {{ .Release.Namespace | quote }} labels: {{- include "argo-cd.labels" (dict "context" . "component" .Values.notifications.name "name" .Values.notifications.name) | nindent 4 }} {{- with .Values.notifications.secret.annotations }} diff --git a/charts/argo-cd/templates/argocd-configs/argocd-rbac-cm.yaml b/charts/argo-cd/templates/argocd-configs/argocd-rbac-cm.yaml index 8ebb43d28..c882cb394 100644 --- a/charts/argo-cd/templates/argocd-configs/argocd-rbac-cm.yaml +++ b/charts/argo-cd/templates/argocd-configs/argocd-rbac-cm.yaml @@ -3,6 +3,7 @@ apiVersion: v1 kind: ConfigMap metadata: name: argocd-rbac-cm + namespace: {{ .Release.Namespace | quote }} labels: {{- include "argo-cd.labels" (dict "context" . "component" .Values.server.name "name" "rbac-cm") | nindent 4 }} {{- with (mergeOverwrite (deepCopy .Values.configs.rbac.annotations) (.Values.server.rbacConfigAnnotations | default dict)) }} diff --git a/charts/argo-cd/templates/argocd-configs/argocd-repo-server-tls-secret.yaml b/charts/argo-cd/templates/argocd-configs/argocd-repo-server-tls-secret.yaml index b0f35aa23..4e1b3dc90 100644 --- a/charts/argo-cd/templates/argocd-configs/argocd-repo-server-tls-secret.yaml +++ b/charts/argo-cd/templates/argocd-configs/argocd-repo-server-tls-secret.yaml @@ -3,6 +3,7 @@ apiVersion: v1 kind: Secret metadata: name: argocd-repo-server-tls + namespace: {{ .Release.Namespace | quote }} labels: {{- include "argo-cd.labels" (dict "context" . "component" .Values.repoServer.name "name" "repo-server-tls") | nindent 4 }} {{- with .Values.repoServer.certificateSecret.labels }} diff --git a/charts/argo-cd/templates/argocd-configs/argocd-secret.yaml b/charts/argo-cd/templates/argocd-configs/argocd-secret.yaml index 84a51197c..1e69bcead 100644 --- a/charts/argo-cd/templates/argocd-configs/argocd-secret.yaml +++ b/charts/argo-cd/templates/argocd-configs/argocd-secret.yaml @@ -3,6 +3,7 @@ apiVersion: v1 kind: Secret metadata: name: argocd-secret + namespace: {{ .Release.Namespace | quote }} labels: {{- include "argo-cd.labels" (dict "context" . "component" .Values.server.name "name" "secret") | nindent 4 }} {{- with .Values.configs.secret.labels }} diff --git a/charts/argo-cd/templates/argocd-configs/argocd-server-tls-secret.yaml b/charts/argo-cd/templates/argocd-configs/argocd-server-tls-secret.yaml index 1e9f8dd38..c612a62c7 100644 --- a/charts/argo-cd/templates/argocd-configs/argocd-server-tls-secret.yaml +++ b/charts/argo-cd/templates/argocd-configs/argocd-server-tls-secret.yaml @@ -3,6 +3,7 @@ apiVersion: v1 kind: Secret metadata: name: argocd-server-tls + namespace: {{ .Release.Namespace | quote }} labels: {{- include "argo-cd.labels" (dict "context" . "component" .Values.server.name "name" "server-tls") | nindent 4 }} {{- with .Values.server.certificateSecret.labels }} diff --git a/charts/argo-cd/templates/argocd-configs/argocd-ssh-known-hosts-cm.yaml b/charts/argo-cd/templates/argocd-configs/argocd-ssh-known-hosts-cm.yaml index 7b8e5d0b8..a7f3abdf8 100644 --- a/charts/argo-cd/templates/argocd-configs/argocd-ssh-known-hosts-cm.yaml +++ b/charts/argo-cd/templates/argocd-configs/argocd-ssh-known-hosts-cm.yaml @@ -2,6 +2,7 @@ apiVersion: v1 kind: ConfigMap metadata: name: argocd-ssh-known-hosts-cm + namespace: {{ .Release.Namespace | quote }} labels: {{- include "argo-cd.labels" (dict "context" . "name" "ssh-known-hosts-cm") | nindent 4 }} {{- with (mergeOverwrite (deepCopy .Values.configs.ssh.annotations) (.Values.configs.knownHostsAnnotations | default dict)) }} diff --git a/charts/argo-cd/templates/argocd-configs/argocd-styles-cm.yaml b/charts/argo-cd/templates/argocd-configs/argocd-styles-cm.yaml index 149104f16..b98e40df2 100644 --- a/charts/argo-cd/templates/argocd-configs/argocd-styles-cm.yaml +++ b/charts/argo-cd/templates/argocd-configs/argocd-styles-cm.yaml @@ -3,6 +3,7 @@ apiVersion: v1 kind: ConfigMap metadata: name: argocd-styles-cm + namespace: {{ .Release.Namespace | quote }} labels: {{- include "argo-cd.labels" (dict "context" . "component" .Values.repoServer.name "name" .Values.repoServer.name) | nindent 4 }} data: diff --git a/charts/argo-cd/templates/argocd-configs/argocd-tls-certs-cm.yaml b/charts/argo-cd/templates/argocd-configs/argocd-tls-certs-cm.yaml index 1ba0176d8..6a5a95e54 100644 --- a/charts/argo-cd/templates/argocd-configs/argocd-tls-certs-cm.yaml +++ b/charts/argo-cd/templates/argocd-configs/argocd-tls-certs-cm.yaml @@ -2,6 +2,7 @@ apiVersion: v1 kind: ConfigMap metadata: name: argocd-tls-certs-cm + namespace: {{ .Release.Namespace | quote }} labels: {{- include "argo-cd.labels" (dict "context" . "name" "tls-certs-cm") | nindent 4 }} {{- with (mergeOverwrite (deepCopy .Values.configs.tls.annotations) (.Values.configs.tlsCertsAnnotations | default dict)) }} diff --git a/charts/argo-cd/templates/argocd-configs/cluster-secrets.yaml b/charts/argo-cd/templates/argocd-configs/cluster-secrets.yaml index c1aaa531a..259ee3484 100644 --- a/charts/argo-cd/templates/argocd-configs/cluster-secrets.yaml +++ b/charts/argo-cd/templates/argocd-configs/cluster-secrets.yaml @@ -4,6 +4,7 @@ apiVersion: v1 kind: Secret metadata: name: {{ include "argo-cd.name" $ }}-cluster-{{ .name }} + namespace: {{ .Release.Namespace | quote }} labels: {{- include "argo-cd.labels" (dict "context" $) | nindent 4 }} {{- with .labels }} diff --git a/charts/argo-cd/templates/argocd-configs/externalredis-secret.yaml b/charts/argo-cd/templates/argocd-configs/externalredis-secret.yaml index 80dfc475b..9bfcd9836 100644 --- a/charts/argo-cd/templates/argocd-configs/externalredis-secret.yaml +++ b/charts/argo-cd/templates/argocd-configs/externalredis-secret.yaml @@ -3,6 +3,7 @@ apiVersion: v1 kind: Secret metadata: name: {{ include "argo-cd.redis.fullname" . }} + namespace: {{ .Release.Namespace | quote }} labels: {{- include "argo-cd.labels" (dict "context" $) | nindent 4 }} {{- with .Values.externalRedis.secretAnnotations }} diff --git a/charts/argo-cd/templates/argocd-configs/repository-credentials-secret.yaml b/charts/argo-cd/templates/argocd-configs/repository-credentials-secret.yaml index 96efd67c6..748718abf 100644 --- a/charts/argo-cd/templates/argocd-configs/repository-credentials-secret.yaml +++ b/charts/argo-cd/templates/argocd-configs/repository-credentials-secret.yaml @@ -4,6 +4,7 @@ apiVersion: v1 kind: Secret metadata: name: argocd-repo-creds-{{ $repo_cred_key }} + namespace: {{ .Release.Namespace | quote }} labels: argocd.argoproj.io/secret-type: repo-creds {{- include "argo-cd.labels" (dict "context" $) | nindent 4 }} diff --git a/charts/argo-cd/templates/argocd-configs/repository-secret.yaml b/charts/argo-cd/templates/argocd-configs/repository-secret.yaml index bd0c067ca..d64ae5ccd 100644 --- a/charts/argo-cd/templates/argocd-configs/repository-secret.yaml +++ b/charts/argo-cd/templates/argocd-configs/repository-secret.yaml @@ -4,6 +4,7 @@ apiVersion: v1 kind: Secret metadata: name: argocd-repo-{{ $repo_key }} + namespace: {{ .Release.Namespace | quote }} labels: argocd.argoproj.io/secret-type: repository {{- include "argo-cd.labels" (dict "context" $) | nindent 4 }} diff --git a/charts/argo-cd/templates/argocd-notifications/deployment.yaml b/charts/argo-cd/templates/argocd-notifications/deployment.yaml index fc51bb002..729e57dbb 100644 --- a/charts/argo-cd/templates/argocd-notifications/deployment.yaml +++ b/charts/argo-cd/templates/argocd-notifications/deployment.yaml @@ -9,6 +9,7 @@ metadata: {{- end }} {{- end }} name: {{ include "argo-cd.notifications.fullname" . }} + namespace: {{ .Release.Namespace | quote }} labels: {{- include "argo-cd.labels" (dict "context" . "component" .Values.notifications.name "name" .Values.notifications.name) | nindent 4 }} spec: diff --git a/charts/argo-cd/templates/argocd-notifications/metrics.yaml b/charts/argo-cd/templates/argocd-notifications/metrics.yaml index 3b80e97b9..3c30a0853 100644 --- a/charts/argo-cd/templates/argocd-notifications/metrics.yaml +++ b/charts/argo-cd/templates/argocd-notifications/metrics.yaml @@ -3,6 +3,7 @@ apiVersion: v1 kind: Service metadata: name: {{ include "argo-cd.notifications.fullname" . }}-metrics + namespace: {{ .Release.Namespace | quote }} labels: {{- include "argo-cd.labels" (dict "context" . "component" .Values.notifications.name "name" "metrics") | nindent 4 }} {{- with .Values.notifications.metrics.service.labels }} diff --git a/charts/argo-cd/templates/argocd-notifications/networkpolicy.yaml b/charts/argo-cd/templates/argocd-notifications/networkpolicy.yaml index 6bd0c04e0..011a7c337 100644 --- a/charts/argo-cd/templates/argocd-notifications/networkpolicy.yaml +++ b/charts/argo-cd/templates/argocd-notifications/networkpolicy.yaml @@ -3,6 +3,7 @@ apiVersion: networking.k8s.io/v1 kind: NetworkPolicy metadata: name: {{ template "argo-cd.notifications.fullname" . }} + namespace: {{ .Release.Namespace | quote }} labels: {{- include "argo-cd.labels" (dict "context" . "component" .Values.notifications.name "name" .Values.notifications.name) | nindent 4 }} spec: diff --git a/charts/argo-cd/templates/argocd-notifications/pdb.yaml b/charts/argo-cd/templates/argocd-notifications/pdb.yaml index f1f32715c..716195479 100644 --- a/charts/argo-cd/templates/argocd-notifications/pdb.yaml +++ b/charts/argo-cd/templates/argocd-notifications/pdb.yaml @@ -3,6 +3,7 @@ apiVersion: policy/v1 kind: PodDisruptionBudget metadata: name: {{ include "argo-cd.notifications.fullname" . }} + namespace: {{ .Release.Namespace | quote }} labels: {{- include "argo-cd.labels" (dict "context" . "component" .Values.notifications.name "name" .Values.notifications.name) | nindent 4 }} {{- with .Values.notifications.pdb.labels }} diff --git a/charts/argo-cd/templates/argocd-notifications/role.yaml b/charts/argo-cd/templates/argocd-notifications/role.yaml index 52df9ad16..128c24f5d 100644 --- a/charts/argo-cd/templates/argocd-notifications/role.yaml +++ b/charts/argo-cd/templates/argocd-notifications/role.yaml @@ -3,6 +3,7 @@ apiVersion: rbac.authorization.k8s.io/v1 kind: Role metadata: name: {{ template "argo-cd.notifications.fullname" . }} + namespace: {{ .Release.Namespace | quote }} labels: {{- include "argo-cd.labels" (dict "context" . "component" .Values.notifications.name "name" .Values.notifications.name) | nindent 4 }} rules: diff --git a/charts/argo-cd/templates/argocd-notifications/rolebinding.yaml b/charts/argo-cd/templates/argocd-notifications/rolebinding.yaml index e78ac5c65..7bc6e1d12 100644 --- a/charts/argo-cd/templates/argocd-notifications/rolebinding.yaml +++ b/charts/argo-cd/templates/argocd-notifications/rolebinding.yaml @@ -3,6 +3,7 @@ apiVersion: rbac.authorization.k8s.io/v1 kind: RoleBinding metadata: name: {{ template "argo-cd.notifications.fullname" . }} + namespace: {{ .Release.Namespace | quote }} labels: {{- include "argo-cd.labels" (dict "context" . "component" .Values.notifications.name "name" .Values.notifications.name) | nindent 4 }} roleRef: diff --git a/charts/argo-cd/templates/argocd-notifications/serviceaccount.yaml b/charts/argo-cd/templates/argocd-notifications/serviceaccount.yaml index d62192804..aa8242420 100644 --- a/charts/argo-cd/templates/argocd-notifications/serviceaccount.yaml +++ b/charts/argo-cd/templates/argocd-notifications/serviceaccount.yaml @@ -4,6 +4,7 @@ kind: ServiceAccount automountServiceAccountToken: {{ .Values.notifications.serviceAccount.automountServiceAccountToken }} metadata: name: {{ template "argo-cd.notificationsServiceAccountName" . }} + namespace: {{ .Release.Namespace | quote }} {{- if .Values.notifications.serviceAccount.annotations }} annotations: {{- range $key, $value := .Values.notifications.serviceAccount.annotations }} diff --git a/charts/argo-cd/templates/argocd-notifications/servicemonitor.yaml b/charts/argo-cd/templates/argocd-notifications/servicemonitor.yaml index 2dd280bf2..de3cc5a35 100644 --- a/charts/argo-cd/templates/argocd-notifications/servicemonitor.yaml +++ b/charts/argo-cd/templates/argocd-notifications/servicemonitor.yaml @@ -3,9 +3,7 @@ apiVersion: monitoring.coreos.com/v1 kind: ServiceMonitor metadata: name: {{ template "argo-cd.notifications.fullname" . }} - {{- if .Values.notifications.metrics.serviceMonitor.namespace }} - namespace: {{ .Values.notifications.metrics.serviceMonitor.namespace }} - {{- end }} + namespace: {{ default .Release.Namespace .Values.notifications.metrics.serviceMonitor.namespace | quote }} labels: {{- include "argo-cd.labels" (dict "context" . "component" .Values.notifications.name "name" .Values.notifications.name) | nindent 4 }} {{- with .Values.notifications.metrics.serviceMonitor.selector }} diff --git a/charts/argo-cd/templates/argocd-repo-server/deployment.yaml b/charts/argo-cd/templates/argocd-repo-server/deployment.yaml index 906a544fb..f5272bc20 100755 --- a/charts/argo-cd/templates/argocd-repo-server/deployment.yaml +++ b/charts/argo-cd/templates/argocd-repo-server/deployment.yaml @@ -8,6 +8,7 @@ metadata: {{- end }} {{- end }} name: {{ template "argo-cd.repoServer.fullname" . }} + namespace: {{ .Release.Namespace | quote }} labels: {{- include "argo-cd.labels" (dict "context" . "component" .Values.repoServer.name "name" .Values.repoServer.name) | nindent 4 }} spec: diff --git a/charts/argo-cd/templates/argocd-repo-server/hpa.yaml b/charts/argo-cd/templates/argocd-repo-server/hpa.yaml index d7f743205..2cba83248 100644 --- a/charts/argo-cd/templates/argocd-repo-server/hpa.yaml +++ b/charts/argo-cd/templates/argocd-repo-server/hpa.yaml @@ -5,6 +5,7 @@ metadata: labels: {{- include "argo-cd.labels" (dict "context" . "component" .Values.repoServer.name "name" (printf "%s-hpa" .Values.repoServer.name)) | nindent 4 }} name: {{ template "argo-cd.repoServer.fullname" . }}-hpa + namespace: {{ .Release.Namespace | quote }} spec: scaleTargetRef: apiVersion: apps/v1 diff --git a/charts/argo-cd/templates/argocd-repo-server/metrics.yaml b/charts/argo-cd/templates/argocd-repo-server/metrics.yaml index 1124057ea..b2be38eeb 100644 --- a/charts/argo-cd/templates/argocd-repo-server/metrics.yaml +++ b/charts/argo-cd/templates/argocd-repo-server/metrics.yaml @@ -3,6 +3,7 @@ apiVersion: v1 kind: Service metadata: name: {{ include "argo-cd.repoServer.fullname" . }}-metrics + namespace: {{ .Release.Namespace | quote }} labels: {{- include "argo-cd.labels" (dict "context" . "component" .Values.repoServer.name "name" (printf "%s-metrics" .Values.repoServer.name)) | nindent 4 }} {{- with .Values.repoServer.metrics.service.labels }} diff --git a/charts/argo-cd/templates/argocd-repo-server/networkpolicy.yaml b/charts/argo-cd/templates/argocd-repo-server/networkpolicy.yaml index 619a65ca5..08a1c214c 100644 --- a/charts/argo-cd/templates/argocd-repo-server/networkpolicy.yaml +++ b/charts/argo-cd/templates/argocd-repo-server/networkpolicy.yaml @@ -5,6 +5,7 @@ metadata: labels: {{- include "argo-cd.labels" (dict "context" . "component" .Values.repoServer.name "name" .Values.repoServer.name) | nindent 4 }} name: {{ template "argo-cd.repoServer.fullname" . }} + namespace: {{ .Release.Namespace | quote }} spec: ingress: - from: diff --git a/charts/argo-cd/templates/argocd-repo-server/pdb.yaml b/charts/argo-cd/templates/argocd-repo-server/pdb.yaml index 318671f02..658a1fe36 100644 --- a/charts/argo-cd/templates/argocd-repo-server/pdb.yaml +++ b/charts/argo-cd/templates/argocd-repo-server/pdb.yaml @@ -3,6 +3,7 @@ apiVersion: policy/v1 kind: PodDisruptionBudget metadata: name: {{ include "argo-cd.repoServer.fullname" . }} + namespace: {{ .Release.Namespace | quote }} labels: {{- include "argo-cd.labels" (dict "context" . "component" .Values.repoServer.name "name" .Values.repoServer.name) | nindent 4 }} {{- with .Values.repoServer.pdb.labels }} diff --git a/charts/argo-cd/templates/argocd-repo-server/role.yaml b/charts/argo-cd/templates/argocd-repo-server/role.yaml index bc422c433..5f9324d51 100644 --- a/charts/argo-cd/templates/argocd-repo-server/role.yaml +++ b/charts/argo-cd/templates/argocd-repo-server/role.yaml @@ -3,6 +3,7 @@ apiVersion: rbac.authorization.k8s.io/v1 kind: Role metadata: name: {{ template "argo-cd.repoServer.fullname" . }} + namespace: {{ .Release.Namespace | quote }} labels: {{- include "argo-cd.labels" (dict "context" . "component" .Values.repoServer.name "name" .Values.repoServer.name) | nindent 4 }} rules: diff --git a/charts/argo-cd/templates/argocd-repo-server/rolebinding.yaml b/charts/argo-cd/templates/argocd-repo-server/rolebinding.yaml index 3cfa312f3..8834b7789 100644 --- a/charts/argo-cd/templates/argocd-repo-server/rolebinding.yaml +++ b/charts/argo-cd/templates/argocd-repo-server/rolebinding.yaml @@ -3,6 +3,7 @@ apiVersion: rbac.authorization.k8s.io/v1 kind: RoleBinding metadata: name: {{ template "argo-cd.repoServer.fullname" . }} + namespace: {{ .Release.Namespace | quote }} labels: {{- include "argo-cd.labels" (dict "context" . "component" .Values.repoServer.name "name" .Values.repoServer.name) | nindent 4 }} roleRef: diff --git a/charts/argo-cd/templates/argocd-repo-server/service.yaml b/charts/argo-cd/templates/argocd-repo-server/service.yaml index 541ea41ee..c2c434639 100644 --- a/charts/argo-cd/templates/argocd-repo-server/service.yaml +++ b/charts/argo-cd/templates/argocd-repo-server/service.yaml @@ -13,6 +13,7 @@ metadata: {{- toYaml . | nindent 4 }} {{- end }} name: {{ template "argo-cd.repoServer.fullname" . }} + namespace: {{ .Release.Namespace | quote }} spec: ports: - name: {{ .Values.repoServer.service.portName }} diff --git a/charts/argo-cd/templates/argocd-repo-server/serviceaccount.yaml b/charts/argo-cd/templates/argocd-repo-server/serviceaccount.yaml index 71f75583e..7b26928fa 100644 --- a/charts/argo-cd/templates/argocd-repo-server/serviceaccount.yaml +++ b/charts/argo-cd/templates/argocd-repo-server/serviceaccount.yaml @@ -4,6 +4,7 @@ kind: ServiceAccount automountServiceAccountToken: {{ .Values.repoServer.serviceAccount.automountServiceAccountToken }} metadata: name: {{ template "argo-cd.repoServerServiceAccountName" . }} + namespace: {{ .Release.Namespace | quote }} {{- if .Values.repoServer.serviceAccount.annotations }} annotations: {{- range $key, $value := .Values.repoServer.serviceAccount.annotations }} diff --git a/charts/argo-cd/templates/argocd-repo-server/servicemonitor.yaml b/charts/argo-cd/templates/argocd-repo-server/servicemonitor.yaml index 82937d9b8..aec96461c 100644 --- a/charts/argo-cd/templates/argocd-repo-server/servicemonitor.yaml +++ b/charts/argo-cd/templates/argocd-repo-server/servicemonitor.yaml @@ -3,9 +3,7 @@ apiVersion: monitoring.coreos.com/v1 kind: ServiceMonitor metadata: name: {{ template "argo-cd.repoServer.fullname" . }} - {{- with .Values.repoServer.metrics.serviceMonitor.namespace }} - namespace: {{ . }} - {{- end }} + namespace: {{ default .Release.Namespace .Values.repoServer.metrics.serviceMonitor.namespace | default }} labels: {{- include "argo-cd.labels" (dict "context" . "component" .Values.repoServer.name "name" .Values.repoServer.name) | nindent 4 }} {{- with .Values.repoServer.metrics.serviceMonitor.selector }} diff --git a/charts/argo-cd/templates/argocd-server/aws/service.yaml b/charts/argo-cd/templates/argocd-server/aws/service.yaml index a0368023c..02c543d52 100644 --- a/charts/argo-cd/templates/argocd-server/aws/service.yaml +++ b/charts/argo-cd/templates/argocd-server/aws/service.yaml @@ -7,6 +7,7 @@ metadata: labels: {{- include "argo-cd.labels" (dict "context" . "component" (print .Values.server.name "-gprc") "name" (print .Values.server.name "-grpc")) | nindent 4 }} name: {{ template "argo-cd.server.fullname" . }}-grpc + namespace: {{ .Release.Namespace | quote }} spec: ports: - name: {{ .Values.server.service.servicePortHttpName }} diff --git a/charts/argo-cd/templates/argocd-server/certificate.yaml b/charts/argo-cd/templates/argocd-server/certificate.yaml index ed844aa2c..eec82ae6a 100644 --- a/charts/argo-cd/templates/argocd-server/certificate.yaml +++ b/charts/argo-cd/templates/argocd-server/certificate.yaml @@ -3,6 +3,7 @@ apiVersion: {{ include "argo-cd.apiVersion.cert-manager" . }} kind: Certificate metadata: name: {{ include "argo-cd.server.fullname" . }} + namespace: {{ .Release.Namespace | quote }} labels: {{- include "argo-cd.labels" (dict "context" . "component" .Values.server.name "name" .Values.server.name) | nindent 4 }} spec: diff --git a/charts/argo-cd/templates/argocd-server/deployment.yaml b/charts/argo-cd/templates/argocd-server/deployment.yaml index a5bea81be..aa7320e71 100755 --- a/charts/argo-cd/templates/argocd-server/deployment.yaml +++ b/charts/argo-cd/templates/argocd-server/deployment.yaml @@ -8,6 +8,7 @@ metadata: {{- end }} {{- end }} name: {{ template "argo-cd.server.fullname" . }} + namespace: {{ .Release.Namespace | quote }} labels: {{- include "argo-cd.labels" (dict "context" . "component" .Values.server.name "name" .Values.server.name) | nindent 4 }} spec: diff --git a/charts/argo-cd/templates/argocd-server/gke/backendconfig.yaml b/charts/argo-cd/templates/argocd-server/gke/backendconfig.yaml index 69a420930..e2ae3d844 100644 --- a/charts/argo-cd/templates/argocd-server/gke/backendconfig.yaml +++ b/charts/argo-cd/templates/argocd-server/gke/backendconfig.yaml @@ -3,6 +3,7 @@ apiVersion: {{ include "argo-cd.apiVersions.cloudgoogle" . }} kind: BackendConfig metadata: name: {{ template "argo-cd.server.fullname" . }} + namespace: {{ .Release.Namespace | quote }} labels: {{- include "argo-cd.labels" (dict "context" . "component" .Values.server.name "name" .Values.server.name) | nindent 4 }} spec: diff --git a/charts/argo-cd/templates/argocd-server/gke/frontendconfig.yaml b/charts/argo-cd/templates/argocd-server/gke/frontendconfig.yaml index 46fc43a9c..316875969 100644 --- a/charts/argo-cd/templates/argocd-server/gke/frontendconfig.yaml +++ b/charts/argo-cd/templates/argocd-server/gke/frontendconfig.yaml @@ -3,6 +3,7 @@ apiVersion: networking.gke.io/v1beta1 kind: FrontendConfig metadata: name: {{ template "argo-cd.server.fullname" . }} + namespace: {{ .Release.Namespace | quote }} labels: {{- include "argo-cd.labels" (dict "context" . "component" .Values.server.name "name" .Values.server.name) | nindent 4 }} spec: diff --git a/charts/argo-cd/templates/argocd-server/gke/managedcertificate.yaml b/charts/argo-cd/templates/argocd-server/gke/managedcertificate.yaml index 81e1e7101..942c6b3f8 100644 --- a/charts/argo-cd/templates/argocd-server/gke/managedcertificate.yaml +++ b/charts/argo-cd/templates/argocd-server/gke/managedcertificate.yaml @@ -3,6 +3,7 @@ apiVersion: networking.gke.io/v1 kind: ManagedCertificate metadata: name: {{ template "argo-cd.server.fullname" . }} + namespace: {{ .Release.Namespace | quote }} spec: domains: {{- with .Values.server.GKEmanagedCertificate.domains }} diff --git a/charts/argo-cd/templates/argocd-server/hpa.yaml b/charts/argo-cd/templates/argocd-server/hpa.yaml index af107b7fb..cbc17c319 100644 --- a/charts/argo-cd/templates/argocd-server/hpa.yaml +++ b/charts/argo-cd/templates/argocd-server/hpa.yaml @@ -5,6 +5,7 @@ metadata: labels: {{- include "argo-cd.labels" (dict "context" . "component" .Values.server.name "name" (printf "%s-hpa" .Values.server.name)) | nindent 4 }} name: {{ template "argo-cd.server.fullname" . }}-hpa + namespace: {{ .Release.Namespace | quote }} spec: scaleTargetRef: apiVersion: apps/v1 diff --git a/charts/argo-cd/templates/argocd-server/ingress-grpc.yaml b/charts/argo-cd/templates/argocd-server/ingress-grpc.yaml index b728a11ba..b671f86fc 100644 --- a/charts/argo-cd/templates/argocd-server/ingress-grpc.yaml +++ b/charts/argo-cd/templates/argocd-server/ingress-grpc.yaml @@ -7,6 +7,7 @@ apiVersion: networking.k8s.io/v1 kind: Ingress metadata: name: {{ include "argo-cd.server.fullname" . }}-grpc + namespace: {{ .Release.Namespace | quote }} labels: {{- include "argo-cd.labels" (dict "context" . "component" .Values.server.name "name" .Values.server.name) | nindent 4 }} {{- with .Values.server.ingressGrpc.labels }} diff --git a/charts/argo-cd/templates/argocd-server/ingress.yaml b/charts/argo-cd/templates/argocd-server/ingress.yaml index 0e064b0b3..98ec1cb12 100644 --- a/charts/argo-cd/templates/argocd-server/ingress.yaml +++ b/charts/argo-cd/templates/argocd-server/ingress.yaml @@ -7,6 +7,7 @@ apiVersion: networking.k8s.io/v1 kind: Ingress metadata: name: {{ include "argo-cd.server.fullname" . }} + namespace: {{ .Release.Namespace | quote }} labels: {{- include "argo-cd.labels" (dict "context" . "component" .Values.server.name "name" .Values.server.name) | nindent 4 }} {{- with .Values.server.ingress.labels }} diff --git a/charts/argo-cd/templates/argocd-server/metrics.yaml b/charts/argo-cd/templates/argocd-server/metrics.yaml index bf8ee083f..3a9f46f71 100644 --- a/charts/argo-cd/templates/argocd-server/metrics.yaml +++ b/charts/argo-cd/templates/argocd-server/metrics.yaml @@ -3,6 +3,7 @@ apiVersion: v1 kind: Service metadata: name: {{ include "argo-cd.server.fullname" . }}-metrics + namespace: {{ .Release.Namespace | quote }} labels: {{- include "argo-cd.labels" (dict "context" . "component" .Values.server.name "name" (printf "%s-metrics" .Values.server.name)) | nindent 4 }} {{- with .Values.server.metrics.service.labels }} diff --git a/charts/argo-cd/templates/argocd-server/networkpolicy.yaml b/charts/argo-cd/templates/argocd-server/networkpolicy.yaml index 8300d696c..443ff3599 100644 --- a/charts/argo-cd/templates/argocd-server/networkpolicy.yaml +++ b/charts/argo-cd/templates/argocd-server/networkpolicy.yaml @@ -5,6 +5,7 @@ metadata: labels: {{- include "argo-cd.labels" (dict "context" . "component" .Values.server.name "name" .Values.server.name) | nindent 4 }} name: {{ template "argo-cd.server.fullname" . }} + namespace: {{ .Release.Namespace | quote }} spec: ingress: - {} diff --git a/charts/argo-cd/templates/argocd-server/openshift/route.yaml b/charts/argo-cd/templates/argocd-server/openshift/route.yaml index f1fc80124..593137986 100644 --- a/charts/argo-cd/templates/argocd-server/openshift/route.yaml +++ b/charts/argo-cd/templates/argocd-server/openshift/route.yaml @@ -3,6 +3,7 @@ apiVersion: route.openshift.io/v1 kind: Route metadata: name: {{ template "argo-cd.server.fullname" . }} + namespace: {{ .Release.Namespace | quote }} labels: {{- include "argo-cd.labels" (dict "context" . "component" .Values.server.name "name" .Values.server.name) | nindent 4 }} {{- with .Values.server.route.annotations }} diff --git a/charts/argo-cd/templates/argocd-server/pdb.yaml b/charts/argo-cd/templates/argocd-server/pdb.yaml index 89c54c65b..adc47aeca 100644 --- a/charts/argo-cd/templates/argocd-server/pdb.yaml +++ b/charts/argo-cd/templates/argocd-server/pdb.yaml @@ -3,6 +3,7 @@ apiVersion: policy/v1 kind: PodDisruptionBudget metadata: name: {{ include "argo-cd.server.fullname" . }} + namespace: {{ .Release.Namespace | quote }} labels: {{- include "argo-cd.labels" (dict "context" . "component" .Values.server.name "name" .Values.server.name) | nindent 4 }} {{- with .Values.server.pdb.labels }} diff --git a/charts/argo-cd/templates/argocd-server/role.yaml b/charts/argo-cd/templates/argocd-server/role.yaml index 16164a9a4..f156bc187 100644 --- a/charts/argo-cd/templates/argocd-server/role.yaml +++ b/charts/argo-cd/templates/argocd-server/role.yaml @@ -2,6 +2,7 @@ apiVersion: rbac.authorization.k8s.io/v1 kind: Role metadata: name: {{ include "argo-cd.server.fullname" . }} + namespace: {{ .Release.Namespace | quote }} labels: {{- include "argo-cd.labels" (dict "context" . "component" .Values.server.name "name" .Values.server.name) | nindent 4 }} rules: diff --git a/charts/argo-cd/templates/argocd-server/rolebinding.yaml b/charts/argo-cd/templates/argocd-server/rolebinding.yaml index 54d4eaeba..93b1fa948 100644 --- a/charts/argo-cd/templates/argocd-server/rolebinding.yaml +++ b/charts/argo-cd/templates/argocd-server/rolebinding.yaml @@ -2,6 +2,7 @@ apiVersion: rbac.authorization.k8s.io/v1 kind: RoleBinding metadata: name: {{ template "argo-cd.server.fullname" . }} + namespace: {{ .Release.Namespace | quote }} labels: {{- include "argo-cd.labels" (dict "context" . "component" .Values.server.name "name" .Values.server.name) | nindent 4 }} roleRef: diff --git a/charts/argo-cd/templates/argocd-server/service.yaml b/charts/argo-cd/templates/argocd-server/service.yaml index 879bdb32e..5a31f0b87 100644 --- a/charts/argo-cd/templates/argocd-server/service.yaml +++ b/charts/argo-cd/templates/argocd-server/service.yaml @@ -8,6 +8,7 @@ metadata: {{- end }} {{- end }} name: {{ template "argo-cd.server.fullname" . }} + namespace: {{ .Release.Namespace | quote }} labels: {{- include "argo-cd.labels" (dict "context" . "component" .Values.server.name "name" .Values.server.name) | nindent 4 }} {{- if .Values.server.service.labels }} diff --git a/charts/argo-cd/templates/argocd-server/serviceaccount.yaml b/charts/argo-cd/templates/argocd-server/serviceaccount.yaml index a2eb9b119..5d03aaf60 100644 --- a/charts/argo-cd/templates/argocd-server/serviceaccount.yaml +++ b/charts/argo-cd/templates/argocd-server/serviceaccount.yaml @@ -4,6 +4,7 @@ kind: ServiceAccount automountServiceAccountToken: {{ .Values.server.serviceAccount.automountServiceAccountToken }} metadata: name: {{ template "argo-cd.serverServiceAccountName" . }} + namespace: {{ .Release.Namespace | quote }} {{- if .Values.server.serviceAccount.annotations }} annotations: {{- range $key, $value := .Values.server.serviceAccount.annotations }} diff --git a/charts/argo-cd/templates/argocd-server/servicemonitor.yaml b/charts/argo-cd/templates/argocd-server/servicemonitor.yaml index d00e5657d..65d102e3b 100644 --- a/charts/argo-cd/templates/argocd-server/servicemonitor.yaml +++ b/charts/argo-cd/templates/argocd-server/servicemonitor.yaml @@ -3,9 +3,7 @@ apiVersion: monitoring.coreos.com/v1 kind: ServiceMonitor metadata: name: {{ template "argo-cd.server.fullname" . }} - {{- if .Values.server.metrics.serviceMonitor.namespace }} - namespace: {{ .Values.server.metrics.serviceMonitor.namespace }} - {{- end }} + namespace: {{ default .Release.Namespace .Values.server.metrics.serviceMonitor.namespace | quote }} labels: {{- include "argo-cd.labels" (dict "context" . "component" .Values.server.name "name" .Values.server.name) | nindent 4 }} {{- with .Values.server.metrics.serviceMonitor.selector }} diff --git a/charts/argo-cd/templates/dex/deployment.yaml b/charts/argo-cd/templates/dex/deployment.yaml index f83422331..8359a6a88 100755 --- a/charts/argo-cd/templates/dex/deployment.yaml +++ b/charts/argo-cd/templates/dex/deployment.yaml @@ -9,6 +9,7 @@ metadata: {{- end }} {{- end }} name: {{ template "argo-cd.dex.fullname" . }} + namespace: {{ .Release.Namespace | quote }} labels: {{- include "argo-cd.labels" (dict "context" . "component" .Values.dex.name "name" .Values.dex.name) | nindent 4 }} spec: diff --git a/charts/argo-cd/templates/dex/networkpolicy.yaml b/charts/argo-cd/templates/dex/networkpolicy.yaml index e79a2e3e4..cb0fcc55e 100644 --- a/charts/argo-cd/templates/dex/networkpolicy.yaml +++ b/charts/argo-cd/templates/dex/networkpolicy.yaml @@ -5,6 +5,7 @@ metadata: labels: {{- include "argo-cd.labels" (dict "context" . "component" .Values.dex.name "name" .Values.dex.name) | nindent 4 }} name: {{ template "argo-cd.dex.fullname" . }} + namespace: {{ .Release.Namespace | quote }} spec: ingress: - from: diff --git a/charts/argo-cd/templates/dex/pdb.yaml b/charts/argo-cd/templates/dex/pdb.yaml index 45bd00500..c0adc73f0 100644 --- a/charts/argo-cd/templates/dex/pdb.yaml +++ b/charts/argo-cd/templates/dex/pdb.yaml @@ -3,6 +3,7 @@ apiVersion: policy/v1 kind: PodDisruptionBudget metadata: name: {{ include "argo-cd.dex.fullname" . }} + namespace: {{ .Release.Namespace | quote }} labels: {{- include "argo-cd.labels" (dict "context" . "component" .Values.dex.name "name" .Values.dex.name) | nindent 4 }} {{- with .Values.dex.pdb.labels }} diff --git a/charts/argo-cd/templates/dex/role.yaml b/charts/argo-cd/templates/dex/role.yaml index 6b9b3f69d..49d40891f 100644 --- a/charts/argo-cd/templates/dex/role.yaml +++ b/charts/argo-cd/templates/dex/role.yaml @@ -3,6 +3,7 @@ apiVersion: rbac.authorization.k8s.io/v1 kind: Role metadata: name: {{ template "argo-cd.dex.fullname" . }} + namespace: {{ .Release.Namespace | quote }} labels: {{- include "argo-cd.labels" (dict "context" . "component" .Values.dex.name "name" .Values.dex.name) | nindent 4 }} rules: diff --git a/charts/argo-cd/templates/dex/rolebinding.yaml b/charts/argo-cd/templates/dex/rolebinding.yaml index 4cc47005b..08da15442 100644 --- a/charts/argo-cd/templates/dex/rolebinding.yaml +++ b/charts/argo-cd/templates/dex/rolebinding.yaml @@ -3,6 +3,7 @@ apiVersion: rbac.authorization.k8s.io/v1 kind: RoleBinding metadata: name: {{ template "argo-cd.dex.fullname" . }} + namespace: {{ .Release.Namespace | quote }} labels: {{- include "argo-cd.labels" (dict "context" . "component" .Values.dex.name "name" .Values.dex.name) | nindent 4 }} roleRef: diff --git a/charts/argo-cd/templates/dex/service.yaml b/charts/argo-cd/templates/dex/service.yaml index 9661c7e0d..73c984832 100644 --- a/charts/argo-cd/templates/dex/service.yaml +++ b/charts/argo-cd/templates/dex/service.yaml @@ -3,6 +3,7 @@ apiVersion: v1 kind: Service metadata: name: {{ template "argo-cd.dex.fullname" . }} + namespace: {{ .Release.Namespace | quote }} {{- if .Values.dex.metrics.service.annotations }} annotations: {{- range $key, $value := .Values.dex.metrics.service.annotations }} diff --git a/charts/argo-cd/templates/dex/serviceaccount.yaml b/charts/argo-cd/templates/dex/serviceaccount.yaml index 71707f099..65abd57cd 100644 --- a/charts/argo-cd/templates/dex/serviceaccount.yaml +++ b/charts/argo-cd/templates/dex/serviceaccount.yaml @@ -4,6 +4,7 @@ kind: ServiceAccount automountServiceAccountToken: {{ .Values.dex.serviceAccount.automountServiceAccountToken }} metadata: name: {{ template "argo-cd.dexServiceAccountName" . }} + namespace: {{ .Release.Namespace | quote }} {{- if .Values.dex.serviceAccount.annotations }} annotations: {{- range $key, $value := .Values.dex.serviceAccount.annotations }} diff --git a/charts/argo-cd/templates/dex/servicemonitor.yaml b/charts/argo-cd/templates/dex/servicemonitor.yaml index d08d018f6..21d12be25 100644 --- a/charts/argo-cd/templates/dex/servicemonitor.yaml +++ b/charts/argo-cd/templates/dex/servicemonitor.yaml @@ -3,9 +3,7 @@ apiVersion: monitoring.coreos.com/v1 kind: ServiceMonitor metadata: name: {{ template "argo-cd.dex.fullname" . }} - {{- with .Values.dex.metrics.serviceMonitor.namespace }} - namespace: {{ . }} - {{- end }} + namespace: {{ default .Release.Namespace .Values.dex.metrics.serviceMonitor.namespace | quote }} labels: {{- include "argo-cd.labels" (dict "context" . "component" .Values.dex.name "name" .Values.dex.name) | nindent 4 }} {{- with .Values.dex.metrics.serviceMonitor.selector }} diff --git a/charts/argo-cd/templates/networkpolicy-default-deny.yaml b/charts/argo-cd/templates/networkpolicy-default-deny.yaml index 3d47a3975..b499ab035 100644 --- a/charts/argo-cd/templates/networkpolicy-default-deny.yaml +++ b/charts/argo-cd/templates/networkpolicy-default-deny.yaml @@ -5,6 +5,7 @@ metadata: labels: {{- include "argo-cd.labels" (dict "context" .) | nindent 4 }} name: {{ template "argo-cd.fullname" . }}-default-deny + namespace: {{ .Release.Namespace | quote }} spec: podSelector: {} policyTypes: diff --git a/charts/argo-cd/templates/redis/deployment.yaml b/charts/argo-cd/templates/redis/deployment.yaml index 3376d7323..fc0bebbdc 100755 --- a/charts/argo-cd/templates/redis/deployment.yaml +++ b/charts/argo-cd/templates/redis/deployment.yaml @@ -10,6 +10,7 @@ metadata: {{- end }} {{- end }} name: {{ include "argo-cd.redis.fullname" . }} + namespace: {{ .Release.Namespace | quote }} labels: {{- include "argo-cd.labels" (dict "context" . "component" .Values.redis.name "name" .Values.redis.name) | nindent 4 }} spec: diff --git a/charts/argo-cd/templates/redis/metrics.yaml b/charts/argo-cd/templates/redis/metrics.yaml index 6886a7402..db5262855 100644 --- a/charts/argo-cd/templates/redis/metrics.yaml +++ b/charts/argo-cd/templates/redis/metrics.yaml @@ -4,6 +4,7 @@ apiVersion: v1 kind: Service metadata: name: {{ include "argo-cd.redis.fullname" . }}-metrics + namespace: {{ .Release.Namespace | quote }} labels: {{- include "argo-cd.labels" (dict "context" . "component" .Values.redis.name "name" .Values.redis.name) | nindent 4 }} {{- with .Values.redis.metrics.service.labels }} diff --git a/charts/argo-cd/templates/redis/networkpolicy.yaml b/charts/argo-cd/templates/redis/networkpolicy.yaml index 8b564add4..cd8150e14 100644 --- a/charts/argo-cd/templates/redis/networkpolicy.yaml +++ b/charts/argo-cd/templates/redis/networkpolicy.yaml @@ -6,6 +6,7 @@ metadata: labels: {{- include "argo-cd.labels" (dict "context" . "component" .Values.redis.name "name" .Values.redis.name) | nindent 4 }} name: {{ template "argo-cd.redis.fullname" . }} + namespace: {{ .Release.Namespace | quote }} spec: ingress: - from: diff --git a/charts/argo-cd/templates/redis/pdb.yaml b/charts/argo-cd/templates/redis/pdb.yaml index 223c57589..59423b475 100644 --- a/charts/argo-cd/templates/redis/pdb.yaml +++ b/charts/argo-cd/templates/redis/pdb.yaml @@ -4,6 +4,7 @@ apiVersion: policy/v1 kind: PodDisruptionBudget metadata: name: {{ include "argo-cd.redis.fullname" . }} + namespace: {{ .Release.Namespace | quote }} labels: {{- include "argo-cd.labels" (dict "context" . "component" .Values.redis.name "name" .Values.redis.name) | nindent 4 }} {{- with .Values.redis.pdb.labels }} diff --git a/charts/argo-cd/templates/redis/service.yaml b/charts/argo-cd/templates/redis/service.yaml index 6e949fd4b..31f497d72 100644 --- a/charts/argo-cd/templates/redis/service.yaml +++ b/charts/argo-cd/templates/redis/service.yaml @@ -4,6 +4,7 @@ apiVersion: v1 kind: Service metadata: name: {{ template "argo-cd.redis.fullname" . }} + namespace: {{ .Release.Namespace | quote }} labels: {{- include "argo-cd.labels" (dict "context" . "component" .Values.redis.name "name" .Values.redis.name) | nindent 4 }} {{- with .Values.redis.service.labels }} diff --git a/charts/argo-cd/templates/redis/serviceaccount.yaml b/charts/argo-cd/templates/redis/serviceaccount.yaml index ae67d3b2a..503fb4347 100644 --- a/charts/argo-cd/templates/redis/serviceaccount.yaml +++ b/charts/argo-cd/templates/redis/serviceaccount.yaml @@ -4,6 +4,7 @@ kind: ServiceAccount automountServiceAccountToken: {{ .Values.redis.serviceAccount.automountServiceAccountToken }} metadata: name: {{ template "argo-cd.redisServiceAccountName" . }} + namespace: {{ .Release.Namespace | quote }} {{- if .Values.redis.serviceAccount.annotations }} annotations: {{- range $key, $value := .Values.redis.serviceAccount.annotations }} diff --git a/charts/argo-cd/templates/redis/servicemonitor.yaml b/charts/argo-cd/templates/redis/servicemonitor.yaml index ea913467a..46a7e32ca 100644 --- a/charts/argo-cd/templates/redis/servicemonitor.yaml +++ b/charts/argo-cd/templates/redis/servicemonitor.yaml @@ -4,9 +4,7 @@ apiVersion: monitoring.coreos.com/v1 kind: ServiceMonitor metadata: name: {{ template "argo-cd.redis.fullname" . }} - {{- with .Values.redis.metrics.serviceMonitor.namespace }} - namespace: {{ . }} - {{- end }} + namespace: {{ default .Release.Namespace .Values.redis.metrics.serviceMonitor.namespace | quote }} labels: {{- include "argo-cd.labels" (dict "context" . "component" .Values.redis.name "name" .Values.redis.name) | nindent 4 }} {{- with .Values.redis.metrics.serviceMonitor.selector }} From 406e07b46b62e1f6efef6d035110d02b7a8019f5 Mon Sep 17 00:00:00 2001 From: Aikawa Date: Fri, 14 Apr 2023 03:16:20 +0900 Subject: [PATCH 130/356] fix(argo-rollouts): add namespace field for namespace scoped resources (#1960) Signed-off-by: yu-croco --- charts/argo-rollouts/Chart.yaml | 6 +++--- .../templates/controller/clusterrolebinding.yaml | 2 +- charts/argo-rollouts/templates/controller/deployment.yaml | 1 + .../argo-rollouts/templates/controller/metrics-service.yaml | 1 + .../templates/controller/notifcations-configmap.yaml | 1 + .../templates/controller/notifications-secret.yaml | 1 + .../templates/controller/poddisruptionbudget.yaml | 1 + charts/argo-rollouts/templates/controller/role.yaml | 1 + charts/argo-rollouts/templates/controller/rolebinding.yaml | 2 ++ .../argo-rollouts/templates/controller/serviceaccount.yaml | 1 + .../argo-rollouts/templates/controller/servicemonitor.yaml | 1 + .../templates/dashboard/clusterrolebinding.yaml | 2 +- charts/argo-rollouts/templates/dashboard/deployment.yaml | 1 + charts/argo-rollouts/templates/dashboard/ingress.yaml | 1 + .../templates/dashboard/poddisruptionbudget.yaml | 1 + charts/argo-rollouts/templates/dashboard/service.yaml | 1 + .../argo-rollouts/templates/dashboard/serviceaccount.yaml | 1 + 17 files changed, 20 insertions(+), 5 deletions(-) diff --git a/charts/argo-rollouts/Chart.yaml b/charts/argo-rollouts/Chart.yaml index 64cc3539d..a5f3e2497 100644 --- a/charts/argo-rollouts/Chart.yaml +++ b/charts/argo-rollouts/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v2 appVersion: v1.4.1 description: A Helm chart for Argo Rollouts name: argo-rollouts -version: 2.23.0 +version: 2.24.0 home: https://github.com/argoproj/argo-helm icon: https://argoproj.github.io/argo-rollouts/assets/logo.png keywords: @@ -15,5 +15,5 @@ maintainers: url: https://argoproj.github.io/ annotations: artifacthub.io/changes: | - - kind: added - description: Added the ability to set pod annotations separately on controller and dashboard deployment + - kind: fixed + description: add namespace field for namespace scoped resources diff --git a/charts/argo-rollouts/templates/controller/clusterrolebinding.yaml b/charts/argo-rollouts/templates/controller/clusterrolebinding.yaml index cbdb0e239..740f8f6b9 100644 --- a/charts/argo-rollouts/templates/controller/clusterrolebinding.yaml +++ b/charts/argo-rollouts/templates/controller/clusterrolebinding.yaml @@ -13,5 +13,5 @@ roleRef: subjects: - kind: ServiceAccount name: {{ include "argo-rollouts.serviceAccountName" . }} - namespace: {{ .Release.Namespace }} + namespace: {{ .Release.Namespace | quote }} {{- end }} diff --git a/charts/argo-rollouts/templates/controller/deployment.yaml b/charts/argo-rollouts/templates/controller/deployment.yaml index ee118e5a8..7f30da021 100644 --- a/charts/argo-rollouts/templates/controller/deployment.yaml +++ b/charts/argo-rollouts/templates/controller/deployment.yaml @@ -2,6 +2,7 @@ apiVersion: apps/v1 kind: Deployment metadata: name: {{ include "argo-rollouts.fullname" . }} + namespace: {{ .Release.Namespace | quote }} labels: app.kubernetes.io/component: {{ .Values.controller.component }} {{- include "argo-rollouts.labels" . | nindent 4 }} diff --git a/charts/argo-rollouts/templates/controller/metrics-service.yaml b/charts/argo-rollouts/templates/controller/metrics-service.yaml index 5e3803474..0effcc23b 100644 --- a/charts/argo-rollouts/templates/controller/metrics-service.yaml +++ b/charts/argo-rollouts/templates/controller/metrics-service.yaml @@ -3,6 +3,7 @@ apiVersion: v1 kind: Service metadata: name: {{ include "argo-rollouts.fullname" . }}-metrics + namespace: {{ .Release.Namespace | quote }} labels: app.kubernetes.io/component: {{ .Values.controller.component }} {{- include "argo-rollouts.labels" . | nindent 4 }} diff --git a/charts/argo-rollouts/templates/controller/notifcations-configmap.yaml b/charts/argo-rollouts/templates/controller/notifcations-configmap.yaml index 3008b327e..a370a6000 100644 --- a/charts/argo-rollouts/templates/controller/notifcations-configmap.yaml +++ b/charts/argo-rollouts/templates/controller/notifcations-configmap.yaml @@ -2,6 +2,7 @@ apiVersion: v1 kind: ConfigMap metadata: name: argo-rollouts-notification-configmap + namespace: {{ .Release.Namespace | quote }} labels: app.kubernetes.io/component: {{ .Values.controller.component }} {{- include "argo-rollouts.labels" . | nindent 4 }} diff --git a/charts/argo-rollouts/templates/controller/notifications-secret.yaml b/charts/argo-rollouts/templates/controller/notifications-secret.yaml index 4e9cc64ce..52b393df4 100644 --- a/charts/argo-rollouts/templates/controller/notifications-secret.yaml +++ b/charts/argo-rollouts/templates/controller/notifications-secret.yaml @@ -3,6 +3,7 @@ apiVersion: v1 kind: Secret metadata: name: argo-rollouts-notification-secret + namespace: {{ .Release.Namespace | quote }} labels: app.kubernetes.io/component: {{ .Values.controller.component }} {{- include "argo-rollouts.labels" . | nindent 4 }} diff --git a/charts/argo-rollouts/templates/controller/poddisruptionbudget.yaml b/charts/argo-rollouts/templates/controller/poddisruptionbudget.yaml index 437efab9b..7080b55cd 100644 --- a/charts/argo-rollouts/templates/controller/poddisruptionbudget.yaml +++ b/charts/argo-rollouts/templates/controller/poddisruptionbudget.yaml @@ -3,6 +3,7 @@ apiVersion: {{ include "argo-rollouts.podDisruptionBudget.apiVersion" . }} kind: PodDisruptionBudget metadata: name: {{ template "argo-rollouts.fullname" . }} + namespace: {{ .Release.Namespace | quote }} labels: {{- include "argo-rollouts.labels" . | nindent 4 }} {{- with .Values.controller.pdb.labels }} diff --git a/charts/argo-rollouts/templates/controller/role.yaml b/charts/argo-rollouts/templates/controller/role.yaml index 72ebdbc94..e3b80672b 100644 --- a/charts/argo-rollouts/templates/controller/role.yaml +++ b/charts/argo-rollouts/templates/controller/role.yaml @@ -3,6 +3,7 @@ apiVersion: rbac.authorization.k8s.io/v1 kind: Role metadata: name: {{ include "argo-rollouts.fullname" . }} + namespace: {{ .Release.Namespace | quote }} labels: app.kubernetes.io/component: {{ .Values.controller.component }} {{- include "argo-rollouts.labels" . | nindent 4 }} diff --git a/charts/argo-rollouts/templates/controller/rolebinding.yaml b/charts/argo-rollouts/templates/controller/rolebinding.yaml index 128df3abd..e76bb194f 100644 --- a/charts/argo-rollouts/templates/controller/rolebinding.yaml +++ b/charts/argo-rollouts/templates/controller/rolebinding.yaml @@ -3,6 +3,7 @@ apiVersion: rbac.authorization.k8s.io/v1 kind: RoleBinding metadata: name: {{ include "argo-rollouts.fullname" . }} + namespace: {{ .Release.Namespace | quote }} labels: app.kubernetes.io/component: {{ .Values.controller.component }} {{- include "argo-rollouts.labels" . | nindent 4 }} @@ -13,4 +14,5 @@ roleRef: subjects: - kind: ServiceAccount name: {{ include "argo-rollouts.serviceAccountName" . }} + namespace: {{ .Release.Namespace | quote }} {{- end }} diff --git a/charts/argo-rollouts/templates/controller/serviceaccount.yaml b/charts/argo-rollouts/templates/controller/serviceaccount.yaml index 327eb6a59..b0f566333 100644 --- a/charts/argo-rollouts/templates/controller/serviceaccount.yaml +++ b/charts/argo-rollouts/templates/controller/serviceaccount.yaml @@ -3,6 +3,7 @@ apiVersion: v1 kind: ServiceAccount metadata: name: {{ include "argo-rollouts.serviceAccountName" . }} + namespace: {{ .Release.Namespace | quote }} labels: app.kubernetes.io/component: {{ .Values.controller.component }} {{- include "argo-rollouts.labels" . | nindent 4 }} diff --git a/charts/argo-rollouts/templates/controller/servicemonitor.yaml b/charts/argo-rollouts/templates/controller/servicemonitor.yaml index 72d9a691f..f64dc3285 100644 --- a/charts/argo-rollouts/templates/controller/servicemonitor.yaml +++ b/charts/argo-rollouts/templates/controller/servicemonitor.yaml @@ -3,6 +3,7 @@ apiVersion: monitoring.coreos.com/v1 kind: ServiceMonitor metadata: name: {{ include "argo-rollouts.fullname" . }} + namespace: {{ .Release.Namespace | quote }} labels: app.kubernetes.io/component: {{ .Values.controller.component }} {{- include "argo-rollouts.labels" . | nindent 4 }} diff --git a/charts/argo-rollouts/templates/dashboard/clusterrolebinding.yaml b/charts/argo-rollouts/templates/dashboard/clusterrolebinding.yaml index 3296060cc..2dbf7379f 100644 --- a/charts/argo-rollouts/templates/dashboard/clusterrolebinding.yaml +++ b/charts/argo-rollouts/templates/dashboard/clusterrolebinding.yaml @@ -13,5 +13,5 @@ roleRef: subjects: - kind: ServiceAccount name: {{ include "argo-rollouts.serviceAccountName" . }}-dashboard - namespace: {{ .Release.Namespace }} + namespace: {{ .Release.Namespace | quote }} {{- end }} diff --git a/charts/argo-rollouts/templates/dashboard/deployment.yaml b/charts/argo-rollouts/templates/dashboard/deployment.yaml index 0d2109347..8a47608f2 100644 --- a/charts/argo-rollouts/templates/dashboard/deployment.yaml +++ b/charts/argo-rollouts/templates/dashboard/deployment.yaml @@ -3,6 +3,7 @@ apiVersion: apps/v1 kind: Deployment metadata: name: {{ include "argo-rollouts.fullname" . }}-dashboard + namespace: {{ .Release.Namespace | quote }} labels: app.kubernetes.io/component: {{ .Values.dashboard.component }} {{- include "argo-rollouts.labels" . | nindent 4 }} diff --git a/charts/argo-rollouts/templates/dashboard/ingress.yaml b/charts/argo-rollouts/templates/dashboard/ingress.yaml index 0555d1fcc..e7f9e41ed 100644 --- a/charts/argo-rollouts/templates/dashboard/ingress.yaml +++ b/charts/argo-rollouts/templates/dashboard/ingress.yaml @@ -14,6 +14,7 @@ metadata: {{- end }} {{- end }} name: {{ template "argo-rollouts.fullname" . }}-dashboard + namespace: {{ .Release.Namespace | quote }} labels: {{- include "argo-rollouts.labels" . | nindent 4 }} {{- if .Values.dashboard.ingress.labels }} diff --git a/charts/argo-rollouts/templates/dashboard/poddisruptionbudget.yaml b/charts/argo-rollouts/templates/dashboard/poddisruptionbudget.yaml index 742b149fe..d12ba62a1 100644 --- a/charts/argo-rollouts/templates/dashboard/poddisruptionbudget.yaml +++ b/charts/argo-rollouts/templates/dashboard/poddisruptionbudget.yaml @@ -3,6 +3,7 @@ apiVersion: {{ include "argo-rollouts.podDisruptionBudget.apiVersion" . }} kind: PodDisruptionBudget metadata: name: {{ template "argo-rollouts.fullname" . }}-dashboard + namespace: {{ .Release.Namespace | quote }} labels: {{- include "argo-rollouts.labels" . | nindent 4 }} {{- with .Values.dashboard.pdb.labels }} diff --git a/charts/argo-rollouts/templates/dashboard/service.yaml b/charts/argo-rollouts/templates/dashboard/service.yaml index 589781503..6a304b82d 100644 --- a/charts/argo-rollouts/templates/dashboard/service.yaml +++ b/charts/argo-rollouts/templates/dashboard/service.yaml @@ -3,6 +3,7 @@ apiVersion: v1 kind: Service metadata: name: {{ include "argo-rollouts.fullname" . }}-dashboard + namespace: {{ .Release.Namespace | quote }} labels: app.kubernetes.io/component: {{ .Values.dashboard.component }} {{- include "argo-rollouts.labels" . | nindent 4 }} diff --git a/charts/argo-rollouts/templates/dashboard/serviceaccount.yaml b/charts/argo-rollouts/templates/dashboard/serviceaccount.yaml index ff0c73005..4b531bd98 100644 --- a/charts/argo-rollouts/templates/dashboard/serviceaccount.yaml +++ b/charts/argo-rollouts/templates/dashboard/serviceaccount.yaml @@ -3,6 +3,7 @@ apiVersion: v1 kind: ServiceAccount metadata: name: {{ include "argo-rollouts.serviceAccountName" . }}-dashboard + namespace: {{ .Release.Namespace | quote }} labels: app.kubernetes.io/component: {{ .Values.dashboard.component }} {{- include "argo-rollouts.labels" . | nindent 4 }} From 076cf82ddd77126cd7ecf24e2c8882b5cbff9342 Mon Sep 17 00:00:00 2001 From: Aikawa Date: Fri, 14 Apr 2023 03:38:04 +0900 Subject: [PATCH 131/356] fix(argo-events): add namespace field for namespace scoped resources (#1959) * fix(argo-events): add namespace field for namespace scoped resources Signed-off-by: yu-croco * Apply suggestion from code review Signed-off-by: Marco Kilchhofer --------- Signed-off-by: Marco Kilchhofer Co-authored-by: Marco Kilchhofer --- charts/argo-events/Chart.yaml | 4 ++-- .../templates/argo-events-controller/config.yaml | 1 + .../templates/argo-events-controller/deployment.yaml | 1 + .../argo-events/templates/argo-events-controller/pdb.yaml | 1 + .../argo-events/templates/argo-events-controller/rbac.yaml | 5 ++++- .../templates/argo-events-controller/service.yaml | 1 + .../templates/argo-events-controller/serviceaccount.yaml | 1 + .../templates/argo-events-controller/servicemonitor.yaml | 6 ++---- .../templates/argo-events-webhook/clusterrolebinding.yaml | 2 +- .../templates/argo-events-webhook/deployment.yaml | 1 + charts/argo-events/templates/argo-events-webhook/pdb.yaml | 1 + .../argo-events/templates/argo-events-webhook/service.yaml | 1 + .../templates/argo-events-webhook/serviceaccount.yaml | 1 + 13 files changed, 18 insertions(+), 8 deletions(-) diff --git a/charts/argo-events/Chart.yaml b/charts/argo-events/Chart.yaml index f11e6a0af..a9f379e72 100644 --- a/charts/argo-events/Chart.yaml +++ b/charts/argo-events/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v2 appVersion: v1.7.6 description: A Helm chart for Argo Events, the event-driven workflow automation framework name: argo-events -version: 2.1.6 +version: 2.2.0 home: https://github.com/argoproj/argo-helm icon: https://argoproj.github.io/argo-events/assets/logo.png keywords: @@ -16,4 +16,4 @@ maintainers: annotations: artifacthub.io/changes: | - kind: fixed - description: fix toYaml function in deployment template for envFrom block + description: add namespace field for namespace scoped resources diff --git a/charts/argo-events/templates/argo-events-controller/config.yaml b/charts/argo-events/templates/argo-events-controller/config.yaml index 486fa3645..b32933857 100644 --- a/charts/argo-events/templates/argo-events-controller/config.yaml +++ b/charts/argo-events/templates/argo-events-controller/config.yaml @@ -2,6 +2,7 @@ apiVersion: v1 kind: ConfigMap metadata: name: {{ include "argo-events.controller.fullname" . }} + namespace: {{ .Release.Namespace | quote }} labels: {{- include "argo-events.labels" (dict "context" . "name" .Values.controller.name) | nindent 4 }} data: diff --git a/charts/argo-events/templates/argo-events-controller/deployment.yaml b/charts/argo-events/templates/argo-events-controller/deployment.yaml index 6f6a965b9..9b7ace1b9 100644 --- a/charts/argo-events/templates/argo-events-controller/deployment.yaml +++ b/charts/argo-events/templates/argo-events-controller/deployment.yaml @@ -2,6 +2,7 @@ apiVersion: apps/v1 kind: Deployment metadata: name: {{ include "argo-events.controller.fullname" . }} + namespace: {{ .Release.Namespace | quote }} labels: {{- include "argo-events.labels" (dict "context" . "component" .Values.controller.name "name" .Values.controller.name) | nindent 4 }} app.kubernetes.io/version: {{ include "argo-events.controller_chart_version_label" . }} diff --git a/charts/argo-events/templates/argo-events-controller/pdb.yaml b/charts/argo-events/templates/argo-events-controller/pdb.yaml index f1a7b7217..0451ecd72 100644 --- a/charts/argo-events/templates/argo-events-controller/pdb.yaml +++ b/charts/argo-events/templates/argo-events-controller/pdb.yaml @@ -3,6 +3,7 @@ apiVersion: {{ template "argo-events.pdb.apiVersion" . }} kind: PodDisruptionBudget metadata: name: {{ template "argo-events.controller.fullname" . }} + namespace: {{ .Release.Namespace | quote }} labels: {{- include "argo-events.labels" (dict "context" . "component" .Values.controller.name "name" .Values.controller.name) | nindent 4 }} {{- with .Values.controller.pdb.labels }} diff --git a/charts/argo-events/templates/argo-events-controller/rbac.yaml b/charts/argo-events/templates/argo-events-controller/rbac.yaml index 1d9a2e558..aa9c7c2b9 100644 --- a/charts/argo-events/templates/argo-events-controller/rbac.yaml +++ b/charts/argo-events/templates/argo-events-controller/rbac.yaml @@ -3,6 +3,9 @@ apiVersion: rbac.authorization.k8s.io/v1 kind: {{ .Values.controller.rbac.namespaced | ternary "Role" "ClusterRole" }} metadata: name: {{ include "argo-events.controller.fullname" . }} + {{- if .Values.controller.rbac.namespaced }} + namespace: {{ .Release.Namespace | quote }} + {{- end }} labels: {{- include "argo-events.labels" (dict "context" . "component" .Values.controller.name "name" .Values.controller.name) | nindent 4 }} rules: @@ -119,5 +122,5 @@ roleRef: subjects: - kind: ServiceAccount name: {{ include "argo-events.controller.serviceAccountName" . }} - namespace: {{ .Release.Namespace }} + namespace: {{ .Release.Namespace | quote }} {{- end }} diff --git a/charts/argo-events/templates/argo-events-controller/service.yaml b/charts/argo-events/templates/argo-events-controller/service.yaml index d0d6ab333..fe36320b6 100644 --- a/charts/argo-events/templates/argo-events-controller/service.yaml +++ b/charts/argo-events/templates/argo-events-controller/service.yaml @@ -3,6 +3,7 @@ apiVersion: v1 kind: Service metadata: name: {{ template "argo-events.controller.fullname" . }}-metrics + namespace: {{ .Release.Namespace | quote }} {{- with .Values.controller.metrics.service.annotations }} annotations: {{- range $key, $value := . }} diff --git a/charts/argo-events/templates/argo-events-controller/serviceaccount.yaml b/charts/argo-events/templates/argo-events-controller/serviceaccount.yaml index 7a035b76a..3b8a9c81f 100644 --- a/charts/argo-events/templates/argo-events-controller/serviceaccount.yaml +++ b/charts/argo-events/templates/argo-events-controller/serviceaccount.yaml @@ -4,6 +4,7 @@ kind: ServiceAccount automountServiceAccountToken: {{ .Values.controller.serviceAccount.automountServiceAccountToken }} metadata: name: {{ include "argo-events.controller.serviceAccountName" . }} + namespace: {{ .Release.Namespace | quote }} {{- with .Values.controller.serviceAccount.annotations }} annotations: {{- range $key, $value := . }} diff --git a/charts/argo-events/templates/argo-events-controller/servicemonitor.yaml b/charts/argo-events/templates/argo-events-controller/servicemonitor.yaml index 6c1f23ca0..55cda1d41 100644 --- a/charts/argo-events/templates/argo-events-controller/servicemonitor.yaml +++ b/charts/argo-events/templates/argo-events-controller/servicemonitor.yaml @@ -3,9 +3,7 @@ apiVersion: monitoring.coreos.com/v1 kind: ServiceMonitor metadata: name: {{ template "argo-events.controller.fullname" . }} - {{- with .Values.controller.metrics.serviceMonitor.namespace }} - namespace: {{ . }} - {{- end }} + namespace: {{ default .Release.Namespace .Values.controller.metrics.serviceMonitor.namespace | quote }} labels: {{- include "argo-events.labels" (dict "context" . "component" .Values.controller.name "name" .Values.controller.name) | nindent 4 }} {{- with .Values.controller.metrics.serviceMonitor.selector }} @@ -31,7 +29,7 @@ spec: {{- end }} namespaceSelector: matchNames: - - {{ .Release.Namespace }} + - {{ .Release.Namespace | quote }} selector: matchLabels: {{- include "argo-events.selectorLabels" (dict "context" . "component" .Values.controller.name "name" (printf "%s-metrics" .Values.controller.name)) | nindent 6 }} diff --git a/charts/argo-events/templates/argo-events-webhook/clusterrolebinding.yaml b/charts/argo-events/templates/argo-events-webhook/clusterrolebinding.yaml index 5562f139f..89226483b 100644 --- a/charts/argo-events/templates/argo-events-webhook/clusterrolebinding.yaml +++ b/charts/argo-events/templates/argo-events-webhook/clusterrolebinding.yaml @@ -12,5 +12,5 @@ roleRef: subjects: - kind: ServiceAccount name: {{ include "argo-events.webhook.serviceAccountName" . }} - namespace: {{ .Release.Namespace }} + namespace: {{ .Release.Namespace | quote }} {{- end }} diff --git a/charts/argo-events/templates/argo-events-webhook/deployment.yaml b/charts/argo-events/templates/argo-events-webhook/deployment.yaml index e3839caf8..0445484e8 100644 --- a/charts/argo-events/templates/argo-events-webhook/deployment.yaml +++ b/charts/argo-events/templates/argo-events-webhook/deployment.yaml @@ -3,6 +3,7 @@ apiVersion: apps/v1 kind: Deployment metadata: name: events-webhook + namespace: {{ .Release.Namespace | quote }} labels: {{- include "argo-events.labels" (dict "context" . "component" .Values.webhook.name "name" .Values.webhook.name) | nindent 4 }} app.kubernetes.io/version: {{ include "argo-events.webhook_chart_version_label" . }} diff --git a/charts/argo-events/templates/argo-events-webhook/pdb.yaml b/charts/argo-events/templates/argo-events-webhook/pdb.yaml index 15bf97bf7..a3daa7457 100644 --- a/charts/argo-events/templates/argo-events-webhook/pdb.yaml +++ b/charts/argo-events/templates/argo-events-webhook/pdb.yaml @@ -3,6 +3,7 @@ apiVersion: {{ template "argo-events.pdb.apiVersion" . }} kind: PodDisruptionBudget metadata: name: {{ template "argo-events.webhook.fullname" . }} + namespace: {{ .Release.Namespace | quote }} labels: {{- include "argo-events.labels" (dict "context" . "component" .Values.webhook.name "name" .Values.webhook.name) | nindent 4 }} {{- with .Values.webhook.pdb.labels }} diff --git a/charts/argo-events/templates/argo-events-webhook/service.yaml b/charts/argo-events/templates/argo-events-webhook/service.yaml index cb85a8cb1..15563d0e2 100644 --- a/charts/argo-events/templates/argo-events-webhook/service.yaml +++ b/charts/argo-events/templates/argo-events-webhook/service.yaml @@ -3,6 +3,7 @@ apiVersion: v1 kind: Service metadata: name: events-webhook + namespace: {{ .Release.Namespace | quote }} labels: {{- include "argo-events.labels" (dict "context" . "name" .Values.webhook.name) | nindent 4 }} spec: diff --git a/charts/argo-events/templates/argo-events-webhook/serviceaccount.yaml b/charts/argo-events/templates/argo-events-webhook/serviceaccount.yaml index b723a77f3..e3e2ac5b8 100644 --- a/charts/argo-events/templates/argo-events-webhook/serviceaccount.yaml +++ b/charts/argo-events/templates/argo-events-webhook/serviceaccount.yaml @@ -4,6 +4,7 @@ kind: ServiceAccount automountServiceAccountToken: {{ .Values.webhook.serviceAccount.automountServiceAccountToken }} metadata: name: {{ include "argo-events.webhook.serviceAccountName" . }} + namespace: {{ .Release.Namespace | quote }} {{- with .Values.webhook.serviceAccount.annotations }} annotations: {{- range $key, $value := . }} From 388102400faf26b4f60f002c4e816256e21e63aa Mon Sep 17 00:00:00 2001 From: Marco Kilchhofer Date: Fri, 14 Apr 2023 01:44:19 +0200 Subject: [PATCH 132/356] fix(argo-cd): Evaluate namespace field via helm root scope (#1963) Signed-off-by: Marco Kilchhofer --- charts/argo-cd/Chart.yaml | 4 ++-- charts/argo-cd/templates/argocd-configs/cluster-secrets.yaml | 2 +- .../argocd-configs/repository-credentials-secret.yaml | 2 +- .../argo-cd/templates/argocd-configs/repository-secret.yaml | 2 +- 4 files changed, 5 insertions(+), 5 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index 81666537d..01aab8419 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -3,7 +3,7 @@ appVersion: v2.6.7 kubeVersion: ">=1.22.0-0" description: A Helm chart for Argo CD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 5.29.0 +version: 5.29.1 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png sources: @@ -24,4 +24,4 @@ dependencies: annotations: artifacthub.io/changes: | - kind: fixed - description: Add namespace field for namespace scoped resources + description: Namespace field for some namespaced resources needs to be evaluated via helm root scope diff --git a/charts/argo-cd/templates/argocd-configs/cluster-secrets.yaml b/charts/argo-cd/templates/argocd-configs/cluster-secrets.yaml index 259ee3484..83b1c15d7 100644 --- a/charts/argo-cd/templates/argocd-configs/cluster-secrets.yaml +++ b/charts/argo-cd/templates/argocd-configs/cluster-secrets.yaml @@ -4,7 +4,7 @@ apiVersion: v1 kind: Secret metadata: name: {{ include "argo-cd.name" $ }}-cluster-{{ .name }} - namespace: {{ .Release.Namespace | quote }} + namespace: {{ $.Release.Namespace | quote }} labels: {{- include "argo-cd.labels" (dict "context" $) | nindent 4 }} {{- with .labels }} diff --git a/charts/argo-cd/templates/argocd-configs/repository-credentials-secret.yaml b/charts/argo-cd/templates/argocd-configs/repository-credentials-secret.yaml index 748718abf..ed1d2fd76 100644 --- a/charts/argo-cd/templates/argocd-configs/repository-credentials-secret.yaml +++ b/charts/argo-cd/templates/argocd-configs/repository-credentials-secret.yaml @@ -4,7 +4,7 @@ apiVersion: v1 kind: Secret metadata: name: argocd-repo-creds-{{ $repo_cred_key }} - namespace: {{ .Release.Namespace | quote }} + namespace: {{ $.Release.Namespace | quote }} labels: argocd.argoproj.io/secret-type: repo-creds {{- include "argo-cd.labels" (dict "context" $) | nindent 4 }} diff --git a/charts/argo-cd/templates/argocd-configs/repository-secret.yaml b/charts/argo-cd/templates/argocd-configs/repository-secret.yaml index d64ae5ccd..4c0289585 100644 --- a/charts/argo-cd/templates/argocd-configs/repository-secret.yaml +++ b/charts/argo-cd/templates/argocd-configs/repository-secret.yaml @@ -4,7 +4,7 @@ apiVersion: v1 kind: Secret metadata: name: argocd-repo-{{ $repo_key }} - namespace: {{ .Release.Namespace | quote }} + namespace: {{ $.Release.Namespace | quote }} labels: argocd.argoproj.io/secret-type: repository {{- include "argo-cd.labels" (dict "context" $) | nindent 4 }} From dfe36fbde955e525c706243f887e34e127ea2259 Mon Sep 17 00:00:00 2001 From: Marco Kilchhofer Date: Fri, 14 Apr 2023 01:58:48 +0200 Subject: [PATCH 133/356] feat(argo-rollouts): Add ability to provide additional volumes (#1965) --- charts/argo-rollouts/Chart.yaml | 6 +++--- charts/argo-rollouts/README.md | 4 ++++ .../templates/controller/deployment.yaml | 8 ++++++++ .../templates/dashboard/deployment.yaml | 8 ++++++++ charts/argo-rollouts/values.yaml | 17 +++++++++++++++++ 5 files changed, 40 insertions(+), 3 deletions(-) diff --git a/charts/argo-rollouts/Chart.yaml b/charts/argo-rollouts/Chart.yaml index a5f3e2497..376cd8ce1 100644 --- a/charts/argo-rollouts/Chart.yaml +++ b/charts/argo-rollouts/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v2 appVersion: v1.4.1 description: A Helm chart for Argo Rollouts name: argo-rollouts -version: 2.24.0 +version: 2.25.0 home: https://github.com/argoproj/argo-helm icon: https://argoproj.github.io/argo-rollouts/assets/logo.png keywords: @@ -15,5 +15,5 @@ maintainers: url: https://argoproj.github.io/ annotations: artifacthub.io/changes: | - - kind: fixed - description: add namespace field for namespace scoped resources + - kind: added + description: Ability to provide additional volumes and volumeMounts diff --git a/charts/argo-rollouts/README.md b/charts/argo-rollouts/README.md index 1e8a29f09..56a798527 100644 --- a/charts/argo-rollouts/README.md +++ b/charts/argo-rollouts/README.md @@ -102,6 +102,8 @@ For full list of changes please check ArtifactHub [changelog]. | controller.resources | object | `{}` | Resource limits and requests for the controller pods. | | controller.tolerations | list | `[]` | [Tolerations] for use with node taints | | controller.topologySpreadConstraints | list | `[]` | Assign custom [TopologySpreadConstraints] rules to the controller | +| controller.volumeMounts | list | `[]` | Additional volumeMounts to add to the controller container | +| controller.volumes | list | `[]` | Additional volumes to add to the controller pod | | podAnnotations | object | `{}` | Annotations for the all deployed pods | | podLabels | object | `{}` | Labels to be added to the Rollout pods | | podSecurityContext | object | `{"runAsNonRoot":true}` | Security Context to set on pod level | @@ -161,6 +163,8 @@ For full list of changes please check ArtifactHub [changelog]. | dashboard.serviceAccount.name | string | `""` | The name of the service account to use. If not set and create is true, a name is generated using the fullname template | | dashboard.tolerations | list | `[]` | [Tolerations] for use with node taints | | dashboard.topologySpreadConstraints | list | `[]` | Assign custom [TopologySpreadConstraints] rules to the dashboard server | +| dashboard.volumeMounts | list | `[]` | Additional volumeMounts to add to the dashboard container | +| dashboard.volumes | list | `[]` | Additional volumes to add to the dashboard pod | ## Upgrading diff --git a/charts/argo-rollouts/templates/controller/deployment.yaml b/charts/argo-rollouts/templates/controller/deployment.yaml index 7f30da021..95ec845fc 100644 --- a/charts/argo-rollouts/templates/controller/deployment.yaml +++ b/charts/argo-rollouts/templates/controller/deployment.yaml @@ -65,6 +65,10 @@ spec: {{- toYaml .Values.containerSecurityContext | nindent 10 }} resources: {{- toYaml .Values.controller.resources | nindent 10 }} + {{- with .Values.controller.volumeMounts }} + volumeMounts: + {{- toYaml . | nindent 8 }} + {{- end }} {{- with .Values.controller.extraContainers }} {{- toYaml . | nindent 6 }} {{- end }} @@ -101,3 +105,7 @@ spec: {{- with .Values.controller.priorityClassName }} priorityClassName: {{ . }} {{- end }} + {{- with .Values.controller.volumes }} + volumes: + {{- toYaml . | nindent 6 }} + {{- end }} diff --git a/charts/argo-rollouts/templates/dashboard/deployment.yaml b/charts/argo-rollouts/templates/dashboard/deployment.yaml index 8a47608f2..342e19968 100644 --- a/charts/argo-rollouts/templates/dashboard/deployment.yaml +++ b/charts/argo-rollouts/templates/dashboard/deployment.yaml @@ -54,6 +54,10 @@ spec: {{- toYaml .Values.dashboard.containerSecurityContext | nindent 10 }} resources: {{- toYaml .Values.dashboard.resources | nindent 10 }} + {{- with .Values.dashboard.volumeMounts }} + volumeMounts: + {{- toYaml . | nindent 8 }} + {{- end }} {{- if .Values.dashboard.nodeSelector }} nodeSelector: {{- toYaml .Values.dashboard.nodeSelector | nindent 8 }} @@ -83,4 +87,8 @@ spec: {{- with .Values.dashboard.priorityClassName }} priorityClassName: {{ . }} {{- end }} + {{- with .Values.dashboard.volumes }} + volumes: + {{- toYaml . | nindent 6 }} + {{- end }} {{- end }} diff --git a/charts/argo-rollouts/values.yaml b/charts/argo-rollouts/values.yaml index d92e93041..e451602f2 100644 --- a/charts/argo-rollouts/values.yaml +++ b/charts/argo-rollouts/values.yaml @@ -154,6 +154,17 @@ controller: # -- Maximum number / percentage of pods that may be made unavailable maxUnavailable: # 0 + # -- Additional volumes to add to the controller pod + volumes: [] + # - configMap: + # name: my-certs-cm + # name: my-certs + + # -- Additional volumeMounts to add to the controller container + volumeMounts: [] + # - mountPath: /etc/ssl/certs + # name: my-certs + serviceAccount: # -- Specifies whether a service account should be created create: true @@ -355,6 +366,12 @@ dashboard: # hosts: # - argorollouts.example.com + # -- Additional volumes to add to the dashboard pod + volumes: [] + + # -- Additional volumeMounts to add to the dashboard container + volumeMounts: [] + notifications: secret: # -- Whether to create notifications secret From 22356c77af3e672bf6a5ee97ed7305bb367beccb Mon Sep 17 00:00:00 2001 From: Tim Collins <45351296+tico24@users.noreply.github.com> Date: Fri, 14 Apr 2023 14:53:40 +0100 Subject: [PATCH 134/356] feat(argo-workflows): Add option for controller to read all secrets (#1967) --- charts/argo-workflows/Chart.yaml | 6 +++--- charts/argo-workflows/README.md | 1 + .../controller/workflow-controller-cluster-roles.yaml | 10 ++++++++++ charts/argo-workflows/values.yaml | 2 ++ 4 files changed, 16 insertions(+), 3 deletions(-) diff --git a/charts/argo-workflows/Chart.yaml b/charts/argo-workflows/Chart.yaml index 69cbe88f2..616f3cc40 100644 --- a/charts/argo-workflows/Chart.yaml +++ b/charts/argo-workflows/Chart.yaml @@ -3,7 +3,7 @@ appVersion: v3.4.7 name: argo-workflows description: A Helm chart for Argo Workflows type: application -version: 0.24.0 +version: 0.24.1 icon: https://raw.githubusercontent.com/argoproj/argo-workflows/master/docs/assets/argo.png home: https://github.com/argoproj/argo-helm sources: @@ -13,5 +13,5 @@ maintainers: url: https://argoproj.github.io/ annotations: artifacthub.io/changes: | - - kind: fixed - description: Add namespace field to all namespace scoped resources because `helm template` doesn't add the namespace filed automatically. + - kind: added + description: Add option for workflow controller to read all secrets. diff --git a/charts/argo-workflows/README.md b/charts/argo-workflows/README.md index 2c8ceb70c..463fa4858 100644 --- a/charts/argo-workflows/README.md +++ b/charts/argo-workflows/README.md @@ -174,6 +174,7 @@ Fields to note: | controller.podLabels | object | `{}` | Optional labels to add to the controller pods | | controller.podSecurityContext | object | `{}` | SecurityContext to set on the controller pods | | controller.priorityClassName | string | `""` | Leverage a PriorityClass to ensure your pods survive resource shortages. | +| controller.rbac.accessAllSecrets | bool | `false` | Allows controller to get, list and watch all k8s secrets. Can only be used if secretWhitelist is empty. | | controller.rbac.create | bool | `true` | Adds Role and RoleBinding for the controller. | | controller.rbac.secretWhitelist | list | `[]` | Allows controller to get, list, and watch certain k8s secrets | | controller.rbac.writeConfigMaps | bool | `false` | Allows controller to create and update ConfigMaps. Enables memoization feature | diff --git a/charts/argo-workflows/templates/controller/workflow-controller-cluster-roles.yaml b/charts/argo-workflows/templates/controller/workflow-controller-cluster-roles.yaml index b5d78afa0..c2d2a7713 100644 --- a/charts/argo-workflows/templates/controller/workflow-controller-cluster-roles.yaml +++ b/charts/argo-workflows/templates/controller/workflow-controller-cluster-roles.yaml @@ -187,6 +187,16 @@ rules: - watch resourceNames: {{- toYaml . | nindent 4 }} {{- end }} +{{- if and (not .Values.controller.rbac.secretWhitelist) (.Values.controller.rbac.accessAllSecrets) }} +- apiGroups: + - "" + resources: + - secrets + verbs: + - get + - list + - watch +{{- end }} {{- if .Values.controller.clusterWorkflowTemplates.enabled }} --- diff --git a/charts/argo-workflows/values.yaml b/charts/argo-workflows/values.yaml index 155a0acd9..4783e0a6c 100644 --- a/charts/argo-workflows/values.yaml +++ b/charts/argo-workflows/values.yaml @@ -74,6 +74,8 @@ controller: create: true # -- Allows controller to get, list, and watch certain k8s secrets secretWhitelist: [] + # -- Allows controller to get, list and watch all k8s secrets. Can only be used if secretWhitelist is empty. + accessAllSecrets: false # -- Allows controller to create and update ConfigMaps. Enables memoization feature writeConfigMaps: false From 29b753057bf605e95d07017d6f7e000d3cc808f6 Mon Sep 17 00:00:00 2001 From: Aikawa Date: Sun, 16 Apr 2023 17:13:00 +0900 Subject: [PATCH 135/356] fix(argocd-image-updater): add namespace field for namespace scoped resources (#1970) Signed-off-by: yu-croco --- charts/argocd-image-updater/Chart.yaml | 6 +++--- .../templates/configmap-authscripts.yaml | 1 + .../argocd-image-updater/templates/configmap-sshconfig.yaml | 1 + charts/argocd-image-updater/templates/configmap.yaml | 1 + charts/argocd-image-updater/templates/deployment.yaml | 3 ++- charts/argocd-image-updater/templates/metrics-service.yaml | 1 + charts/argocd-image-updater/templates/rbac.yaml | 4 +++- charts/argocd-image-updater/templates/secret.yaml | 3 ++- charts/argocd-image-updater/templates/serviceaccount.yaml | 1 + charts/argocd-image-updater/templates/servicemonitor.yaml | 4 +--- 10 files changed, 16 insertions(+), 9 deletions(-) diff --git a/charts/argocd-image-updater/Chart.yaml b/charts/argocd-image-updater/Chart.yaml index f64d558be..d6ec30ef3 100644 --- a/charts/argocd-image-updater/Chart.yaml +++ b/charts/argocd-image-updater/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v2 name: argocd-image-updater description: A Helm chart for Argo CD Image Updater, a tool to automatically update the container images of Kubernetes workloads which are managed by Argo CD type: application -version: 0.8.5 +version: 0.9.0 appVersion: v0.12.2 home: https://github.com/argoproj-labs/argocd-image-updater icon: https://argocd-image-updater.readthedocs.io/en/stable/assets/logo.png @@ -15,5 +15,5 @@ maintainers: url: https://argoproj.github.io/ annotations: artifacthub.io/changes: | - - kind: changed - description: Added support for pod labels + - kind: fixed + description: add namespace field for namespace scoped resources diff --git a/charts/argocd-image-updater/templates/configmap-authscripts.yaml b/charts/argocd-image-updater/templates/configmap-authscripts.yaml index fe8341493..3659fbaf5 100644 --- a/charts/argocd-image-updater/templates/configmap-authscripts.yaml +++ b/charts/argocd-image-updater/templates/configmap-authscripts.yaml @@ -5,6 +5,7 @@ metadata: labels: {{- include "argocd-image-updater.labels" . | nindent 4 }} name: argocd-image-updater-authscripts + namespace: {{ .Release.Namespace | quote }} data: {{- toYaml .Values.authScripts.scripts | nindent 2}} {{- end }} diff --git a/charts/argocd-image-updater/templates/configmap-sshconfig.yaml b/charts/argocd-image-updater/templates/configmap-sshconfig.yaml index 548f3100f..45554c0e4 100644 --- a/charts/argocd-image-updater/templates/configmap-sshconfig.yaml +++ b/charts/argocd-image-updater/templates/configmap-sshconfig.yaml @@ -4,6 +4,7 @@ metadata: labels: {{- include "argocd-image-updater.labels" . | nindent 4 }} name: argocd-image-updater-ssh-config + namespace: {{ .Release.Namespace | quote }} data: {{- with .Values.config.sshConfig }} {{- toYaml . | nindent 2 }} diff --git a/charts/argocd-image-updater/templates/configmap.yaml b/charts/argocd-image-updater/templates/configmap.yaml index 0e0b6cfc9..75f69b135 100644 --- a/charts/argocd-image-updater/templates/configmap.yaml +++ b/charts/argocd-image-updater/templates/configmap.yaml @@ -5,6 +5,7 @@ metadata: labels: {{- include "argocd-image-updater.labels" . | nindent 4 }} name: argocd-image-updater-config + namespace: {{ .Release.Namespace | quote }} data: {{- with .Values.config.applicationsAPIKind }} applications_api: {{ . }} diff --git a/charts/argocd-image-updater/templates/deployment.yaml b/charts/argocd-image-updater/templates/deployment.yaml index 936a4a708..9cc71fe3e 100644 --- a/charts/argocd-image-updater/templates/deployment.yaml +++ b/charts/argocd-image-updater/templates/deployment.yaml @@ -2,6 +2,7 @@ apiVersion: apps/v1 kind: Deployment metadata: name: {{ include "argocd-image-updater.fullname" . }} + namespace: {{ .Release.Namespace | quote }} labels: {{- include "argocd-image-updater.labels" . | nindent 4 }} spec: @@ -21,7 +22,7 @@ spec: labels: {{- with .Values.podLabels }} {{- toYaml . | nindent 8 }} - {{- end }} + {{- end }} {{- include "argocd-image-updater.selectorLabels" . | nindent 8 }} spec: {{- with .Values.imagePullSecrets }} diff --git a/charts/argocd-image-updater/templates/metrics-service.yaml b/charts/argocd-image-updater/templates/metrics-service.yaml index 5d1232ae3..186abb41f 100644 --- a/charts/argocd-image-updater/templates/metrics-service.yaml +++ b/charts/argocd-image-updater/templates/metrics-service.yaml @@ -14,6 +14,7 @@ metadata: {{- toYaml . | nindent 4 }} {{- end }} name: {{ include "argocd-image-updater.fullname" . }}-metrics + namespace: {{ .Release.Namespace | quote }} spec: ports: - name: metrics diff --git a/charts/argocd-image-updater/templates/rbac.yaml b/charts/argocd-image-updater/templates/rbac.yaml index cb508a43d..c6316f421 100644 --- a/charts/argocd-image-updater/templates/rbac.yaml +++ b/charts/argocd-image-updater/templates/rbac.yaml @@ -5,7 +5,8 @@ kind: Role metadata: labels: {{ include "argocd-image-updater.labels" . | nindent 4 }} - name: {{ include "argocd-image-updater.fullname" . }} + name: {{ include "argocd-image-updater.fullname" . }} + namespace: {{ .Release.Namespace | quote }} rules: - apiGroups: - '' @@ -45,4 +46,5 @@ roleRef: subjects: - kind: ServiceAccount name: {{ include "argocd-image-updater.serviceAccountName" . }} + namespace: {{ .Release.Namespace | quote }} {{- end }} diff --git a/charts/argocd-image-updater/templates/secret.yaml b/charts/argocd-image-updater/templates/secret.yaml index d0e7bb240..c4cb77818 100644 --- a/charts/argocd-image-updater/templates/secret.yaml +++ b/charts/argocd-image-updater/templates/secret.yaml @@ -3,9 +3,10 @@ apiVersion: v1 kind: Secret metadata: name: argocd-image-updater-secret + namespace: {{ .Release.Namespace | quote }} labels: {{- include "argocd-image-updater.labels" . | nindent 4 }} type: Opaque -data: +data: argocd.token: {{ .Values.config.argocd.token | b64enc }} {{- end }} diff --git a/charts/argocd-image-updater/templates/serviceaccount.yaml b/charts/argocd-image-updater/templates/serviceaccount.yaml index c208ee697..c755731de 100644 --- a/charts/argocd-image-updater/templates/serviceaccount.yaml +++ b/charts/argocd-image-updater/templates/serviceaccount.yaml @@ -3,6 +3,7 @@ apiVersion: v1 kind: ServiceAccount metadata: name: {{ include "argocd-image-updater.serviceAccountName" . }} + namespace: {{ .Release.Namespace | quote }} labels: {{- include "argocd-image-updater.labels" . | nindent 4 }} {{- with .Values.serviceAccount.annotations }} diff --git a/charts/argocd-image-updater/templates/servicemonitor.yaml b/charts/argocd-image-updater/templates/servicemonitor.yaml index fa0b26a6b..969f1190d 100644 --- a/charts/argocd-image-updater/templates/servicemonitor.yaml +++ b/charts/argocd-image-updater/templates/servicemonitor.yaml @@ -3,9 +3,7 @@ apiVersion: monitoring.coreos.com/v1 kind: ServiceMonitor metadata: name: {{ include "argocd-image-updater.fullname" . }}-metrics - {{- with .Values.metrics.serviceMonitor.namespace }} - namespace: {{ . }} - {{- end }} + namespace: {{ default .Release.Namespace .Values.metrics.serviceMonitor.namespace | quote }} labels: {{- include "argocd-image-updater.labels" . | nindent 4 }} {{- with .Values.metrics.serviceMonitor.selector }} From cb51deccb23ad2f293c485ca0a06041bd8ec4870 Mon Sep 17 00:00:00 2001 From: danielm-codefresh Date: Thu, 20 Apr 2023 17:11:43 +0300 Subject: [PATCH 136/356] Remove overwrite of configs.cm."application.instanceLabelKey" --- charts/argo-cd/Chart.yaml | 4 ++-- charts/argo-cd/values.yaml | 2 +- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index fd2ab0a9b..757f39863 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v2 appVersion: v2.6.0-cap-CR-17237 description: A Helm chart for Argo CD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 5.28.1-1-cap-CR-17237 +version: 5.29.1-1-cap-CR-17237 kubeVersion: ">=1.22.0-0" home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png @@ -24,4 +24,4 @@ dependencies: annotations: artifacthub.io/changes: | - kind: fixed - description: Change default value for global.tolerations, from object to array. + description: Use default value for configs.cm.application.instanceLabelKey, instead of overwriting it. diff --git a/charts/argo-cd/values.yaml b/charts/argo-cd/values.yaml index afcadc77d..47f375c13 100644 --- a/charts/argo-cd/values.yaml +++ b/charts/argo-cd/values.yaml @@ -163,7 +163,7 @@ configs: # -- The name of tracking label used by Argo CD for resource pruning # @default -- Defaults to app.kubernetes.io/instance - application.instanceLabelKey: argocd.argoproj.io/instance + application.instanceLabelKey: "" # -- Enable logs RBAC enforcement ## Ref: https://argo-cd.readthedocs.io/en/latest/operator-manual/upgrading/2.3-2.4/#enable-logs-rbac-enforcement From 429b474a4f44e073f8ef2a4da03325083c0122e4 Mon Sep 17 00:00:00 2001 From: Anton Gilgur <4970083+agilgur5@users.noreply.github.com> Date: Sat, 22 Apr 2023 01:53:02 -0400 Subject: [PATCH 137/356] docs(github): comment out notational pieces of PR template (#1969) github: comment out notational pieces of PR template - the DCO and publishing sentences are not filled out during PRs and are purely notational - comment them out with HTML comments, as is common practice - example from a repo I maintain: https://github.com/ezolenko/rollup-plugin-typescript2/blob/f6db59613a66f58c48310aa8fa785951970b5d6d/.github/issue_template.md?plain=1#L2 - I copied that from other repos too - these comments are still visible to the PR author, just not visible when rendered, keeping the PR more concise Signed-off-by: Anton Gilgur Co-authored-by: Marco Kilchhofer --- .github/pull_request_template.md | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/.github/pull_request_template.md b/.github/pull_request_template.md index 65c36c002..ed14509e3 100644 --- a/.github/pull_request_template.md +++ b/.github/pull_request_template.md @@ -1,6 +1,8 @@ + Checklist: @@ -11,4 +13,4 @@ Checklist: * [ ] I have signed off all my commits as required by [DCO](https://github.com/argoproj/argoproj/blob/master/community/CONTRIBUTING.md). * [ ] My build is green ([troubleshooting builds](https://argo-cd.readthedocs.io/en/stable/developer-guide/ci/)). -Changes are automatically published when merged to `main`. They are not published on branches. + From aef554340ff52643c9fbd67afd14fdfa3a0a8b3e Mon Sep 17 00:00:00 2001 From: Anton Gilgur <4970083+agilgur5@users.noreply.github.com> Date: Mon, 24 Apr 2023 01:47:18 -0400 Subject: [PATCH 138/356] feat(argo-workflows): add optional HPA to Server (#1974) --- charts/argo-workflows/Chart.yaml | 4 +- charts/argo-workflows/README.md | 6 +++ .../server/server-deployment-hpa.yaml | 45 +++++++++++++++++++ .../templates/server/server-deployment.yaml | 2 + charts/argo-workflows/values.yaml | 26 +++++++++++ 5 files changed, 81 insertions(+), 2 deletions(-) create mode 100644 charts/argo-workflows/templates/server/server-deployment-hpa.yaml diff --git a/charts/argo-workflows/Chart.yaml b/charts/argo-workflows/Chart.yaml index 616f3cc40..fe52da193 100644 --- a/charts/argo-workflows/Chart.yaml +++ b/charts/argo-workflows/Chart.yaml @@ -3,7 +3,7 @@ appVersion: v3.4.7 name: argo-workflows description: A Helm chart for Argo Workflows type: application -version: 0.24.1 +version: 0.25.0 icon: https://raw.githubusercontent.com/argoproj/argo-workflows/master/docs/assets/argo.png home: https://github.com/argoproj/argo-helm sources: @@ -14,4 +14,4 @@ maintainers: annotations: artifacthub.io/changes: | - kind: added - description: Add option for workflow controller to read all secrets. + description: Add optional HPA for Argo Server diff --git a/charts/argo-workflows/README.md b/charts/argo-workflows/README.md index 463fa4858..50bc7ce9e 100644 --- a/charts/argo-workflows/README.md +++ b/charts/argo-workflows/README.md @@ -237,6 +237,12 @@ Fields to note: | Key | Type | Default | Description | |-----|------|---------|-------------| | server.affinity | object | `{}` | Assign custom [affinity] rules | +| server.autoscaling.behavior | object | `{}` | Configures the scaling behavior of the target in both Up and Down directions. This is only available on HPA apiVersion `autoscaling/v2beta2` and newer | +| server.autoscaling.enabled | bool | `false` | Enable Horizontal Pod Autoscaler ([HPA]) for the Argo Server | +| server.autoscaling.maxReplicas | int | `5` | Maximum number of replicas for the Argo Server [HPA] | +| server.autoscaling.minReplicas | int | `1` | Minimum number of replicas for the Argo Server [HPA] | +| server.autoscaling.targetCPUUtilizationPercentage | int | `50` | Average CPU utilization percentage for the Argo Server [HPA] | +| server.autoscaling.targetMemoryUtilizationPercentage | int | `50` | Average memory utilization percentage for the Argo Server [HPA] | | server.baseHref | string | `"/"` | Value for base href in index.html. Used if the server is running behind reverse proxy under subpath different from /. | | server.clusterWorkflowTemplates.enableEditing | bool | `true` | Give the server permissions to edit ClusterWorkflowTemplates. | | server.clusterWorkflowTemplates.enabled | bool | `true` | Create a ClusterRole and CRB for the server to access ClusterWorkflowTemplates. | diff --git a/charts/argo-workflows/templates/server/server-deployment-hpa.yaml b/charts/argo-workflows/templates/server/server-deployment-hpa.yaml new file mode 100644 index 000000000..ebc45925e --- /dev/null +++ b/charts/argo-workflows/templates/server/server-deployment-hpa.yaml @@ -0,0 +1,45 @@ +{{- if and .Values.server.enabled .Values.server.autoscaling.enabled }} +apiVersion: autoscaling/v2beta1 +kind: HorizontalPodAutoscaler +metadata: + name: {{ template "argo-workflows.server.fullname" . }} + namespace: {{ .Release.Namespace | quote }} + labels: + {{- include "argo-workflows.labels" (dict "context" . "component" .Values.server.name "name" .Values.server.name) | nindent 4 }} +spec: + scaleTargetRef: + apiVersion: apps/v1 + kind: Deployment + name: {{ template "argo-workflows.server.fullname" . }} + minReplicas: {{ .Values.server.autoscaling.minReplicas }} + maxReplicas: {{ .Values.server.autoscaling.maxReplicas }} + metrics: + {{- with .Values.server.autoscaling.targetMemoryUtilizationPercentage }} + - type: Resource + resource: + name: memory + {{- if eq (include "argo-workflows.apiVersion.autoscaling" $) "autoscaling/v2beta1" }} + targetAverageUtilization: {{ . }} + {{- else }} + target: + averageUtilization: {{ . }} + type: Utilization + {{- end }} + {{- end }} + {{- with .Values.server.autoscaling.targetCPUUtilizationPercentage }} + - type: Resource + resource: + name: cpu + {{- if eq (include "argo-workflows.apiVersion.autoscaling" $) "autoscaling/v2beta1" }} + targetAverageUtilization: {{ . }} + {{- else }} + target: + averageUtilization: {{ . }} + type: Utilization + {{- end }} + {{- end }} + {{- with .Values.server.autoscaling.behavior }} + behavior: + {{- toYaml . | nindent 4 }} + {{- end }} +{{- end }} diff --git a/charts/argo-workflows/templates/server/server-deployment.yaml b/charts/argo-workflows/templates/server/server-deployment.yaml index e9da0a1de..d75933ac2 100644 --- a/charts/argo-workflows/templates/server/server-deployment.yaml +++ b/charts/argo-workflows/templates/server/server-deployment.yaml @@ -12,7 +12,9 @@ metadata: {{- toYaml . | nindent 4 }} {{- end }} spec: + {{- if not .Values.server.autoscaling.enabled }} replicas: {{ .Values.server.replicas }} + {{- end }} selector: matchLabels: {{- include "argo-workflows.selectorLabels" (dict "context" . "name" .Values.server.name) | nindent 6 }} diff --git a/charts/argo-workflows/values.yaml b/charts/argo-workflows/values.yaml index 4783e0a6c..2fd166b5c 100644 --- a/charts/argo-workflows/values.yaml +++ b/charts/argo-workflows/values.yaml @@ -431,6 +431,32 @@ server: resources: {} # -- The number of server pods to run replicas: 1 + ## Argo Server Horizontal Pod Autoscaler + autoscaling: + # -- Enable Horizontal Pod Autoscaler ([HPA]) for the Argo Server + enabled: false + # -- Minimum number of replicas for the Argo Server [HPA] + minReplicas: 1 + # -- Maximum number of replicas for the Argo Server [HPA] + maxReplicas: 5 + # -- Average CPU utilization percentage for the Argo Server [HPA] + targetCPUUtilizationPercentage: 50 + # -- Average memory utilization percentage for the Argo Server [HPA] + targetMemoryUtilizationPercentage: 50 + # -- Configures the scaling behavior of the target in both Up and Down directions. + # This is only available on HPA apiVersion `autoscaling/v2beta2` and newer + behavior: {} + # scaleDown: + # stabilizationWindowSeconds: 300 + # policies: + # - type: Pods + # value: 1 + # periodSeconds: 180 + # scaleUp: + # stabilizationWindowSeconds: 300 + # policies: + # - type: Pods + # value: 2 pdb: # -- Configure [Pod Disruption Budget] for the server pods enabled: false From d2853afc24766cee089c918dc0bd0ba77ca57e84 Mon Sep 17 00:00:00 2001 From: aniekgul <13356402+aniekgul@users.noreply.github.com> Date: Mon, 24 Apr 2023 10:40:40 -0400 Subject: [PATCH 139/356] feat(argo-rollouts): add service monitor relabeling configs (#1972) Signed-off-by: Aniek Gul <13356402+aniekgul@users.noreply.github.com> Co-authored-by: Aikawa --- charts/argo-rollouts/Chart.yaml | 4 ++-- charts/argo-rollouts/README.md | 2 ++ .../templates/controller/servicemonitor.yaml | 8 ++++++++ charts/argo-rollouts/values.yaml | 4 ++++ 4 files changed, 16 insertions(+), 2 deletions(-) diff --git a/charts/argo-rollouts/Chart.yaml b/charts/argo-rollouts/Chart.yaml index 376cd8ce1..895826e98 100644 --- a/charts/argo-rollouts/Chart.yaml +++ b/charts/argo-rollouts/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v2 appVersion: v1.4.1 description: A Helm chart for Argo Rollouts name: argo-rollouts -version: 2.25.0 +version: 2.26.0 home: https://github.com/argoproj/argo-helm icon: https://argoproj.github.io/argo-rollouts/assets/logo.png keywords: @@ -16,4 +16,4 @@ maintainers: annotations: artifacthub.io/changes: | - kind: added - description: Ability to provide additional volumes and volumeMounts + description: Ability to provide service monitor relabeling configs diff --git a/charts/argo-rollouts/README.md b/charts/argo-rollouts/README.md index 56a798527..58784cf03 100644 --- a/charts/argo-rollouts/README.md +++ b/charts/argo-rollouts/README.md @@ -89,6 +89,8 @@ For full list of changes please check ArtifactHub [changelog]. | controller.metrics.serviceMonitor.additionalAnnotations | object | `{}` | Annotations to be added to the ServiceMonitor | | controller.metrics.serviceMonitor.additionalLabels | object | `{}` | Labels to be added to the ServiceMonitor | | controller.metrics.serviceMonitor.enabled | bool | `false` | Enable a prometheus ServiceMonitor | +| controller.metrics.serviceMonitor.metricRelabelings | list | `[]` | MetricRelabelConfigs to apply to samples before ingestion | +| controller.metrics.serviceMonitor.relabelings | list | `[]` | RelabelConfigs to apply to samples before scraping | | controller.nodeSelector | object | `{}` | [Node selector] | | controller.pdb.annotations | object | `{}` | Annotations to be added to controller [Pod Disruption Budget] | | controller.pdb.enabled | bool | `false` | Deploy a [Pod Disruption Budget] for the controller | diff --git a/charts/argo-rollouts/templates/controller/servicemonitor.yaml b/charts/argo-rollouts/templates/controller/servicemonitor.yaml index f64dc3285..cb489e3b9 100644 --- a/charts/argo-rollouts/templates/controller/servicemonitor.yaml +++ b/charts/argo-rollouts/templates/controller/servicemonitor.yaml @@ -17,6 +17,14 @@ metadata: spec: endpoints: - port: metrics + {{- with .Values.controller.metrics.serviceMonitor.relabelings }} + relabelings: + {{- toYaml . | nindent 6 }} + {{- end }} + {{- with .Values.controller.metrics.serviceMonitor.metricRelabelings }} + metricRelabelings: + {{- toYaml . | nindent 6 }} + {{- end }} namespaceSelector: matchNames: - {{ .Release.Namespace }} diff --git a/charts/argo-rollouts/values.yaml b/charts/argo-rollouts/values.yaml index e451602f2..28a6f1f81 100644 --- a/charts/argo-rollouts/values.yaml +++ b/charts/argo-rollouts/values.yaml @@ -116,6 +116,10 @@ controller: additionalLabels: {} # -- Annotations to be added to the ServiceMonitor additionalAnnotations: {} + # -- RelabelConfigs to apply to samples before scraping + relabelings: [] + # -- MetricRelabelConfigs to apply to samples before ingestion + metricRelabelings: [] # -- Configure liveness [probe] for the controller # @default -- See [values.yaml] From 00e585342a099fdc4435b816ba6b33b47424afbe Mon Sep 17 00:00:00 2001 From: Stefan Tertan Date: Mon, 24 Apr 2023 17:57:36 +0100 Subject: [PATCH 140/356] feat(argo-workflows): add Prometheus ServiceMonitor relabelings, metricRelabelings & targetLabels (#1977) * feat(argo-workflows): add Prometheus ServiceMonitor relabelings, metricRelabelings & targetLabels Signed-off-by: Stefan Tertan * chore(argo-workflows): bump Helm chart patch version Signed-off-by: Stefan Tertan * docs(argo-workflows): update README.md via `helm-docs` Signed-off-by: Stefan Tertan * chore(argo-workflows): update changelog via chart annotation Signed-off-by: Stefan Tertan * chore(argo-workflows): remove URLs from README Signed-off-by: Stefan Tertan --------- Signed-off-by: Stefan Tertan Co-authored-by: Aikawa --- charts/argo-workflows/Chart.yaml | 4 ++-- charts/argo-workflows/README.md | 3 +++ .../workflow-controller-servicemonitor.yaml | 20 +++++++++++++++++++ charts/argo-workflows/values.yaml | 9 +++++++++ 4 files changed, 34 insertions(+), 2 deletions(-) diff --git a/charts/argo-workflows/Chart.yaml b/charts/argo-workflows/Chart.yaml index fe52da193..51e901cc6 100644 --- a/charts/argo-workflows/Chart.yaml +++ b/charts/argo-workflows/Chart.yaml @@ -3,7 +3,7 @@ appVersion: v3.4.7 name: argo-workflows description: A Helm chart for Argo Workflows type: application -version: 0.25.0 +version: 0.25.1 icon: https://raw.githubusercontent.com/argoproj/argo-workflows/master/docs/assets/argo.png home: https://github.com/argoproj/argo-helm sources: @@ -14,4 +14,4 @@ maintainers: annotations: artifacthub.io/changes: | - kind: added - description: Add optional HPA for Argo Server + description: Add Prometheus ServiceMonitor relabelings, metricRelabelings & targetLabels diff --git a/charts/argo-workflows/README.md b/charts/argo-workflows/README.md index 50bc7ce9e..d918b444b 100644 --- a/charts/argo-workflows/README.md +++ b/charts/argo-workflows/README.md @@ -153,13 +153,16 @@ Fields to note: | controller.logging.level | string | `"info"` | Set the logging level (one of: `debug`, `info`, `warn`, `error`) | | controller.metricsConfig.enabled | bool | `false` | Enables prometheus metrics server | | controller.metricsConfig.ignoreErrors | bool | `false` | Flag that instructs prometheus to ignore metric emission errors. | +| controller.metricsConfig.metricRelabelings | list | `[]` | ServiceMonitor metric relabel configs to apply to samples before ingestion | | controller.metricsConfig.metricsTTL | string | `""` | How often custom metrics are cleared from memory | | controller.metricsConfig.path | string | `"/metrics"` | Path is the path where metrics are emitted. Must start with a "/". | | controller.metricsConfig.port | int | `9090` | Port is the port where metrics are emitted | | controller.metricsConfig.portName | string | `"metrics"` | Container metrics port name | +| controller.metricsConfig.relabelings | list | `[]` | ServiceMonitor relabel configs to apply to samples before scraping | | controller.metricsConfig.secure | bool | `false` | Flag that use a self-signed cert for TLS | | controller.metricsConfig.servicePort | int | `8080` | Service metrics port | | controller.metricsConfig.servicePortName | string | `"metrics"` | Service metrics port name | +| controller.metricsConfig.targetLabels | list | `[]` | ServiceMonitor will add labels from the service to the Prometheus metric | | controller.name | string | `"workflow-controller"` | Workflow controller name string | | controller.namespaceParallelism | string | `nil` | Limits the maximum number of incomplete workflows in a namespace | | controller.navColor | string | `""` | Set ui navigation bar background color | diff --git a/charts/argo-workflows/templates/controller/workflow-controller-servicemonitor.yaml b/charts/argo-workflows/templates/controller/workflow-controller-servicemonitor.yaml index 29fe1b59e..e5e8307fa 100644 --- a/charts/argo-workflows/templates/controller/workflow-controller-servicemonitor.yaml +++ b/charts/argo-workflows/templates/controller/workflow-controller-servicemonitor.yaml @@ -15,11 +15,31 @@ spec: - port: metrics path: {{ .Values.controller.metricsConfig.path }} interval: 30s + {{- with .Values.controller.metricsConfig.relabelings }} + relabelings: + {{- toYaml . | nindent 8 }} + {{- end }} + {{- with .Values.controller.metricsConfig.metricRelabelings }} + metricRelabelings: + {{- toYaml . | nindent 8 }} + {{- end }} {{- end }} {{- if .Values.controller.telemetryConfig.enabled }} - port: telemetry path: {{ .Values.controller.telemetryConfig.path }} interval: 30s + {{- with .Values.controller.metricsConfig.relabelings }} + relabelings: + {{- toYaml . | nindent 8 }} + {{- end }} + {{- with .Values.controller.metricsConfig.metricRelabelings }} + metricRelabelings: + {{- toYaml . | nindent 8 }} + {{- end }} + {{- end }} + {{- with .Values.controller.metricsConfig.targetLabels }} + targetLabels: + {{- toYaml . | nindent 8 }} {{- end }} namespaceSelector: matchNames: diff --git a/charts/argo-workflows/values.yaml b/charts/argo-workflows/values.yaml index 2fd166b5c..7dddf89e6 100644 --- a/charts/argo-workflows/values.yaml +++ b/charts/argo-workflows/values.yaml @@ -111,6 +111,15 @@ controller: servicePort: 8080 # -- Service metrics port name servicePortName: metrics + # -- ServiceMonitor relabel configs to apply to samples before scraping + ## Ref: https://github.com/prometheus-operator/prometheus-operator/blob/master/Documentation/api.md#relabelconfig + relabelings: [] + # -- ServiceMonitor metric relabel configs to apply to samples before ingestion + ## Ref: https://github.com/prometheus-operator/prometheus-operator/blob/main/Documentation/api.md#endpoint + metricRelabelings: [] + # -- ServiceMonitor will add labels from the service to the Prometheus metric + ## Ref: https://github.com/prometheus-operator/prometheus-operator/blob/main/Documentation/api.md#servicemonitorspec + targetLabels: [] # -- the controller container's securityContext securityContext: readOnlyRootFilesystem: true From 086310f23701dff84067a077b987a779ec6cd5b1 Mon Sep 17 00:00:00 2001 From: toyamagu <83329336+toyamagu-2021@users.noreply.github.com> Date: Thu, 27 Apr 2023 21:49:02 +0900 Subject: [PATCH 141/356] fix(argocd-apps): Changed the project field of the applicationset from a tpl to str(#1978) (#1979) fix: Changed the project field of the applicationset from a tpl function to a string. Signed-off-by: tomoki-yamaguchi --- charts/argocd-apps/Chart.yaml | 6 ++-- .../ci/applicationsets-values.yaml | 29 +++++++++++++++++++ .../templates/applicationsets.yaml | 2 +- 3 files changed, 33 insertions(+), 4 deletions(-) diff --git a/charts/argocd-apps/Chart.yaml b/charts/argocd-apps/Chart.yaml index 2f7a6d5cc..c8e37b3b9 100644 --- a/charts/argocd-apps/Chart.yaml +++ b/charts/argocd-apps/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v2 name: argocd-apps description: A Helm chart for managing additional Argo CD Applications and Projects type: application -version: 0.0.9 +version: 1.0.0 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png keywords: @@ -14,5 +14,5 @@ maintainers: url: https://argoproj.github.io/ annotations: artifacthub.io/changes: | - - kind: added - description: Multiple sources for Application and ApplicationSet + - kind: fixed + description: Changed the project field of the applicationset from a tpl function to a string. diff --git a/charts/argocd-apps/ci/applicationsets-values.yaml b/charts/argocd-apps/ci/applicationsets-values.yaml index 2258f422b..6142b1bb5 100644 --- a/charts/argocd-apps/ci/applicationsets-values.yaml +++ b/charts/argocd-apps/ci/applicationsets-values.yaml @@ -42,3 +42,32 @@ applicationsets: syncPolicy: # Set Application finalizer preserveResourcesOnDeletion: false +- name: applicationset-list-generator + generators: + - list: + elements: + - cluster: engineering-dev + url: https://kubernetes.default.svc + template: + metadata: {} + spec: + project: '{{cluster}}' + source: + targetRevision: HEAD + repoURL: https://github.com/argoproj/argo-cd.git + # New path value is generated here: + path: 'applicationset/examples/template-override/{{cluster}}-override' + destination: {} + template: + metadata: + name: '{{cluster}}-guestbook' + spec: + project: '{{cluster}}' + source: + repoURL: https://github.com/argoproj/argo-cd.git + targetRevision: HEAD + # This 'default' value is not used: it is is replaced by the generator's template path, above + path: applicationset/examples/template-override/default + destination: + server: '{{url}}' + namespace: guestbook diff --git a/charts/argocd-apps/templates/applicationsets.yaml b/charts/argocd-apps/templates/applicationsets.yaml index aa7a3b791..bb8b09d1c 100644 --- a/charts/argocd-apps/templates/applicationsets.yaml +++ b/charts/argocd-apps/templates/applicationsets.yaml @@ -51,7 +51,7 @@ spec: {{- end }} {{- with .spec }} spec: - project: {{ tpl .project $ }} + project: {{ .project | squote }} {{- with .source }} source: {{- toYaml . | nindent 8 }} From bc4e00b836335731e4b78dd19e396992dfb068fe Mon Sep 17 00:00:00 2001 From: Tal Yitzhak Date: Fri, 28 Apr 2023 10:54:32 +0300 Subject: [PATCH 142/356] fix(argo-rollouts): Added missing permissions for argo rollouts dashboard cluster role (#1988) --- charts/argo-rollouts/Chart.yaml | 4 ++-- charts/argo-rollouts/templates/dashboard/clusterrole.yaml | 8 ++++++++ 2 files changed, 10 insertions(+), 2 deletions(-) diff --git a/charts/argo-rollouts/Chart.yaml b/charts/argo-rollouts/Chart.yaml index 895826e98..bb95a9865 100644 --- a/charts/argo-rollouts/Chart.yaml +++ b/charts/argo-rollouts/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v2 appVersion: v1.4.1 description: A Helm chart for Argo Rollouts name: argo-rollouts -version: 2.26.0 +version: 2.26.1 home: https://github.com/argoproj/argo-helm icon: https://argoproj.github.io/argo-rollouts/assets/logo.png keywords: @@ -16,4 +16,4 @@ maintainers: annotations: artifacthub.io/changes: | - kind: added - description: Ability to provide service monitor relabeling configs + description: Missing permissions to leases under coordination api group diff --git a/charts/argo-rollouts/templates/dashboard/clusterrole.yaml b/charts/argo-rollouts/templates/dashboard/clusterrole.yaml index 5f05d6e6e..0d69d67e4 100644 --- a/charts/argo-rollouts/templates/dashboard/clusterrole.yaml +++ b/charts/argo-rollouts/templates/dashboard/clusterrole.yaml @@ -71,4 +71,12 @@ rules: verbs: - list - watch + - apiGroups: + - coordination.k8s.io + resources: + - leases + verbs: + - create + - get + - update {{- end }} From 5f807d903b89b3cc2daf02efb08a33b845f01e1f Mon Sep 17 00:00:00 2001 From: Aikawa Date: Tue, 2 May 2023 16:28:34 +0900 Subject: [PATCH 143/356] feat(argo-cd): Upgrade Argo CD to v2.7.0 (#1989) * chore(argo-cd): Upgrade Argo CD to v2.7.0 Signed-off-by: yu-croco * fix(argo-cd): collect syntax Signed-off-by: yu-croco --- charts/argo-cd/Chart.yaml | 8 +- .../templates/crds/crd-application.yaml | 333 +++++++ .../templates/crds/crd-applicationset.yaml | 811 ++++++++++++++++++ 3 files changed, 1148 insertions(+), 4 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index 01aab8419..169a53299 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -1,9 +1,9 @@ apiVersion: v2 -appVersion: v2.6.7 +appVersion: v2.7.0 kubeVersion: ">=1.22.0-0" description: A Helm chart for Argo CD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 5.29.1 +version: 5.30.0 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png sources: @@ -23,5 +23,5 @@ dependencies: condition: redis-ha.enabled annotations: artifacthub.io/changes: | - - kind: fixed - description: Namespace field for some namespaced resources needs to be evaluated via helm root scope + - kind: changed + description: Upgrade Argo CD to v2.7.0 diff --git a/charts/argo-cd/templates/crds/crd-application.yaml b/charts/argo-cd/templates/crds/crd-application.yaml index ae0f7295f..5bb7bfb3e 100644 --- a/charts/argo-cd/templates/crds/crd-application.yaml +++ b/charts/argo-cd/templates/crds/crd-application.yaml @@ -310,6 +310,10 @@ spec: description: CommonAnnotations is a list of additional annotations to add to rendered manifests type: object + commonAnnotationsEnvsubst: + description: CommonAnnotationsEnvsubst specifies whether + to apply env variables substitution for annotation values + type: boolean commonLabels: additionalProperties: type: string @@ -341,6 +345,29 @@ spec: description: NameSuffix is a suffix appended to resources for Kustomize apps type: string + namespace: + description: Namespace sets the namespace that Kustomize + adds to all resources + type: string + replicas: + description: Replicas is a list of Kustomize Replicas + override specifications + items: + properties: + count: + anyOf: + - type: integer + - type: string + description: Number of replicas + x-kubernetes-int-or-string: true + name: + description: Name of Deployment or StatefulSet + type: string + required: + - count + - name + type: object + type: array version: description: Version controls which version of Kustomize to use for rendering manifests @@ -572,6 +599,11 @@ spec: description: CommonAnnotations is a list of additional annotations to add to rendered manifests type: object + commonAnnotationsEnvsubst: + description: CommonAnnotationsEnvsubst specifies whether + to apply env variables substitution for annotation + values + type: boolean commonLabels: additionalProperties: type: string @@ -604,6 +636,29 @@ spec: description: NameSuffix is a suffix appended to resources for Kustomize apps type: string + namespace: + description: Namespace sets the namespace that Kustomize + adds to all resources + type: string + replicas: + description: Replicas is a list of Kustomize Replicas + override specifications + items: + properties: + count: + anyOf: + - type: integer + - type: string + description: Number of replicas + x-kubernetes-int-or-string: true + name: + description: Name of Deployment or StatefulSet + type: string + required: + - count + - name + type: object + type: array version: description: Version controls which version of Kustomize to use for rendering manifests @@ -950,6 +1005,10 @@ spec: description: CommonAnnotations is a list of additional annotations to add to rendered manifests type: object + commonAnnotationsEnvsubst: + description: CommonAnnotationsEnvsubst specifies whether to + apply env variables substitution for annotation values + type: boolean commonLabels: additionalProperties: type: string @@ -980,6 +1039,29 @@ spec: description: NameSuffix is a suffix appended to resources for Kustomize apps type: string + namespace: + description: Namespace sets the namespace that Kustomize adds + to all resources + type: string + replicas: + description: Replicas is a list of Kustomize Replicas override + specifications + items: + properties: + count: + anyOf: + - type: integer + - type: string + description: Number of replicas + x-kubernetes-int-or-string: true + name: + description: Name of Deployment or StatefulSet + type: string + required: + - count + - name + type: object + type: array version: description: Version controls which version of Kustomize to use for rendering manifests @@ -1203,6 +1285,10 @@ spec: description: CommonAnnotations is a list of additional annotations to add to rendered manifests type: object + commonAnnotationsEnvsubst: + description: CommonAnnotationsEnvsubst specifies whether + to apply env variables substitution for annotation values + type: boolean commonLabels: additionalProperties: type: string @@ -1234,6 +1320,29 @@ spec: description: NameSuffix is a suffix appended to resources for Kustomize apps type: string + namespace: + description: Namespace sets the namespace that Kustomize + adds to all resources + type: string + replicas: + description: Replicas is a list of Kustomize Replicas override + specifications + items: + properties: + count: + anyOf: + - type: integer + - type: string + description: Number of replicas + x-kubernetes-int-or-string: true + name: + description: Name of Deployment or StatefulSet + type: string + required: + - count + - name + type: object + type: array version: description: Version controls which version of Kustomize to use for rendering manifests @@ -1604,6 +1713,11 @@ spec: description: CommonAnnotations is a list of additional annotations to add to rendered manifests type: object + commonAnnotationsEnvsubst: + description: CommonAnnotationsEnvsubst specifies whether + to apply env variables substitution for annotation + values + type: boolean commonLabels: additionalProperties: type: string @@ -1636,6 +1750,29 @@ spec: description: NameSuffix is a suffix appended to resources for Kustomize apps type: string + namespace: + description: Namespace sets the namespace that Kustomize + adds to all resources + type: string + replicas: + description: Replicas is a list of Kustomize Replicas + override specifications + items: + properties: + count: + anyOf: + - type: integer + - type: string + description: Number of replicas + x-kubernetes-int-or-string: true + name: + description: Name of Deployment or StatefulSet + type: string + required: + - count + - name + type: object + type: array version: description: Version controls which version of Kustomize to use for rendering manifests @@ -1869,6 +2006,11 @@ spec: description: CommonAnnotations is a list of additional annotations to add to rendered manifests type: object + commonAnnotationsEnvsubst: + description: CommonAnnotationsEnvsubst specifies whether + to apply env variables substitution for annotation + values + type: boolean commonLabels: additionalProperties: type: string @@ -1901,6 +2043,29 @@ spec: description: NameSuffix is a suffix appended to resources for Kustomize apps type: string + namespace: + description: Namespace sets the namespace that Kustomize + adds to all resources + type: string + replicas: + description: Replicas is a list of Kustomize Replicas + override specifications + items: + properties: + count: + anyOf: + - type: integer + - type: string + description: Number of replicas + x-kubernetes-int-or-string: true + name: + description: Name of Deployment or StatefulSet + type: string + required: + - count + - name + type: object + type: array version: description: Version controls which version of Kustomize to use for rendering manifests @@ -2279,6 +2444,11 @@ spec: description: CommonAnnotations is a list of additional annotations to add to rendered manifests type: object + commonAnnotationsEnvsubst: + description: CommonAnnotationsEnvsubst specifies + whether to apply env variables substitution + for annotation values + type: boolean commonLabels: additionalProperties: type: string @@ -2311,6 +2481,29 @@ spec: description: NameSuffix is a suffix appended to resources for Kustomize apps type: string + namespace: + description: Namespace sets the namespace that + Kustomize adds to all resources + type: string + replicas: + description: Replicas is a list of Kustomize Replicas + override specifications + items: + properties: + count: + anyOf: + - type: integer + - type: string + description: Number of replicas + x-kubernetes-int-or-string: true + name: + description: Name of Deployment or StatefulSet + type: string + required: + - count + - name + type: object + type: array version: description: Version controls which version of Kustomize to use for rendering manifests @@ -2562,6 +2755,11 @@ spec: additional annotations to add to rendered manifests type: object + commonAnnotationsEnvsubst: + description: CommonAnnotationsEnvsubst specifies + whether to apply env variables substitution + for annotation values + type: boolean commonLabels: additionalProperties: type: string @@ -2594,6 +2792,29 @@ spec: description: NameSuffix is a suffix appended to resources for Kustomize apps type: string + namespace: + description: Namespace sets the namespace that + Kustomize adds to all resources + type: string + replicas: + description: Replicas is a list of Kustomize + Replicas override specifications + items: + properties: + count: + anyOf: + - type: integer + - type: string + description: Number of replicas + x-kubernetes-int-or-string: true + name: + description: Name of Deployment or StatefulSet + type: string + required: + - count + - name + type: object + type: array version: description: Version controls which version of Kustomize to use for rendering manifests @@ -2945,6 +3166,11 @@ spec: description: CommonAnnotations is a list of additional annotations to add to rendered manifests type: object + commonAnnotationsEnvsubst: + description: CommonAnnotationsEnvsubst specifies whether + to apply env variables substitution for annotation + values + type: boolean commonLabels: additionalProperties: type: string @@ -2977,6 +3203,29 @@ spec: description: NameSuffix is a suffix appended to resources for Kustomize apps type: string + namespace: + description: Namespace sets the namespace that Kustomize + adds to all resources + type: string + replicas: + description: Replicas is a list of Kustomize Replicas + override specifications + items: + properties: + count: + anyOf: + - type: integer + - type: string + description: Number of replicas + x-kubernetes-int-or-string: true + name: + description: Name of Deployment or StatefulSet + type: string + required: + - count + - name + type: object + type: array version: description: Version controls which version of Kustomize to use for rendering manifests @@ -3221,6 +3470,11 @@ spec: description: CommonAnnotations is a list of additional annotations to add to rendered manifests type: object + commonAnnotationsEnvsubst: + description: CommonAnnotationsEnvsubst specifies + whether to apply env variables substitution for + annotation values + type: boolean commonLabels: additionalProperties: type: string @@ -3253,6 +3507,29 @@ spec: description: NameSuffix is a suffix appended to resources for Kustomize apps type: string + namespace: + description: Namespace sets the namespace that Kustomize + adds to all resources + type: string + replicas: + description: Replicas is a list of Kustomize Replicas + override specifications + items: + properties: + count: + anyOf: + - type: integer + - type: string + description: Number of replicas + x-kubernetes-int-or-string: true + name: + description: Name of Deployment or StatefulSet + type: string + required: + - count + - name + type: object + type: array version: description: Version controls which version of Kustomize to use for rendering manifests @@ -3602,6 +3879,11 @@ spec: description: CommonAnnotations is a list of additional annotations to add to rendered manifests type: object + commonAnnotationsEnvsubst: + description: CommonAnnotationsEnvsubst specifies whether + to apply env variables substitution for annotation + values + type: boolean commonLabels: additionalProperties: type: string @@ -3634,6 +3916,29 @@ spec: description: NameSuffix is a suffix appended to resources for Kustomize apps type: string + namespace: + description: Namespace sets the namespace that Kustomize + adds to all resources + type: string + replicas: + description: Replicas is a list of Kustomize Replicas + override specifications + items: + properties: + count: + anyOf: + - type: integer + - type: string + description: Number of replicas + x-kubernetes-int-or-string: true + name: + description: Name of Deployment or StatefulSet + type: string + required: + - count + - name + type: object + type: array version: description: Version controls which version of Kustomize to use for rendering manifests @@ -3878,6 +4183,11 @@ spec: description: CommonAnnotations is a list of additional annotations to add to rendered manifests type: object + commonAnnotationsEnvsubst: + description: CommonAnnotationsEnvsubst specifies + whether to apply env variables substitution for + annotation values + type: boolean commonLabels: additionalProperties: type: string @@ -3910,6 +4220,29 @@ spec: description: NameSuffix is a suffix appended to resources for Kustomize apps type: string + namespace: + description: Namespace sets the namespace that Kustomize + adds to all resources + type: string + replicas: + description: Replicas is a list of Kustomize Replicas + override specifications + items: + properties: + count: + anyOf: + - type: integer + - type: string + description: Number of replicas + x-kubernetes-int-or-string: true + name: + description: Name of Deployment or StatefulSet + type: string + required: + - count + - name + type: object + type: array version: description: Version controls which version of Kustomize to use for rendering manifests diff --git a/charts/argo-cd/templates/crds/crd-applicationset.yaml b/charts/argo-cd/templates/crds/crd-applicationset.yaml index 434522422..f9bfde6c6 100644 --- a/charts/argo-cd/templates/crds/crd-applicationset.yaml +++ b/charts/argo-cd/templates/crds/crd-applicationset.yaml @@ -241,6 +241,8 @@ spec: additionalProperties: type: string type: object + commonAnnotationsEnvsubst: + type: boolean commonLabels: additionalProperties: type: string @@ -257,6 +259,23 @@ spec: type: string nameSuffix: type: string + namespace: + type: string + replicas: + items: + properties: + count: + anyOf: + - type: integer + - type: string + x-kubernetes-int-or-string: true + name: + type: string + required: + - count + - name + type: object + type: array version: type: string type: object @@ -399,6 +418,8 @@ spec: additionalProperties: type: string type: object + commonAnnotationsEnvsubst: + type: boolean commonLabels: additionalProperties: type: string @@ -415,6 +436,23 @@ spec: type: string nameSuffix: type: string + namespace: + type: string + replicas: + items: + properties: + count: + anyOf: + - type: integer + - type: string + x-kubernetes-int-or-string: true + name: + type: string + required: + - count + - name + type: object + type: array version: type: string type: object @@ -716,6 +754,8 @@ spec: additionalProperties: type: string type: object + commonAnnotationsEnvsubst: + type: boolean commonLabels: additionalProperties: type: string @@ -732,6 +772,23 @@ spec: type: string nameSuffix: type: string + namespace: + type: string + replicas: + items: + properties: + count: + anyOf: + - type: integer + - type: string + x-kubernetes-int-or-string: true + name: + type: string + required: + - count + - name + type: object + type: array version: type: string type: object @@ -874,6 +931,8 @@ spec: additionalProperties: type: string type: object + commonAnnotationsEnvsubst: + type: boolean commonLabels: additionalProperties: type: string @@ -890,6 +949,23 @@ spec: type: string nameSuffix: type: string + namespace: + type: string + replicas: + items: + properties: + count: + anyOf: + - type: integer + - type: string + x-kubernetes-int-or-string: true + name: + type: string + required: + - count + - name + type: object + type: array version: type: string type: object @@ -1195,6 +1271,8 @@ spec: additionalProperties: type: string type: object + commonAnnotationsEnvsubst: + type: boolean commonLabels: additionalProperties: type: string @@ -1211,6 +1289,23 @@ spec: type: string nameSuffix: type: string + namespace: + type: string + replicas: + items: + properties: + count: + anyOf: + - type: integer + - type: string + x-kubernetes-int-or-string: true + name: + type: string + required: + - count + - name + type: object + type: array version: type: string type: object @@ -1353,6 +1448,8 @@ spec: additionalProperties: type: string type: object + commonAnnotationsEnvsubst: + type: boolean commonLabels: additionalProperties: type: string @@ -1369,6 +1466,23 @@ spec: type: string nameSuffix: type: string + namespace: + type: string + replicas: + items: + properties: + count: + anyOf: + - type: integer + - type: string + x-kubernetes-int-or-string: true + name: + type: string + required: + - count + - name + type: object + type: array version: type: string type: object @@ -1479,6 +1593,8 @@ spec: items: x-kubernetes-preserve-unknown-fields: true type: array + elementsYaml: + type: string template: properties: metadata: @@ -1648,6 +1764,8 @@ spec: additionalProperties: type: string type: object + commonAnnotationsEnvsubst: + type: boolean commonLabels: additionalProperties: type: string @@ -1664,6 +1782,23 @@ spec: type: string nameSuffix: type: string + namespace: + type: string + replicas: + items: + properties: + count: + anyOf: + - type: integer + - type: string + x-kubernetes-int-or-string: true + name: + type: string + required: + - count + - name + type: object + type: array version: type: string type: object @@ -1806,6 +1941,8 @@ spec: additionalProperties: type: string type: object + commonAnnotationsEnvsubst: + type: boolean commonLabels: additionalProperties: type: string @@ -1822,6 +1959,23 @@ spec: type: string nameSuffix: type: string + namespace: + type: string + replicas: + items: + properties: + count: + anyOf: + - type: integer + - type: string + x-kubernetes-int-or-string: true + name: + type: string + required: + - count + - name + type: object + type: array version: type: string type: object @@ -2131,6 +2285,8 @@ spec: additionalProperties: type: string type: object + commonAnnotationsEnvsubst: + type: boolean commonLabels: additionalProperties: type: string @@ -2147,6 +2303,23 @@ spec: type: string nameSuffix: type: string + namespace: + type: string + replicas: + items: + properties: + count: + anyOf: + - type: integer + - type: string + x-kubernetes-int-or-string: true + name: + type: string + required: + - count + - name + type: object + type: array version: type: string type: object @@ -2289,6 +2462,8 @@ spec: additionalProperties: type: string type: object + commonAnnotationsEnvsubst: + type: boolean commonLabels: additionalProperties: type: string @@ -2305,6 +2480,23 @@ spec: type: string nameSuffix: type: string + namespace: + type: string + replicas: + items: + properties: + count: + anyOf: + - type: integer + - type: string + x-kubernetes-int-or-string: true + name: + type: string + required: + - count + - name + type: object + type: array version: type: string type: object @@ -2606,6 +2798,8 @@ spec: additionalProperties: type: string type: object + commonAnnotationsEnvsubst: + type: boolean commonLabels: additionalProperties: type: string @@ -2622,6 +2816,23 @@ spec: type: string nameSuffix: type: string + namespace: + type: string + replicas: + items: + properties: + count: + anyOf: + - type: integer + - type: string + x-kubernetes-int-or-string: true + name: + type: string + required: + - count + - name + type: object + type: array version: type: string type: object @@ -2764,6 +2975,8 @@ spec: additionalProperties: type: string type: object + commonAnnotationsEnvsubst: + type: boolean commonLabels: additionalProperties: type: string @@ -2780,6 +2993,23 @@ spec: type: string nameSuffix: type: string + namespace: + type: string + replicas: + items: + properties: + count: + anyOf: + - type: integer + - type: string + x-kubernetes-int-or-string: true + name: + type: string + required: + - count + - name + type: object + type: array version: type: string type: object @@ -3085,6 +3315,8 @@ spec: additionalProperties: type: string type: object + commonAnnotationsEnvsubst: + type: boolean commonLabels: additionalProperties: type: string @@ -3101,6 +3333,23 @@ spec: type: string nameSuffix: type: string + namespace: + type: string + replicas: + items: + properties: + count: + anyOf: + - type: integer + - type: string + x-kubernetes-int-or-string: true + name: + type: string + required: + - count + - name + type: object + type: array version: type: string type: object @@ -3243,6 +3492,8 @@ spec: additionalProperties: type: string type: object + commonAnnotationsEnvsubst: + type: boolean commonLabels: additionalProperties: type: string @@ -3259,6 +3510,23 @@ spec: type: string nameSuffix: type: string + namespace: + type: string + replicas: + items: + properties: + count: + anyOf: + - type: integer + - type: string + x-kubernetes-int-or-string: true + name: + type: string + required: + - count + - name + type: object + type: array version: type: string type: object @@ -3369,6 +3637,8 @@ spec: items: x-kubernetes-preserve-unknown-fields: true type: array + elementsYaml: + type: string template: properties: metadata: @@ -3538,6 +3808,8 @@ spec: additionalProperties: type: string type: object + commonAnnotationsEnvsubst: + type: boolean commonLabels: additionalProperties: type: string @@ -3554,6 +3826,23 @@ spec: type: string nameSuffix: type: string + namespace: + type: string + replicas: + items: + properties: + count: + anyOf: + - type: integer + - type: string + x-kubernetes-int-or-string: true + name: + type: string + required: + - count + - name + type: object + type: array version: type: string type: object @@ -3696,6 +3985,8 @@ spec: additionalProperties: type: string type: object + commonAnnotationsEnvsubst: + type: boolean commonLabels: additionalProperties: type: string @@ -3712,6 +4003,23 @@ spec: type: string nameSuffix: type: string + namespace: + type: string + replicas: + items: + properties: + count: + anyOf: + - type: integer + - type: string + x-kubernetes-int-or-string: true + name: + type: string + required: + - count + - name + type: object + type: array version: type: string type: object @@ -4109,6 +4417,8 @@ spec: additionalProperties: type: string type: object + commonAnnotationsEnvsubst: + type: boolean commonLabels: additionalProperties: type: string @@ -4125,6 +4435,23 @@ spec: type: string nameSuffix: type: string + namespace: + type: string + replicas: + items: + properties: + count: + anyOf: + - type: integer + - type: string + x-kubernetes-int-or-string: true + name: + type: string + required: + - count + - name + type: object + type: array version: type: string type: object @@ -4267,6 +4594,8 @@ spec: additionalProperties: type: string type: object + commonAnnotationsEnvsubst: + type: boolean commonLabels: additionalProperties: type: string @@ -4283,6 +4612,23 @@ spec: type: string nameSuffix: type: string + namespace: + type: string + replicas: + items: + properties: + count: + anyOf: + - type: integer + - type: string + x-kubernetes-int-or-string: true + name: + type: string + required: + - count + - name + type: object + type: array version: type: string type: object @@ -4727,6 +5073,8 @@ spec: additionalProperties: type: string type: object + commonAnnotationsEnvsubst: + type: boolean commonLabels: additionalProperties: type: string @@ -4743,6 +5091,23 @@ spec: type: string nameSuffix: type: string + namespace: + type: string + replicas: + items: + properties: + count: + anyOf: + - type: integer + - type: string + x-kubernetes-int-or-string: true + name: + type: string + required: + - count + - name + type: object + type: array version: type: string type: object @@ -4885,6 +5250,8 @@ spec: additionalProperties: type: string type: object + commonAnnotationsEnvsubst: + type: boolean commonLabels: additionalProperties: type: string @@ -4901,6 +5268,23 @@ spec: type: string nameSuffix: type: string + namespace: + type: string + replicas: + items: + properties: + count: + anyOf: + - type: integer + - type: string + x-kubernetes-int-or-string: true + name: + type: string + required: + - count + - name + type: object + type: array version: type: string type: object @@ -5196,6 +5580,8 @@ spec: additionalProperties: type: string type: object + commonAnnotationsEnvsubst: + type: boolean commonLabels: additionalProperties: type: string @@ -5212,6 +5598,23 @@ spec: type: string nameSuffix: type: string + namespace: + type: string + replicas: + items: + properties: + count: + anyOf: + - type: integer + - type: string + x-kubernetes-int-or-string: true + name: + type: string + required: + - count + - name + type: object + type: array version: type: string type: object @@ -5354,6 +5757,8 @@ spec: additionalProperties: type: string type: object + commonAnnotationsEnvsubst: + type: boolean commonLabels: additionalProperties: type: string @@ -5370,6 +5775,23 @@ spec: type: string nameSuffix: type: string + namespace: + type: string + replicas: + items: + properties: + count: + anyOf: + - type: integer + - type: string + x-kubernetes-int-or-string: true + name: + type: string + required: + - count + - name + type: object + type: array version: type: string type: object @@ -5679,6 +6101,8 @@ spec: additionalProperties: type: string type: object + commonAnnotationsEnvsubst: + type: boolean commonLabels: additionalProperties: type: string @@ -5695,6 +6119,23 @@ spec: type: string nameSuffix: type: string + namespace: + type: string + replicas: + items: + properties: + count: + anyOf: + - type: integer + - type: string + x-kubernetes-int-or-string: true + name: + type: string + required: + - count + - name + type: object + type: array version: type: string type: object @@ -5837,6 +6278,8 @@ spec: additionalProperties: type: string type: object + commonAnnotationsEnvsubst: + type: boolean commonLabels: additionalProperties: type: string @@ -5853,6 +6296,23 @@ spec: type: string nameSuffix: type: string + namespace: + type: string + replicas: + items: + properties: + count: + anyOf: + - type: integer + - type: string + x-kubernetes-int-or-string: true + name: + type: string + required: + - count + - name + type: object + type: array version: type: string type: object @@ -6154,6 +6614,8 @@ spec: additionalProperties: type: string type: object + commonAnnotationsEnvsubst: + type: boolean commonLabels: additionalProperties: type: string @@ -6170,6 +6632,23 @@ spec: type: string nameSuffix: type: string + namespace: + type: string + replicas: + items: + properties: + count: + anyOf: + - type: integer + - type: string + x-kubernetes-int-or-string: true + name: + type: string + required: + - count + - name + type: object + type: array version: type: string type: object @@ -6312,6 +6791,8 @@ spec: additionalProperties: type: string type: object + commonAnnotationsEnvsubst: + type: boolean commonLabels: additionalProperties: type: string @@ -6328,6 +6809,23 @@ spec: type: string nameSuffix: type: string + namespace: + type: string + replicas: + items: + properties: + count: + anyOf: + - type: integer + - type: string + x-kubernetes-int-or-string: true + name: + type: string + required: + - count + - name + type: object + type: array version: type: string type: object @@ -6633,6 +7131,8 @@ spec: additionalProperties: type: string type: object + commonAnnotationsEnvsubst: + type: boolean commonLabels: additionalProperties: type: string @@ -6649,6 +7149,23 @@ spec: type: string nameSuffix: type: string + namespace: + type: string + replicas: + items: + properties: + count: + anyOf: + - type: integer + - type: string + x-kubernetes-int-or-string: true + name: + type: string + required: + - count + - name + type: object + type: array version: type: string type: object @@ -6791,6 +7308,8 @@ spec: additionalProperties: type: string type: object + commonAnnotationsEnvsubst: + type: boolean commonLabels: additionalProperties: type: string @@ -6807,6 +7326,23 @@ spec: type: string nameSuffix: type: string + namespace: + type: string + replicas: + items: + properties: + count: + anyOf: + - type: integer + - type: string + x-kubernetes-int-or-string: true + name: + type: string + required: + - count + - name + type: object + type: array version: type: string type: object @@ -6917,6 +7453,8 @@ spec: items: x-kubernetes-preserve-unknown-fields: true type: array + elementsYaml: + type: string template: properties: metadata: @@ -7086,6 +7624,8 @@ spec: additionalProperties: type: string type: object + commonAnnotationsEnvsubst: + type: boolean commonLabels: additionalProperties: type: string @@ -7102,6 +7642,23 @@ spec: type: string nameSuffix: type: string + namespace: + type: string + replicas: + items: + properties: + count: + anyOf: + - type: integer + - type: string + x-kubernetes-int-or-string: true + name: + type: string + required: + - count + - name + type: object + type: array version: type: string type: object @@ -7244,6 +7801,8 @@ spec: additionalProperties: type: string type: object + commonAnnotationsEnvsubst: + type: boolean commonLabels: additionalProperties: type: string @@ -7260,6 +7819,23 @@ spec: type: string nameSuffix: type: string + namespace: + type: string + replicas: + items: + properties: + count: + anyOf: + - type: integer + - type: string + x-kubernetes-int-or-string: true + name: + type: string + required: + - count + - name + type: object + type: array version: type: string type: object @@ -7657,6 +8233,8 @@ spec: additionalProperties: type: string type: object + commonAnnotationsEnvsubst: + type: boolean commonLabels: additionalProperties: type: string @@ -7673,6 +8251,23 @@ spec: type: string nameSuffix: type: string + namespace: + type: string + replicas: + items: + properties: + count: + anyOf: + - type: integer + - type: string + x-kubernetes-int-or-string: true + name: + type: string + required: + - count + - name + type: object + type: array version: type: string type: object @@ -7815,6 +8410,8 @@ spec: additionalProperties: type: string type: object + commonAnnotationsEnvsubst: + type: boolean commonLabels: additionalProperties: type: string @@ -7831,6 +8428,23 @@ spec: type: string nameSuffix: type: string + namespace: + type: string + replicas: + items: + properties: + count: + anyOf: + - type: integer + - type: string + x-kubernetes-int-or-string: true + name: + type: string + required: + - count + - name + type: object + type: array version: type: string type: object @@ -8275,6 +8889,8 @@ spec: additionalProperties: type: string type: object + commonAnnotationsEnvsubst: + type: boolean commonLabels: additionalProperties: type: string @@ -8291,6 +8907,23 @@ spec: type: string nameSuffix: type: string + namespace: + type: string + replicas: + items: + properties: + count: + anyOf: + - type: integer + - type: string + x-kubernetes-int-or-string: true + name: + type: string + required: + - count + - name + type: object + type: array version: type: string type: object @@ -8433,6 +9066,8 @@ spec: additionalProperties: type: string type: object + commonAnnotationsEnvsubst: + type: boolean commonLabels: additionalProperties: type: string @@ -8449,6 +9084,23 @@ spec: type: string nameSuffix: type: string + namespace: + type: string + replicas: + items: + properties: + count: + anyOf: + - type: integer + - type: string + x-kubernetes-int-or-string: true + name: + type: string + required: + - count + - name + type: object + type: array version: type: string type: object @@ -8748,6 +9400,8 @@ spec: additionalProperties: type: string type: object + commonAnnotationsEnvsubst: + type: boolean commonLabels: additionalProperties: type: string @@ -8764,6 +9418,23 @@ spec: type: string nameSuffix: type: string + namespace: + type: string + replicas: + items: + properties: + count: + anyOf: + - type: integer + - type: string + x-kubernetes-int-or-string: true + name: + type: string + required: + - count + - name + type: object + type: array version: type: string type: object @@ -8906,6 +9577,8 @@ spec: additionalProperties: type: string type: object + commonAnnotationsEnvsubst: + type: boolean commonLabels: additionalProperties: type: string @@ -8922,6 +9595,23 @@ spec: type: string nameSuffix: type: string + namespace: + type: string + replicas: + items: + properties: + count: + anyOf: + - type: integer + - type: string + x-kubernetes-int-or-string: true + name: + type: string + required: + - count + - name + type: object + type: array version: type: string type: object @@ -9316,6 +10006,8 @@ spec: additionalProperties: type: string type: object + commonAnnotationsEnvsubst: + type: boolean commonLabels: additionalProperties: type: string @@ -9332,6 +10024,23 @@ spec: type: string nameSuffix: type: string + namespace: + type: string + replicas: + items: + properties: + count: + anyOf: + - type: integer + - type: string + x-kubernetes-int-or-string: true + name: + type: string + required: + - count + - name + type: object + type: array version: type: string type: object @@ -9474,6 +10183,8 @@ spec: additionalProperties: type: string type: object + commonAnnotationsEnvsubst: + type: boolean commonLabels: additionalProperties: type: string @@ -9490,6 +10201,23 @@ spec: type: string nameSuffix: type: string + namespace: + type: string + replicas: + items: + properties: + count: + anyOf: + - type: integer + - type: string + x-kubernetes-int-or-string: true + name: + type: string + required: + - count + - name + type: object + type: array version: type: string type: object @@ -9934,6 +10662,8 @@ spec: additionalProperties: type: string type: object + commonAnnotationsEnvsubst: + type: boolean commonLabels: additionalProperties: type: string @@ -9950,6 +10680,23 @@ spec: type: string nameSuffix: type: string + namespace: + type: string + replicas: + items: + properties: + count: + anyOf: + - type: integer + - type: string + x-kubernetes-int-or-string: true + name: + type: string + required: + - count + - name + type: object + type: array version: type: string type: object @@ -10092,6 +10839,8 @@ spec: additionalProperties: type: string type: object + commonAnnotationsEnvsubst: + type: boolean commonLabels: additionalProperties: type: string @@ -10108,6 +10857,23 @@ spec: type: string nameSuffix: type: string + namespace: + type: string + replicas: + items: + properties: + count: + anyOf: + - type: integer + - type: string + x-kubernetes-int-or-string: true + name: + type: string + required: + - count + - name + type: object + type: array version: type: string type: object @@ -10236,6 +11002,13 @@ spec: type: array goTemplate: type: boolean + preservedFields: + properties: + annotations: + items: + type: string + type: array + type: object strategy: properties: rollingSync: @@ -10441,6 +11214,8 @@ spec: additionalProperties: type: string type: object + commonAnnotationsEnvsubst: + type: boolean commonLabels: additionalProperties: type: string @@ -10457,6 +11232,23 @@ spec: type: string nameSuffix: type: string + namespace: + type: string + replicas: + items: + properties: + count: + anyOf: + - type: integer + - type: string + x-kubernetes-int-or-string: true + name: + type: string + required: + - count + - name + type: object + type: array version: type: string type: object @@ -10599,6 +11391,8 @@ spec: additionalProperties: type: string type: object + commonAnnotationsEnvsubst: + type: boolean commonLabels: additionalProperties: type: string @@ -10615,6 +11409,23 @@ spec: type: string nameSuffix: type: string + namespace: + type: string + replicas: + items: + properties: + count: + anyOf: + - type: integer + - type: string + x-kubernetes-int-or-string: true + name: + type: string + required: + - count + - name + type: object + type: array version: type: string type: object From b9fa30883b5dae8648b822f56ffb81a6f566653f Mon Sep 17 00:00:00 2001 From: Aikawa Date: Tue, 2 May 2023 19:28:13 +0900 Subject: [PATCH 144/356] chore(argo-cd): Upgrade Dex and Redis (#1990) Signed-off-by: yu-croco --- charts/argo-cd/Chart.yaml | 6 ++++-- charts/argo-cd/README.md | 6 +++--- charts/argo-cd/values.yaml | 6 +++--- 3 files changed, 10 insertions(+), 8 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index 169a53299..675f66eda 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -3,7 +3,7 @@ appVersion: v2.7.0 kubeVersion: ">=1.22.0-0" description: A Helm chart for Argo CD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 5.30.0 +version: 5.30.1 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png sources: @@ -24,4 +24,6 @@ dependencies: annotations: artifacthub.io/changes: | - kind: changed - description: Upgrade Argo CD to v2.7.0 + description: Upgrade Dex to v2.36.0 + - kind: changed + description: Upgrade Redis to v7.0.11 for avoiding CVE-2023-0464 diff --git a/charts/argo-cd/README.md b/charts/argo-cd/README.md index b90af7afa..254f25578 100644 --- a/charts/argo-cd/README.md +++ b/charts/argo-cd/README.md @@ -835,7 +835,7 @@ server: | dex.extraContainers | list | `[]` | Additional containers to be added to the dex pod | | dex.image.imagePullPolicy | string | `""` (defaults to global.image.imagePullPolicy) | Dex imagePullPolicy | | dex.image.repository | string | `"ghcr.io/dexidp/dex"` | Dex image repository | -| dex.image.tag | string | `"v2.35.3"` | Dex image tag | +| dex.image.tag | string | `"v2.36.0"` | Dex image tag | | dex.imagePullSecrets | list | `[]` (defaults to global.imagePullSecrets) | Secrets with credentials to pull images from a private registry | | dex.initContainers | list | `[]` | Init containers to add to the dex pod | | dex.initImage.imagePullPolicy | string | `""` (defaults to global.image.imagePullPolicy) | Argo CD init image imagePullPolicy | @@ -921,7 +921,7 @@ server: | redis.extraContainers | list | `[]` | Additional containers to be added to the redis pod | | redis.image.imagePullPolicy | string | `""` (defaults to global.image.imagePullPolicy) | Redis image pull policy | | redis.image.repository | string | `"public.ecr.aws/docker/library/redis"` | Redis repository | -| redis.image.tag | string | `"7.0.7-alpine"` | Redis tag | +| redis.image.tag | string | `"7.0.11-alpine"` | Redis tag | | redis.imagePullSecrets | list | `[]` (defaults to global.imagePullSecrets) | Secrets with credentials to pull images from a private registry | | redis.initContainers | list | `[]` | Init containers to add to the redis pod | | redis.metrics.enabled | bool | `false` | Deploy metrics service | @@ -979,7 +979,7 @@ The main options are listed here: | redis-ha.exporter.tag | string | `"1.45.0"` | Tag to use for the redis-exporter | | redis-ha.haproxy.enabled | bool | `true` | Enabled HAProxy LoadBalancing/Proxy | | redis-ha.haproxy.metrics.enabled | bool | `true` | HAProxy enable prometheus metric scraping | -| redis-ha.image.tag | string | `"7.0.7-alpine"` | Redis tag | +| redis-ha.image.tag | string | `"7.0.11-alpine"` | Redis tag | | redis-ha.persistentVolume.enabled | bool | `false` | Configures persistence on Redis nodes | | redis-ha.redis.config | object | See [values.yaml] | Any valid redis config options in this section will be applied to each server (see `redis-ha` chart) | | redis-ha.redis.config.save | string | `'""'` | Will save the DB if both the given number of seconds and the given number of write operations against the DB occurred. `""` is disabled | diff --git a/charts/argo-cd/values.yaml b/charts/argo-cd/values.yaml index 32b9060c9..6702078eb 100644 --- a/charts/argo-cd/values.yaml +++ b/charts/argo-cd/values.yaml @@ -915,7 +915,7 @@ dex: # -- Dex image repository repository: ghcr.io/dexidp/dex # -- Dex image tag - tag: v2.35.3 + tag: v2.36.0 # -- Dex imagePullPolicy # @default -- `""` (defaults to global.image.imagePullPolicy) imagePullPolicy: "" @@ -1141,7 +1141,7 @@ redis: # -- Redis repository repository: public.ecr.aws/docker/library/redis # -- Redis tag - tag: 7.0.7-alpine + tag: 7.0.11-alpine # -- Redis image pull policy # @default -- `""` (defaults to global.image.imagePullPolicy) imagePullPolicy: "" @@ -1384,7 +1384,7 @@ redis-ha: enabled: true image: # -- Redis tag - tag: 7.0.7-alpine + tag: 7.0.11-alpine ## https://kubernetes.io/docs/concepts/workloads/pods/pod-topology-spread-constraints/ topologySpreadConstraints: From decfc73a3fb794c375bd5a3dbd798be8cdfe51cc Mon Sep 17 00:00:00 2001 From: Aikawa Date: Tue, 2 May 2023 21:29:30 +0900 Subject: [PATCH 145/356] feat(argo-cd): Use tini as the ENTRYPOINT (#1991) --- charts/argo-cd/Chart.yaml | 6 ++---- charts/argo-cd/README.md | 8 ++++++-- charts/argo-cd/README.md.gotmpl | 6 ++++++ .../argocd-application-controller/statefulset.yaml | 4 ++-- .../templates/argocd-applicationset/deployment.yaml | 6 +----- .../templates/argocd-notifications/deployment.yaml | 4 ++-- .../argo-cd/templates/argocd-repo-server/deployment.yaml | 8 ++------ charts/argo-cd/templates/argocd-server/deployment.yaml | 4 ++-- charts/argo-cd/templates/dex/deployment.yaml | 4 ++-- charts/argo-cd/values.yaml | 8 -------- 10 files changed, 25 insertions(+), 33 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index 675f66eda..2467144f0 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -3,7 +3,7 @@ appVersion: v2.7.0 kubeVersion: ">=1.22.0-0" description: A Helm chart for Argo CD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 5.30.1 +version: 5.31.0 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png sources: @@ -24,6 +24,4 @@ dependencies: annotations: artifacthub.io/changes: | - kind: changed - description: Upgrade Dex to v2.36.0 - - kind: changed - description: Upgrade Redis to v7.0.11 for avoiding CVE-2023-0464 + description: Use tini as the ENTRYPOINT diff --git a/charts/argo-cd/README.md b/charts/argo-cd/README.md index 254f25578..f1f0845fc 100644 --- a/charts/argo-cd/README.md +++ b/charts/argo-cd/README.md @@ -105,6 +105,11 @@ For full list of changes please check ArtifactHub [changelog]. Highlighted versions provide information about additional steps that should be performed by user when upgrading to newer version. +### 5.31.0 +The manifests are now using [`tini` as entrypoint][tini], instead of `entrypoint.sh`. Until Argo CD v2.8, `entrypoint.sh` is retained for upgrade compatibility. +This means that the deployment manifests have to be updated after upgrading to Argo CD v2.7, and before upgrading to Argo CD v2.8 later. +In case the manifests are updated before moving to Argo CD v2.8, the containers will not be able to start. + ### 5.24.0 This versions adds additional global parameters for scheduling (`nodeSelector`, `tolerations`, `topologySpreadConstraints`). @@ -395,8 +400,6 @@ NAME: my-release | global.affinity.podAntiAffinity | string | `"soft"` | Default pod anti-affinity rules. Either: `none`, `soft` or `hard` | | global.deploymentAnnotations | object | `{}` | Annotations for the all deployed Deployments | | global.deploymentStrategy | object | `{}` | Deployment strategy for the all deployed Deployments | -| global.entrypoint.entrypoint | string | `"entrypoint.sh"` | The entrypoint to use for the containers. | -| global.entrypoint.useImplicit | bool | `false` | Implicitly use the docker image's entrypoint. This requires the image to have ENTRYPOINT set properly | | global.hostAliases | list | `[]` | Mapping between IP and hostnames that will be injected as entries in the pod's hosts files | | global.image.imagePullPolicy | string | `"IfNotPresent"` | If defined, a imagePullPolicy applied to all Argo CD deployments | | global.image.repository | string | `"quay.io/argoproj/argocd"` | If defined, a repository applied to all Argo CD deployments | @@ -1184,3 +1187,4 @@ Autogenerated from chart metadata using [helm-docs](https://github.com/norwoodj/ [TopologySpreadConstraints]: https://kubernetes.io/docs/concepts/workloads/pods/pod-topology-spread-constraints/ [values.yaml]: values.yaml [v2.2 to 2.3 upgrade instructions]: https://github.com/argoproj/argo-cd/blob/v2.3.0/docs/operator-manual/upgrading/2.2-2.3.md +[tini]: https://github.com/argoproj/argo-cd/pull/12707 diff --git a/charts/argo-cd/README.md.gotmpl b/charts/argo-cd/README.md.gotmpl index 945bab728..92d7f354a 100644 --- a/charts/argo-cd/README.md.gotmpl +++ b/charts/argo-cd/README.md.gotmpl @@ -104,6 +104,11 @@ For full list of changes please check ArtifactHub [changelog]. Highlighted versions provide information about additional steps that should be performed by user when upgrading to newer version. +### 5.31.0 +The manifests are now using [`tini` as entrypoint][tini], instead of `entrypoint.sh`. Until Argo CD v2.8, `entrypoint.sh` is retained for upgrade compatibility. +This means that the deployment manifests have to be updated after upgrading to Argo CD v2.7, and before upgrading to Argo CD v2.8 later. +In case the manifests are updated before moving to Argo CD v2.8, the containers will not be able to start. + ### 5.24.0 This versions adds additional global parameters for scheduling (`nodeSelector`, `tolerations`, `topologySpreadConstraints`). @@ -546,3 +551,4 @@ Autogenerated from chart metadata using [helm-docs](https://github.com/norwoodj/ [TopologySpreadConstraints]: https://kubernetes.io/docs/concepts/workloads/pods/pod-topology-spread-constraints/ [values.yaml]: values.yaml [v2.2 to 2.3 upgrade instructions]: https://github.com/argoproj/argo-cd/blob/v2.3.0/docs/operator-manual/upgrading/2.2-2.3.md +[tini]: https://github.com/argoproj/argo-cd/pull/12707 diff --git a/charts/argo-cd/templates/argocd-application-controller/statefulset.yaml b/charts/argo-cd/templates/argocd-application-controller/statefulset.yaml index 2a067a63f..c56bf0b33 100644 --- a/charts/argo-cd/templates/argocd-application-controller/statefulset.yaml +++ b/charts/argo-cd/templates/argocd-application-controller/statefulset.yaml @@ -51,8 +51,8 @@ spec: {{- end }} serviceAccountName: {{ include "argo-cd.controllerServiceAccountName" . }} containers: - - command: - - argocd-application-controller + - args: + - /usr/local/bin/argocd-application-controller - --metrics-port={{ .Values.controller.containerPorts.metrics }} {{- if .Values.controller.metrics.applicationLabels.enabled }} {{- range .Values.controller.metrics.applicationLabels.labels }} diff --git a/charts/argo-cd/templates/argocd-applicationset/deployment.yaml b/charts/argo-cd/templates/argocd-applicationset/deployment.yaml index 90863cce6..9033f5b47 100644 --- a/charts/argo-cd/templates/argocd-applicationset/deployment.yaml +++ b/charts/argo-cd/templates/argocd-applicationset/deployment.yaml @@ -56,12 +56,8 @@ spec: - name: {{ .Values.applicationSet.name }} image: {{ default .Values.global.image.repository .Values.applicationSet.image.repository }}:{{ default (include "argo-cd.defaultTag" .) .Values.applicationSet.image.tag }} imagePullPolicy: {{ default .Values.global.image.imagePullPolicy .Values.applicationSet.image.imagePullPolicy }} - {{- if not .Values.global.entrypoint.useImplicit }} - command: - - {{ .Values.global.entrypoint.entrypoint | quote }} - {{- end }} args: - - argocd-applicationset-controller + - /usr/local/bin/argocd-applicationset-controller - --metrics-addr=:{{ .Values.applicationSet.containerPorts.metrics }} - --probe-addr=:{{ .Values.applicationSet.containerPorts.probe }} - --webhook-addr=:{{ .Values.applicationSet.containerPorts.webhook }} diff --git a/charts/argo-cd/templates/argocd-notifications/deployment.yaml b/charts/argo-cd/templates/argocd-notifications/deployment.yaml index 729e57dbb..d49944fdc 100644 --- a/charts/argo-cd/templates/argocd-notifications/deployment.yaml +++ b/charts/argo-cd/templates/argocd-notifications/deployment.yaml @@ -56,8 +56,8 @@ spec: - name: {{ .Values.notifications.name }} image: {{ default .Values.global.image.repository .Values.notifications.image.repository }}:{{ default (include "argo-cd.defaultTag" .) .Values.notifications.image.tag }} imagePullPolicy: {{ default .Values.global.image.imagePullPolicy .Values.notifications.image.imagePullPolicy }} - command: - - argocd-notifications + args: + - /usr/local/bin/argocd-notifications - --metrics-port={{ .Values.notifications.containerPorts.metrics }} - --loglevel={{ default .Values.global.logging.level .Values.notifications.logLevel }} - --logformat={{ default .Values.global.logging.format .Values.notifications.logFormat }} diff --git a/charts/argo-cd/templates/argocd-repo-server/deployment.yaml b/charts/argo-cd/templates/argocd-repo-server/deployment.yaml index f5272bc20..0226b48fc 100755 --- a/charts/argo-cd/templates/argocd-repo-server/deployment.yaml +++ b/charts/argo-cd/templates/argocd-repo-server/deployment.yaml @@ -61,12 +61,8 @@ spec: - name: {{ .Values.repoServer.name }} image: {{ default .Values.global.image.repository .Values.repoServer.image.repository }}:{{ default (include "argo-cd.defaultTag" .) .Values.repoServer.image.tag }} imagePullPolicy: {{ default .Values.global.image.imagePullPolicy .Values.repoServer.image.imagePullPolicy }} - {{- if not .Values.global.entrypoint.useImplicit }} - command: - - {{ .Values.global.entrypoint.entrypoint | quote }} - {{- end }} args: - - argocd-repo-server + - /usr/local/bin/argocd-repo-server - --port={{ .Values.repoServer.containerPorts.server }} - --metrics-port={{ .Values.repoServer.containerPorts.metrics }} {{- with .Values.repoServer.logFormat }} @@ -284,7 +280,7 @@ spec: {{- end }} initContainers: - command: - - cp + - /bin/cp - -n - /usr/local/bin/argocd - /var/run/argocd/argocd-cmp-server diff --git a/charts/argo-cd/templates/argocd-server/deployment.yaml b/charts/argo-cd/templates/argocd-server/deployment.yaml index aa7320e71..7ce72e800 100755 --- a/charts/argo-cd/templates/argocd-server/deployment.yaml +++ b/charts/argo-cd/templates/argocd-server/deployment.yaml @@ -58,8 +58,8 @@ spec: - name: {{ .Values.server.name }} image: {{ default .Values.global.image.repository .Values.server.image.repository }}:{{ default (include "argo-cd.defaultTag" .) .Values.server.image.tag }} imagePullPolicy: {{ default .Values.global.image.imagePullPolicy .Values.server.image.imagePullPolicy }} - command: - - argocd-server + args: + - /usr/local/bin/argocd-server - --port={{ .Values.server.containerPorts.server }} - --metrics-port={{ .Values.server.containerPorts.metrics }} {{- with .Values.server.logFormat }} diff --git a/charts/argo-cd/templates/dex/deployment.yaml b/charts/argo-cd/templates/dex/deployment.yaml index 8359a6a88..6ae171706 100755 --- a/charts/argo-cd/templates/dex/deployment.yaml +++ b/charts/argo-cd/templates/dex/deployment.yaml @@ -136,8 +136,8 @@ spec: - name: copyutil image: {{ default .Values.global.image.repository .Values.dex.initImage.repository }}:{{ default (include "argo-cd.defaultTag" .) .Values.dex.initImage.tag }} imagePullPolicy: {{ default .Values.global.image.imagePullPolicy .Values.dex.initImage.imagePullPolicy }} - command: - - cp + args: + - /bin/cp - -n - /usr/local/bin/argocd - /shared/argocd-dex diff --git a/charts/argo-cd/values.yaml b/charts/argo-cd/values.yaml index 6702078eb..afdaa0955 100644 --- a/charts/argo-cd/values.yaml +++ b/charts/argo-cd/values.yaml @@ -132,14 +132,6 @@ global: # topologyKey: topology.kubernetes.io/zone # whenUnsatisfiable: DoNotSchedule - # POD entrypoint configuration - entrypoint: - # -- Implicitly use the docker image's entrypoint. This requires the image to have - # ENTRYPOINT set properly - useImplicit: false - # -- The entrypoint to use for the containers. - entrypoint: "entrypoint.sh" - # -- Deployment strategy for the all deployed Deployments deploymentStrategy: {} # type: RollingUpdate From bb4d3154e63c89939c732ef89e404f2cba2f03e9 Mon Sep 17 00:00:00 2001 From: Aikawa Date: Wed, 3 May 2023 18:48:03 +0900 Subject: [PATCH 146/356] chore(argo-cd): Update Argo CD to v2.7.1 (#1999) Signed-off-by: yu-croco --- charts/argo-cd/Chart.yaml | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index 2467144f0..9d2226089 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -1,9 +1,9 @@ apiVersion: v2 -appVersion: v2.7.0 +appVersion: v2.7.1 kubeVersion: ">=1.22.0-0" description: A Helm chart for Argo CD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 5.31.0 +version: 5.31.1 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png sources: @@ -24,4 +24,4 @@ dependencies: annotations: artifacthub.io/changes: | - kind: changed - description: Use tini as the ENTRYPOINT + description: Update Argo CD v2.7.1 From 513df3df8f7cd781fec944ea3699568831265507 Mon Sep 17 00:00:00 2001 From: Jason Meridth Date: Fri, 5 May 2023 09:13:41 -0500 Subject: [PATCH 147/356] fix(argo-workflows): Add missing argo-workflows.apiVersion.autoscaling helper function for HPA configuration (#2001) fix: Add missing argo-workflows.apiVersion.autoscaling helper function for HPA configuration Signed-off-by: jmeridth --- charts/argo-workflows/Chart.yaml | 6 +++--- charts/argo-workflows/templates/_helpers.tpl | 13 +++++++++++++ 2 files changed, 16 insertions(+), 3 deletions(-) diff --git a/charts/argo-workflows/Chart.yaml b/charts/argo-workflows/Chart.yaml index 51e901cc6..2d52acbdd 100644 --- a/charts/argo-workflows/Chart.yaml +++ b/charts/argo-workflows/Chart.yaml @@ -3,7 +3,7 @@ appVersion: v3.4.7 name: argo-workflows description: A Helm chart for Argo Workflows type: application -version: 0.25.1 +version: 0.25.2 icon: https://raw.githubusercontent.com/argoproj/argo-workflows/master/docs/assets/argo.png home: https://github.com/argoproj/argo-helm sources: @@ -13,5 +13,5 @@ maintainers: url: https://argoproj.github.io/ annotations: artifacthub.io/changes: | - - kind: added - description: Add Prometheus ServiceMonitor relabelings, metricRelabelings & targetLabels + - kind: fix + description: Add missing argo-workflows.apiVersion.autoscaling helper function used for HPA configuration diff --git a/charts/argo-workflows/templates/_helpers.tpl b/charts/argo-workflows/templates/_helpers.tpl index 7719052d1..2fbcc708b 100644 --- a/charts/argo-workflows/templates/_helpers.tpl +++ b/charts/argo-workflows/templates/_helpers.tpl @@ -153,3 +153,16 @@ Return full image name including or excluding registry based on existence {{ .image.repository }} {{- end -}} {{- end -}} + +{{/* +Return the appropriate apiVersion for autoscaling +*/}} +{{- define "argo-workflows.apiVersion.autoscaling" -}} +{{- if .Values.apiVersionOverrides.autoscaling -}} +{{- print .Values.apiVersionOverrides.autoscaling -}} +{{- else if semverCompare "<1.23-0" (include "argo-cd.kubeVersion" .) -}} +{{- print "autoscaling/v2beta1" -}} +{{- else -}} +{{- print "autoscaling/v2" -}} +{{- end -}} +{{- end -}} From 2197c8e0402ab1074761af8d5f45825f0d59d4e1 Mon Sep 17 00:00:00 2001 From: Jason Meridth Date: Fri, 5 May 2023 09:30:53 -0500 Subject: [PATCH 148/356] fix(argo-workflows): Drop .Values.useDefaultArtifactRepo flag to simplify usage (#2002) Fixes #1140 - [x] remove `.Values.useDefaultArtifactRepo` to ensure if items populated they get into the configmap. - [x] change structure of `.Values.customArtifactRepository` to only include the custom information Signed-off-by: jmeridth --- charts/argo-workflows/Chart.yaml | 4 ++-- charts/argo-workflows/README.md | 3 +-- .../workflow-controller-config-map.yaml | 7 ++---- charts/argo-workflows/values.yaml | 22 ++++++++----------- 4 files changed, 14 insertions(+), 22 deletions(-) diff --git a/charts/argo-workflows/Chart.yaml b/charts/argo-workflows/Chart.yaml index 2d52acbdd..443bffb70 100644 --- a/charts/argo-workflows/Chart.yaml +++ b/charts/argo-workflows/Chart.yaml @@ -3,7 +3,7 @@ appVersion: v3.4.7 name: argo-workflows description: A Helm chart for Argo Workflows type: application -version: 0.25.2 +version: 0.26.0 icon: https://raw.githubusercontent.com/argoproj/argo-workflows/master/docs/assets/argo.png home: https://github.com/argoproj/argo-helm sources: @@ -14,4 +14,4 @@ maintainers: annotations: artifacthub.io/changes: | - kind: fix - description: Add missing argo-workflows.apiVersion.autoscaling helper function used for HPA configuration + description: Drop .Values.useDefaultArtifactRepo flag to simplify usage diff --git a/charts/argo-workflows/README.md b/charts/argo-workflows/README.md index d918b444b..dae6972b8 100644 --- a/charts/argo-workflows/README.md +++ b/charts/argo-workflows/README.md @@ -308,8 +308,7 @@ Fields to note: | artifactRepository.azure | object | `{}` (See [values.yaml]) | Store artifact in Azure Blob Storage | | artifactRepository.gcs | object | `{}` (See [values.yaml]) | Store artifact in a GCS object store | | artifactRepository.s3 | object | See [values.yaml] | Store artifact in a S3-compliant object store | -| customArtifactRepository | object | `{}` | The section of custom artifact repository. Will be added to the config in case useDefaultArtifactRepo is set to false | -| useDefaultArtifactRepo | bool | `false` | Influences the creation of the ConfigMap for the workflow-controller itself. | +| customArtifactRepository | object | `{}` | The section of custom artifact repository. Utilize a custom artifact repository that is not one of the current base ones (s3, gcs, azure) | | useStaticCredentials | bool | `true` | Use static credentials for S3 (eg. when not using AWS IRSA) | ## Breaking changes from the deprecated `argo` chart diff --git a/charts/argo-workflows/templates/controller/workflow-controller-config-map.yaml b/charts/argo-workflows/templates/controller/workflow-controller-config-map.yaml index 7327ecac1..55720eb2c 100644 --- a/charts/argo-workflows/templates/controller/workflow-controller-config-map.yaml +++ b/charts/argo-workflows/templates/controller/workflow-controller-config-map.yaml @@ -55,7 +55,6 @@ data: securityContext: {{- toYaml . | nindent 8 }} {{- end }} {{- end }} - {{- if .Values.useDefaultArtifactRepo }} artifactRepository: {{- if .Values.artifactRepository.archiveLogs }} archiveLogs: {{ .Values.artifactRepository.archiveLogs }} @@ -96,10 +95,8 @@ data: {{- toYaml . | nindent 10 }} {{- end }} {{- end }} - {{- else }} - {{- if .Values.customArtifactRepository }} - artifactRepository: {{- toYaml .Values.customArtifactRepository | nindent 6 }} - {{- end }} + {{- if .Values.customArtifactRepository }} + {{- toYaml .Values.customArtifactRepository | nindent 6 }} {{- end }} {{- if .Values.controller.metricsConfig.enabled }} metricsConfig: diff --git a/charts/argo-workflows/values.yaml b/charts/argo-workflows/values.yaml index 7dddf89e6..c1c0229e2 100644 --- a/charts/argo-workflows/values.yaml +++ b/charts/argo-workflows/values.yaml @@ -639,8 +639,6 @@ extraObjects: [] # secretName: argo-server-sso-secrets-store # type: Opaque -# -- Influences the creation of the ConfigMap for the workflow-controller itself. -useDefaultArtifactRepo: false # -- Use static credentials for S3 (eg. when not using AWS IRSA) useStaticCredentials: true artifactRepository: @@ -702,18 +700,16 @@ artifactRepository: # key: account-access-key # -- The section of custom artifact repository. -# Will be added to the config in case useDefaultArtifactRepo is set to false +# Utilize a custom artifact repository that is not one of the current base ones (s3, gcs, azure) customArtifactRepository: {} -# customArtifactRepository: -# archiveLogs: true -# artifactory: -# repoUrl: https://artifactory.example.com/raw -# usernameSecret: -# name: artifactory-creds -# key: username -# passwordSecret: -# name: artifactory-creds -# key: password +# artifactory: +# repoUrl: https://artifactory.example.com/raw +# usernameSecret: +# name: artifactory-creds +# key: username +# passwordSecret: +# name: artifactory-creds +# key: password emissary: # -- The command/args for each image on workflow, needed when the command is not specified and the emissary executor is used. From e980b71b83c037c6e8503413aeeff27aedc48ebd Mon Sep 17 00:00:00 2001 From: Cyril Jouve Date: Fri, 5 May 2023 22:19:18 +0200 Subject: [PATCH 149/356] feat(argo-cd): allow extraObjects to contain string template (#1993) [argo-cd] allow extraObjects to contain string template Signed-off-by: Cyril Jouve Signed-off-by: Marco Kilchhofer Co-authored-by: Marco Kilchhofer --- charts/argo-cd/Chart.yaml | 6 +++--- charts/argo-cd/templates/extra-manifests.yaml | 6 +++++- 2 files changed, 8 insertions(+), 4 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index 9d2226089..759449169 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -3,7 +3,7 @@ appVersion: v2.7.1 kubeVersion: ">=1.22.0-0" description: A Helm chart for Argo CD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 5.31.1 +version: 5.32.0 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png sources: @@ -23,5 +23,5 @@ dependencies: condition: redis-ha.enabled annotations: artifacthub.io/changes: | - - kind: changed - description: Update Argo CD v2.7.1 + - kind: added + description: Allow extraObjects to contain string templates diff --git a/charts/argo-cd/templates/extra-manifests.yaml b/charts/argo-cd/templates/extra-manifests.yaml index a9bb3b6ba..f17b1a93b 100644 --- a/charts/argo-cd/templates/extra-manifests.yaml +++ b/charts/argo-cd/templates/extra-manifests.yaml @@ -1,4 +1,8 @@ {{ range .Values.extraObjects }} --- -{{ tpl (toYaml .) $ }} +{{- if typeIs "string" . }} + {{- tpl . $ }} +{{- else }} + {{- tpl (toYaml .) $ }} +{{- end }} {{ end }} From 71462b7f6d29c68cb5b39ddc57e3e4daf416867a Mon Sep 17 00:00:00 2001 From: Marco Kilchhofer Date: Fri, 5 May 2023 22:21:46 +0200 Subject: [PATCH 150/356] feat(github): Add OpenSSF Scorecard action (#2009) Signed-off-by: Marco Kilchhofer Co-authored-by: Marko Bevc --- .github/workflows/scorecard.yml | 72 +++++++++++++++++++++++++++++++++ README.md | 1 + 2 files changed, 73 insertions(+) create mode 100644 .github/workflows/scorecard.yml diff --git a/.github/workflows/scorecard.yml b/.github/workflows/scorecard.yml new file mode 100644 index 000000000..c5ec11595 --- /dev/null +++ b/.github/workflows/scorecard.yml @@ -0,0 +1,72 @@ +# This workflow uses actions that are not certified by GitHub. They are provided +# by a third-party and are governed by separate terms of service, privacy +# policy, and support documentation. + +name: Scorecard supply-chain security +on: + # For Branch-Protection check. Only the default branch is supported. See + # https://github.com/ossf/scorecard/blob/main/docs/checks.md#branch-protection + branch_protection_rule: + # To guarantee Maintained check is occasionally updated. See + # https://github.com/ossf/scorecard/blob/main/docs/checks.md#maintained + schedule: + - cron: '21 6 * * 6' + push: + branches: [ "main" ] + +# Declare default permissions as read only. +permissions: read-all + +jobs: + analysis: + name: Scorecard analysis + runs-on: ubuntu-latest + permissions: + # Needed to upload the results to code-scanning dashboard. + security-events: write + # Needed to publish results and get a badge (see publish_results below). + id-token: write + # Uncomment the permissions below if installing in a private repository. + # contents: read + # actions: read + + steps: + - name: "Checkout code" + uses: actions/checkout@93ea575cb5d8a053eaa0ac8fa3b40d7e05a33cc8 # v3.1.0 + with: + persist-credentials: false + + - name: "Run analysis" + uses: ossf/scorecard-action@e38b1902ae4f44df626f11ba0734b14fb91f8f86 # v2.1.2 + with: + results_file: results.sarif + results_format: sarif + # (Optional) "write" PAT token. Uncomment the `repo_token` line below if: + # - you want to enable the Branch-Protection check on a *public* repository, or + # - you are installing Scorecard on a *private* repository + # To create the PAT, follow the steps in https://github.com/ossf/scorecard-action#authentication-with-pat. + repo_token: ${{ secrets.SCORECARD_TOKEN }} + + # Public repositories: + # - Publish results to OpenSSF REST API for easy access by consumers + # - Allows the repository to include the Scorecard badge. + # - See https://github.com/ossf/scorecard-action#publishing-results. + # For private repositories: + # - `publish_results` will always be set to `false`, regardless + # of the value entered here. + publish_results: true + + # Upload the results as artifacts (optional). Commenting out will disable uploads of run results in SARIF + # format to the repository Actions tab. + - name: "Upload artifact" + uses: actions/upload-artifact@3cea5372237819ed00197afe530f5a7ea3e805c8 # v3.1.0 + with: + name: SARIF file + path: results.sarif + retention-days: 5 + + # Upload the results to GitHub's code scanning dashboard. + - name: "Upload to code-scanning" + uses: github/codeql-action/upload-sarif@17573ee1cc1b9d061760f3a006fc4aac4f944fd5 # v2.2.4 + with: + sarif_file: results.sarif diff --git a/README.md b/README.md index ac71eb3ef..e8544439a 100644 --- a/README.md +++ b/README.md @@ -5,6 +5,7 @@ [![Chart Publish](https://github.com/argoproj/argo-helm/actions/workflows/publish.yml/badge.svg?branch=main)](https://github.com/argoproj/argo-helm/actions/workflows/publish.yml) [![Artifact HUB](https://img.shields.io/endpoint?url=https://artifacthub.io/badge/repository/argo)](https://artifacthub.io/packages/search?repo=argo) [![CLOMonitor](https://img.shields.io/endpoint?url=https://clomonitor.io/api/projects/cncf/argo/badge)](https://clomonitor.io/projects/cncf/argo) +[![OpenSSF Scorecard](https://api.securityscorecards.dev/projects/github.com/argoproj/argo-helm/badge)](https://api.securityscorecards.dev/projects/github.com/argoproj/argo-helm) Argo Helm is a collection of **community maintained** charts for [https://argoproj.github.io](https://argoproj.github.io) projects. The charts can be added using following command: From fe901f4dfb786c45a0d6a022e8a731b0564db70e Mon Sep 17 00:00:00 2001 From: Jason Meridth Date: Fri, 5 May 2023 15:23:04 -0500 Subject: [PATCH 151/356] chore(github): Update repo files (#2006) - [x] DELETE OWNERS file, not parsed, only used for bookkeeping, CODEOWNERS does this - [x] update CODEOWNERS to people who have committed in the last year - [x] create EMERITUS.md to list former CODEOWNERS and thank them for their contribution - [x] create SECURITY.md so people know how to report security issues - [x] turn on private vulnerability reporting in the repository - [x] create CODE_OF_CONDUCT.md linking to CNCF code of conduct By adding a code of conduct and security file we can set our Community Standards to 100% [here](https://github.com/argoproj/argo-helm/community) Signed-off-by: jmeridth Co-authored-by: Marko Bevc --- CODEOWNERS | 14 ++++++-------- CODE_OF_CONDUCT.md | 9 +++++++++ EMERITUS.md | 12 ++++++++++++ OWNERS | 9 --------- SECURITY.md | 21 +++++++++++++++++++++ 5 files changed, 48 insertions(+), 17 deletions(-) create mode 100644 CODE_OF_CONDUCT.md create mode 100644 EMERITUS.md delete mode 100644 OWNERS create mode 100644 SECURITY.md diff --git a/CODEOWNERS b/CODEOWNERS index aea8942f7..bd5df3d06 100644 --- a/CODEOWNERS +++ b/CODEOWNERS @@ -1,16 +1,14 @@ -# https://help.github.com/en/github/creating-cloning-and-archiving-repositories/about-code-owners - -# Other and new charts -/charts/ @oliverbaehler +# All +* @mkilchhofer @jmeridth # Argo Workflows -/charts/argo-workflows/ @stefansedich @paguos @vladlosev @yann-soubeyrand @jmeridth @yu-croco +/charts/argo-workflows/ @vladlosev @yann-soubeyrand @jmeridth @yu-croco # Argo CD -/charts/argo-cd/ @davidkarlsen @mr-sour @yann-soubeyrand @mbevc1 @mkilchhofer @yu-croco @jmeridth @pdrastil +/charts/argo-cd/ @mbevc1 @mkilchhofer @yu-croco @jmeridth @pdrastil # Argo Events -/charts/argo-events/ @jbehling @VaibhavPage @pdrastil +/charts/argo-events/ @pdrastil @jmeridth # Argo Rollouts -/charts/argo-rollouts/ +/charts/argo-rollouts/ @jmeridth diff --git a/CODE_OF_CONDUCT.md b/CODE_OF_CONDUCT.md new file mode 100644 index 000000000..37789a9d0 --- /dev/null +++ b/CODE_OF_CONDUCT.md @@ -0,0 +1,9 @@ +# Code of Conduct + +We adhere to the [CNCF Code of Conduct](https://github.com/cncf/foundation/blob/main/code-of-conduct.md). Please reference the link for details. + +## TL;DR (too long didn't read) + +Be kind + +Your participation is at the discression of the maintainers of this project. diff --git a/EMERITUS.md b/EMERITUS.md new file mode 100644 index 000000000..2c2996902 --- /dev/null +++ b/EMERITUS.md @@ -0,0 +1,12 @@ +# Emeritus Approvers + +These are the people who have been approvers in the past, and have since retired from the role. + +We thank them for their service to the project. + +* @oliverbaehler +* @stefansedich +* @paguos +* @yann-soubeyrand +* @davidkarlsen +* @jbehling diff --git a/OWNERS b/OWNERS deleted file mode 100644 index e393c5ba6..000000000 --- a/OWNERS +++ /dev/null @@ -1,9 +0,0 @@ -owners: -- alexec -- alexmt -- jessesuen - -approvers: -- alexec -- alexmt -- jessesuen diff --git a/SECURITY.md b/SECURITY.md new file mode 100644 index 000000000..7c30259c2 --- /dev/null +++ b/SECURITY.md @@ -0,0 +1,21 @@ +# Security Policy + +## Supported Versions and Upstream Reporting + +Each helm chart currently supports the designated application version in the Chart.yaml. There is a chance a security issue you've discovered may not be with the helm chart but with the upstream application. Please visit that application's Security policy docueent to find out how to report the security issue. + +* [Security Policy for Argo Workflows](https://github.com/argoproj/argo-workflows/blob/master/SECURITY.md) +* [Security Policy for Argo Events](https://github.com/argoproj/argo-events/blob/master/SECURITY.md) +* [Security Policy for Argo Rollouts](https://github.com/argoproj/argo-rollouts/blob/master/docs/security.md) +* [Security Policy for Argo CD](https://github.com/argoproj/argo-cd/blob/master/SECURITY.md) +* [Security Policy for Argo CD Image Updater](https://github.com/argoproj-labs/argocd-image-updater/blob/master/SECURITY.md) + +## Reporting a Vulnerability for Argo Helm Charts + +We have enabled the ability to privately report security issues through the Security tab above. + +[Here are the details on how to file](https://docs.github.com/en/code-security/security-advisories/guidance-on-reporting-and-writing/privately-reporting-a-security-vulnerability#privately-reporting-a-security-vulnerability) on how to do that + +A repository owner/maintainer will respond as fast as possible to coordinate confirmation of issue and remediation. + +Thank you for helping to ensure this code stays secure. From 15ade97f88757218ec3ec1f7add96f2526179edd Mon Sep 17 00:00:00 2001 From: Jason Meridth Date: Sat, 6 May 2023 05:17:19 -0500 Subject: [PATCH 152/356] chore(github): Add deps pr title scope for dependabot PRs (#2013) Signed-off-by: jmeridth --- .github/workflows/pr-title.yml | 1 + 1 file changed, 1 insertion(+) diff --git a/.github/workflows/pr-title.yml b/.github/workflows/pr-title.yml index a636b08bd..f72814434 100644 --- a/.github/workflows/pr-title.yml +++ b/.github/workflows/pr-title.yml @@ -31,6 +31,7 @@ jobs: argo-workflows argocd-image-updater argocd-apps + deps github # Configure that a scope must always be provided. requireScope: true From 2762902b1fc4d3217db257db146ca4d9e99acbe9 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Sat, 6 May 2023 19:23:23 +0900 Subject: [PATCH 153/356] chore(deps): bump actions/upload-artifact from 3.1.0 to 3.1.2 (#2012) Bumps [actions/upload-artifact](https://github.com/actions/upload-artifact) from 3.1.0 to 3.1.2. - [Release notes](https://github.com/actions/upload-artifact/releases) - [Commits](https://github.com/actions/upload-artifact/compare/3cea5372237819ed00197afe530f5a7ea3e805c8...0b7f8abb1508181956e8e162db84b466c27e18ce) --- updated-dependencies: - dependency-name: actions/upload-artifact dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> --- .github/workflows/scorecard.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/scorecard.yml b/.github/workflows/scorecard.yml index c5ec11595..2ab79857e 100644 --- a/.github/workflows/scorecard.yml +++ b/.github/workflows/scorecard.yml @@ -59,7 +59,7 @@ jobs: # Upload the results as artifacts (optional). Commenting out will disable uploads of run results in SARIF # format to the repository Actions tab. - name: "Upload artifact" - uses: actions/upload-artifact@3cea5372237819ed00197afe530f5a7ea3e805c8 # v3.1.0 + uses: actions/upload-artifact@0b7f8abb1508181956e8e162db84b466c27e18ce # v3.1.2 with: name: SARIF file path: results.sarif From 0b965f93572534ae8cf1d8f6f540a62673dc34d2 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Sat, 6 May 2023 19:27:47 +0900 Subject: [PATCH 154/356] chore(deps): bump ossf/scorecard-action from 2.1.2 to 2.1.3 (#2011) Bumps [ossf/scorecard-action](https://github.com/ossf/scorecard-action) from 2.1.2 to 2.1.3. - [Release notes](https://github.com/ossf/scorecard-action/releases) - [Changelog](https://github.com/ossf/scorecard-action/blob/main/RELEASE.md) - [Commits](https://github.com/ossf/scorecard-action/compare/e38b1902ae4f44df626f11ba0734b14fb91f8f86...80e868c13c90f172d68d1f4501dee99e2479f7af) --- updated-dependencies: - dependency-name: ossf/scorecard-action dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Aikawa --- .github/workflows/scorecard.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/scorecard.yml b/.github/workflows/scorecard.yml index 2ab79857e..99fb29455 100644 --- a/.github/workflows/scorecard.yml +++ b/.github/workflows/scorecard.yml @@ -37,7 +37,7 @@ jobs: persist-credentials: false - name: "Run analysis" - uses: ossf/scorecard-action@e38b1902ae4f44df626f11ba0734b14fb91f8f86 # v2.1.2 + uses: ossf/scorecard-action@80e868c13c90f172d68d1f4501dee99e2479f7af # v2.1.3 with: results_file: results.sarif results_format: sarif From 6cf01708d36fe7d7bf997a2f77425763bceaf31d Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Sat, 6 May 2023 19:35:03 +0900 Subject: [PATCH 155/356] chore(deps): bump github/codeql-action from 2.2.4 to 2.3.3 (#2010) Bumps [github/codeql-action](https://github.com/github/codeql-action) from 2.2.4 to 2.3.3. - [Release notes](https://github.com/github/codeql-action/releases) - [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md) - [Commits](https://github.com/github/codeql-action/compare/17573ee1cc1b9d061760f3a006fc4aac4f944fd5...29b1f65c5e92e24fe6b6647da1eaabe529cec70f) --- updated-dependencies: - dependency-name: github/codeql-action dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Aikawa --- .github/workflows/scorecard.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/scorecard.yml b/.github/workflows/scorecard.yml index 99fb29455..66e1d5ee9 100644 --- a/.github/workflows/scorecard.yml +++ b/.github/workflows/scorecard.yml @@ -67,6 +67,6 @@ jobs: # Upload the results to GitHub's code scanning dashboard. - name: "Upload to code-scanning" - uses: github/codeql-action/upload-sarif@17573ee1cc1b9d061760f3a006fc4aac4f944fd5 # v2.2.4 + uses: github/codeql-action/upload-sarif@29b1f65c5e92e24fe6b6647da1eaabe529cec70f # v2.3.3 with: sarif_file: results.sarif From 430aaea83c06e08e88c7d479d02252822fcf5520 Mon Sep 17 00:00:00 2001 From: Cyril Jouve Date: Sat, 6 May 2023 13:18:22 +0200 Subject: [PATCH 156/356] feat(argo-events): allow extraObjects to contain string template (#1994) [argo-event] allow extraObjects to contain string template Signed-off-by: Cyril Jouve Co-authored-by: Jason Meridth --- charts/argo-events/Chart.yaml | 6 +++--- charts/argo-events/templates/extra-manifests.yaml | 6 +++++- 2 files changed, 8 insertions(+), 4 deletions(-) diff --git a/charts/argo-events/Chart.yaml b/charts/argo-events/Chart.yaml index a9f379e72..2adfec2b8 100644 --- a/charts/argo-events/Chart.yaml +++ b/charts/argo-events/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v2 appVersion: v1.7.6 description: A Helm chart for Argo Events, the event-driven workflow automation framework name: argo-events -version: 2.2.0 +version: 2.3.0 home: https://github.com/argoproj/argo-helm icon: https://argoproj.github.io/argo-events/assets/logo.png keywords: @@ -15,5 +15,5 @@ maintainers: url: https://argoproj.github.io/ annotations: artifacthub.io/changes: | - - kind: fixed - description: add namespace field for namespace scoped resources + - kind: added + description: Allow extraObjects to contain string templates diff --git a/charts/argo-events/templates/extra-manifests.yaml b/charts/argo-events/templates/extra-manifests.yaml index a9bb3b6ba..f17b1a93b 100644 --- a/charts/argo-events/templates/extra-manifests.yaml +++ b/charts/argo-events/templates/extra-manifests.yaml @@ -1,4 +1,8 @@ {{ range .Values.extraObjects }} --- -{{ tpl (toYaml .) $ }} +{{- if typeIs "string" . }} + {{- tpl . $ }} +{{- else }} + {{- tpl (toYaml .) $ }} +{{- end }} {{ end }} From 80d5a6a65d309385a442a5d523f7a5d023390f32 Mon Sep 17 00:00:00 2001 From: Cyril Jouve Date: Sat, 6 May 2023 13:31:50 +0200 Subject: [PATCH 157/356] feat(argo-rollouts): allow extraObjects to contain string template (#1996) [argo-event] allow extraObjects to contain string template Signed-off-by: Cyril Jouve Co-authored-by: Jason Meridth Co-authored-by: Aikawa --- charts/argo-rollouts/Chart.yaml | 4 ++-- charts/argo-rollouts/templates/extra-manifests.yaml | 6 +++++- 2 files changed, 7 insertions(+), 3 deletions(-) diff --git a/charts/argo-rollouts/Chart.yaml b/charts/argo-rollouts/Chart.yaml index bb95a9865..46ca6ba73 100644 --- a/charts/argo-rollouts/Chart.yaml +++ b/charts/argo-rollouts/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v2 appVersion: v1.4.1 description: A Helm chart for Argo Rollouts name: argo-rollouts -version: 2.26.1 +version: 2.27.0 home: https://github.com/argoproj/argo-helm icon: https://argoproj.github.io/argo-rollouts/assets/logo.png keywords: @@ -16,4 +16,4 @@ maintainers: annotations: artifacthub.io/changes: | - kind: added - description: Missing permissions to leases under coordination api group + description: Allow extraObjects to contain string templates diff --git a/charts/argo-rollouts/templates/extra-manifests.yaml b/charts/argo-rollouts/templates/extra-manifests.yaml index a9bb3b6ba..f17b1a93b 100644 --- a/charts/argo-rollouts/templates/extra-manifests.yaml +++ b/charts/argo-rollouts/templates/extra-manifests.yaml @@ -1,4 +1,8 @@ {{ range .Values.extraObjects }} --- -{{ tpl (toYaml .) $ }} +{{- if typeIs "string" . }} + {{- tpl . $ }} +{{- else }} + {{- tpl (toYaml .) $ }} +{{- end }} {{ end }} From f40c1d81ca379f93ca19726639444a94a07c8e7d Mon Sep 17 00:00:00 2001 From: Jason Meridth Date: Sat, 6 May 2023 08:18:37 -0500 Subject: [PATCH 158/356] fix(github): fix error in codeowners file and update README about security (#2015) This is a follow-up of #2006. We cleared out users who have not contributed in the last year and moved them to EMERITUS.md We also created SECURITY.md Signed-off-by: jmeridth --- CODEOWNERS | 2 +- README.md | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/CODEOWNERS b/CODEOWNERS index bd5df3d06..9b0a95c5a 100644 --- a/CODEOWNERS +++ b/CODEOWNERS @@ -2,7 +2,7 @@ * @mkilchhofer @jmeridth # Argo Workflows -/charts/argo-workflows/ @vladlosev @yann-soubeyrand @jmeridth @yu-croco +/charts/argo-workflows/ @vladlosev @jmeridth @yu-croco # Argo CD /charts/argo-cd/ @mbevc1 @mkilchhofer @yu-croco @jmeridth @pdrastil diff --git a/README.md b/README.md index e8544439a..b29bb3d13 100644 --- a/README.md +++ b/README.md @@ -36,7 +36,7 @@ kubectl apply -k "https://github.com/argoproj/argo-cd/manifests/crds?ref=v2.4.9" ### Security Policy -If you have a security concern relating to either this project repo or an individual helm chart, please [open an issue](https://github.com/argoproj/argo-helm/issues/new/choose) or [start a discussion](https://github.com/argoproj/argo-helm/discussions/new). +Please refer to [SECURITY.md](SECURITY.md) for details on how to report security issues. ### Changelog From 5cff9158985f9daa8eb7f00719bba532d0e4aea6 Mon Sep 17 00:00:00 2001 From: Jason Meridth Date: Sat, 6 May 2023 11:20:18 -0500 Subject: [PATCH 159/356] fix(argo-workflows): change chart icon to match other charts (#2018) fix(argo-workflows): change chart image to match other charts This will make the charts all look nice when you go to https://artifacthub.io/packages/search?repo=argo&sort=relevance&page=1 Signed-off-by: jmeridth --- charts/argo-workflows/Chart.yaml | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/charts/argo-workflows/Chart.yaml b/charts/argo-workflows/Chart.yaml index 443bffb70..3eb787b82 100644 --- a/charts/argo-workflows/Chart.yaml +++ b/charts/argo-workflows/Chart.yaml @@ -3,8 +3,8 @@ appVersion: v3.4.7 name: argo-workflows description: A Helm chart for Argo Workflows type: application -version: 0.26.0 -icon: https://raw.githubusercontent.com/argoproj/argo-workflows/master/docs/assets/argo.png +version: 0.26.1 +icon: https://argoproj.github.io/argo-workflows/assets/logo.png home: https://github.com/argoproj/argo-helm sources: - https://github.com/argoproj/argo-workflows @@ -13,5 +13,5 @@ maintainers: url: https://argoproj.github.io/ annotations: artifacthub.io/changes: | - - kind: fix - description: Drop .Values.useDefaultArtifactRepo flag to simplify usage + - kind: chore + description: Update Chart icon From 2a480226c43b3656a15b4a9691d76f791903c385 Mon Sep 17 00:00:00 2001 From: Jason Meridth Date: Sun, 7 May 2023 09:18:39 -0500 Subject: [PATCH 160/356] chore(argo-events): Update chart icon to standard image (#2020) This will make the charts all look nice when you go to https://artifacthub.io/packages/search?repo=argo&sort=relevance&page=1 Signed-off-by: jmeridth --- charts/argo-events/Chart.yaml | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/charts/argo-events/Chart.yaml b/charts/argo-events/Chart.yaml index 2adfec2b8..b763af570 100644 --- a/charts/argo-events/Chart.yaml +++ b/charts/argo-events/Chart.yaml @@ -2,9 +2,9 @@ apiVersion: v2 appVersion: v1.7.6 description: A Helm chart for Argo Events, the event-driven workflow automation framework name: argo-events -version: 2.3.0 +version: 2.3.1 home: https://github.com/argoproj/argo-helm -icon: https://argoproj.github.io/argo-events/assets/logo.png +icon: https://avatars.githubusercontent.com/u/30269780?s=200&v=4 keywords: - argoproj - argo-events @@ -15,5 +15,5 @@ maintainers: url: https://argoproj.github.io/ annotations: artifacthub.io/changes: | - - kind: added - description: Allow extraObjects to contain string templates + - kind: chore + description: Update chart icon From ebae3d2462f754fac64bde0d88901c3451ae84dd Mon Sep 17 00:00:00 2001 From: Marco Kilchhofer Date: Sun, 7 May 2023 16:57:01 +0200 Subject: [PATCH 161/356] chore(deps): Pin all workflow deps (#2021) --- .github/workflows/lint-and-test.yml | 10 +++++----- .github/workflows/pr-sizing.yml | 4 ++-- .github/workflows/pr-title.yml | 2 +- .github/workflows/publish.yml | 6 +++--- .github/workflows/stale.yml | 2 +- 5 files changed, 12 insertions(+), 12 deletions(-) diff --git a/.github/workflows/lint-and-test.yml b/.github/workflows/lint-and-test.yml index 97684b86d..1f75294af 100644 --- a/.github/workflows/lint-and-test.yml +++ b/.github/workflows/lint-and-test.yml @@ -10,23 +10,23 @@ jobs: runs-on: ubuntu-latest steps: - name: Checkout - uses: actions/checkout@v3 + uses: actions/checkout@8e5e7e5ab8b370d6c329ec480221332ada57f0ab # v3.5.2 with: fetch-depth: 0 - name: Set up Helm - uses: azure/setup-helm@v3 + uses: azure/setup-helm@5119fcb9089d432beecbf79bb2c7915207344b78 # v3.5 with: version: v3.10.1 # Also update in publish.yaml - name: Set up python - uses: actions/setup-python@v4 + uses: actions/setup-python@57ded4d7d5e986d7296eab16560982c6dd7c923b # v4.6.0 with: python-version: 3.9 - name: Setup Chart Linting id: lint - uses: helm/chart-testing-action@v2.4.0 + uses: helm/chart-testing-action@e8788873172cb653a90ca2e819d79d65a66d4e76 # v2.4.0 with: # Note: Also update in scripts/lint.sh version: v3.7.1 @@ -58,7 +58,7 @@ jobs: fi - name: Create kind cluster - uses: helm/kind-action@v1.5.0 + uses: helm/kind-action@d8ccf8fb623ce1bb360ae2f45f323d9d5c5e9f00 # v1.5.0 if: steps.list-changed.outputs.changed == 'true' with: config: .github/configs/kind-config.yaml diff --git a/.github/workflows/pr-sizing.yml b/.github/workflows/pr-sizing.yml index bcdfc4408..fa9c4c976 100644 --- a/.github/workflows/pr-sizing.yml +++ b/.github/workflows/pr-sizing.yml @@ -12,7 +12,7 @@ jobs: triage: runs-on: ubuntu-latest steps: - - uses: actions/labeler@v4 + - uses: actions/labeler@ba790c862c380240c6d5e7427be5ace9a05c754b # v4.0.3 with: configuration-path: ".github/configs/labeler.yaml" repo-token: "${{ secrets.GITHUB_TOKEN }}" @@ -22,6 +22,6 @@ jobs: runs-on: ubuntu-latest steps: - name: size-label - uses: "pascalgn/size-label-action@v0.4.3" + uses: "pascalgn/size-label-action@1619680c5ac1ef360b944bb56a57587ba4aa2af8 # v0.4.3" env: GITHUB_TOKEN: "${{ secrets.GITHUB_TOKEN }}" diff --git a/.github/workflows/pr-title.yml b/.github/workflows/pr-title.yml index f72814434..2d45de124 100644 --- a/.github/workflows/pr-title.yml +++ b/.github/workflows/pr-title.yml @@ -19,7 +19,7 @@ jobs: name: Validate PR title runs-on: ubuntu-latest steps: - - uses: amannn/action-semantic-pull-request@v5 + - uses: amannn/action-semantic-pull-request@c3cd5d1ea3580753008872425915e343e351ab54 # v5.2.0 env: GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} with: diff --git a/.github/workflows/publish.yml b/.github/workflows/publish.yml index cb56596bc..e104fde25 100644 --- a/.github/workflows/publish.yml +++ b/.github/workflows/publish.yml @@ -15,12 +15,12 @@ jobs: runs-on: ubuntu-latest steps: - name: Checkout - uses: actions/checkout@v3 + uses: actions/checkout@8e5e7e5ab8b370d6c329ec480221332ada57f0ab # v3.5.2 with: fetch-depth: 0 - name: Install Helm - uses: azure/setup-helm@v3 + uses: azure/setup-helm@5119fcb9089d432beecbf79bb2c7915207344b78 # v3.5 with: version: v3.10.1 # Also update in lint-and-test.yaml @@ -39,7 +39,7 @@ jobs: git checkout origin/gh-pages index.yaml - name: Run chart-releaser - uses: helm/chart-releaser-action@v1.5.0 + uses: helm/chart-releaser-action@be16258da8010256c6e82849661221415f031968 # v1.5.0 with: config: "./.github/configs/cr.yaml" env: diff --git a/.github/workflows/stale.yml b/.github/workflows/stale.yml index 9b4053bb7..b0356dc79 100644 --- a/.github/workflows/stale.yml +++ b/.github/workflows/stale.yml @@ -14,7 +14,7 @@ jobs: pull-requests: write # for actions/stale to close stale PRs runs-on: ubuntu-latest steps: - - uses: actions/stale@v8 + - uses: actions/stale@1160a2240286f5da8ec72b1c0816ce2481aabf84 # v8.0.0 with: repo-token: ${{ secrets.GITHUB_TOKEN }} # Number of days of inactivity before an issue becomes stale From a99b021f153c793a2f0b66eff483c756a41cfa39 Mon Sep 17 00:00:00 2001 From: Marco Kilchhofer Date: Mon, 8 May 2023 02:39:28 +0200 Subject: [PATCH 162/356] fix(github): Remove quotes in `uses` statement (#2022) Signed-off-by: Marco Kilchhofer --- .github/workflows/pr-sizing.yml | 9 ++++++--- 1 file changed, 6 insertions(+), 3 deletions(-) diff --git a/.github/workflows/pr-sizing.yml b/.github/workflows/pr-sizing.yml index fa9c4c976..f75d7f82b 100644 --- a/.github/workflows/pr-sizing.yml +++ b/.github/workflows/pr-sizing.yml @@ -1,8 +1,12 @@ ## Reference: https://github.com/pascalgn/size-label-action name: 'PR Labeling' + on: pull_request_target: - types: [opened, synchronize, reopened] + types: + - opened + - synchronize + - reopened permissions: contents: read @@ -21,7 +25,6 @@ jobs: size-label: runs-on: ubuntu-latest steps: - - name: size-label - uses: "pascalgn/size-label-action@1619680c5ac1ef360b944bb56a57587ba4aa2af8 # v0.4.3" + - uses: pascalgn/size-label-action@1619680c5ac1ef360b944bb56a57587ba4aa2af8 # v0.4.3 env: GITHUB_TOKEN: "${{ secrets.GITHUB_TOKEN }}" From 9d108349099d75bb4b8ef017a7cdae93b033c68d Mon Sep 17 00:00:00 2001 From: Aikawa Date: Mon, 8 May 2023 20:22:52 +0900 Subject: [PATCH 163/356] feat(argo-cd): Enable to customize Service type of applicationset-controller (#2014) chore(argo-cd): Enable to customize Service type of applicationset-controller Signed-off-by: yu-croco --- charts/argo-cd/Chart.yaml | 4 ++-- charts/argo-cd/README.md | 1 + charts/argo-cd/templates/argocd-applicationset/service.yaml | 1 + charts/argo-cd/values.yaml | 2 ++ 4 files changed, 6 insertions(+), 2 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index 759449169..dd40f29b9 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -3,7 +3,7 @@ appVersion: v2.7.1 kubeVersion: ">=1.22.0-0" description: A Helm chart for Argo CD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 5.32.0 +version: 5.32.1 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png sources: @@ -24,4 +24,4 @@ dependencies: annotations: artifacthub.io/changes: | - kind: added - description: Allow extraObjects to contain string templates + description: Enable to customize Service type of applicationset-controller diff --git a/charts/argo-cd/README.md b/charts/argo-cd/README.md index f1f0845fc..054dc2f9c 100644 --- a/charts/argo-cd/README.md +++ b/charts/argo-cd/README.md @@ -1079,6 +1079,7 @@ If you want to use an existing Redis (eg. a managed service from a cloud provide | applicationSet.service.labels | object | `{}` | ApplicationSet service labels | | applicationSet.service.port | int | `7000` | ApplicationSet service port | | applicationSet.service.portName | string | `"webhook"` | ApplicationSet service port name | +| applicationSet.service.type | string | `"ClusterIP"` | ApplicationSet service type | | applicationSet.serviceAccount.annotations | object | `{}` | Annotations applied to created service account | | applicationSet.serviceAccount.automountServiceAccountToken | bool | `true` | Automount API credentials for the Service Account | | applicationSet.serviceAccount.create | bool | `true` | Create ApplicationSet controller service account | diff --git a/charts/argo-cd/templates/argocd-applicationset/service.yaml b/charts/argo-cd/templates/argocd-applicationset/service.yaml index 640b195a7..e3a07b6f5 100644 --- a/charts/argo-cd/templates/argocd-applicationset/service.yaml +++ b/charts/argo-cd/templates/argocd-applicationset/service.yaml @@ -16,6 +16,7 @@ metadata: {{- toYaml . | nindent 4 }} {{- end }} spec: + type: {{ .Values.applicationSet.service.type }} ports: - name: {{ .Values.applicationSet.service.portName }} port: {{ .Values.applicationSet.service.port }} diff --git a/charts/argo-cd/values.yaml b/charts/argo-cd/values.yaml index afdaa0955..3f95a663d 100644 --- a/charts/argo-cd/values.yaml +++ b/charts/argo-cd/values.yaml @@ -2432,6 +2432,8 @@ applicationSet: annotations: {} # -- ApplicationSet service labels labels: {} + # -- ApplicationSet service type + type: ClusterIP # -- ApplicationSet service port port: 7000 # -- ApplicationSet service port name From 24089bdd384283e51c87046a589fda7522339b0b Mon Sep 17 00:00:00 2001 From: Jason Meridth Date: Mon, 8 May 2023 15:02:25 -0500 Subject: [PATCH 164/356] fix(argo-workflows): use correct artifacthub annotation kind (#2031) This is to get latest argo-workflows chart version out to artifacthub. Can't get the previous ones that had incorrect kinds. #2030 adds linting so this doesn't happen again. Signed-off-by: jmeridth --- charts/argo-workflows/Chart.yaml | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/charts/argo-workflows/Chart.yaml b/charts/argo-workflows/Chart.yaml index 3eb787b82..11bdb8edf 100644 --- a/charts/argo-workflows/Chart.yaml +++ b/charts/argo-workflows/Chart.yaml @@ -3,7 +3,7 @@ appVersion: v3.4.7 name: argo-workflows description: A Helm chart for Argo Workflows type: application -version: 0.26.1 +version: 0.26.2 icon: https://argoproj.github.io/argo-workflows/assets/logo.png home: https://github.com/argoproj/argo-helm sources: @@ -13,5 +13,5 @@ maintainers: url: https://argoproj.github.io/ annotations: artifacthub.io/changes: | - - kind: chore - description: Update Chart icon + - kind: fixed + description: Use correct artifacthub kind and get latest chart version to artifacthub From 442fa22edcd5f980b2b4297d0d2d1bad1f820b2a Mon Sep 17 00:00:00 2001 From: Jason Meridth Date: Mon, 8 May 2023 19:38:23 -0500 Subject: [PATCH 165/356] fix(argo-events): use correct artifacthub annotation kind (#2032) This is to get latest argo-workflows chart version out to artifacthub. Can't get the previous ones that had incorrect kinds. argoproj#2030 adds linting so this doesn't happen again. Will merge after argo-workflows and argo-events charts are fixed. Signed-off-by: jmeridth Co-authored-by: Marco Kilchhofer --- charts/argo-events/Chart.yaml | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/charts/argo-events/Chart.yaml b/charts/argo-events/Chart.yaml index b763af570..d6ce3465a 100644 --- a/charts/argo-events/Chart.yaml +++ b/charts/argo-events/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v2 appVersion: v1.7.6 description: A Helm chart for Argo Events, the event-driven workflow automation framework name: argo-events -version: 2.3.1 +version: 2.3.2 home: https://github.com/argoproj/argo-helm icon: https://avatars.githubusercontent.com/u/30269780?s=200&v=4 keywords: @@ -15,5 +15,5 @@ maintainers: url: https://argoproj.github.io/ annotations: artifacthub.io/changes: | - - kind: chore - description: Update chart icon + - kind: fixed + description: Use correct artifacthub kind and get latest chart version to artifacthub From 395abc5435724684db43e2c99f4ec8ed859c0b90 Mon Sep 17 00:00:00 2001 From: Jason Meridth Date: Mon, 8 May 2023 21:22:34 -0500 Subject: [PATCH 166/356] feat(github): add artifacthub linting (#2030) This will help us ensure we use correct notation in our artifacthub annotations Signed-off-by: jmeridth --- .github/workflows/lint-and-test.yml | 12 ++++++++++++ 1 file changed, 12 insertions(+) diff --git a/.github/workflows/lint-and-test.yml b/.github/workflows/lint-and-test.yml index 1f75294af..90106fc90 100644 --- a/.github/workflows/lint-and-test.yml +++ b/.github/workflows/lint-and-test.yml @@ -6,6 +6,18 @@ permissions: contents: read jobs: + linter-artifacthub: + runs-on: ubuntu-latest + container: + image: public.ecr.aws/artifacthub/ah:v1.14.0 + options: --user 1001 + steps: + - name: Checkout + uses: actions/checkout@8e5e7e5ab8b370d6c329ec480221332ada57f0ab # v3.5.2 + - name: Run ah lint + working-directory: ./charts + run: ah lint + chart-test: runs-on: ubuntu-latest steps: From c8b47cf060b2ba6da64d4eb9e1f081472d70a371 Mon Sep 17 00:00:00 2001 From: ryanpark0203 <108246291+ryanpark0203@users.noreply.github.com> Date: Tue, 9 May 2023 13:41:54 +1000 Subject: [PATCH 167/356] fix(argo-workflows): Fix Helm chart to correctly reference Kubernetes version in conditional check for HPA apiVersion (#2029) * add a fix for argo workflows hpa Signed-off-by: ryanpark0203 <108246291+ryanpark0203@users.noreply.github.com> * add description for the fix Signed-off-by: ryanpark0203 <108246291+ryanpark0203@users.noreply.github.com> * update readme Signed-off-by: ryanpark0203 <108246291+ryanpark0203@users.noreply.github.com> * remove apiVersionOverrides from readme Signed-off-by: ryanpark0203 <108246291+ryanpark0203@users.noreply.github.com> * fix linting Signed-off-by: ryanpark0203 <108246291+ryanpark0203@users.noreply.github.com> --------- Signed-off-by: ryanpark0203 <108246291+ryanpark0203@users.noreply.github.com> Co-authored-by: Aikawa Co-authored-by: Jason Meridth --- charts/argo-workflows/Chart.yaml | 4 ++-- charts/argo-workflows/README.md | 1 + charts/argo-workflows/templates/_helpers.tpl | 2 +- .../templates/server/server-deployment-hpa.yaml | 2 +- charts/argo-workflows/values.yaml | 5 +++++ 5 files changed, 10 insertions(+), 4 deletions(-) diff --git a/charts/argo-workflows/Chart.yaml b/charts/argo-workflows/Chart.yaml index 11bdb8edf..ae171a11f 100644 --- a/charts/argo-workflows/Chart.yaml +++ b/charts/argo-workflows/Chart.yaml @@ -3,7 +3,7 @@ appVersion: v3.4.7 name: argo-workflows description: A Helm chart for Argo Workflows type: application -version: 0.26.2 +version: 0.26.3 icon: https://argoproj.github.io/argo-workflows/assets/logo.png home: https://github.com/argoproj/argo-helm sources: @@ -14,4 +14,4 @@ maintainers: annotations: artifacthub.io/changes: | - kind: fixed - description: Use correct artifacthub kind and get latest chart version to artifacthub + description: Fix Helm chart to correctly reference Kubernetes version in conditional check for HPA apiVersion diff --git a/charts/argo-workflows/README.md b/charts/argo-workflows/README.md index dae6972b8..1dbfc155c 100644 --- a/charts/argo-workflows/README.md +++ b/charts/argo-workflows/README.md @@ -101,6 +101,7 @@ Fields to note: | Key | Type | Default | Description | |-----|------|---------|-------------| +| apiVersionOverrides.autoscaling | string | `""` | String to override apiVersion of autoscaling rendered by this helm chart | | crds.annotations | object | `{}` | Annotations to be added to all CRDs | | crds.install | bool | `true` | Install and upgrade CRDs | | crds.keep | bool | `true` | Keep CRDs on chart uninstall | diff --git a/charts/argo-workflows/templates/_helpers.tpl b/charts/argo-workflows/templates/_helpers.tpl index 2fbcc708b..f302f0da2 100644 --- a/charts/argo-workflows/templates/_helpers.tpl +++ b/charts/argo-workflows/templates/_helpers.tpl @@ -160,7 +160,7 @@ Return the appropriate apiVersion for autoscaling {{- define "argo-workflows.apiVersion.autoscaling" -}} {{- if .Values.apiVersionOverrides.autoscaling -}} {{- print .Values.apiVersionOverrides.autoscaling -}} -{{- else if semverCompare "<1.23-0" (include "argo-cd.kubeVersion" .) -}} +{{- else if semverCompare "<1.23-0" (include "argo-workflows.kubeVersion" .) -}} {{- print "autoscaling/v2beta1" -}} {{- else -}} {{- print "autoscaling/v2" -}} diff --git a/charts/argo-workflows/templates/server/server-deployment-hpa.yaml b/charts/argo-workflows/templates/server/server-deployment-hpa.yaml index ebc45925e..9194bbd9d 100644 --- a/charts/argo-workflows/templates/server/server-deployment-hpa.yaml +++ b/charts/argo-workflows/templates/server/server-deployment-hpa.yaml @@ -1,5 +1,5 @@ {{- if and .Values.server.enabled .Values.server.autoscaling.enabled }} -apiVersion: autoscaling/v2beta1 +apiVersion: {{ include "argo-workflows.apiVersion.autoscaling" . }} kind: HorizontalPodAutoscaler metadata: name: {{ template "argo-workflows.server.fullname" . }} diff --git a/charts/argo-workflows/values.yaml b/charts/argo-workflows/values.yaml index c1c0229e2..e7e268a07 100644 --- a/charts/argo-workflows/values.yaml +++ b/charts/argo-workflows/values.yaml @@ -29,6 +29,11 @@ fullnameOverride: # -- Override the Kubernetes version, which is used to evaluate certain manifests kubeVersionOverride: "" +# Override APIVersions +apiVersionOverrides: + # -- String to override apiVersion of autoscaling rendered by this helm chart + autoscaling: "" # autoscaling/v2 + # -- Restrict Argo to operate only in a single namespace (the namespace of the # Helm release) by apply Roles and RoleBindings instead of the Cluster # equivalents, and start workflow-controller with the --namespaced flag. Use it From cc64b0c9f51b85ec64f23582ee53167ff4abc4d1 Mon Sep 17 00:00:00 2001 From: PidgeyBE Date: Wed, 10 May 2023 12:16:14 +0200 Subject: [PATCH 168/356] fix(argo-workflows): fix clusterworkflowtemplates disabled flag (#2033) * fix clusterworkflowtemplates disabled flag Signed-off-by: Peejai * Bump chart version and add artifacthub changes Signed-off-by: Peejai --------- Signed-off-by: Peejai Co-authored-by: Jason Meridth --- charts/argo-workflows/Chart.yaml | 4 ++-- .../templates/crds/argoproj.io_clusterworkflowtemplates.yaml | 2 ++ 2 files changed, 4 insertions(+), 2 deletions(-) diff --git a/charts/argo-workflows/Chart.yaml b/charts/argo-workflows/Chart.yaml index ae171a11f..0933c3d50 100644 --- a/charts/argo-workflows/Chart.yaml +++ b/charts/argo-workflows/Chart.yaml @@ -3,7 +3,7 @@ appVersion: v3.4.7 name: argo-workflows description: A Helm chart for Argo Workflows type: application -version: 0.26.3 +version: 0.26.4 icon: https://argoproj.github.io/argo-workflows/assets/logo.png home: https://github.com/argoproj/argo-helm sources: @@ -14,4 +14,4 @@ maintainers: annotations: artifacthub.io/changes: | - kind: fixed - description: Fix Helm chart to correctly reference Kubernetes version in conditional check for HPA apiVersion + description: Create clusterWorkflowTemplates CRD only when enabled in Helm values. diff --git a/charts/argo-workflows/templates/crds/argoproj.io_clusterworkflowtemplates.yaml b/charts/argo-workflows/templates/crds/argoproj.io_clusterworkflowtemplates.yaml index 7f767b24d..9264eaba6 100644 --- a/charts/argo-workflows/templates/crds/argoproj.io_clusterworkflowtemplates.yaml +++ b/charts/argo-workflows/templates/crds/argoproj.io_clusterworkflowtemplates.yaml @@ -1,4 +1,5 @@ {{- if .Values.crds.install }} +{{- if or (.Values.server.clusterWorkflowTemplates.enabled) (.Values.controller.clusterWorkflowTemplates.enabled) }} apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: @@ -43,3 +44,4 @@ spec: served: true storage: true {{- end }} +{{- end }} From 07aa087a1942aac79dc04ec41a25a9c2b094ac4b Mon Sep 17 00:00:00 2001 From: Marco Kilchhofer Date: Wed, 10 May 2023 15:06:56 +0200 Subject: [PATCH 169/356] feat(github): Introduce chart signing (#2040) Signed-off-by: Marco Kilchhofer --- .github/configs/cr.yaml | 8 +++++++- .github/workflows/publish.yml | 16 ++++++++++++++++ 2 files changed, 23 insertions(+), 1 deletion(-) diff --git a/.github/configs/cr.yaml b/.github/configs/cr.yaml index 01fdbe0ce..a0d425dca 100644 --- a/.github/configs/cr.yaml +++ b/.github/configs/cr.yaml @@ -1,2 +1,8 @@ ## Reference: https://github.com/helm/chart-releaser -index-path: "./index.yaml" \ No newline at end of file +index-path: "./index.yaml" + +# PGP signing +sign: true +key: Argo Helm maintainers +# keyring: # Set via env variable CR_KEYRING +# passphrase-file: # Set via env variable CR_PASSPHRASE_FILE diff --git a/.github/workflows/publish.yml b/.github/workflows/publish.yml index e104fde25..58d7d22d5 100644 --- a/.github/workflows/publish.yml +++ b/.github/workflows/publish.yml @@ -38,6 +38,22 @@ jobs: run: | git checkout origin/gh-pages index.yaml + # The GitHub repository secret `PGP_PRIVATE_KEY` contains the private key + # in ASCII-armored format. To export a (new) key, run this command: + # `gpg --armor --export-secret-key ` + - name: Prepare PGP key + run: | + IFS="" + echo "$PGP_PRIVATE_KEY" | gpg --dearmor > $HOME/secring.gpg + echo "$PGP_PASSPHRASE" > $HOME/passphrase.txt + + # Tell chart-releaser-action where to find the key and its passphrase + echo "CR_KEYRING=$HOME/secring.gpg" >> "$GITHUB_ENV" + echo "CR_PASSPHRASE_FILE=$HOME/passphrase.txt" >> "$GITHUB_ENV" + env: + PGP_PRIVATE_KEY: "${{ secrets.PGP_PRIVATE_KEY }}" + PGP_PASSPHRASE: "${{ secrets.PGP_PASSPHRASE }}" + - name: Run chart-releaser uses: helm/chart-releaser-action@be16258da8010256c6e82849661221415f031968 # v1.5.0 with: From 8c295d3344dd4c09ef9c8f7b7d8e32b94250ef0b Mon Sep 17 00:00:00 2001 From: Marco Kilchhofer Date: Wed, 10 May 2023 15:49:32 +0200 Subject: [PATCH 170/356] feat(argo-cd): Introduce chart signing (#2042) Signed-off-by: Marco Kilchhofer --- charts/argo-cd/Chart.yaml | 7 +++++-- 1 file changed, 5 insertions(+), 2 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index dd40f29b9..12a1f5f07 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -3,7 +3,7 @@ appVersion: v2.7.1 kubeVersion: ">=1.22.0-0" description: A Helm chart for Argo CD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 5.32.1 +version: 5.32.2 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png sources: @@ -22,6 +22,9 @@ dependencies: repository: https://dandydeveloper.github.io/charts/ condition: redis-ha.enabled annotations: + artifacthub.io/signKey: | + fingerprint: 2B8F22F57260EFA67BE1C5824B11F800CD9D2252 + url: https://argoproj.github.io/argo-helm/pgp_keys.asc artifacthub.io/changes: | - kind: added - description: Enable to customize Service type of applicationset-controller + description: Introduce chart signing From 887f68adb1d8ab3f2a767c99a3f46618faee112b Mon Sep 17 00:00:00 2001 From: Marco Kilchhofer Date: Wed, 10 May 2023 16:20:51 +0200 Subject: [PATCH 171/356] feat(argo-workflows): Introduce chart signing (#2044) Signed-off-by: Marco Kilchhofer --- charts/argo-workflows/Chart.yaml | 9 ++++++--- 1 file changed, 6 insertions(+), 3 deletions(-) diff --git a/charts/argo-workflows/Chart.yaml b/charts/argo-workflows/Chart.yaml index 0933c3d50..066adfa0a 100644 --- a/charts/argo-workflows/Chart.yaml +++ b/charts/argo-workflows/Chart.yaml @@ -3,7 +3,7 @@ appVersion: v3.4.7 name: argo-workflows description: A Helm chart for Argo Workflows type: application -version: 0.26.4 +version: 0.26.5 icon: https://argoproj.github.io/argo-workflows/assets/logo.png home: https://github.com/argoproj/argo-helm sources: @@ -12,6 +12,9 @@ maintainers: - name: argoproj url: https://argoproj.github.io/ annotations: + artifacthub.io/signKey: | + fingerprint: 2B8F22F57260EFA67BE1C5824B11F800CD9D2252 + url: https://argoproj.github.io/argo-helm/pgp_keys.asc artifacthub.io/changes: | - - kind: fixed - description: Create clusterWorkflowTemplates CRD only when enabled in Helm values. + - kind: added + description: Introduce chart signing From 2bd14d38b014ad1d45029c0990605d38eca960df Mon Sep 17 00:00:00 2001 From: Tim Collins <45351296+tico24@users.noreply.github.com> Date: Wed, 10 May 2023 15:30:17 +0100 Subject: [PATCH 172/356] chore(github): Add tico24 to codeowners (#2047) Signed-off-by: Tim Collins Co-authored-by: Aikawa --- CODEOWNERS | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/CODEOWNERS b/CODEOWNERS index 9b0a95c5a..f7432a773 100644 --- a/CODEOWNERS +++ b/CODEOWNERS @@ -2,13 +2,13 @@ * @mkilchhofer @jmeridth # Argo Workflows -/charts/argo-workflows/ @vladlosev @jmeridth @yu-croco +/charts/argo-workflows/ @vladlosev @jmeridth @yu-croco @tico24 # Argo CD -/charts/argo-cd/ @mbevc1 @mkilchhofer @yu-croco @jmeridth @pdrastil +/charts/argo-cd/ @mbevc1 @mkilchhofer @yu-croco @jmeridth @pdrastil @tico24 # Argo Events -/charts/argo-events/ @pdrastil @jmeridth +/charts/argo-events/ @pdrastil @jmeridth @tico24 # Argo Rollouts /charts/argo-rollouts/ @jmeridth From 083f42cdd67ab03c4e45f98b8365ebd291b27318 Mon Sep 17 00:00:00 2001 From: Aikawa Date: Thu, 11 May 2023 00:30:57 +0900 Subject: [PATCH 173/356] feat(argo-rollouts): Upgrade Argo Rollouts to v1.5.0 (#2039) * feat(argo-rollouts): Upgrade Argo Rollouts to v1.5.0 Signed-off-by: yu-croco * feat(argo-rollouts): Add missing configmap for 3rd party metrics providers Signed-off-by: yu-croco * feat: Add signing information Signed-off-by: Marco Kilchhofer --------- Signed-off-by: Marco Kilchhofer Co-authored-by: Marco Kilchhofer Co-authored-by: Jason Meridth --- charts/argo-rollouts/Chart.yaml | 11 ++- charts/argo-rollouts/README.md | 1 + .../templates/controller/configmap.yaml | 12 +++ .../templates/crds/analysis-run-crd.yaml | 70 +++++++++++++++++ .../templates/crds/analysis-template-crd.yaml | 70 +++++++++++++++++ .../crds/cluster-analysis-template-crd.yaml | 70 +++++++++++++++++ .../templates/crds/experiment-crd.yaml | 14 ++++ .../templates/crds/rollout-crd.yaml | 78 ++++++++++++++++++- charts/argo-rollouts/values.yaml | 7 ++ 9 files changed, 328 insertions(+), 5 deletions(-) create mode 100644 charts/argo-rollouts/templates/controller/configmap.yaml diff --git a/charts/argo-rollouts/Chart.yaml b/charts/argo-rollouts/Chart.yaml index 46ca6ba73..ecdcbb391 100644 --- a/charts/argo-rollouts/Chart.yaml +++ b/charts/argo-rollouts/Chart.yaml @@ -1,8 +1,8 @@ apiVersion: v2 -appVersion: v1.4.1 +appVersion: v1.5.0 description: A Helm chart for Argo Rollouts name: argo-rollouts -version: 2.27.0 +version: 2.28.0 home: https://github.com/argoproj/argo-helm icon: https://argoproj.github.io/argo-rollouts/assets/logo.png keywords: @@ -14,6 +14,11 @@ maintainers: - name: argoproj url: https://argoproj.github.io/ annotations: + artifacthub.io/signKey: | + fingerprint: 2B8F22F57260EFA67BE1C5824B11F800CD9D2252 + url: https://argoproj.github.io/argo-helm/pgp_keys.asc artifacthub.io/changes: | + - kind: changed + description: Upgrade Argo Rollouts to v1.5.0 - kind: added - description: Allow extraObjects to contain string templates + description: Introduce chart signing diff --git a/charts/argo-rollouts/README.md b/charts/argo-rollouts/README.md index 58784cf03..aaed870fd 100644 --- a/charts/argo-rollouts/README.md +++ b/charts/argo-rollouts/README.md @@ -85,6 +85,7 @@ For full list of changes please check ArtifactHub [changelog]. | controller.image.tag | string | `""` | Overrides the image tag (default is the chart appVersion) | | controller.initContainers | list | `[]` | Init containers to add to the rollouts controller pod | | controller.livenessProbe | object | See [values.yaml] | Configure liveness [probe] for the controller | +| controller.metricProviderPlugins | object | `{}` | Configures 3rd party metric providers for controller | | controller.metrics.enabled | bool | `false` | Deploy metrics service | | controller.metrics.serviceMonitor.additionalAnnotations | object | `{}` | Annotations to be added to the ServiceMonitor | | controller.metrics.serviceMonitor.additionalLabels | object | `{}` | Labels to be added to the ServiceMonitor | diff --git a/charts/argo-rollouts/templates/controller/configmap.yaml b/charts/argo-rollouts/templates/controller/configmap.yaml new file mode 100644 index 000000000..8eb2bbe2a --- /dev/null +++ b/charts/argo-rollouts/templates/controller/configmap.yaml @@ -0,0 +1,12 @@ +apiVersion: v1 +kind: ConfigMap +metadata: + name: argo-rollouts-config + namespace: {{ .Release.Namespace | quote }} + labels: + app.kubernetes.io/component: {{ .Values.controller.component }} + {{- include "argo-rollouts.labels" . | nindent 4 }} +data: + {{- with .Values.controller.metricProviderPlugins }} + {{- toYaml . | nindent 2 }} + {{- end }} diff --git a/charts/argo-rollouts/templates/crds/analysis-run-crd.yaml b/charts/argo-rollouts/templates/crds/analysis-run-crd.yaml index 70187985c..bc2e61dbc 100644 --- a/charts/argo-rollouts/templates/crds/analysis-run-crd.yaml +++ b/charts/argo-rollouts/templates/crds/analysis-run-crd.yaml @@ -188,6 +188,8 @@ spec: type: object datadog: properties: + apiVersion: + type: string interval: type: string query: @@ -240,6 +242,51 @@ spec: parallelism: format: int32 type: integer + podFailurePolicy: + properties: + rules: + items: + properties: + action: + type: string + onExitCodes: + properties: + containerName: + type: string + operator: + type: string + values: + items: + format: int32 + type: integer + type: array + x-kubernetes-list-type: set + required: + - operator + - values + type: object + onPodConditions: + items: + properties: + status: + type: string + type: + type: string + required: + - status + - type + type: object + type: array + x-kubernetes-list-type: atomic + required: + - action + - onPodConditions + type: object + type: array + x-kubernetes-list-type: atomic + required: + - rules + type: object selector: properties: matchExpressions: @@ -1832,6 +1879,8 @@ spec: type: boolean hostPID: type: boolean + hostUsers: + type: boolean hostname: type: string imagePullSecrets: @@ -2579,12 +2628,21 @@ spec: type: string type: object type: object + matchLabelKeys: + items: + type: string + type: array + x-kubernetes-list-type: atomic maxSkew: format: int32 type: integer minDomains: format: int32 type: integer + nodeAffinityPolicy: + type: string + nodeTaintsPolicy: + type: string topologyKey: type: string whenUnsatisfiable: @@ -2710,6 +2768,9 @@ spec: required: - query type: object + plugin: + type: object + x-kubernetes-preserve-unknown-fields: true prometheus: properties: address: @@ -2717,6 +2778,15 @@ spec: query: type: string type: object + skywalking: + properties: + address: + type: string + interval: + type: string + query: + type: string + type: object wavefront: properties: address: diff --git a/charts/argo-rollouts/templates/crds/analysis-template-crd.yaml b/charts/argo-rollouts/templates/crds/analysis-template-crd.yaml index c28461860..2c73c5c96 100644 --- a/charts/argo-rollouts/templates/crds/analysis-template-crd.yaml +++ b/charts/argo-rollouts/templates/crds/analysis-template-crd.yaml @@ -184,6 +184,8 @@ spec: type: object datadog: properties: + apiVersion: + type: string interval: type: string query: @@ -236,6 +238,51 @@ spec: parallelism: format: int32 type: integer + podFailurePolicy: + properties: + rules: + items: + properties: + action: + type: string + onExitCodes: + properties: + containerName: + type: string + operator: + type: string + values: + items: + format: int32 + type: integer + type: array + x-kubernetes-list-type: set + required: + - operator + - values + type: object + onPodConditions: + items: + properties: + status: + type: string + type: + type: string + required: + - status + - type + type: object + type: array + x-kubernetes-list-type: atomic + required: + - action + - onPodConditions + type: object + type: array + x-kubernetes-list-type: atomic + required: + - rules + type: object selector: properties: matchExpressions: @@ -1828,6 +1875,8 @@ spec: type: boolean hostPID: type: boolean + hostUsers: + type: boolean hostname: type: string imagePullSecrets: @@ -2575,12 +2624,21 @@ spec: type: string type: object type: object + matchLabelKeys: + items: + type: string + type: array + x-kubernetes-list-type: atomic maxSkew: format: int32 type: integer minDomains: format: int32 type: integer + nodeAffinityPolicy: + type: string + nodeTaintsPolicy: + type: string topologyKey: type: string whenUnsatisfiable: @@ -2706,6 +2764,9 @@ spec: required: - query type: object + plugin: + type: object + x-kubernetes-preserve-unknown-fields: true prometheus: properties: address: @@ -2713,6 +2774,15 @@ spec: query: type: string type: object + skywalking: + properties: + address: + type: string + interval: + type: string + query: + type: string + type: object wavefront: properties: address: diff --git a/charts/argo-rollouts/templates/crds/cluster-analysis-template-crd.yaml b/charts/argo-rollouts/templates/crds/cluster-analysis-template-crd.yaml index a00f68fe0..612608de4 100644 --- a/charts/argo-rollouts/templates/crds/cluster-analysis-template-crd.yaml +++ b/charts/argo-rollouts/templates/crds/cluster-analysis-template-crd.yaml @@ -184,6 +184,8 @@ spec: type: object datadog: properties: + apiVersion: + type: string interval: type: string query: @@ -236,6 +238,51 @@ spec: parallelism: format: int32 type: integer + podFailurePolicy: + properties: + rules: + items: + properties: + action: + type: string + onExitCodes: + properties: + containerName: + type: string + operator: + type: string + values: + items: + format: int32 + type: integer + type: array + x-kubernetes-list-type: set + required: + - operator + - values + type: object + onPodConditions: + items: + properties: + status: + type: string + type: + type: string + required: + - status + - type + type: object + type: array + x-kubernetes-list-type: atomic + required: + - action + - onPodConditions + type: object + type: array + x-kubernetes-list-type: atomic + required: + - rules + type: object selector: properties: matchExpressions: @@ -1828,6 +1875,8 @@ spec: type: boolean hostPID: type: boolean + hostUsers: + type: boolean hostname: type: string imagePullSecrets: @@ -2575,12 +2624,21 @@ spec: type: string type: object type: object + matchLabelKeys: + items: + type: string + type: array + x-kubernetes-list-type: atomic maxSkew: format: int32 type: integer minDomains: format: int32 type: integer + nodeAffinityPolicy: + type: string + nodeTaintsPolicy: + type: string topologyKey: type: string whenUnsatisfiable: @@ -2706,6 +2764,9 @@ spec: required: - query type: object + plugin: + type: object + x-kubernetes-preserve-unknown-fields: true prometheus: properties: address: @@ -2713,6 +2774,15 @@ spec: query: type: string type: object + skywalking: + properties: + address: + type: string + interval: + type: string + query: + type: string + type: object wavefront: properties: address: diff --git a/charts/argo-rollouts/templates/crds/experiment-crd.yaml b/charts/argo-rollouts/templates/crds/experiment-crd.yaml index 86af19320..acf989351 100644 --- a/charts/argo-rollouts/templates/crds/experiment-crd.yaml +++ b/charts/argo-rollouts/templates/crds/experiment-crd.yaml @@ -159,6 +159,9 @@ spec: type: object type: object service: + properties: + name: + type: string type: object template: properties: @@ -1727,6 +1730,8 @@ spec: type: boolean hostPID: type: boolean + hostUsers: + type: boolean hostname: type: string imagePullSecrets: @@ -2474,12 +2479,21 @@ spec: type: string type: object type: object + matchLabelKeys: + items: + type: string + type: array + x-kubernetes-list-type: atomic maxSkew: format: int32 type: integer minDomains: format: int32 type: integer + nodeAffinityPolicy: + type: string + nodeTaintsPolicy: + type: string topologyKey: type: string whenUnsatisfiable: diff --git a/charts/argo-rollouts/templates/crds/rollout-crd.yaml b/charts/argo-rollouts/templates/crds/rollout-crd.yaml index 3f6ea7496..0fafbab35 100644 --- a/charts/argo-rollouts/templates/crds/rollout-crd.yaml +++ b/charts/argo-rollouts/templates/crds/rollout-crd.yaml @@ -163,6 +163,17 @@ spec: x-kubernetes-int-or-string: true postPromotionAnalysis: properties: + analysisRunMetadata: + properties: + annotations: + additionalProperties: + type: string + type: object + labels: + additionalProperties: + type: string + type: object + type: object args: items: properties: @@ -220,6 +231,17 @@ spec: type: object prePromotionAnalysis: properties: + analysisRunMetadata: + properties: + annotations: + additionalProperties: + type: string + type: object + labels: + additionalProperties: + type: string + type: object + type: object args: items: properties: @@ -307,6 +329,17 @@ spec: type: integer analysis: properties: + analysisRunMetadata: + properties: + annotations: + additionalProperties: + type: string + type: object + labels: + additionalProperties: + type: string + type: object + type: object args: items: properties: @@ -440,6 +473,17 @@ spec: properties: analysis: properties: + analysisRunMetadata: + properties: + annotations: + additionalProperties: + type: string + type: object + labels: + additionalProperties: + type: string + type: object + type: object args: items: properties: @@ -580,6 +624,11 @@ spec: type: string type: object type: object + service: + properties: + name: + type: string + type: object specRef: type: string weight: @@ -869,9 +918,14 @@ spec: type: string stableIngress: type: string - required: - - stableIngress + stableIngresses: + items: + type: string + type: array + type: object + plugins: type: object + x-kubernetes-preserve-unknown-fields: true smi: properties: rootService: @@ -2456,6 +2510,8 @@ spec: type: boolean hostPID: type: boolean + hostUsers: + type: boolean hostname: type: string imagePullSecrets: @@ -3203,12 +3259,21 @@ spec: type: string type: object type: object + matchLabelKeys: + items: + type: string + type: array + x-kubernetes-list-type: atomic maxSkew: format: int32 type: integer minDomains: format: int32 type: integer + nodeAffinityPolicy: + type: string + nodeTaintsPolicy: + type: string topologyKey: type: string whenUnsatisfiable: @@ -3257,30 +3322,39 @@ spec: properties: arn: type: string + fullName: + type: string name: type: string required: - arn + - fullName - name type: object loadBalancer: properties: arn: type: string + fullName: + type: string name: type: string required: - arn + - fullName - name type: object stableTargetGroup: properties: arn: type: string + fullName: + type: string name: type: string required: - arn + - fullName - name type: object type: object diff --git a/charts/argo-rollouts/values.yaml b/charts/argo-rollouts/values.yaml index 28a6f1f81..d1c91e30e 100644 --- a/charts/argo-rollouts/values.yaml +++ b/charts/argo-rollouts/values.yaml @@ -169,6 +169,13 @@ controller: # - mountPath: /etc/ssl/certs # name: my-certs + # -- Configures 3rd party metric providers for controller + ## Ref: https://argo-rollouts.readthedocs.io/en/stable/analysis/plugins/ + metricProviderPlugins: {} + # metricProviderPlugins: |- + # - name: "argoproj-labs/sample-prometheus" # name of the plugin, it must match the name required by the plugin so that it can find its configuration + # location: "file://./my-custom-plugin" # supports http(s):// urls and file:// + serviceAccount: # -- Specifies whether a service account should be created create: true From a487e177845c686f633b31b249e7dc7722aad8ad Mon Sep 17 00:00:00 2001 From: Marco Kilchhofer Date: Wed, 10 May 2023 17:45:46 +0200 Subject: [PATCH 174/356] feat(argo-events): Introduce chart signing (#2043) Signed-off-by: Marco Kilchhofer --- charts/argo-events/Chart.yaml | 9 ++++++--- 1 file changed, 6 insertions(+), 3 deletions(-) diff --git a/charts/argo-events/Chart.yaml b/charts/argo-events/Chart.yaml index d6ce3465a..c35d0f960 100644 --- a/charts/argo-events/Chart.yaml +++ b/charts/argo-events/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v2 appVersion: v1.7.6 description: A Helm chart for Argo Events, the event-driven workflow automation framework name: argo-events -version: 2.3.2 +version: 2.3.3 home: https://github.com/argoproj/argo-helm icon: https://avatars.githubusercontent.com/u/30269780?s=200&v=4 keywords: @@ -14,6 +14,9 @@ maintainers: - name: argoproj url: https://argoproj.github.io/ annotations: + artifacthub.io/signKey: | + fingerprint: 2B8F22F57260EFA67BE1C5824B11F800CD9D2252 + url: https://argoproj.github.io/argo-helm/pgp_keys.asc artifacthub.io/changes: | - - kind: fixed - description: Use correct artifacthub kind and get latest chart version to artifacthub + - kind: added + description: Introduce chart signing From fc47f9baa6613ff747fda14cca0847f9b3e8b716 Mon Sep 17 00:00:00 2001 From: Marco Kilchhofer Date: Wed, 10 May 2023 18:46:04 +0200 Subject: [PATCH 175/356] feat(argocd-image-updater): Introduce chart signing (#2046) Signed-off-by: Marco Kilchhofer --- charts/argocd-image-updater/Chart.yaml | 9 ++++++--- 1 file changed, 6 insertions(+), 3 deletions(-) diff --git a/charts/argocd-image-updater/Chart.yaml b/charts/argocd-image-updater/Chart.yaml index d6ec30ef3..665f4badc 100644 --- a/charts/argocd-image-updater/Chart.yaml +++ b/charts/argocd-image-updater/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v2 name: argocd-image-updater description: A Helm chart for Argo CD Image Updater, a tool to automatically update the container images of Kubernetes workloads which are managed by Argo CD type: application -version: 0.9.0 +version: 0.9.1 appVersion: v0.12.2 home: https://github.com/argoproj-labs/argocd-image-updater icon: https://argocd-image-updater.readthedocs.io/en/stable/assets/logo.png @@ -14,6 +14,9 @@ maintainers: - name: argoproj url: https://argoproj.github.io/ annotations: + artifacthub.io/signKey: | + fingerprint: 2B8F22F57260EFA67BE1C5824B11F800CD9D2252 + url: https://argoproj.github.io/argo-helm/pgp_keys.asc artifacthub.io/changes: | - - kind: fixed - description: add namespace field for namespace scoped resources + - kind: added + description: Introduce chart signing From b37a9e72a68d8fafe3cddd14cf2b3ed6722eff4a Mon Sep 17 00:00:00 2001 From: Marco Kilchhofer Date: Wed, 10 May 2023 18:57:43 +0200 Subject: [PATCH 176/356] feat(argocd-apps): Introduce chart signing (#2045) Signed-off-by: Marco Kilchhofer Co-authored-by: Aikawa --- charts/argocd-apps/Chart.yaml | 9 ++++++--- 1 file changed, 6 insertions(+), 3 deletions(-) diff --git a/charts/argocd-apps/Chart.yaml b/charts/argocd-apps/Chart.yaml index c8e37b3b9..0c55671d3 100644 --- a/charts/argocd-apps/Chart.yaml +++ b/charts/argocd-apps/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v2 name: argocd-apps description: A Helm chart for managing additional Argo CD Applications and Projects type: application -version: 1.0.0 +version: 1.0.1 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png keywords: @@ -13,6 +13,9 @@ maintainers: - name: argoproj url: https://argoproj.github.io/ annotations: + artifacthub.io/signKey: | + fingerprint: 2B8F22F57260EFA67BE1C5824B11F800CD9D2252 + url: https://argoproj.github.io/argo-helm/pgp_keys.asc artifacthub.io/changes: | - - kind: fixed - description: Changed the project field of the applicationset from a tpl function to a string. + - kind: added + description: Introduce chart signing From f6d44750b8ecf25e272b22dd78950e3ad43e0ffd Mon Sep 17 00:00:00 2001 From: PidgeyBE Date: Thu, 11 May 2023 02:09:33 +0200 Subject: [PATCH 177/356] fix(argo-workflows): Fix templating in several places (#2026) * Add artifacthub changes Signed-off-by: Peejai * fix templating list of yamls Signed-off-by: Peejai * Bump version and fix templating for gcs and azure as well Signed-off-by: Peejai --------- Signed-off-by: Peejai Co-authored-by: Aikawa --- charts/argo-workflows/Chart.yaml | 6 +++--- .../workflow-controller-config-map.yaml | 20 +++++++++---------- .../workflow-controller-deployment.yaml | 2 +- .../templates/server/server-deployment.yaml | 2 +- charts/argo-workflows/values.yaml | 4 ++-- 5 files changed, 17 insertions(+), 17 deletions(-) diff --git a/charts/argo-workflows/Chart.yaml b/charts/argo-workflows/Chart.yaml index 066adfa0a..3217d8e4b 100644 --- a/charts/argo-workflows/Chart.yaml +++ b/charts/argo-workflows/Chart.yaml @@ -3,7 +3,7 @@ appVersion: v3.4.7 name: argo-workflows description: A Helm chart for Argo Workflows type: application -version: 0.26.5 +version: 0.26.6 icon: https://argoproj.github.io/argo-workflows/assets/logo.png home: https://github.com/argoproj/argo-helm sources: @@ -16,5 +16,5 @@ annotations: fingerprint: 2B8F22F57260EFA67BE1C5824B11F800CD9D2252 url: https://argoproj.github.io/argo-helm/pgp_keys.asc artifacthub.io/changes: | - - kind: added - description: Introduce chart signing + - kind: fixed + description: Fix Helm templating in S3 config and extra init containers diff --git a/charts/argo-workflows/templates/controller/workflow-controller-config-map.yaml b/charts/argo-workflows/templates/controller/workflow-controller-config-map.yaml index 55720eb2c..d30db859c 100644 --- a/charts/argo-workflows/templates/controller/workflow-controller-config-map.yaml +++ b/charts/argo-workflows/templates/controller/workflow-controller-config-map.yaml @@ -60,29 +60,29 @@ data: archiveLogs: {{ .Values.artifactRepository.archiveLogs }} {{- end }} {{- with .Values.artifactRepository.gcs }} - gcs: {{- toYaml . | nindent 8 }} + gcs: {{- tpl (toYaml .) $ | nindent 8 }} {{- end }} {{- with .Values.artifactRepository.azure }} - azure: {{- toYaml . | nindent 8 }} + azure: {{- tpl (toYaml .) $ | nindent 8 }} {{- end }} {{- if and (not .Values.artifactRepository.gcs) (not .Values.artifactRepository.azure) }} s3: {{- if .Values.useStaticCredentials }} accessKeySecret: - key: {{ .Values.artifactRepository.s3.accessKeySecret.key }} - name: {{ .Values.artifactRepository.s3.accessKeySecret.name }} + key: {{ tpl .Values.artifactRepository.s3.accessKeySecret.key . }} + name: {{ tpl .Values.artifactRepository.s3.accessKeySecret.name . }} secretKeySecret: - key: {{ .Values.artifactRepository.s3.secretKeySecret.key }} - name: {{ .Values.artifactRepository.s3.secretKeySecret.name }} + key: {{ tpl .Values.artifactRepository.s3.secretKeySecret.key . }} + name: {{ tpl .Values.artifactRepository.s3.secretKeySecret.name . }} {{- end }} - bucket: {{ .Values.artifactRepository.s3.bucket }} - endpoint: {{ .Values.artifactRepository.s3.endpoint }} + bucket: {{ tpl (.Values.artifactRepository.s3.bucket | default "") . }} + endpoint: {{ tpl (.Values.artifactRepository.s3.endpoint | default "") . }} insecure: {{ .Values.artifactRepository.s3.insecure }} {{- if .Values.artifactRepository.s3.keyFormat }} keyFormat: {{ .Values.artifactRepository.s3.keyFormat | quote }} {{- end }} {{- if .Values.artifactRepository.s3.region }} - region: {{ .Values.artifactRepository.s3.region }} + region: {{ tpl .Values.artifactRepository.s3.region $ }} {{- end }} {{- if .Values.artifactRepository.s3.roleARN }} roleARN: {{ .Values.artifactRepository.s3.roleARN }} @@ -184,4 +184,4 @@ data: {{- end }} {{- with .Values.controller.podGCDeleteDelayDuration }} podGCDeleteDelayDuration: {{ . }} - {{- end }} + {{- end }} \ No newline at end of file diff --git a/charts/argo-workflows/templates/controller/workflow-controller-deployment.yaml b/charts/argo-workflows/templates/controller/workflow-controller-deployment.yaml index 4ee117b8b..c391bee80 100644 --- a/charts/argo-workflows/templates/controller/workflow-controller-deployment.yaml +++ b/charts/argo-workflows/templates/controller/workflow-controller-deployment.yaml @@ -35,7 +35,7 @@ spec: {{- end }} {{- with .Values.controller.extraInitContainers }} initContainers: - {{- toYaml . | nindent 8 }} + {{- tpl (toYaml .) $ | nindent 8 }} {{- end }} containers: - name: controller diff --git a/charts/argo-workflows/templates/server/server-deployment.yaml b/charts/argo-workflows/templates/server/server-deployment.yaml index d75933ac2..b2e509677 100644 --- a/charts/argo-workflows/templates/server/server-deployment.yaml +++ b/charts/argo-workflows/templates/server/server-deployment.yaml @@ -38,7 +38,7 @@ spec: {{- end }} {{- with .Values.server.extraInitContainers }} initContainers: - {{- toYaml . | nindent 8 }} + {{- tpl (toYaml .) $ | nindent 8 }} {{- end }} containers: - name: argo-server diff --git a/charts/argo-workflows/values.yaml b/charts/argo-workflows/values.yaml index e7e268a07..0e5af428f 100644 --- a/charts/argo-workflows/values.yaml +++ b/charts/argo-workflows/values.yaml @@ -655,10 +655,10 @@ artifactRepository: # Note the `key` attribute is not the actual secret, it's the PATH to # the contents in the associated secret, as defined by the `name` attribute. accessKeySecret: - # name: -minio + name: "{{ .Release.Name }}-minio" key: accesskey secretKeySecret: - # name: -minio + name: "{{ .Release.Name }}-minio" key: secretkey # insecure will disable TLS. Primarily used for minio installs not configured with TLS insecure: false From 8402303bf8fcbf2433a9b99714f89f232c0777db Mon Sep 17 00:00:00 2001 From: Marco Kilchhofer Date: Thu, 11 May 2023 02:39:56 +0200 Subject: [PATCH 178/356] feat(argo-cd): Add ability to add prometheus.io/scrape annotations (#2037) --- charts/argo-cd/Chart.yaml | 6 +++-- charts/argo-cd/README.md | 11 +++++++++ .../metrics.yaml | 12 ++++++++-- .../argocd-applicationset/metrics.yaml | 12 ++++++++-- .../argocd-notifications/metrics.yaml | 12 ++++++++-- .../templates/argocd-repo-server/metrics.yaml | 12 ++++++++-- .../templates/argocd-server/metrics.yaml | 12 ++++++++-- charts/argo-cd/templates/redis/metrics.yaml | 12 ++++++---- charts/argo-cd/values.yaml | 23 +++++++++++++++++++ 9 files changed, 96 insertions(+), 16 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index 12a1f5f07..a8d8e721e 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -3,7 +3,7 @@ appVersion: v2.7.1 kubeVersion: ">=1.22.0-0" description: A Helm chart for Argo CD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 5.32.2 +version: 5.33.0 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png sources: @@ -27,4 +27,6 @@ annotations: url: https://argoproj.github.io/argo-helm/pgp_keys.asc artifacthub.io/changes: | - kind: added - description: Introduce chart signing + description: Ability to add prometheus.io/scrape annotations to all metrics services + - kind: added + description: Ability to change metrics service type and clusterIP diff --git a/charts/argo-cd/README.md b/charts/argo-cd/README.md index 054dc2f9c..6f25e5ced 100644 --- a/charts/argo-cd/README.md +++ b/charts/argo-cd/README.md @@ -394,6 +394,7 @@ NAME: my-release | Key | Type | Default | Description | |-----|------|---------|-------------| +| global.addPrometheusAnnotations | bool | `false` | Add Prometheus scrape annotations to all metrics services. This can be used as an alternative to the ServiceMonitors. | | global.additionalLabels | object | `{}` | Common labels for the all resources | | global.affinity.nodeAffinity.matchExpressions | list | `[]` | Default match expressions for node affinity | | global.affinity.nodeAffinity.type | string | `"hard"` | Default node affinity rules. Either: `none`, `soft` or `hard` | @@ -513,9 +514,11 @@ NAME: my-release | controller.metrics.rules.selector | object | `{}` | PrometheusRule selector | | controller.metrics.rules.spec | list | `[]` | PrometheusRule.Spec for the application controller | | controller.metrics.service.annotations | object | `{}` | Metrics service annotations | +| controller.metrics.service.clusterIP | string | `""` | Metrics service clusterIP. `None` makes a "headless service" (no virtual IP) | | controller.metrics.service.labels | object | `{}` | Metrics service labels | | controller.metrics.service.portName | string | `"http-metrics"` | Metrics service port name | | controller.metrics.service.servicePort | int | `8082` | Metrics service port | +| controller.metrics.service.type | string | `"ClusterIP"` | Metrics service type | | controller.metrics.serviceMonitor.additionalLabels | object | `{}` | Prometheus ServiceMonitor labels | | controller.metrics.serviceMonitor.annotations | object | `{}` | Prometheus ServiceMonitor annotations | | controller.metrics.serviceMonitor.enabled | bool | `false` | Enable a prometheus ServiceMonitor | @@ -597,9 +600,11 @@ NAME: my-release | repoServer.livenessProbe.timeoutSeconds | int | `1` | Number of seconds after which the [probe] times out | | repoServer.metrics.enabled | bool | `false` | Deploy metrics service | | repoServer.metrics.service.annotations | object | `{}` | Metrics service annotations | +| repoServer.metrics.service.clusterIP | string | `""` | Metrics service clusterIP. `None` makes a "headless service" (no virtual IP) | | repoServer.metrics.service.labels | object | `{}` | Metrics service labels | | repoServer.metrics.service.portName | string | `"http-metrics"` | Metrics service port name | | repoServer.metrics.service.servicePort | int | `8084` | Metrics service port | +| repoServer.metrics.service.type | string | `"ClusterIP"` | Metrics service type | | repoServer.metrics.serviceMonitor.additionalLabels | object | `{}` | Prometheus ServiceMonitor labels | | repoServer.metrics.serviceMonitor.annotations | object | `{}` | Prometheus ServiceMonitor annotations | | repoServer.metrics.serviceMonitor.enabled | bool | `false` | Enable a prometheus ServiceMonitor | @@ -731,9 +736,11 @@ NAME: my-release | server.livenessProbe.timeoutSeconds | int | `1` | Number of seconds after which the [probe] times out | | server.metrics.enabled | bool | `false` | Deploy metrics service | | server.metrics.service.annotations | object | `{}` | Metrics service annotations | +| server.metrics.service.clusterIP | string | `""` | Metrics service clusterIP. `None` makes a "headless service" (no virtual IP) | | server.metrics.service.labels | object | `{}` | Metrics service labels | | server.metrics.service.portName | string | `"http-metrics"` | Metrics service port name | | server.metrics.service.servicePort | int | `8083` | Metrics service port | +| server.metrics.service.type | string | `"ClusterIP"` | Metrics service type | | server.metrics.serviceMonitor.additionalLabels | object | `{}` | Prometheus ServiceMonitor labels | | server.metrics.serviceMonitor.annotations | object | `{}` | Prometheus ServiceMonitor annotations | | server.metrics.serviceMonitor.enabled | bool | `false` | Enable a prometheus ServiceMonitor | @@ -1044,9 +1051,11 @@ If you want to use an existing Redis (eg. a managed service from a cloud provide | applicationSet.livenessProbe.timeoutSeconds | int | `1` | Number of seconds after which the [probe] times out | | applicationSet.metrics.enabled | bool | `false` | Deploy metrics service | | applicationSet.metrics.service.annotations | object | `{}` | Metrics service annotations | +| applicationSet.metrics.service.clusterIP | string | `""` | Metrics service clusterIP. `None` makes a "headless service" (no virtual IP) | | applicationSet.metrics.service.labels | object | `{}` | Metrics service labels | | applicationSet.metrics.service.portName | string | `"http-metrics"` | Metrics service port name | | applicationSet.metrics.service.servicePort | int | `8085` | Metrics service port | +| applicationSet.metrics.service.type | string | `"ClusterIP"` | Metrics service type | | applicationSet.metrics.serviceMonitor.additionalLabels | object | `{}` | Prometheus ServiceMonitor labels | | applicationSet.metrics.serviceMonitor.annotations | object | `{}` | Prometheus ServiceMonitor annotations | | applicationSet.metrics.serviceMonitor.enabled | bool | `false` | Enable a prometheus ServiceMonitor | @@ -1128,8 +1137,10 @@ If you want to use an existing Redis (eg. a managed service from a cloud provide | notifications.metrics.enabled | bool | `false` | Enables prometheus metrics server | | notifications.metrics.port | int | `9001` | Metrics port | | notifications.metrics.service.annotations | object | `{}` | Metrics service annotations | +| notifications.metrics.service.clusterIP | string | `""` | Metrics service clusterIP. `None` makes a "headless service" (no virtual IP) | | notifications.metrics.service.labels | object | `{}` | Metrics service labels | | notifications.metrics.service.portName | string | `"http-metrics"` | Metrics service port name | +| notifications.metrics.service.type | string | `"ClusterIP"` | Metrics service type | | notifications.metrics.serviceMonitor.additionalLabels | object | `{}` | Prometheus ServiceMonitor labels | | notifications.metrics.serviceMonitor.annotations | object | `{}` | Prometheus ServiceMonitor annotations | | notifications.metrics.serviceMonitor.enabled | bool | `false` | Enable a prometheus ServiceMonitor | diff --git a/charts/argo-cd/templates/argocd-application-controller/metrics.yaml b/charts/argo-cd/templates/argocd-application-controller/metrics.yaml index 754b8490a..01b7a779c 100644 --- a/charts/argo-cd/templates/argocd-application-controller/metrics.yaml +++ b/charts/argo-cd/templates/argocd-application-controller/metrics.yaml @@ -9,13 +9,21 @@ metadata: {{- with .Values.controller.metrics.service.labels }} {{- toYaml . | nindent 4 }} {{- end }} - {{- with .Values.controller.metrics.service.annotations }} + {{- if or .Values.controller.metrics.service.annotations .Values.global.addPrometheusAnnotations }} annotations: - {{- range $key, $value := . }} + {{- if .Values.global.addPrometheusAnnotations }} + prometheus.io/port: {{ .Values.controller.metrics.service.servicePort | quote }} + prometheus.io/scrape: "true" + {{- end }} + {{- range $key, $value := .Values.controller.metrics.service.annotations }} {{ $key }}: {{ $value | quote }} {{- end }} {{- end }} spec: + type: {{ .Values.controller.metrics.service.type }} + {{- if and .Values.controller.metrics.service.clusterIP (eq .Values.controller.metrics.service.type "ClusterIP") }} + clusterIP: {{ .Values.controller.metrics.service.clusterIP }} + {{- end }} ports: - name: {{ .Values.controller.metrics.service.portName }} protocol: TCP diff --git a/charts/argo-cd/templates/argocd-applicationset/metrics.yaml b/charts/argo-cd/templates/argocd-applicationset/metrics.yaml index fdac0bcf3..ad26d22d4 100644 --- a/charts/argo-cd/templates/argocd-applicationset/metrics.yaml +++ b/charts/argo-cd/templates/argocd-applicationset/metrics.yaml @@ -9,13 +9,21 @@ metadata: {{- with .Values.applicationSet.metrics.service.labels }} {{- toYaml . | nindent 4 }} {{- end }} - {{- with .Values.applicationSet.metrics.service.annotations }} + {{- if or .Values.applicationSet.metrics.service.annotations .Values.global.addPrometheusAnnotations }} annotations: - {{- range $key, $value := . }} + {{- if .Values.global.addPrometheusAnnotations }} + prometheus.io/port: {{ .Values.applicationSet.metrics.service.servicePort | quote }} + prometheus.io/scrape: "true" + {{- end }} + {{- range $key, $value := .Values.applicationSet.metrics.service.annotations }} {{ $key }}: {{ $value | quote }} {{- end }} {{- end }} spec: + type: {{ .Values.applicationSet.metrics.service.type }} + {{- if and .Values.applicationSet.metrics.service.clusterIP (eq .Values.applicationSet.metrics.service.type "ClusterIP") }} + clusterIP: {{ .Values.applicationSet.metrics.service.clusterIP }} + {{- end }} ports: - name: {{ .Values.applicationSet.metrics.service.portName }} protocol: TCP diff --git a/charts/argo-cd/templates/argocd-notifications/metrics.yaml b/charts/argo-cd/templates/argocd-notifications/metrics.yaml index 3c30a0853..b5ce611da 100644 --- a/charts/argo-cd/templates/argocd-notifications/metrics.yaml +++ b/charts/argo-cd/templates/argocd-notifications/metrics.yaml @@ -9,13 +9,21 @@ metadata: {{- with .Values.notifications.metrics.service.labels }} {{- toYaml . | nindent 4 }} {{- end }} - {{- with .Values.notifications.metrics.service.annotations }} + {{- if or .Values.notifications.metrics.service.annotations .Values.global.addPrometheusAnnotations }} annotations: - {{- range $key, $value := . }} + {{- if .Values.global.addPrometheusAnnotations }} + prometheus.io/port: {{ .Values.notifications.metrics.port | quote }} + prometheus.io/scrape: "true" + {{- end }} + {{- range $key, $value := .Values.notifications.metrics.service.annotations }} {{ $key }}: {{ $value | quote }} {{- end }} {{- end }} spec: + type: {{ .Values.notifications.metrics.service.type }} + {{- if and .Values.notifications.metrics.service.clusterIP (eq .Values.notifications.metrics.service.type "ClusterIP") }} + clusterIP: {{ .Values.notifications.metrics.service.clusterIP }} + {{- end }} selector: {{- include "argo-cd.selectorLabels" (dict "context" . "name" .Values.notifications.name) | nindent 6 }} ports: diff --git a/charts/argo-cd/templates/argocd-repo-server/metrics.yaml b/charts/argo-cd/templates/argocd-repo-server/metrics.yaml index b2be38eeb..514595a24 100644 --- a/charts/argo-cd/templates/argocd-repo-server/metrics.yaml +++ b/charts/argo-cd/templates/argocd-repo-server/metrics.yaml @@ -9,13 +9,21 @@ metadata: {{- with .Values.repoServer.metrics.service.labels }} {{- toYaml . | nindent 4 }} {{- end }} - {{- with .Values.repoServer.metrics.service.annotations }} + {{- if or .Values.repoServer.metrics.service.annotations .Values.global.addPrometheusAnnotations }} annotations: - {{- range $key, $value := . }} + {{- if .Values.global.addPrometheusAnnotations }} + prometheus.io/port: {{ .Values.repoServer.metrics.service.servicePort | quote }} + prometheus.io/scrape: "true" + {{- end }} + {{- range $key, $value := .Values.repoServer.metrics.service.annotations }} {{ $key }}: {{ $value | quote }} {{- end }} {{- end }} spec: + type: {{ .Values.repoServer.metrics.service.type }} + {{- if and .Values.repoServer.metrics.service.clusterIP (eq .Values.repoServer.metrics.service.type "ClusterIP") }} + clusterIP: {{ .Values.repoServer.metrics.service.clusterIP }} + {{- end }} ports: - name: {{ .Values.repoServer.metrics.service.portName }} protocol: TCP diff --git a/charts/argo-cd/templates/argocd-server/metrics.yaml b/charts/argo-cd/templates/argocd-server/metrics.yaml index 3a9f46f71..3844820e6 100644 --- a/charts/argo-cd/templates/argocd-server/metrics.yaml +++ b/charts/argo-cd/templates/argocd-server/metrics.yaml @@ -9,13 +9,21 @@ metadata: {{- with .Values.server.metrics.service.labels }} {{- toYaml . | nindent 4 }} {{- end }} - {{- with .Values.server.metrics.service.annotations }} + {{- if or .Values.server.metrics.service.annotations .Values.global.addPrometheusAnnotations }} annotations: - {{- range $key, $value := . }} + {{- if .Values.global.addPrometheusAnnotations }} + prometheus.io/port: {{ .Values.server.metrics.service.servicePort | quote }} + prometheus.io/scrape: "true" + {{- end }} + {{- range $key, $value := .Values.server.metrics.service.annotations }} {{ $key }}: {{ $value | quote }} {{- end }} {{- end }} spec: + type: {{ .Values.server.metrics.service.type }} + {{- if and .Values.server.metrics.service.clusterIP (eq .Values.server.metrics.service.type "ClusterIP") }} + clusterIP: {{ .Values.server.metrics.service.clusterIP }} + {{- end }} ports: - name: {{ .Values.server.metrics.service.portName }} protocol: TCP diff --git a/charts/argo-cd/templates/redis/metrics.yaml b/charts/argo-cd/templates/redis/metrics.yaml index db5262855..67b4c3ac4 100644 --- a/charts/argo-cd/templates/redis/metrics.yaml +++ b/charts/argo-cd/templates/redis/metrics.yaml @@ -10,16 +10,20 @@ metadata: {{- with .Values.redis.metrics.service.labels }} {{- toYaml . | nindent 4 }} {{- end }} - {{- with .Values.redis.metrics.service.annotations }} + {{- if or .Values.redis.metrics.service.annotations .Values.global.addPrometheusAnnotations }} annotations: - {{- range $key, $value := . }} + {{- if .Values.global.addPrometheusAnnotations }} + prometheus.io/port: {{ .Values.redis.metrics.service.servicePort | quote }} + prometheus.io/scrape: "true" + {{- end }} + {{- range $key, $value := .Values.redis.metrics.service.annotations }} {{ $key }}: {{ $value | quote }} {{- end }} {{- end }} spec: type: {{ .Values.redis.metrics.service.type }} - {{- with .Values.redis.metrics.service.clusterIP }} - clusterIP: {{ . }} + {{- if and .Values.redis.metrics.service.clusterIP (eq .Values.redis.metrics.service.type "ClusterIP") }} + clusterIP: {{ .Values.redis.metrics.service.clusterIP }} {{- end }} ports: - name: {{ .Values.redis.metrics.service.portName }} diff --git a/charts/argo-cd/values.yaml b/charts/argo-cd/values.yaml index 3f95a663d..9ee41698c 100644 --- a/charts/argo-cd/values.yaml +++ b/charts/argo-cd/values.yaml @@ -79,6 +79,9 @@ global: # -- Labels for the all deployed pods podLabels: {} + # -- Add Prometheus scrape annotations to all metrics services. This can be used as an alternative to the ServiceMonitors. + addPrometheusAnnotations: false + # -- Toggle and define pod-level security context. # @default -- `{}` (See [values.yaml]) securityContext: {} @@ -762,6 +765,10 @@ controller: # -- Additional labels labels: [] service: + # -- Metrics service type + type: ClusterIP + # -- Metrics service clusterIP. `None` makes a "headless service" (no virtual IP) + clusterIP: "" # -- Metrics service annotations annotations: {} # -- Metrics service labels @@ -1773,6 +1780,10 @@ server: # -- Deploy metrics service enabled: false service: + # -- Metrics service type + type: ClusterIP + # -- Metrics service clusterIP. `None` makes a "headless service" (no virtual IP) + clusterIP: "" # -- Metrics service annotations annotations: {} # -- Metrics service labels @@ -2241,6 +2252,10 @@ repoServer: # -- Deploy metrics service enabled: false service: + # -- Metrics service type + type: ClusterIP + # -- Metrics service clusterIP. `None` makes a "headless service" (no virtual IP) + clusterIP: "" # -- Metrics service annotations annotations: {} # -- Metrics service labels @@ -2394,6 +2409,10 @@ applicationSet: # -- Deploy metrics service enabled: false service: + # -- Metrics service type + type: ClusterIP + # -- Metrics service clusterIP. `None` makes a "headless service" (no virtual IP) + clusterIP: "" # -- Metrics service annotations annotations: {} # -- Metrics service labels @@ -2715,6 +2734,10 @@ notifications: # -- Metrics port port: 9001 service: + # -- Metrics service type + type: ClusterIP + # -- Metrics service clusterIP. `None` makes a "headless service" (no virtual IP) + clusterIP: "" # -- Metrics service annotations annotations: {} # -- Metrics service labels From 5873a1bc331e37c9500e4337d2ad2deca2fd8c80 Mon Sep 17 00:00:00 2001 From: Cyril Jouve Date: Thu, 11 May 2023 08:39:17 +0200 Subject: [PATCH 179/356] feat(argo-workflows): allow extraObjects to contain string template (#1995) [argo-workflows] allow extraObjects to contain string template Signed-off-by: Cyril Jouve Signed-off-by: Marco Kilchhofer Co-authored-by: Marco Kilchhofer --- charts/argo-workflows/Chart.yaml | 6 +++--- charts/argo-workflows/templates/extra-manifests.yaml | 6 +++++- 2 files changed, 8 insertions(+), 4 deletions(-) diff --git a/charts/argo-workflows/Chart.yaml b/charts/argo-workflows/Chart.yaml index 3217d8e4b..9b2324219 100644 --- a/charts/argo-workflows/Chart.yaml +++ b/charts/argo-workflows/Chart.yaml @@ -3,7 +3,7 @@ appVersion: v3.4.7 name: argo-workflows description: A Helm chart for Argo Workflows type: application -version: 0.26.6 +version: 0.27.0 icon: https://argoproj.github.io/argo-workflows/assets/logo.png home: https://github.com/argoproj/argo-helm sources: @@ -16,5 +16,5 @@ annotations: fingerprint: 2B8F22F57260EFA67BE1C5824B11F800CD9D2252 url: https://argoproj.github.io/argo-helm/pgp_keys.asc artifacthub.io/changes: | - - kind: fixed - description: Fix Helm templating in S3 config and extra init containers + - kind: added + description: Allow extraObjects to contain string templates diff --git a/charts/argo-workflows/templates/extra-manifests.yaml b/charts/argo-workflows/templates/extra-manifests.yaml index a9bb3b6ba..f17b1a93b 100644 --- a/charts/argo-workflows/templates/extra-manifests.yaml +++ b/charts/argo-workflows/templates/extra-manifests.yaml @@ -1,4 +1,8 @@ {{ range .Values.extraObjects }} --- -{{ tpl (toYaml .) $ }} +{{- if typeIs "string" . }} + {{- tpl . $ }} +{{- else }} + {{- tpl (toYaml .) $ }} +{{- end }} {{ end }} From 1492e23522339e07e281aed0c7e659ce6a9d2189 Mon Sep 17 00:00:00 2001 From: Jonas Eilers <133217951+jdvgh@users.noreply.github.com> Date: Thu, 11 May 2023 16:06:46 +0200 Subject: [PATCH 180/356] feat(argo-cd): Add ability to add additional labels to all CRDs (#2051) feat(argo-cd): Add ability to add additional labels to all CRDs via .Values.crds.additionalLabels Signed-off-by: jdvgh <133217951+jdvgh@users.noreply.github.com> --- charts/argo-cd/Chart.yaml | 6 ++---- charts/argo-cd/README.md | 1 + charts/argo-cd/templates/crds/crd-application.yaml | 3 +++ charts/argo-cd/templates/crds/crd-applicationset.yaml | 3 +++ charts/argo-cd/templates/crds/crd-extension.yaml | 3 +++ charts/argo-cd/templates/crds/crd-project.yaml | 3 +++ charts/argo-cd/values.yaml | 2 ++ 7 files changed, 17 insertions(+), 4 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index a8d8e721e..b199884ea 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -3,7 +3,7 @@ appVersion: v2.7.1 kubeVersion: ">=1.22.0-0" description: A Helm chart for Argo CD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 5.33.0 +version: 5.33.1 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png sources: @@ -27,6 +27,4 @@ annotations: url: https://argoproj.github.io/argo-helm/pgp_keys.asc artifacthub.io/changes: | - kind: added - description: Ability to add prometheus.io/scrape annotations to all metrics services - - kind: added - description: Ability to change metrics service type and clusterIP + description: Ability to add additional labels to all CRDs via .Values.crds.additionalLabels diff --git a/charts/argo-cd/README.md b/charts/argo-cd/README.md index 6f25e5ced..34879a2ab 100644 --- a/charts/argo-cd/README.md +++ b/charts/argo-cd/README.md @@ -379,6 +379,7 @@ NAME: my-release | apiVersionOverrides.autoscaling | string | `""` | String to override apiVersion of autoscaling rendered by this helm chart | | apiVersionOverrides.certmanager | string | `""` | String to override apiVersion of cert-manager resources rendered by this helm chart | | apiVersionOverrides.cloudgoogle | string | `""` | String to override apiVersion of GKE resources rendered by this helm chart | +| crds.additionalLabels | object | `{}` | Addtional labels to be added to all CRDs | | crds.annotations | object | `{}` | Annotations to be added to all CRDs | | crds.install | bool | `true` | Install and upgrade CRDs | | crds.keep | bool | `true` | Keep CRDs on chart uninstall | diff --git a/charts/argo-cd/templates/crds/crd-application.yaml b/charts/argo-cd/templates/crds/crd-application.yaml index 5bb7bfb3e..cbb480e65 100644 --- a/charts/argo-cd/templates/crds/crd-application.yaml +++ b/charts/argo-cd/templates/crds/crd-application.yaml @@ -12,6 +12,9 @@ metadata: labels: app.kubernetes.io/name: applications.argoproj.io app.kubernetes.io/part-of: argocd + {{- with .Values.crds.additionalLabels }} + {{- toYaml . | nindent 4}} + {{- end }} name: applications.argoproj.io spec: group: argoproj.io diff --git a/charts/argo-cd/templates/crds/crd-applicationset.yaml b/charts/argo-cd/templates/crds/crd-applicationset.yaml index f9bfde6c6..ad35b0628 100644 --- a/charts/argo-cd/templates/crds/crd-applicationset.yaml +++ b/charts/argo-cd/templates/crds/crd-applicationset.yaml @@ -12,6 +12,9 @@ metadata: labels: app.kubernetes.io/name: applicationsets.argoproj.io app.kubernetes.io/part-of: argocd + {{- with .Values.crds.additionalLabels }} + {{- toYaml . | nindent 4}} + {{- end }} name: applicationsets.argoproj.io spec: group: argoproj.io diff --git a/charts/argo-cd/templates/crds/crd-extension.yaml b/charts/argo-cd/templates/crds/crd-extension.yaml index 802f0e8cc..30fbce70b 100644 --- a/charts/argo-cd/templates/crds/crd-extension.yaml +++ b/charts/argo-cd/templates/crds/crd-extension.yaml @@ -13,6 +13,9 @@ metadata: labels: app.kubernetes.io/name: argocdextensions.argoproj.io app.kubernetes.io/part-of: argocd + {{- with .Values.crds.additionalLabels }} + {{- toYaml . | nindent 4}} + {{- end }} name: argocdextensions.argoproj.io spec: group: argoproj.io diff --git a/charts/argo-cd/templates/crds/crd-project.yaml b/charts/argo-cd/templates/crds/crd-project.yaml index 81e57d820..0a6da4f0f 100644 --- a/charts/argo-cd/templates/crds/crd-project.yaml +++ b/charts/argo-cd/templates/crds/crd-project.yaml @@ -12,6 +12,9 @@ metadata: labels: app.kubernetes.io/name: appprojects.argoproj.io app.kubernetes.io/part-of: argocd + {{- with .Values.crds.additionalLabels }} + {{- toYaml . | nindent 4}} + {{- end }} name: appprojects.argoproj.io spec: group: argoproj.io diff --git a/charts/argo-cd/values.yaml b/charts/argo-cd/values.yaml index 9ee41698c..78e3c518e 100644 --- a/charts/argo-cd/values.yaml +++ b/charts/argo-cd/values.yaml @@ -38,6 +38,8 @@ crds: keep: true # -- Annotations to be added to all CRDs annotations: {} + # -- Addtional labels to be added to all CRDs + additionalLabels: {} ## Globally shared configuration global: From 5dd7ae964d01eba826202107426fa3a6b3c62b57 Mon Sep 17 00:00:00 2001 From: Aikawa Date: Sat, 13 May 2023 00:19:03 +0900 Subject: [PATCH 181/356] chore(argo-cd): Upgrade Argo CD to v2.7.2 (#2054) Signed-off-by: yu-croco --- charts/argo-cd/Chart.yaml | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index b199884ea..8e6211ca2 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -1,9 +1,9 @@ apiVersion: v2 -appVersion: v2.7.1 +appVersion: v2.7.2 kubeVersion: ">=1.22.0-0" description: A Helm chart for Argo CD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 5.33.1 +version: 5.33.2 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png sources: @@ -26,5 +26,5 @@ annotations: fingerprint: 2B8F22F57260EFA67BE1C5824B11F800CD9D2252 url: https://argoproj.github.io/argo-helm/pgp_keys.asc artifacthub.io/changes: | - - kind: added - description: Ability to add additional labels to all CRDs via .Values.crds.additionalLabels + - kind: changed + description: Upgrade Argo CD to v2.7.2 From 6564b4453893d2a2498eed83ef5968cb65578368 Mon Sep 17 00:00:00 2001 From: Aikawa Date: Sat, 13 May 2023 20:01:19 +0900 Subject: [PATCH 182/356] feat(argo-cd): Enable to add certificate to ApplicationSet Controller (#2052) * feat(argo-cd): Add ability to add certificate to Argo CD Controller Signed-off-by: yu-croco * fix(argo-cd): Add Certificate to right component Signed-off-by: yu-croco --- charts/argo-cd/Chart.yaml | 6 +-- charts/argo-cd/README.md | 13 +++++++ .../argocd-applicationset/certificate.yaml | 33 ++++++++++++++++ charts/argo-cd/values.yaml | 39 +++++++++++++++++++ 4 files changed, 88 insertions(+), 3 deletions(-) create mode 100644 charts/argo-cd/templates/argocd-applicationset/certificate.yaml diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index 8e6211ca2..5eb9ac9ee 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -3,7 +3,7 @@ appVersion: v2.7.2 kubeVersion: ">=1.22.0-0" description: A Helm chart for Argo CD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 5.33.2 +version: 5.33.3 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png sources: @@ -26,5 +26,5 @@ annotations: fingerprint: 2B8F22F57260EFA67BE1C5824B11F800CD9D2252 url: https://argoproj.github.io/argo-helm/pgp_keys.asc artifacthub.io/changes: | - - kind: changed - description: Upgrade Argo CD to v2.7.2 + - kind: added + description: Enable to add certificate to ApplicationSet Controller diff --git a/charts/argo-cd/README.md b/charts/argo-cd/README.md index 34879a2ab..4519caec7 100644 --- a/charts/argo-cd/README.md +++ b/charts/argo-cd/README.md @@ -1024,6 +1024,19 @@ If you want to use an existing Redis (eg. a managed service from a cloud provide |-----|------|---------|-------------| | applicationSet.affinity | object | `{}` (defaults to global.affinity preset) | Assign custom [affinity] rules | | applicationSet.args | object | `{}` | DEPRECATED - ApplicationSet controller command line flags | +| applicationSet.certificate.additionalHosts | list | `[]` | Certificate Subject Alternate Names (SANs) | +| applicationSet.certificate.domain | string | `"argocd.example.com"` | Certificate primary domain (commonName) | +| applicationSet.certificate.duration | string | `""` (defaults to 2160h = 90d if not specified) | The requested 'duration' (i.e. lifetime) of the certificate. | +| applicationSet.certificate.enabled | bool | `false` | Deploy a Certificate resource (requires cert-manager) | +| applicationSet.certificate.issuer.group | string | `""` | Certificate issuer group. Set if using an external issuer. Eg. `cert-manager.io` | +| applicationSet.certificate.issuer.kind | string | `""` | Certificate issuer kind. Either `Issuer` or `ClusterIssuer` | +| applicationSet.certificate.issuer.name | string | `""` | Certificate issuer name. Eg. `letsencrypt` | +| applicationSet.certificate.privateKey.algorithm | string | `"RSA"` | Algorithm used to generate certificate private key. One of: `RSA`, `Ed25519` or `ECDSA` | +| applicationSet.certificate.privateKey.encoding | string | `"PKCS1"` | The private key cryptography standards (PKCS) encoding for private key. Either: `PCKS1` or `PKCS8` | +| applicationSet.certificate.privateKey.rotationPolicy | string | `"Never"` | Rotation policy of private key when certificate is re-issued. Either: `Never` or `Always` | +| applicationSet.certificate.privateKey.size | int | `2048` | Key bit size of the private key. If algorithm is set to `Ed25519`, size is ignored. | +| applicationSet.certificate.renewBefore | string | `""` (defaults to 360h = 15d if not specified) | How long before the expiry a certificate should be renewed. | +| applicationSet.certificate.secretName | string | `"argocd-application-controller-tls"` | The name of the Secret that will be automatically created and managed by this Certificate resource | | applicationSet.containerPorts.metrics | int | `8080` | Metrics container port | | applicationSet.containerPorts.probe | int | `8081` | Probe container port | | applicationSet.containerPorts.webhook | int | `7000` | Webhook container port | diff --git a/charts/argo-cd/templates/argocd-applicationset/certificate.yaml b/charts/argo-cd/templates/argocd-applicationset/certificate.yaml new file mode 100644 index 000000000..505a70fc8 --- /dev/null +++ b/charts/argo-cd/templates/argocd-applicationset/certificate.yaml @@ -0,0 +1,33 @@ +{{- if .Values.applicationSet.certificate.enabled -}} +apiVersion: {{ include "argo-cd.apiVersion.cert-manager" . }} +kind: Certificate +metadata: + name: {{ template "argo-cd.applicationSet.fullname" . }} + namespace: {{ .Release.Namespace | quote }} + labels: + {{- include "argo-cd.labels" (dict "context" . "component" .Values.applicationSet.name "name" .Values.applicationSet.name) | nindent 4 }} +spec: + secretName: {{ .Values.applicationSet.certificate.secretName }} + commonName: {{ .Values.applicationSet.certificate.domain | quote }} + dnsNames: + - {{ .Values.applicationSet.certificate.domain | quote }} + {{- range .Values.applicationSet.certificate.additionalHosts }} + - {{ . | quote }} + {{- end }} + {{- with .Values.applicationSet.certificate.duration }} + duration: {{ . | quote }} + {{- end }} + {{- with .Values.applicationSet.certificate.renewBefore }} + renewBefore: {{ . | quote }} + {{- end }} + issuerRef: + {{- with .Values.applicationSet.certificate.issuer.group }} + group: {{ . | quote }} + {{- end }} + kind: {{ .Values.applicationSet.certificate.issuer.kind | quote }} + name: {{ .Values.applicationSet.certificate.issuer.name | quote }} + {{- with .Values.applicationSet.certificate.privateKey }} + privateKey: + {{- toYaml . | nindent 4 }} + {{- end }} +{{- end }} diff --git a/charts/argo-cd/values.yaml b/charts/argo-cd/values.yaml index 78e3c518e..2ad1b9181 100644 --- a/charts/argo-cd/values.yaml +++ b/charts/argo-cd/values.yaml @@ -2623,6 +2623,45 @@ applicationSet: # hosts: # - argocd-applicationset.example.com + # TLS certificate configuration via cert-manager + ## Ref: https://argo-cd.readthedocs.io/en/stable/operator-manual/tls/#tls-configuration + certificate: + # -- Deploy a Certificate resource (requires cert-manager) + enabled: false + # -- The name of the Secret that will be automatically created and managed by this Certificate resource + secretName: argocd-application-controller-tls + # -- Certificate primary domain (commonName) + domain: argocd.example.com + # -- Certificate Subject Alternate Names (SANs) + additionalHosts: [] + # -- The requested 'duration' (i.e. lifetime) of the certificate. + # @default -- `""` (defaults to 2160h = 90d if not specified) + ## Ref: https://cert-manager.io/docs/usage/certificate/#renewal + duration: "" + # -- How long before the expiry a certificate should be renewed. + # @default -- `""` (defaults to 360h = 15d if not specified) + ## Ref: https://cert-manager.io/docs/usage/certificate/#renewal + renewBefore: "" + # Certificate issuer + ## Ref: https://cert-manager.io/docs/concepts/issuer + issuer: + # -- Certificate issuer group. Set if using an external issuer. Eg. `cert-manager.io` + group: "" + # -- Certificate issuer kind. Either `Issuer` or `ClusterIssuer` + kind: "" + # -- Certificate issuer name. Eg. `letsencrypt` + name: "" + # Private key of the certificate + privateKey: + # -- Rotation policy of private key when certificate is re-issued. Either: `Never` or `Always` + rotationPolicy: Never + # -- The private key cryptography standards (PKCS) encoding for private key. Either: `PCKS1` or `PKCS8` + encoding: PKCS1 + # -- Algorithm used to generate certificate private key. One of: `RSA`, `Ed25519` or `ECDSA` + algorithm: RSA + # -- Key bit size of the private key. If algorithm is set to `Ed25519`, size is ignored. + size: 2048 + ## Notifications controller notifications: # -- Enable notifications controller From 6b09ff82e05e808010f12ba277b268c3c21446c9 Mon Sep 17 00:00:00 2001 From: Marco Kilchhofer Date: Sat, 13 May 2023 13:25:33 +0200 Subject: [PATCH 183/356] fix(github): Don't run Scorecard analysis on forked repos (#2057) Signed-off-by: Marco Kilchhofer --- .github/workflows/scorecard.yml | 1 + 1 file changed, 1 insertion(+) diff --git a/.github/workflows/scorecard.yml b/.github/workflows/scorecard.yml index 66e1d5ee9..7059cc34d 100644 --- a/.github/workflows/scorecard.yml +++ b/.github/workflows/scorecard.yml @@ -19,6 +19,7 @@ permissions: read-all jobs: analysis: + if: github.repository_owner == 'argoproj' name: Scorecard analysis runs-on: ubuntu-latest permissions: From 5dfed33a5668f1a18dde26417b69806d5c3e7ac6 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Sat, 13 May 2023 20:32:52 +0900 Subject: [PATCH 184/356] chore(deps): bump actions/checkout from 3.1.0 to 3.5.2 (#2056) Bumps [actions/checkout](https://github.com/actions/checkout) from 3.1.0 to 3.5.2. - [Release notes](https://github.com/actions/checkout/releases) - [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md) - [Commits](https://github.com/actions/checkout/compare/v3.1.0...8e5e7e5ab8b370d6c329ec480221332ada57f0ab) --- updated-dependencies: - dependency-name: actions/checkout dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Marco Kilchhofer Co-authored-by: Tim Collins <45351296+tico24@users.noreply.github.com> Co-authored-by: Aikawa --- .github/workflows/scorecard.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/scorecard.yml b/.github/workflows/scorecard.yml index 7059cc34d..7f5cbfa57 100644 --- a/.github/workflows/scorecard.yml +++ b/.github/workflows/scorecard.yml @@ -33,7 +33,7 @@ jobs: steps: - name: "Checkout code" - uses: actions/checkout@93ea575cb5d8a053eaa0ac8fa3b40d7e05a33cc8 # v3.1.0 + uses: actions/checkout@8e5e7e5ab8b370d6c329ec480221332ada57f0ab # v3.5.2 with: persist-credentials: false From 1a5ee8eb352579bd81dfc3a14ef03f6604ad0b1b Mon Sep 17 00:00:00 2001 From: Aikawa Date: Tue, 16 May 2023 18:23:59 +0900 Subject: [PATCH 185/356] chore(argo-cd): Update redis-ha to v4.23.0 (#2058) Signed-off-by: yu-croco --- charts/argo-cd/Chart.lock | 6 +++--- charts/argo-cd/Chart.yaml | 8 ++++---- 2 files changed, 7 insertions(+), 7 deletions(-) diff --git a/charts/argo-cd/Chart.lock b/charts/argo-cd/Chart.lock index e21296c6c..edd5df2b9 100644 --- a/charts/argo-cd/Chart.lock +++ b/charts/argo-cd/Chart.lock @@ -1,6 +1,6 @@ dependencies: - name: redis-ha repository: https://dandydeveloper.github.io/charts/ - version: 4.22.5 -digest: sha256:d2e927511e515fb862f23dd413ee3a356c855d808f6f9ad1d345ee62b8c7ea16 -generated: "2023-03-30T08:25:32.738257836+02:00" + version: 4.23.0 +digest: sha256:589f9972fbdf36194d443c9d3be2a1747f43e03c435fc48004cc0cbe6b3c6e3c +generated: "2023-05-15T19:25:26.049618+09:00" diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index 5eb9ac9ee..6b8ec29da 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -3,7 +3,7 @@ appVersion: v2.7.2 kubeVersion: ">=1.22.0-0" description: A Helm chart for Argo CD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 5.33.3 +version: 5.33.4 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png sources: @@ -18,7 +18,7 @@ maintainers: url: https://argoproj.github.io/ dependencies: - name: redis-ha - version: 4.22.5 + version: 4.23.0 repository: https://dandydeveloper.github.io/charts/ condition: redis-ha.enabled annotations: @@ -26,5 +26,5 @@ annotations: fingerprint: 2B8F22F57260EFA67BE1C5824B11F800CD9D2252 url: https://argoproj.github.io/argo-helm/pgp_keys.asc artifacthub.io/changes: | - - kind: added - description: Enable to add certificate to ApplicationSet Controller + - kind: changed + description: Update redis-ha to v4.23.0 From 05bc6a236dfafa88bf2366d47709dd8b1748a13c Mon Sep 17 00:00:00 2001 From: GoshaDozoretz <106976988+gosharo@users.noreply.github.com> Date: Wed, 17 May 2023 16:40:18 +0300 Subject: [PATCH 186/356] feat(argo-cd): add lifecycle hooks to repo server (#1922) * add lifesycle webhook to repo server Signed-off-by: goshado * add lifesycle webhook to repo server Signed-off-by: goshado * add lifesycle webhook to repo server Signed-off-by: goshado --------- Signed-off-by: goshado Signed-off-by: GoshaDozoretz <106976988+gosharo@users.noreply.github.com> Co-authored-by: goshado --- charts/argo-cd/Chart.yaml | 6 +++--- charts/argo-cd/README.md | 1 + charts/argo-cd/templates/argocd-repo-server/deployment.yaml | 4 ++++ charts/argo-cd/values.yaml | 3 +++ 4 files changed, 11 insertions(+), 3 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index 6b8ec29da..32dcb776a 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -3,7 +3,7 @@ appVersion: v2.7.2 kubeVersion: ">=1.22.0-0" description: A Helm chart for Argo CD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 5.33.4 +version: 5.34.0 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png sources: @@ -26,5 +26,5 @@ annotations: fingerprint: 2B8F22F57260EFA67BE1C5824B11F800CD9D2252 url: https://argoproj.github.io/argo-helm/pgp_keys.asc artifacthub.io/changes: | - - kind: changed - description: Update redis-ha to v4.23.0 + - kind: added + description: Add lifecycle webhook to repo server. diff --git a/charts/argo-cd/README.md b/charts/argo-cd/README.md index 4519caec7..1fa388ed5 100644 --- a/charts/argo-cd/README.md +++ b/charts/argo-cd/README.md @@ -594,6 +594,7 @@ NAME: my-release | repoServer.image.tag | string | `""` (defaults to global.image.tag) | Tag to use for the repo server | | repoServer.imagePullSecrets | list | `[]` (defaults to global.imagePullSecrets) | Secrets with credentials to pull images from a private registry | | repoServer.initContainers | list | `[]` | Init containers to add to the repo server pods | +| repoServer.lifecycle | object | `{}` | Specify postStart and preStop lifecycle hooks for your argo-repo-server container | | repoServer.livenessProbe.failureThreshold | int | `3` | Minimum consecutive failures for the [probe] to be considered failed after having succeeded | | repoServer.livenessProbe.initialDelaySeconds | int | `10` | Number of seconds after the container has started before [probe] is initiated | | repoServer.livenessProbe.periodSeconds | int | `10` | How often (in seconds) to perform the [probe] | diff --git a/charts/argo-cd/templates/argocd-repo-server/deployment.yaml b/charts/argo-cd/templates/argocd-repo-server/deployment.yaml index 0226b48fc..4f2c45bdb 100755 --- a/charts/argo-cd/templates/argocd-repo-server/deployment.yaml +++ b/charts/argo-cd/templates/argocd-repo-server/deployment.yaml @@ -275,6 +275,10 @@ spec: {{- toYaml .Values.repoServer.resources | nindent 10 }} securityContext: {{- toYaml .Values.repoServer.containerSecurityContext | nindent 10 }} + {{- with .Values.repoServer.lifecycle }} + lifecycle: + {{- toYaml . | nindent 10 }} + {{- end }} {{- with .Values.repoServer.extraContainers }} {{- tpl (toYaml .) $ | nindent 6 }} {{- end }} diff --git a/charts/argo-cd/values.yaml b/charts/argo-cd/values.yaml index 2ad1b9181..c304de7ef 100644 --- a/charts/argo-cd/values.yaml +++ b/charts/argo-cd/values.yaml @@ -2059,6 +2059,9 @@ repoServer: # - secretRef: # name: secret-name + # -- Specify postStart and preStop lifecycle hooks for your argo-repo-server container + lifecycle: {} + # -- Additional containers to be added to the repo server pod ## Ref: https://argo-cd.readthedocs.io/en/stable/user-guide/config-management-plugins/ ## Note: Supports use of custom Helm templates From 7347a5d78162a4d7abf5efbb27bd0327905c2c91 Mon Sep 17 00:00:00 2001 From: Jonas Eilers <133217951+jdvgh@users.noreply.github.com> Date: Wed, 17 May 2023 16:24:43 +0200 Subject: [PATCH 187/356] feat(argo-cd): Add new BitbucketCloud ssh keys in values.yaml (#2062) feat: Add new BitbucketCloud ssh keys Update configs.ssh.kownHosts in charts/argo-cd/values.yaml to match new SSHKeys from https://bitbucket.org/site/ssh (as of May 17th, 2023) Signed-off-by: jdvgh <133217951+jdvgh@users.noreply.github.com> --- charts/argo-cd/Chart.yaml | 4 ++-- charts/argo-cd/values.yaml | 2 ++ 2 files changed, 4 insertions(+), 2 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index 32dcb776a..0c7a2d5cb 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -3,7 +3,7 @@ appVersion: v2.7.2 kubeVersion: ">=1.22.0-0" description: A Helm chart for Argo CD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 5.34.0 +version: 5.34.1 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png sources: @@ -27,4 +27,4 @@ annotations: url: https://argoproj.github.io/argo-helm/pgp_keys.asc artifacthub.io/changes: | - kind: added - description: Add lifecycle webhook to repo server. + description: Add new bitbucket cloud SSH key to configs.ssh.knownHosts diff --git a/charts/argo-cd/values.yaml b/charts/argo-cd/values.yaml index c304de7ef..2906eb82b 100644 --- a/charts/argo-cd/values.yaml +++ b/charts/argo-cd/values.yaml @@ -315,6 +315,8 @@ configs: # -- Known hosts to be added to the known host list by default. # @default -- See [values.yaml] knownHosts: | + bitbucket.org ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIIazEu89wgQZ4bqs3d63QSMzYVa0MuJ2e2gKTKqu+UUO + bitbucket.org ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBPIQmuzMBuKdWeF4+a2sjSSpBK0iqitSQ+5BM9KhpexuGt20JpTVM7u5BDZngncgrqDMbWdxMWWOGtZ9UgbqgZE= bitbucket.org ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAQEAubiN81eDcafrgMeLzaFPsw2kNvEcqTKl/VqLat/MaB33pZy0y3rJZtnqwR2qOOvbwKZYKiEO1O6VqNEBxKvJJelCq0dTXWT5pbO2gDXC6h6QDXCaHo6pOHGPUy+YBaGQRGuSusMEASYiWunYN0vCAI8QaXnWMXNMdFP3jHAJH0eDsoiGnLPBlBp4TNm6rYI74nMzgz3B9IikW4WVK+dc8KZJZWYjAuORU3jc1c/NPskD2ASinf8v3xnfXeukU0sJ5N6m5E8VLjObPEO+mN2t/FZTMZLiFqPWc/ALSqnMnnhwrNi2rbfg/rd/IpL8Le3pSBne8+seeFVBoGqzHM9yXw== github.com ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBEmKSENjQEezOmxkZMy7opKgwFB9nkt5YRrYMjNuG5N87uRgg6CLrbo5wAdT/y6v0mKV0U2w0WZ2YB/++Tpockg= github.com ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIOMqqnkVzrm0SdG6UOoqKLsabgH5C9okWi0dh2l9GKJl From c3cfd49e9679df03e37f963fcb64c6d5375572d5 Mon Sep 17 00:00:00 2001 From: Joe Lee Date: Fri, 19 May 2023 17:35:00 +0800 Subject: [PATCH 188/356] feat(argocd-apps): Generate application, applicationset, project with template (#2025) * add template for application Signed-off-by: Joe Lee * update version Signed-off-by: Joe Lee * fix issue Signed-off-by: Joe Lee * add example for applicationsetTemplates Signed-off-by: Joe Lee * fix issue Signed-off-by: Joe Lee * merge each of items into one Signed-off-by: Joe Lee * update readme Signed-off-by: Joe Lee * update doc Signed-off-by: Joe Lee * update version Signed-off-by: Joe Lee * add template for application Signed-off-by: Joe Lee * update version Signed-off-by: Joe Lee * fix issue Signed-off-by: Joe Lee * fix issue Signed-off-by: Joe Lee * merge each of items into one Signed-off-by: Joe Lee * move itemTemplates to new file Signed-off-by: Joe Lee * discard change for applications.yaml Signed-off-by: Joe Lee --------- Signed-off-by: Joe Lee --- charts/argocd-apps/Chart.yaml | 4 +- charts/argocd-apps/README.md | 1 + charts/argocd-apps/ci/item-templates.yaml | 61 +++++++++++++++++ .../argocd-apps/templates/item-templates.yaml | 15 +++++ charts/argocd-apps/values.yaml | 65 +++++++++++++++++++ 5 files changed, 144 insertions(+), 2 deletions(-) create mode 100644 charts/argocd-apps/ci/item-templates.yaml create mode 100644 charts/argocd-apps/templates/item-templates.yaml diff --git a/charts/argocd-apps/Chart.yaml b/charts/argocd-apps/Chart.yaml index 0c55671d3..6d0a194fe 100644 --- a/charts/argocd-apps/Chart.yaml +++ b/charts/argocd-apps/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v2 name: argocd-apps description: A Helm chart for managing additional Argo CD Applications and Projects type: application -version: 1.0.1 +version: 1.1.0 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png keywords: @@ -18,4 +18,4 @@ annotations: url: https://argoproj.github.io/argo-helm/pgp_keys.asc artifacthub.io/changes: | - kind: added - description: Introduce chart signing + description: Generate application, applicationset, project with template diff --git a/charts/argocd-apps/README.md b/charts/argocd-apps/README.md index bc0d0685d..0e5bbbe25 100644 --- a/charts/argocd-apps/README.md +++ b/charts/argocd-apps/README.md @@ -31,6 +31,7 @@ $ helm install my-release argo/argocd-apps | applications | list | `[]` (See [values.yaml]) | Deploy Argo CD Applications within this helm release | | applicationsets | list | `[]` (See [values.yaml]) | Deploy Argo CD ApplicationSets within this helm release | | extensions | list | `[]` (See [values.yaml]) | Deploy Argo UI Extensions within this helm release | +| itemTemplates | list | `[]` (See [values.yaml]) | Deploy Argo CD Applications/ApplicationSets/Projects within this helm release | | projects | list | `[]` (See [values.yaml]) | Deploy Argo CD Projects within this helm release | ---------------------------------------------- diff --git a/charts/argocd-apps/ci/item-templates.yaml b/charts/argocd-apps/ci/item-templates.yaml new file mode 100644 index 000000000..8a08c684e --- /dev/null +++ b/charts/argocd-apps/ci/item-templates.yaml @@ -0,0 +1,61 @@ +itemTemplates: + - items: + - name: my-appset + generators: &generators + - list: + elements: + - cluster: engineering-dev + url: https://1.2.3.4 + - cluster: engineering-prod + url: https://2.4.6.8 + - cluster: finance-preprod + url: https://9.8.7.6 + template: + apiVersion: argoproj.io/v1alpha1 + kind: ApplicationSet + metadata: + name: "{{ .name }}" + spec: + generators: *generators + template: + metadata: + name: "{{`{{cluster}}`}}-guestbook" + spec: + project: my-project + source: + repoURL: https://github.com/infra-team/cluster-deployments.git + targetRevision: HEAD + path: guestbook/{{`{{cluster}}`}} + destination: + server: "{{`{{cluster}}`}}" + namespace: guestbook + - items: + - name: my-appset + generators: + - list: + elements: + - cluster: engineering-dev + url: https://1.2.3.4 + - cluster: engineering-prod + url: https://2.4.6.8 + - cluster: finance-preprod + url: https://9.8.7.6 + template: |- + apiVersion: argoproj.io/v1alpha1 + kind: ApplicationSet + metadata: + name: {{ .name }} + spec: + generators: {{ toYaml .generators | nindent 4 }} + template: + metadata: + name: '{{`{{cluster}}`}}-guestbook' + spec: + project: my-project + source: + repoURL: https://github.com/infra-team/cluster-deployments.git + targetRevision: HEAD + path: guestbook/{{`{{cluster}}`}} + destination: + server: '{{`{{cluster}}`}}' + namespace: guestbook diff --git a/charts/argocd-apps/templates/item-templates.yaml b/charts/argocd-apps/templates/item-templates.yaml new file mode 100644 index 000000000..a209cc2ae --- /dev/null +++ b/charts/argocd-apps/templates/item-templates.yaml @@ -0,0 +1,15 @@ +{{- range .Values.itemTemplates }} +{{- if kindIs "string" .template }} +{{- $template := .template -}} +{{- range .items }} +--- +{{ tpl $template (set . "Template" $.Template) }} +{{- end }} +{{- else }} +{{- $template := .template | toYaml -}} +{{- range .items }} +--- +{{ tpl $template (set . "Template" $.Template) }} +{{- end }} +{{- end }} +{{- end }} \ No newline at end of file diff --git a/charts/argocd-apps/values.yaml b/charts/argocd-apps/values.yaml index eb0767b95..72301ace4 100644 --- a/charts/argocd-apps/values.yaml +++ b/charts/argocd-apps/values.yaml @@ -133,6 +133,71 @@ applicationsets: [] # # Set Application finalizer # preserveResourcesOnDeletion: false +# -- Deploy Argo CD Applications/ApplicationSets/Projects within this helm release +# @default -- `[]` (See [values.yaml]) +## Ref: https://argo-cd.readthedocs.io/en/stable/operator-manual/applicationset/ +itemTemplates: [] +# - items: +# - name: my-appset +# generators: &generators +# - list: +# elements: +# - cluster: engineering-dev +# url: https://1.2.3.4 +# - cluster: engineering-prod +# url: https://2.4.6.8 +# - cluster: finance-preprod +# url: https://9.8.7.6 +# template: +# apiVersion: argoproj.io/v1alpha1 +# kind: ApplicationSet +# metadata: +# name: "{{ .name }}" +# spec: +# generators: *generators +# template: +# metadata: +# name: "{{`{{cluster}}`}}-guestbook" +# spec: +# project: my-project +# source: +# repoURL: https://github.com/infra-team/cluster-deployments.git +# targetRevision: HEAD +# path: guestbook/{{`{{cluster}}`}} +# destination: +# server: "{{`{{cluster}}`}}" +# namespace: guestbook +# - items: +# - name: my-appset +# generators: +# - list: +# elements: +# - cluster: engineering-dev +# url: https://1.2.3.4 +# - cluster: engineering-prod +# url: https://2.4.6.8 +# - cluster: finance-preprod +# url: https://9.8.7.6 +# template: |- +# apiVersion: argoproj.io/v1alpha1 +# kind: ApplicationSet +# metadata: +# name: {{ .name }} +# spec: +# generators: {{ toYaml .generators | nindent 4 }} +# template: +# metadata: +# name: '{{`{{cluster}}`}}-guestbook' +# spec: +# project: my-project +# source: +# repoURL: https://github.com/infra-team/cluster-deployments.git +# targetRevision: HEAD +# path: guestbook/{{`{{cluster}}`}} +# destination: +# server: '{{`{{cluster}}`}}' +# namespace: guestbook + # -- Deploy Argo UI Extensions within this helm release # @default -- `[]` (See [values.yaml]) ## This function in tech preview stage, do expect unstability or breaking changes in newer versions. Bump image.tag if necessary. From 5766533626cadb5a29c46bd3a6c513da7ca30bea Mon Sep 17 00:00:00 2001 From: Julien Michaud <103417499+julien-michaud@users.noreply.github.com> Date: Fri, 19 May 2023 12:35:33 +0200 Subject: [PATCH 189/356] feat(argo-workflows): support google ManagedCertificate, FrontendConfig & BackendConfig for gce ingress (#2066) * feat: add gke stuff Signed-off-by: julien.michaud * update readme and chart.yaml file Signed-off-by: julien.michaud * fix readme Signed-off-by: julien.michaud * docs: Apply changes from code review Signed-off-by: Marco Kilchhofer --------- Signed-off-by: julien.michaud Signed-off-by: Marco Kilchhofer Co-authored-by: Marco Kilchhofer --- charts/argo-workflows/Chart.yaml | 8 +++-- charts/argo-workflows/README.md | 9 +++++ charts/argo-workflows/README.md.gotmpl | 2 ++ charts/argo-workflows/templates/_helpers.tpl | 13 +++++++ .../templates/server/gke/backendconfig.yaml | 11 ++++++ .../templates/server/gke/frontendconfig.yaml | 11 ++++++ .../server/gke/managedcertificate.yaml | 12 +++++++ charts/argo-workflows/values.yaml | 36 +++++++++++++++++++ 8 files changed, 100 insertions(+), 2 deletions(-) create mode 100644 charts/argo-workflows/templates/server/gke/backendconfig.yaml create mode 100644 charts/argo-workflows/templates/server/gke/frontendconfig.yaml create mode 100644 charts/argo-workflows/templates/server/gke/managedcertificate.yaml diff --git a/charts/argo-workflows/Chart.yaml b/charts/argo-workflows/Chart.yaml index 9b2324219..84e49d849 100644 --- a/charts/argo-workflows/Chart.yaml +++ b/charts/argo-workflows/Chart.yaml @@ -3,7 +3,7 @@ appVersion: v3.4.7 name: argo-workflows description: A Helm chart for Argo Workflows type: application -version: 0.27.0 +version: 0.28.0 icon: https://argoproj.github.io/argo-workflows/assets/logo.png home: https://github.com/argoproj/argo-helm sources: @@ -17,4 +17,8 @@ annotations: url: https://argoproj.github.io/argo-helm/pgp_keys.asc artifacthub.io/changes: | - kind: added - description: Allow extraObjects to contain string templates + description: Add support for Google ManagedCertificate on GKE + - kind: added + description: Add support for Google FrontendConfig on GKE + - kind: added + description: Add support for Google BackendConfig on GKE diff --git a/charts/argo-workflows/README.md b/charts/argo-workflows/README.md index 1dbfc155c..b5612a169 100644 --- a/charts/argo-workflows/README.md +++ b/charts/argo-workflows/README.md @@ -102,6 +102,7 @@ Fields to note: | Key | Type | Default | Description | |-----|------|---------|-------------| | apiVersionOverrides.autoscaling | string | `""` | String to override apiVersion of autoscaling rendered by this helm chart | +| apiVersionOverrides.cloudgoogle | string | `""` | String to override apiVersion of GKE resources rendered by this helm chart | | crds.annotations | object | `{}` | Annotations to be added to all CRDs | | crds.install | bool | `true` | Install and upgrade CRDs | | crds.keep | bool | `true` | Keep CRDs on chart uninstall | @@ -240,6 +241,12 @@ Fields to note: | Key | Type | Default | Description | |-----|------|---------|-------------| +| server.GKEbackendConfig.enabled | bool | `false` | Enable BackendConfig custom resource for Google Kubernetes Engine | +| server.GKEbackendConfig.spec | object | `{}` | [BackendConfigSpec] | +| server.GKEfrontendConfig.enabled | bool | `false` | Enable FrontConfig custom resource for Google Kubernetes Engine | +| server.GKEfrontendConfig.spec | object | `{}` | [FrontendConfigSpec] | +| server.GKEmanagedCertificate.domains | list | `["argoworkflows.example.com"]` | Domains for the Google Managed Certificate | +| server.GKEmanagedCertificate.enabled | bool | `false` | Enable ManagedCertificate custom resource for Google Kubernetes Engine. | | server.affinity | object | `{}` | Assign custom [affinity] rules | | server.autoscaling.behavior | object | `{}` | Configures the scaling behavior of the target in both Up and Down directions. This is only available on HPA apiVersion `autoscaling/v2beta2` and newer | | server.autoscaling.enabled | bool | `false` | Enable Horizontal Pod Autoscaler ([HPA]) for the Argo Server | @@ -333,6 +340,8 @@ Fields to note: 1. moved the field previously known as `telemetryServicePort` inside the `telemetryConfig` as `telemetryConfig.servicePort` - same for `metricsConfig` [affinity]: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/ +[BackendConfigSpec]: https://cloud.google.com/kubernetes-engine/docs/concepts/backendconfig#backendconfigspec_v1beta1_cloudgooglecom +[FrontendConfigSpec]: https://cloud.google.com/kubernetes-engine/docs/how-to/ingress-features#configuring_ingress_features_through_frontendconfig_parameters [links]: https://argoproj.github.io/argo-workflows/links/ [Node selector]: https://kubernetes.io/docs/user-guide/node-selection/ [Pod Disruption Budget]: https://kubernetes.io/docs/tasks/run-application/configure-pdb/ diff --git a/charts/argo-workflows/README.md.gotmpl b/charts/argo-workflows/README.md.gotmpl index 398a8788e..ab8554f51 100644 --- a/charts/argo-workflows/README.md.gotmpl +++ b/charts/argo-workflows/README.md.gotmpl @@ -188,6 +188,8 @@ Fields to note: 1. moved the field previously known as `telemetryServicePort` inside the `telemetryConfig` as `telemetryConfig.servicePort` - same for `metricsConfig` [affinity]: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/ +[BackendConfigSpec]: https://cloud.google.com/kubernetes-engine/docs/concepts/backendconfig#backendconfigspec_v1beta1_cloudgooglecom +[FrontendConfigSpec]: https://cloud.google.com/kubernetes-engine/docs/how-to/ingress-features#configuring_ingress_features_through_frontendconfig_parameters [links]: https://argoproj.github.io/argo-workflows/links/ [Node selector]: https://kubernetes.io/docs/user-guide/node-selection/ [Pod Disruption Budget]: https://kubernetes.io/docs/tasks/run-application/configure-pdb/ diff --git a/charts/argo-workflows/templates/_helpers.tpl b/charts/argo-workflows/templates/_helpers.tpl index f302f0da2..f81e6fc45 100644 --- a/charts/argo-workflows/templates/_helpers.tpl +++ b/charts/argo-workflows/templates/_helpers.tpl @@ -166,3 +166,16 @@ Return the appropriate apiVersion for autoscaling {{- print "autoscaling/v2" -}} {{- end -}} {{- end -}} + +{{/* +Return the appropriate apiVersion for GKE resources +*/}} +{{- define "argo-workflows.apiVersions.cloudgoogle" -}} +{{- if .Values.apiVersionOverrides.cloudgoogle -}} +{{- print .Values.apiVersionOverrides.cloudgoogle -}} +{{- else if .Capabilities.APIVersions.Has "cloud.google.com/v1" -}} +{{- print "cloud.google.com/v1" -}} +{{- else -}} +{{- print "cloud.google.com/v1beta1" -}} +{{- end -}} +{{- end -}} diff --git a/charts/argo-workflows/templates/server/gke/backendconfig.yaml b/charts/argo-workflows/templates/server/gke/backendconfig.yaml new file mode 100644 index 000000000..4597db3d0 --- /dev/null +++ b/charts/argo-workflows/templates/server/gke/backendconfig.yaml @@ -0,0 +1,11 @@ +{{- if .Values.server.GKEbackendConfig.enabled }} +apiVersion: {{ include "argo-workflows.apiVersions.cloudgoogle" . }} +kind: BackendConfig +metadata: + name: {{ template "argo-workflows.server.fullname" . }} + namespace: {{ .Release.Namespace | quote }} + labels: + {{- include "argo-workflows.labels" (dict "context" . "component" .Values.server.name "name" .Values.server.name) | nindent 4 }} +spec: + {{- toYaml .Values.server.GKEbackendConfig.spec | nindent 2 }} +{{- end }} diff --git a/charts/argo-workflows/templates/server/gke/frontendconfig.yaml b/charts/argo-workflows/templates/server/gke/frontendconfig.yaml new file mode 100644 index 000000000..6b81c9230 --- /dev/null +++ b/charts/argo-workflows/templates/server/gke/frontendconfig.yaml @@ -0,0 +1,11 @@ +{{- if .Values.server.GKEfrontendConfig.enabled }} +apiVersion: networking.gke.io/v1beta1 +kind: FrontendConfig +metadata: + name: {{ template "argo-workflows.server.fullname" . }} + namespace: {{ .Release.Namespace | quote }} + labels: + {{- include "argo-workflows.labels" (dict "context" . "component" .Values.server.name "name" .Values.server.name) | nindent 4 }} +spec: + {{- toYaml .Values.server.GKEfrontendConfig.spec | nindent 2 }} +{{- end }} diff --git a/charts/argo-workflows/templates/server/gke/managedcertificate.yaml b/charts/argo-workflows/templates/server/gke/managedcertificate.yaml new file mode 100644 index 000000000..b77c31311 --- /dev/null +++ b/charts/argo-workflows/templates/server/gke/managedcertificate.yaml @@ -0,0 +1,12 @@ +{{- if .Values.server.GKEmanagedCertificate.enabled }} +apiVersion: networking.gke.io/v1 +kind: ManagedCertificate +metadata: + name: {{ template "argo-workflows.server.fullname" . }} + namespace: {{ .Release.Namespace | quote }} +spec: + domains: + {{- with .Values.server.GKEmanagedCertificate.domains }} + {{- toYaml . | nindent 4 }} + {{- end }} +{{- end }} diff --git a/charts/argo-workflows/values.yaml b/charts/argo-workflows/values.yaml index 0e5af428f..b65fd4f87 100644 --- a/charts/argo-workflows/values.yaml +++ b/charts/argo-workflows/values.yaml @@ -33,6 +33,8 @@ kubeVersionOverride: "" apiVersionOverrides: # -- String to override apiVersion of autoscaling rendered by this helm chart autoscaling: "" # autoscaling/v2 + # -- String to override apiVersion of GKE resources rendered by this helm chart + cloudgoogle: "" # cloud.google.com/v1 # -- Restrict Argo to operate only in a single namespace (the namespace of the # Helm release) by apply Roles and RoleBindings instead of the Cluster @@ -576,6 +578,40 @@ server: # hosts: # - argoworkflows.example.com + ## Create a Google Backendconfig for use with the GKE Ingress Controller + ## https://cloud.google.com/kubernetes-engine/docs/how-to/ingress-configuration#configuring_ingress_features_through_backendconfig_parameters + GKEbackendConfig: + # -- Enable BackendConfig custom resource for Google Kubernetes Engine + enabled: false + # -- [BackendConfigSpec] + spec: {} + # spec: + # iap: + # enabled: true + # oauthclientCredentials: + # secretName: argoworkflows-secret + + ## Create a Google Managed Certificate for use with the GKE Ingress Controller + ## https://cloud.google.com/kubernetes-engine/docs/how-to/managed-certs + GKEmanagedCertificate: + # -- Enable ManagedCertificate custom resource for Google Kubernetes Engine. + enabled: false + # -- Domains for the Google Managed Certificate + domains: + - argoworkflows.example.com + + ## Create a Google FrontendConfig Custom Resource, for use with the GKE Ingress Controller + ## https://cloud.google.com/kubernetes-engine/docs/how-to/ingress-features#configuring_ingress_features_through_frontendconfig_parameters + GKEfrontendConfig: + # -- Enable FrontConfig custom resource for Google Kubernetes Engine + enabled: false + # -- [FrontendConfigSpec] + spec: {} + # spec: + # redirectToHttps: + # enabled: true + # responseCodeName: RESPONSE_CODE + clusterWorkflowTemplates: # -- Create a ClusterRole and CRB for the server to access ClusterWorkflowTemplates. enabled: true From b651465fb23e4c252ec0391f2edbaa41fe2742f2 Mon Sep 17 00:00:00 2001 From: Yevhen Tienkaiev Date: Sat, 20 May 2023 18:39:17 +0300 Subject: [PATCH 190/356] feat(argo-rollouts): Add possibility to configure healthz and metrics ports to be compatible with Istio (#1976) --- charts/argo-rollouts/Chart.yaml | 6 ++---- charts/argo-rollouts/README.md | 4 ++++ .../templates/controller/deployment.yaml | 6 ++++-- .../templates/controller/metrics-service.yaml | 6 +++--- .../templates/controller/servicemonitor.yaml | 2 +- charts/argo-rollouts/values.yaml | 12 ++++++++++++ 6 files changed, 26 insertions(+), 10 deletions(-) diff --git a/charts/argo-rollouts/Chart.yaml b/charts/argo-rollouts/Chart.yaml index ecdcbb391..756734d17 100644 --- a/charts/argo-rollouts/Chart.yaml +++ b/charts/argo-rollouts/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v2 appVersion: v1.5.0 description: A Helm chart for Argo Rollouts name: argo-rollouts -version: 2.28.0 +version: 2.29.0 home: https://github.com/argoproj/argo-helm icon: https://argoproj.github.io/argo-rollouts/assets/logo.png keywords: @@ -18,7 +18,5 @@ annotations: fingerprint: 2B8F22F57260EFA67BE1C5824B11F800CD9D2252 url: https://argoproj.github.io/argo-helm/pgp_keys.asc artifacthub.io/changes: | - - kind: changed - description: Upgrade Argo Rollouts to v1.5.0 - kind: added - description: Introduce chart signing + description: Ability to configure healthz and metrics ports to be compatible with Istio diff --git a/charts/argo-rollouts/README.md b/charts/argo-rollouts/README.md index aaed870fd..70a617458 100644 --- a/charts/argo-rollouts/README.md +++ b/charts/argo-rollouts/README.md @@ -75,6 +75,8 @@ For full list of changes please check ArtifactHub [changelog]. | containerSecurityContext | object | `{}` | Security Context to set on container level | | controller.affinity | object | `{}` | Assign custom [affinity] rules to the deployment | | controller.component | string | `"rollouts-controller"` | Value of label `app.kubernetes.io/component` | +| controller.containerPorts.healthz | int | `8080` | Healthz container port | +| controller.containerPorts.metrics | int | `8090` | Metrics container port | | controller.createClusterRole | bool | `true` | flag to enable creation of cluster controller role (requires cluster RBAC) | | controller.extraArgs | list | `[]` | Additional command line arguments to pass to rollouts-controller. A list of flags. | | controller.extraContainers | list | `[]` | Literal yaml for extra containers to be added to controller deployment. | @@ -87,6 +89,8 @@ For full list of changes please check ArtifactHub [changelog]. | controller.livenessProbe | object | See [values.yaml] | Configure liveness [probe] for the controller | | controller.metricProviderPlugins | object | `{}` | Configures 3rd party metric providers for controller | | controller.metrics.enabled | bool | `false` | Deploy metrics service | +| controller.metrics.service.port | int | `8090` | Metrics service port | +| controller.metrics.service.portName | string | `"metrics"` | Metrics service port name | | controller.metrics.serviceMonitor.additionalAnnotations | object | `{}` | Annotations to be added to the ServiceMonitor | | controller.metrics.serviceMonitor.additionalLabels | object | `{}` | Labels to be added to the ServiceMonitor | | controller.metrics.serviceMonitor.enabled | bool | `false` | Enable a prometheus ServiceMonitor | diff --git a/charts/argo-rollouts/templates/controller/deployment.yaml b/charts/argo-rollouts/templates/controller/deployment.yaml index 95ec845fc..a40dd9ed8 100644 --- a/charts/argo-rollouts/templates/controller/deployment.yaml +++ b/charts/argo-rollouts/templates/controller/deployment.yaml @@ -37,6 +37,8 @@ spec: containers: - image: "{{ .Values.controller.image.registry }}/{{ .Values.controller.image.repository }}:{{ default .Chart.AppVersion .Values.controller.image.tag }}" args: + - --healthzPort={{ .Values.controller.containerPorts.healthz }} + - --metricsport={{ .Values.controller.containerPorts.metrics }} {{- if not .Values.clusterInstall }} - --namespaced {{- end }} @@ -53,9 +55,9 @@ spec: imagePullPolicy: {{ .Values.controller.image.pullPolicy }} name: argo-rollouts ports: - - containerPort: 8090 + - containerPort: {{ .Values.controller.containerPorts.metrics }} name: metrics - - containerPort: 8080 + - containerPort: {{ .Values.controller.containerPorts.healthz }} name: healthz livenessProbe: {{- toYaml .Values.controller.livenessProbe | nindent 10 }} diff --git a/charts/argo-rollouts/templates/controller/metrics-service.yaml b/charts/argo-rollouts/templates/controller/metrics-service.yaml index 0effcc23b..e04d326a8 100644 --- a/charts/argo-rollouts/templates/controller/metrics-service.yaml +++ b/charts/argo-rollouts/templates/controller/metrics-service.yaml @@ -13,10 +13,10 @@ metadata: {{- end }} spec: ports: - - name: metrics + - name: {{ .Values.controller.metrics.service.portName }} protocol: TCP - port: 8090 - targetPort: 8090 + port: {{ .Values.controller.metrics.service.port }} + targetPort: metrics selector: app.kubernetes.io/component: {{ .Values.controller.component }} {{- include "argo-rollouts.selectorLabels" . | nindent 4 }} diff --git a/charts/argo-rollouts/templates/controller/servicemonitor.yaml b/charts/argo-rollouts/templates/controller/servicemonitor.yaml index cb489e3b9..62713764e 100644 --- a/charts/argo-rollouts/templates/controller/servicemonitor.yaml +++ b/charts/argo-rollouts/templates/controller/servicemonitor.yaml @@ -16,7 +16,7 @@ metadata: {{- end }} spec: endpoints: - - port: metrics + - port: {{ .Values.controller.metrics.service.portName }} {{- with .Values.controller.metrics.serviceMonitor.relabelings }} relabelings: {{- toYaml . | nindent 6 }} diff --git a/charts/argo-rollouts/values.yaml b/charts/argo-rollouts/values.yaml index d1c91e30e..2ea4fbb45 100644 --- a/charts/argo-rollouts/values.yaml +++ b/charts/argo-rollouts/values.yaml @@ -106,9 +106,21 @@ controller: # -- flag to enable creation of cluster controller role (requires cluster RBAC) createClusterRole: true + # Controller container ports + containerPorts: + # -- Metrics container port + metrics: 8090 + # -- Healthz container port + healthz: 8080 + metrics: # -- Deploy metrics service enabled: false + service: + # -- Metrics service port name + portName: metrics + # -- Metrics service port + port: 8090 serviceMonitor: # -- Enable a prometheus ServiceMonitor enabled: false From be8a4c97293de9a0e13040f7dadd57556157bd6d Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Sun, 21 May 2023 11:07:08 +0900 Subject: [PATCH 191/356] chore(deps): bump helm/kind-action from 1.5.0 to 1.7.0 (#2067) Bumps [helm/kind-action](https://github.com/helm/kind-action) from 1.5.0 to 1.7.0. - [Release notes](https://github.com/helm/kind-action/releases) - [Commits](https://github.com/helm/kind-action/compare/d8ccf8fb623ce1bb360ae2f45f323d9d5c5e9f00...fa81e57adff234b2908110485695db0f181f3c67) --- updated-dependencies: - dependency-name: helm/kind-action dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Marco Kilchhofer --- .github/workflows/lint-and-test.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/lint-and-test.yml b/.github/workflows/lint-and-test.yml index 90106fc90..e7e35f8a9 100644 --- a/.github/workflows/lint-and-test.yml +++ b/.github/workflows/lint-and-test.yml @@ -70,7 +70,7 @@ jobs: fi - name: Create kind cluster - uses: helm/kind-action@d8ccf8fb623ce1bb360ae2f45f323d9d5c5e9f00 # v1.5.0 + uses: helm/kind-action@fa81e57adff234b2908110485695db0f181f3c67 # v1.7.0 if: steps.list-changed.outputs.changed == 'true' with: config: .github/configs/kind-config.yaml From 650a9ec7effbc920043a623c8deaba89a110c199 Mon Sep 17 00:00:00 2001 From: Khue Doan Date: Sun, 21 May 2023 14:19:31 +0700 Subject: [PATCH 192/356] feat(argocd-apps): Add rollout strategy for ApplicationSet (#2063) feat(argocd-apps): add rollout strategy for ApplicationSet Signed-off-by: Khue Doan --- charts/argocd-apps/Chart.yaml | 4 +- ...licationsets-progressive-syncs-values.yaml | 41 +++++++++++++++++++ .../templates/applicationsets.yaml | 4 ++ charts/argocd-apps/values.yaml | 20 ++++++++- 4 files changed, 66 insertions(+), 3 deletions(-) create mode 100644 charts/argocd-apps/ci/applicationsets-progressive-syncs-values.yaml diff --git a/charts/argocd-apps/Chart.yaml b/charts/argocd-apps/Chart.yaml index 6d0a194fe..fc733b22f 100644 --- a/charts/argocd-apps/Chart.yaml +++ b/charts/argocd-apps/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v2 name: argocd-apps description: A Helm chart for managing additional Argo CD Applications and Projects type: application -version: 1.1.0 +version: 1.2.0 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png keywords: @@ -18,4 +18,4 @@ annotations: url: https://argoproj.github.io/argo-helm/pgp_keys.asc artifacthub.io/changes: | - kind: added - description: Generate application, applicationset, project with template + description: Rollout strategy for ApplicationSet diff --git a/charts/argocd-apps/ci/applicationsets-progressive-syncs-values.yaml b/charts/argocd-apps/ci/applicationsets-progressive-syncs-values.yaml new file mode 100644 index 000000000..2fa589788 --- /dev/null +++ b/charts/argocd-apps/ci/applicationsets-progressive-syncs-values.yaml @@ -0,0 +1,41 @@ +# Test applicationsets with Progressive Syncs + +applicationsets: +- name: applicationset-progressive-syncs + generators: + - list: + elements: + - cluster: engineering-dev + url: https://1.2.3.4 + env: env-dev + - cluster: engineering-prod + url: https://9.8.7.6/ + env: env-prod + strategy: + type: RollingSync + rollingSync: + steps: + - matchExpressions: + - key: envLabel + operator: In + values: + - env-dev + - matchExpressions: + - key: envLabel + operator: In + values: + - env-prod + template: + metadata: + name: '{{.cluster}}-guestbook' + labels: + envLabel: '{{.env}}' + spec: + project: my-project + source: + repoURL: https://github.com/argoproj/argocd-example-apps.git + targetRevision: HEAD + path: guestbook/{{.cluster}} + destination: + server: '{{.url}}' + namespace: guestbook diff --git a/charts/argocd-apps/templates/applicationsets.yaml b/charts/argocd-apps/templates/applicationsets.yaml index bb8b09d1c..0d3a47e92 100644 --- a/charts/argocd-apps/templates/applicationsets.yaml +++ b/charts/argocd-apps/templates/applicationsets.yaml @@ -26,6 +26,10 @@ spec: generators: {{- toYaml . | nindent 4 }} {{- end }} + {{- with .strategy }} + strategy: + {{- toYaml . | nindent 4 }} + {{- end }} {{- with .syncPolicy }} syncPolicy: {{- toYaml . | nindent 4 }} diff --git a/charts/argocd-apps/values.yaml b/charts/argocd-apps/values.yaml index 72301ace4..500849df7 100644 --- a/charts/argocd-apps/values.yaml +++ b/charts/argocd-apps/values.yaml @@ -103,10 +103,28 @@ applicationsets: [] # directories: # - path: guestbook # - path: kustomize-* +# # Progressive Syncs is an experimental feature and it must be explicitly enabled +# # Ref: https://argo-cd.readthedocs.io/en/stable/operator-manual/applicationset/Progressive-Syncs/#enabling-progressive-syncs +# strategy: +# type: RollingSync +# rollingSync: +# steps: +# - matchExpressions: +# - key: project +# operator: In +# values: +# - guestbook +# - matchExpressions: +# - key: project +# operator: In +# values: +# - kustomize-foo +# - kustomize-bar # template: # metadata: # name: '{{path.basename}}' -# labels: {} +# labels: +# project: '{{path.basename}}' # annotations: {} # spec: # project: default From 4e108afa429ccbf52bdd89da3533aad85cdcd3aa Mon Sep 17 00:00:00 2001 From: Noam Gal Date: Mon, 22 May 2023 15:27:17 +0300 Subject: [PATCH 193/356] bumped version to `v2.6.0-cap-CR-18430-del-app` --- charts/argo-cd/Chart.yaml | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index 757f39863..ce84a3b59 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -1,8 +1,8 @@ apiVersion: v2 -appVersion: v2.6.0-cap-CR-17237 +appVersion: v2.6.0-cap-CR-18430-del-app description: A Helm chart for Argo CD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 5.29.1-1-cap-CR-17237 +version: 5.29.2-cap-CR-18430 kubeVersion: ">=1.22.0-0" home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png @@ -24,4 +24,4 @@ dependencies: annotations: artifacthub.io/changes: | - kind: fixed - description: Use default value for configs.cm.application.instanceLabelKey, instead of overwriting it. + description: Send app deleted event to codefresh platform. From 1d999e055266f05639cd81a3e1b4cb7859006794 Mon Sep 17 00:00:00 2001 From: Wim Fournier Date: Mon, 22 May 2023 19:07:09 +0200 Subject: [PATCH 194/356] fix(argo-cd): don't request applicationsets if its disabled (#2069) * don't request applicationsets if its disabled Signed-off-by: Wim Fournier * Update Chart.yaml Signed-off-by: Wim Fournier --------- Signed-off-by: Wim Fournier --- charts/argo-cd/Chart.yaml | 6 +++--- charts/argo-cd/templates/argocd-server/role.yaml | 2 ++ 2 files changed, 5 insertions(+), 3 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index 0c7a2d5cb..d5bdb82fd 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -3,7 +3,7 @@ appVersion: v2.7.2 kubeVersion: ">=1.22.0-0" description: A Helm chart for Argo CD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 5.34.1 +version: 5.34.2 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png sources: @@ -26,5 +26,5 @@ annotations: fingerprint: 2B8F22F57260EFA67BE1C5824B11F800CD9D2252 url: https://argoproj.github.io/argo-helm/pgp_keys.asc artifacthub.io/changes: | - - kind: added - description: Add new bitbucket cloud SSH key to configs.ssh.knownHosts + - kind: fixed + description: don't request applicationSets in the role, if applicationSets are disabled diff --git a/charts/argo-cd/templates/argocd-server/role.yaml b/charts/argo-cd/templates/argocd-server/role.yaml index f156bc187..6bfe32a49 100644 --- a/charts/argo-cd/templates/argocd-server/role.yaml +++ b/charts/argo-cd/templates/argocd-server/role.yaml @@ -23,7 +23,9 @@ rules: - argoproj.io resources: - applications + {{- if .Values.applicationSet.enabled }} - applicationsets + {{- end }} - appprojects {{- if .Values.server.extensions.enabled }} - argocdextensions From 6593901daf722c10f9b089a078cd9a7f88c1c2a5 Mon Sep 17 00:00:00 2001 From: Aikawa Date: Tue, 23 May 2023 11:46:53 +0900 Subject: [PATCH 195/356] fix(argo-cd): Align with upstream dex initContainers (#2070) --- charts/argo-cd/Chart.yaml | 4 ++-- charts/argo-cd/templates/dex/deployment.yaml | 2 +- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index d5bdb82fd..72042538c 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -3,7 +3,7 @@ appVersion: v2.7.2 kubeVersion: ">=1.22.0-0" description: A Helm chart for Argo CD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 5.34.2 +version: 5.34.3 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png sources: @@ -27,4 +27,4 @@ annotations: url: https://argoproj.github.io/argo-helm/pgp_keys.asc artifacthub.io/changes: | - kind: fixed - description: don't request applicationSets in the role, if applicationSets are disabled + description: Align with upstream dex initContainers diff --git a/charts/argo-cd/templates/dex/deployment.yaml b/charts/argo-cd/templates/dex/deployment.yaml index 6ae171706..2acf4242b 100755 --- a/charts/argo-cd/templates/dex/deployment.yaml +++ b/charts/argo-cd/templates/dex/deployment.yaml @@ -136,7 +136,7 @@ spec: - name: copyutil image: {{ default .Values.global.image.repository .Values.dex.initImage.repository }}:{{ default (include "argo-cd.defaultTag" .) .Values.dex.initImage.tag }} imagePullPolicy: {{ default .Values.global.image.imagePullPolicy .Values.dex.initImage.imagePullPolicy }} - args: + command: - /bin/cp - -n - /usr/local/bin/argocd From feb7fc0bb8b2a33f0b7fc5772d597eb67775f977 Mon Sep 17 00:00:00 2001 From: Michael Weber Date: Tue, 23 May 2023 02:07:34 -0500 Subject: [PATCH 196/356] feat(argo-rollouts): add deployment annotations for controller (#2048) * feat(argo-rollouts): deployment annotations for controller, dashboard Signed-off-by: Michael Weber * chore: Apply changes from code review Signed-off-by: Marco Kilchhofer --------- Signed-off-by: Michael Weber Signed-off-by: Marco Kilchhofer Co-authored-by: Marco Kilchhofer --- charts/argo-rollouts/Chart.yaml | 4 ++-- charts/argo-rollouts/README.md | 3 +++ charts/argo-rollouts/templates/controller/deployment.yaml | 6 ++++++ charts/argo-rollouts/templates/dashboard/deployment.yaml | 6 ++++++ charts/argo-rollouts/values.yaml | 8 ++++++++ 5 files changed, 25 insertions(+), 2 deletions(-) diff --git a/charts/argo-rollouts/Chart.yaml b/charts/argo-rollouts/Chart.yaml index 756734d17..8d87d142b 100644 --- a/charts/argo-rollouts/Chart.yaml +++ b/charts/argo-rollouts/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v2 appVersion: v1.5.0 description: A Helm chart for Argo Rollouts name: argo-rollouts -version: 2.29.0 +version: 2.30.0 home: https://github.com/argoproj/argo-helm icon: https://argoproj.github.io/argo-rollouts/assets/logo.png keywords: @@ -19,4 +19,4 @@ annotations: url: https://argoproj.github.io/argo-helm/pgp_keys.asc artifacthub.io/changes: | - kind: added - description: Ability to configure healthz and metrics ports to be compatible with Istio + description: ability to annotate controller Deployment diff --git a/charts/argo-rollouts/README.md b/charts/argo-rollouts/README.md index 70a617458..a7f8a0607 100644 --- a/charts/argo-rollouts/README.md +++ b/charts/argo-rollouts/README.md @@ -49,6 +49,7 @@ For full list of changes please check ArtifactHub [changelog]. | createClusterAggregateRoles | bool | `true` | flag to enable creation of cluster aggregate roles (requires cluster RBAC) | | extraObjects | list | `[]` | Additional manifests to deploy within the chart. A list of objects. | | fullnameOverride | string | `nil` | String to fully override "argo-rollouts.fullname" template | +| global.deploymentAnnotations | object | `{}` | Annotations for all deployed Deployments | | imagePullSecrets | list | `[]` | Secrets with credentials to pull images from a private registry. Registry secret names as an array. | | installCRDs | bool | `true` | Install and upgrade CRDs | | keepCRDs | bool | `true` | Keep CRD's on helm uninstall | @@ -78,6 +79,7 @@ For full list of changes please check ArtifactHub [changelog]. | controller.containerPorts.healthz | int | `8080` | Healthz container port | | controller.containerPorts.metrics | int | `8090` | Metrics container port | | controller.createClusterRole | bool | `true` | flag to enable creation of cluster controller role (requires cluster RBAC) | +| controller.deploymentAnnotations | object | `{}` | Annotations to be added to the controller deployment | | controller.extraArgs | list | `[]` | Additional command line arguments to pass to rollouts-controller. A list of flags. | | controller.extraContainers | list | `[]` | Literal yaml for extra containers to be added to controller deployment. | | controller.extraEnv | list | `[]` | Additional environment variables for rollouts-controller. A list of name/value maps. | @@ -127,6 +129,7 @@ For full list of changes please check ArtifactHub [changelog]. | dashboard.component | string | `"rollouts-dashboard"` | Value of label `app.kubernetes.io/component` | | dashboard.containerSecurityContext | object | `{}` | Security Context to set on container level | | dashboard.createClusterRole | bool | `true` | flag to enable creation of dashbord cluster role (requires cluster RBAC) | +| dashboard.deploymentAnnotations | object | `{}` | Annotations to be added to the dashboard deployment | | dashboard.enabled | bool | `false` | Deploy dashboard server | | dashboard.extraArgs | list | `[]` | Additional command line arguments to pass to rollouts-dashboard. A list of flags. | | dashboard.extraEnv | list | `[]` | Additional environment variables for rollouts-dashboard. A list of name/value maps. | diff --git a/charts/argo-rollouts/templates/controller/deployment.yaml b/charts/argo-rollouts/templates/controller/deployment.yaml index a40dd9ed8..966491c85 100644 --- a/charts/argo-rollouts/templates/controller/deployment.yaml +++ b/charts/argo-rollouts/templates/controller/deployment.yaml @@ -1,6 +1,12 @@ apiVersion: apps/v1 kind: Deployment metadata: + {{- with (mergeOverwrite (deepCopy .Values.global.deploymentAnnotations) .Values.controller.deploymentAnnotations) }} + annotations: + {{- range $key, $value := . }} + {{ $key }}: {{ $value | quote }} + {{- end }} + {{- end }} name: {{ include "argo-rollouts.fullname" . }} namespace: {{ .Release.Namespace | quote }} labels: diff --git a/charts/argo-rollouts/templates/dashboard/deployment.yaml b/charts/argo-rollouts/templates/dashboard/deployment.yaml index 342e19968..cae248881 100644 --- a/charts/argo-rollouts/templates/dashboard/deployment.yaml +++ b/charts/argo-rollouts/templates/dashboard/deployment.yaml @@ -2,6 +2,12 @@ apiVersion: apps/v1 kind: Deployment metadata: + {{- with (mergeOverwrite (deepCopy .Values.global.deploymentAnnotations) .Values.dashboard.deploymentAnnotations) }} + annotations: + {{- range $key, $value := . }} + {{ $key }}: {{ $value | quote }} + {{- end }} + {{- end }} name: {{ include "argo-rollouts.fullname" . }}-dashboard namespace: {{ .Release.Namespace | quote }} labels: diff --git a/charts/argo-rollouts/values.yaml b/charts/argo-rollouts/values.yaml index 2ea4fbb45..6a533eaf8 100644 --- a/charts/argo-rollouts/values.yaml +++ b/charts/argo-rollouts/values.yaml @@ -38,9 +38,15 @@ extraObjects: [] # api-key: # app-key: +global: + # -- Annotations for all deployed Deployments + deploymentAnnotations: {} + controller: # -- Value of label `app.kubernetes.io/component` component: rollouts-controller + # -- Annotations to be added to the controller deployment + deploymentAnnotations: {} # -- Annotations to be added to application controller pods podAnnotations: {} # -- [Node selector] @@ -253,6 +259,8 @@ dashboard: readonly: false # -- Value of label `app.kubernetes.io/component` component: rollouts-dashboard + # -- Annotations to be added to the dashboard deployment + deploymentAnnotations: {} # -- Annotations to be added to application dashboard pods podAnnotations: {} # -- [Node selector] From cd4c291e47f0e9c1184fb05e79d9f3b742195c5c Mon Sep 17 00:00:00 2001 From: Wim Fournier Date: Tue, 23 May 2023 22:29:26 +0200 Subject: [PATCH 197/356] fix(argo-cd): Allow to disable containerSecurityContext (#2072) * Allow to disable containerSecurityContext Add a `enabled` property to allow the whole containerSecurityContext to be disabled. Fixes https://github.com/argoproj/argo-helm/issues/2071 Signed-off-by: wim.fournier Signed-off-by: Wim Fournier * fix missing space Signed-off-by: Wim Fournier * remove enabled key Signed-off-by: Wim Fournier * fix typo Signed-off-by: Wim Fournier * missed one Signed-off-by: Wim Fournier * simplify using `with`, thx @pborn-ionos! Signed-off-by: wim.fournier * missed one Signed-off-by: wim.fournier --------- Signed-off-by: wim.fournier Signed-off-by: Wim Fournier Signed-off-by: wim.fournier Co-authored-by: wim.fournier --- charts/argo-cd/Chart.yaml | 4 ++-- .../argocd-application-controller/statefulset.yaml | 4 +++- .../templates/argocd-applicationset/deployment.yaml | 4 +++- .../templates/argocd-notifications/deployment.yaml | 4 +++- .../argo-cd/templates/argocd-repo-server/deployment.yaml | 4 +++- charts/argo-cd/templates/argocd-server/deployment.yaml | 8 ++++++-- charts/argo-cd/templates/dex/deployment.yaml | 8 ++++++-- charts/argo-cd/templates/redis/deployment.yaml | 8 ++++++-- 8 files changed, 32 insertions(+), 12 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index 72042538c..17f73eb4e 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -3,7 +3,7 @@ appVersion: v2.7.2 kubeVersion: ">=1.22.0-0" description: A Helm chart for Argo CD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 5.34.3 +version: 5.34.4 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png sources: @@ -27,4 +27,4 @@ annotations: url: https://argoproj.github.io/argo-helm/pgp_keys.asc artifacthub.io/changes: | - kind: fixed - description: Align with upstream dex initContainers + description: Allow to disable containerSecurityContext diff --git a/charts/argo-cd/templates/argocd-application-controller/statefulset.yaml b/charts/argo-cd/templates/argocd-application-controller/statefulset.yaml index c56bf0b33..26b9d2f59 100644 --- a/charts/argo-cd/templates/argocd-application-controller/statefulset.yaml +++ b/charts/argo-cd/templates/argocd-application-controller/statefulset.yaml @@ -255,8 +255,10 @@ spec: failureThreshold: {{ .Values.controller.readinessProbe.failureThreshold }} resources: {{- toYaml .Values.controller.resources | nindent 10 }} + {{- with .Values.controller.containerSecurityContext }} securityContext: - {{- toYaml .Values.controller.containerSecurityContext | nindent 10 }} + {{- toYaml . | nindent 10 }} + {{- end }} workingDir: /home/argocd volumeMounts: {{- with .Values.controller.volumeMounts }} diff --git a/charts/argo-cd/templates/argocd-applicationset/deployment.yaml b/charts/argo-cd/templates/argocd-applicationset/deployment.yaml index 9033f5b47..f3ce127a2 100644 --- a/charts/argo-cd/templates/argocd-applicationset/deployment.yaml +++ b/charts/argo-cd/templates/argocd-applicationset/deployment.yaml @@ -182,8 +182,10 @@ spec: {{- end }} resources: {{- toYaml .Values.applicationSet.resources | nindent 12 }} + {{- with .Values.applicationSet.containerSecurityContext }} securityContext: - {{- toYaml .Values.applicationSet.containerSecurityContext | nindent 12 }} + {{- toYaml . | nindent 12 }} + {{- end }} volumeMounts: {{- with .Values.applicationSet.extraVolumeMounts }} {{- toYaml . | nindent 12 }} diff --git a/charts/argo-cd/templates/argocd-notifications/deployment.yaml b/charts/argo-cd/templates/argocd-notifications/deployment.yaml index d49944fdc..d3f21b02a 100644 --- a/charts/argo-cd/templates/argocd-notifications/deployment.yaml +++ b/charts/argo-cd/templates/argocd-notifications/deployment.yaml @@ -80,8 +80,10 @@ spec: protocol: TCP resources: {{- toYaml .Values.notifications.resources | nindent 12 }} + {{- with .Values.notifications.containerSecurityContext }} securityContext: - {{- toYaml .Values.notifications.containerSecurityContext | nindent 12 }} + {{- toYaml . | nindent 12 }} + {{- end }} workingDir: /app volumeMounts: - name: tls-certs diff --git a/charts/argo-cd/templates/argocd-repo-server/deployment.yaml b/charts/argo-cd/templates/argocd-repo-server/deployment.yaml index 4f2c45bdb..759dc587b 100755 --- a/charts/argo-cd/templates/argocd-repo-server/deployment.yaml +++ b/charts/argo-cd/templates/argocd-repo-server/deployment.yaml @@ -273,8 +273,10 @@ spec: failureThreshold: {{ .Values.repoServer.readinessProbe.failureThreshold }} resources: {{- toYaml .Values.repoServer.resources | nindent 10 }} + {{- with .Values.repoServer.containerSecurityContext }} securityContext: - {{- toYaml .Values.repoServer.containerSecurityContext | nindent 10 }} + {{- toYaml . | nindent 10 }} + {{- end }} {{- with .Values.repoServer.lifecycle }} lifecycle: {{- toYaml . | nindent 10 }} diff --git a/charts/argo-cd/templates/argocd-server/deployment.yaml b/charts/argo-cd/templates/argocd-server/deployment.yaml index 7ce72e800..62436af7f 100755 --- a/charts/argo-cd/templates/argocd-server/deployment.yaml +++ b/charts/argo-cd/templates/argocd-server/deployment.yaml @@ -334,8 +334,10 @@ spec: failureThreshold: {{ .Values.server.readinessProbe.failureThreshold }} resources: {{- toYaml .Values.server.resources | nindent 10 }} + {{- with .Values.server.containerSecurityContext }} securityContext: - {{- toYaml .Values.server.containerSecurityContext | nindent 10 }} + {{- toYaml . | nindent 10 }} + {{- end }} {{- with .Values.server.lifecycle }} lifecycle: {{- toYaml . | nindent 10 }} @@ -346,8 +348,10 @@ spec: imagePullPolicy: {{ .Values.server.extensions.image.imagePullPolicy }} resources: {{- toYaml .Values.server.extensions.resources | nindent 10 }} + {{- with .Values.server.extensions.containerSecurityContext }} securityContext: - {{- toYaml .Values.server.extensions.containerSecurityContext | nindent 10 }} + {{- toYaml . | nindent 10 }} + {{- end }} volumeMounts: - name: extensions mountPath: /tmp/extensions/ diff --git a/charts/argo-cd/templates/dex/deployment.yaml b/charts/argo-cd/templates/dex/deployment.yaml index 2acf4242b..c623315f7 100755 --- a/charts/argo-cd/templates/dex/deployment.yaml +++ b/charts/argo-cd/templates/dex/deployment.yaml @@ -117,8 +117,10 @@ spec: {{- end }} resources: {{- toYaml .Values.dex.resources | nindent 10 }} + {{- with .Values.dex.containerSecurityContext }} securityContext: - {{- toYaml .Values.dex.containerSecurityContext | nindent 10 }} + {{- toYaml . | nindent 10 }} + {{- end }} volumeMounts: {{- with .Values.dex.volumeMounts }} {{- toYaml . | nindent 8 }} @@ -148,8 +150,10 @@ spec: name: dexconfig resources: {{- toYaml .Values.dex.resources | nindent 10 }} + {{- with .Values.dex.containerSecurityContext }} securityContext: - {{- toYaml .Values.dex.containerSecurityContext | nindent 10 }} + {{- toYaml . | nindent 10 }} + {{- end }} {{- with .Values.dex.initContainers }} {{- tpl (toYaml .) $ | nindent 6 }} {{- end }} diff --git a/charts/argo-cd/templates/redis/deployment.yaml b/charts/argo-cd/templates/redis/deployment.yaml index fc0bebbdc..bfe7c4807 100755 --- a/charts/argo-cd/templates/redis/deployment.yaml +++ b/charts/argo-cd/templates/redis/deployment.yaml @@ -75,8 +75,10 @@ spec: protocol: TCP resources: {{- toYaml .Values.redis.resources | nindent 10 }} + {{- with .Values.redis.containerSecurityContext }} securityContext: - {{- toYaml .Values.redis.containerSecurityContext | nindent 10 }} + {{- toYaml . | nindent 10 }} + {{- end }} {{- with .Values.redis.volumeMounts }} volumeMounts: {{- toYaml . | nindent 10 }} @@ -99,8 +101,10 @@ spec: protocol: TCP resources: {{- toYaml .Values.redis.exporter.resources | nindent 10 }} + {{- with .Values.redis.exporter.containerSecurityContext }} securityContext: - {{- toYaml .Values.redis.exporter.containerSecurityContext | nindent 10 }} + {{- toYaml . | nindent 10 }} + {{- end }} {{- end }} {{- with .Values.redis.extraContainers }} {{- tpl (toYaml .) $ | nindent 6 }} From a0d45ae19ab29cd4acb61841629b40f12cf83a68 Mon Sep 17 00:00:00 2001 From: Alex Street Date: Wed, 24 May 2023 18:23:12 -0500 Subject: [PATCH 198/356] chore(argo-cd): Upgrade Argo CD to v2.7.3 (#2075) Signed-off-by: leif013 --- charts/argo-cd/Chart.yaml | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index 17f73eb4e..423dbb441 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -1,9 +1,9 @@ apiVersion: v2 -appVersion: v2.7.2 +appVersion: v2.7.3 kubeVersion: ">=1.22.0-0" description: A Helm chart for Argo CD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 5.34.4 +version: 5.34.5 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png sources: @@ -26,5 +26,5 @@ annotations: fingerprint: 2B8F22F57260EFA67BE1C5824B11F800CD9D2252 url: https://argoproj.github.io/argo-helm/pgp_keys.asc artifacthub.io/changes: | - - kind: fixed - description: Allow to disable containerSecurityContext + - kind: changed + description: Upgrade Argo CD to v2.7.3 From 23b94151c6f3120834167e280016e6fff5949e74 Mon Sep 17 00:00:00 2001 From: Aikawa Date: Thu, 25 May 2023 21:30:48 +0900 Subject: [PATCH 199/356] chore(argo-workflows): Enable to configure Service Monitor port (#2076) --- charts/argo-workflows/Chart.yaml | 10 +++------- .../controller/workflow-controller-servicemonitor.yaml | 2 +- 2 files changed, 4 insertions(+), 8 deletions(-) diff --git a/charts/argo-workflows/Chart.yaml b/charts/argo-workflows/Chart.yaml index 84e49d849..0a0018c2a 100644 --- a/charts/argo-workflows/Chart.yaml +++ b/charts/argo-workflows/Chart.yaml @@ -3,7 +3,7 @@ appVersion: v3.4.7 name: argo-workflows description: A Helm chart for Argo Workflows type: application -version: 0.28.0 +version: 0.28.1 icon: https://argoproj.github.io/argo-workflows/assets/logo.png home: https://github.com/argoproj/argo-helm sources: @@ -16,9 +16,5 @@ annotations: fingerprint: 2B8F22F57260EFA67BE1C5824B11F800CD9D2252 url: https://argoproj.github.io/argo-helm/pgp_keys.asc artifacthub.io/changes: | - - kind: added - description: Add support for Google ManagedCertificate on GKE - - kind: added - description: Add support for Google FrontendConfig on GKE - - kind: added - description: Add support for Google BackendConfig on GKE + - kind: changed + description: Enable to configure Service Monitor port diff --git a/charts/argo-workflows/templates/controller/workflow-controller-servicemonitor.yaml b/charts/argo-workflows/templates/controller/workflow-controller-servicemonitor.yaml index e5e8307fa..6643d6342 100644 --- a/charts/argo-workflows/templates/controller/workflow-controller-servicemonitor.yaml +++ b/charts/argo-workflows/templates/controller/workflow-controller-servicemonitor.yaml @@ -12,7 +12,7 @@ metadata: spec: endpoints: {{- if .Values.controller.metricsConfig.enabled }} - - port: metrics + - port: {{ .Values.controller.metricsConfig.servicePortName }} path: {{ .Values.controller.metricsConfig.path }} interval: 30s {{- with .Values.controller.metricsConfig.relabelings }} From cf3a8eed84ac537f0377daf230a6e5e9a8682874 Mon Sep 17 00:00:00 2001 From: Jason Meridth Date: Thu, 25 May 2023 23:19:03 -0500 Subject: [PATCH 200/356] chore(argo-workflows): upgrade argo workflows to v3.4.8 (#2077) --- charts/argo-workflows/Chart.yaml | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/charts/argo-workflows/Chart.yaml b/charts/argo-workflows/Chart.yaml index 0a0018c2a..6ac0cf5c5 100644 --- a/charts/argo-workflows/Chart.yaml +++ b/charts/argo-workflows/Chart.yaml @@ -1,9 +1,9 @@ apiVersion: v2 -appVersion: v3.4.7 +appVersion: v3.4.8 name: argo-workflows description: A Helm chart for Argo Workflows type: application -version: 0.28.1 +version: 0.28.2 icon: https://argoproj.github.io/argo-workflows/assets/logo.png home: https://github.com/argoproj/argo-helm sources: @@ -17,4 +17,4 @@ annotations: url: https://argoproj.github.io/argo-helm/pgp_keys.asc artifacthub.io/changes: | - kind: changed - description: Enable to configure Service Monitor port + description: Upgrade to Argo Workflows v3.4.8 From 2fbc8566375194009ed491d015f3c78b5b094aba Mon Sep 17 00:00:00 2001 From: Tal Yitzhak Date: Sat, 27 May 2023 17:51:41 +0300 Subject: [PATCH 201/356] feat(argo-rollouts): Fix cluster role missing access in argo rollouts dashboard (#2081) * docs(github): comment out notational pieces of PR template (#1969) github: comment out notational pieces of PR template - the DCO and publishing sentences are not filled out during PRs and are purely notational - comment them out with HTML comments, as is common practice - example from a repo I maintain: https://github.com/ezolenko/rollup-plugin-typescript2/blob/f6db59613a66f58c48310aa8fa785951970b5d6d/.github/issue_template.md?plain=1#L2 - I copied that from other repos too - these comments are still visible to the PR author, just not visible when rendered, keeping the PR more concise Signed-off-by: Anton Gilgur Co-authored-by: Marco Kilchhofer Signed-off-by: Tal Yitzhak * Added missing permissions for argo rollouts dashboard cluster role - for config map, should be able to get Signed-off-by: Tal Yitzhak * Added missing permissions for argo rollouts dashboard cluster role - for config map, should be able to get Signed-off-by: Tal Yitzhak --------- Signed-off-by: Anton Gilgur Signed-off-by: Tal Yitzhak Signed-off-by: Tal Yitzhak Co-authored-by: Anton Gilgur <4970083+agilgur5@users.noreply.github.com> Co-authored-by: Marco Kilchhofer Co-authored-by: Tal Yitzhak --- charts/argo-rollouts/Chart.yaml | 4 ++-- charts/argo-rollouts/templates/dashboard/clusterrole.yaml | 6 ++++++ 2 files changed, 8 insertions(+), 2 deletions(-) diff --git a/charts/argo-rollouts/Chart.yaml b/charts/argo-rollouts/Chart.yaml index 8d87d142b..0acb2c64e 100644 --- a/charts/argo-rollouts/Chart.yaml +++ b/charts/argo-rollouts/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v2 appVersion: v1.5.0 description: A Helm chart for Argo Rollouts name: argo-rollouts -version: 2.30.0 +version: 2.30.1 home: https://github.com/argoproj/argo-helm icon: https://argoproj.github.io/argo-rollouts/assets/logo.png keywords: @@ -19,4 +19,4 @@ annotations: url: https://argoproj.github.io/argo-helm/pgp_keys.asc artifacthub.io/changes: | - kind: added - description: ability to annotate controller Deployment + description: Missing get access for configmaps in argo rollouts dashboard service account role diff --git a/charts/argo-rollouts/templates/dashboard/clusterrole.yaml b/charts/argo-rollouts/templates/dashboard/clusterrole.yaml index 0d69d67e4..cb3e457a5 100644 --- a/charts/argo-rollouts/templates/dashboard/clusterrole.yaml +++ b/charts/argo-rollouts/templates/dashboard/clusterrole.yaml @@ -71,6 +71,12 @@ rules: verbs: - list - watch + - apiGroups: + - "" + resources: + - configmaps + verbs: + - get - apiGroups: - coordination.k8s.io resources: From ec14ee0e7a9ea108b7b0e8830afc497b3025f7b5 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Sat, 27 May 2023 21:42:42 +0200 Subject: [PATCH 202/356] chore(deps): bump github/codeql-action from 2.3.3 to 2.3.5 (#2084) Bumps [github/codeql-action](https://github.com/github/codeql-action) from 2.3.3 to 2.3.5. - [Release notes](https://github.com/github/codeql-action/releases) - [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md) - [Commits](https://github.com/github/codeql-action/compare/29b1f65c5e92e24fe6b6647da1eaabe529cec70f...0225834cc549ee0ca93cb085b92954821a145866) --- updated-dependencies: - dependency-name: github/codeql-action dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Marco Kilchhofer --- .github/workflows/scorecard.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/scorecard.yml b/.github/workflows/scorecard.yml index 7f5cbfa57..02aea3a69 100644 --- a/.github/workflows/scorecard.yml +++ b/.github/workflows/scorecard.yml @@ -68,6 +68,6 @@ jobs: # Upload the results to GitHub's code scanning dashboard. - name: "Upload to code-scanning" - uses: github/codeql-action/upload-sarif@29b1f65c5e92e24fe6b6647da1eaabe529cec70f # v2.3.3 + uses: github/codeql-action/upload-sarif@0225834cc549ee0ca93cb085b92954821a145866 # v2.3.5 with: sarif_file: results.sarif From 32b86a7c31d989851b384afe9f76187ea480ea10 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Sat, 27 May 2023 14:58:10 -0500 Subject: [PATCH 203/356] chore(deps): bump actions/labeler from 4.0.3 to 4.0.4 (#2082) --- .github/workflows/pr-sizing.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/pr-sizing.yml b/.github/workflows/pr-sizing.yml index f75d7f82b..1078a9bb0 100644 --- a/.github/workflows/pr-sizing.yml +++ b/.github/workflows/pr-sizing.yml @@ -16,7 +16,7 @@ jobs: triage: runs-on: ubuntu-latest steps: - - uses: actions/labeler@ba790c862c380240c6d5e7427be5ace9a05c754b # v4.0.3 + - uses: actions/labeler@0776a679364a9a16110aac8d0f40f5e11009e327 # v4.0.4 with: configuration-path: ".github/configs/labeler.yaml" repo-token: "${{ secrets.GITHUB_TOKEN }}" From fb4a8949ec6222f0033562382b413a8b4fc65e73 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Sat, 27 May 2023 22:32:07 +0200 Subject: [PATCH 204/356] chore(deps): bump actions/setup-python from 4.6.0 to 4.6.1 (#2083) Bumps [actions/setup-python](https://github.com/actions/setup-python) from 4.6.0 to 4.6.1. - [Release notes](https://github.com/actions/setup-python/releases) - [Commits](https://github.com/actions/setup-python/compare/57ded4d7d5e986d7296eab16560982c6dd7c923b...bd6b4b6205c4dbad673328db7b31b7fab9e241c0) --- updated-dependencies: - dependency-name: actions/setup-python dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Marco Kilchhofer Co-authored-by: Jason Meridth --- .github/workflows/lint-and-test.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/lint-and-test.yml b/.github/workflows/lint-and-test.yml index e7e35f8a9..b750cc2cf 100644 --- a/.github/workflows/lint-and-test.yml +++ b/.github/workflows/lint-and-test.yml @@ -32,7 +32,7 @@ jobs: version: v3.10.1 # Also update in publish.yaml - name: Set up python - uses: actions/setup-python@57ded4d7d5e986d7296eab16560982c6dd7c923b # v4.6.0 + uses: actions/setup-python@bd6b4b6205c4dbad673328db7b31b7fab9e241c0 # v4.6.1 with: python-version: 3.9 From 438f7a26b7518ec1fc4133f12f58cb0b8d1a2765 Mon Sep 17 00:00:00 2001 From: Milos Hauser <16776599+hau21um@users.noreply.github.com> Date: Mon, 29 May 2023 06:29:30 +0200 Subject: [PATCH 205/356] feat(argo-cd): Adding "appProtocol: HTTPS" to HTTPS service port of argocd-server. (#1955) --- charts/argo-cd/Chart.yaml | 6 +++--- charts/argo-cd/templates/argocd-server/service.yaml | 3 +++ charts/argo-cd/values.yaml | 2 ++ 3 files changed, 8 insertions(+), 3 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index 423dbb441..0f570ca38 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -3,7 +3,7 @@ appVersion: v2.7.3 kubeVersion: ">=1.22.0-0" description: A Helm chart for Argo CD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 5.34.5 +version: 5.34.6 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png sources: @@ -26,5 +26,5 @@ annotations: fingerprint: 2B8F22F57260EFA67BE1C5824B11F800CD9D2252 url: https://argoproj.github.io/argo-helm/pgp_keys.asc artifacthub.io/changes: | - - kind: changed - description: Upgrade Argo CD to v2.7.3 + - kind: added + description: Option to set appProtocol for Argocd server https service port diff --git a/charts/argo-cd/templates/argocd-server/service.yaml b/charts/argo-cd/templates/argocd-server/service.yaml index 5a31f0b87..b9881f882 100644 --- a/charts/argo-cd/templates/argocd-server/service.yaml +++ b/charts/argo-cd/templates/argocd-server/service.yaml @@ -31,6 +31,9 @@ spec: {{- if eq .Values.server.service.type "NodePort" }} nodePort: {{ .Values.server.service.nodePortHttps }} {{- end }} + {{- with .Values.server.service.servicePortHttpsAppProtocol }} + appProtocol: {{ . }} + {{- end }} selector: {{- include "argo-cd.selectorLabels" (dict "context" . "name" .Values.server.name) | nindent 4 }} {{- if eq .Values.server.service.type "LoadBalancer" }} diff --git a/charts/argo-cd/values.yaml b/charts/argo-cd/values.yaml index 2906eb82b..cbe46d2e2 100644 --- a/charts/argo-cd/values.yaml +++ b/charts/argo-cd/values.yaml @@ -1768,6 +1768,8 @@ server: servicePortHttpName: http # -- Server service https port name, can be used to route traffic via istio servicePortHttpsName: https + # -- Server service https port appProtocol. (should be upper case - i.e. HTTPS) + # servicePortHttpsAppProtocol: HTTPS # -- LoadBalancer will get created with the IP specified in this field loadBalancerIP: "" # -- Source IP ranges to allow access to service from From 2f410bb794101e2afdb714c6540c8ef09d73d5e1 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Sat, 3 Jun 2023 09:09:01 -0500 Subject: [PATCH 206/356] chore(deps): bump pascalgn/size-label-action from 0.4.3 to 0.5.0 (#2092) --- .github/workflows/pr-sizing.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/pr-sizing.yml b/.github/workflows/pr-sizing.yml index 1078a9bb0..1b6d3699d 100644 --- a/.github/workflows/pr-sizing.yml +++ b/.github/workflows/pr-sizing.yml @@ -25,6 +25,6 @@ jobs: size-label: runs-on: ubuntu-latest steps: - - uses: pascalgn/size-label-action@1619680c5ac1ef360b944bb56a57587ba4aa2af8 # v0.4.3 + - uses: pascalgn/size-label-action@37a5ad4ae20ea8032abf169d953bcd661fd82cd3 # v0.5.0 env: GITHUB_TOKEN: "${{ secrets.GITHUB_TOKEN }}" From 17d1d046a8f855bb67e0903f7a0c280ea3150d9b Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Sat, 3 Jun 2023 09:10:22 -0500 Subject: [PATCH 207/356] chore(deps): bump github/codeql-action from 2.3.5 to 2.3.6 (#2091) --- .github/workflows/scorecard.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/scorecard.yml b/.github/workflows/scorecard.yml index 02aea3a69..4a2072698 100644 --- a/.github/workflows/scorecard.yml +++ b/.github/workflows/scorecard.yml @@ -68,6 +68,6 @@ jobs: # Upload the results to GitHub's code scanning dashboard. - name: "Upload to code-scanning" - uses: github/codeql-action/upload-sarif@0225834cc549ee0ca93cb085b92954821a145866 # v2.3.5 + uses: github/codeql-action/upload-sarif@83f0fe6c4988d98a455712a27f0255212bba9bd4 # v2.3.6 with: sarif_file: results.sarif From 5fb6688bcbeef2b7b1e1ed8a96d4eb7d172e5c1d Mon Sep 17 00:00:00 2001 From: Aikawa Date: Sat, 3 Jun 2023 23:40:50 +0900 Subject: [PATCH 208/356] chore(argo-workflows): Declare SSO configuration explicitly on values.yaml (#2089) Signed-off-by: yu-croco Co-authored-by: Jason Meridth --- charts/argo-workflows/Chart.yaml | 4 +- charts/argo-workflows/README.md | 16 ++++- .../workflow-controller-config-map.yaml | 44 ++++++------- .../server/server-cluster-roles.yaml | 10 ++- charts/argo-workflows/values.yaml | 65 ++++++++++++------- 5 files changed, 82 insertions(+), 57 deletions(-) diff --git a/charts/argo-workflows/Chart.yaml b/charts/argo-workflows/Chart.yaml index 6ac0cf5c5..8f899e6ca 100644 --- a/charts/argo-workflows/Chart.yaml +++ b/charts/argo-workflows/Chart.yaml @@ -3,7 +3,7 @@ appVersion: v3.4.8 name: argo-workflows description: A Helm chart for Argo Workflows type: application -version: 0.28.2 +version: 0.29.0 icon: https://argoproj.github.io/argo-workflows/assets/logo.png home: https://github.com/argoproj/argo-helm sources: @@ -17,4 +17,4 @@ annotations: url: https://argoproj.github.io/argo-helm/pgp_keys.asc artifacthub.io/changes: | - kind: changed - description: Upgrade to Argo Workflows v3.4.8 + description: Declare SSO configuration explicitly on values.yaml diff --git a/charts/argo-workflows/README.md b/charts/argo-workflows/README.md index b5612a169..f46d10e08 100644 --- a/charts/argo-workflows/README.md +++ b/charts/argo-workflows/README.md @@ -302,7 +302,21 @@ Fields to note: | server.servicePort | int | `2746` | Service port for server | | server.servicePortName | string | `""` | Service port name | | server.serviceType | string | `"ClusterIP"` | Service type for server pods | -| server.sso | object | `{}` | SSO configuration when SSO is specified as a server auth mode. | +| server.sso.clientId.key | string | `"client-id"` | Key of secret to retrieve the app OIDC client ID | +| server.sso.clientId.name | string | `"argo-server-sso"` | Name of secret to retrieve the app OIDC client ID | +| server.sso.clientSecret.key | string | `"client-secret"` | Key of a secret to retrieve the app OIDC client secret | +| server.sso.clientSecret.name | string | `"argo-server-sso"` | Name of a secret to retrieve the app OIDC client secret | +| server.sso.customGroupClaimName | string | `""` | Override claim name for OIDC groups | +| server.sso.enabled | bool | `false` | Create SSO configuration | +| server.sso.insecureSkipVerify | bool | `false` | Skip TLS verification for the HTTP client | +| server.sso.issuer | string | `"https://accounts.google.com"` | The root URL of the OIDC identity provider | +| server.sso.issuerAlias | string | `""` | Alternate root URLs that can be included for some OIDC providers | +| server.sso.rbac.enabled | bool | `true` | Adds ServiceAccount Policy to server (Cluster)Role. | +| server.sso.rbac.secretWhitelist | list | `[]` | Whitelist to allow server to fetch Secrets | +| server.sso.redirectUrl | string | `"https://argo/oauth2/callback"` | | +| server.sso.scopes | list | `[]` | Scopes requested from the SSO ID provider | +| server.sso.sessionExpiry | string | `""` | Define how long your login is valid for (in hours) | +| server.sso.userInfoPath | string | `""` | Specify the user info endpoint that contains the groups claim | | server.tolerations | list | `[]` | [Tolerations] for use with node taints | | server.topologySpreadConstraints | list | `[]` | Assign custom [TopologySpreadConstraints] rules to the argo server | | server.volumeMounts | list | `[]` | Additional volume mounts to the server main container. | diff --git a/charts/argo-workflows/templates/controller/workflow-controller-config-map.yaml b/charts/argo-workflows/templates/controller/workflow-controller-config-map.yaml index d30db859c..ef39ddc7d 100644 --- a/charts/argo-workflows/templates/controller/workflow-controller-config-map.yaml +++ b/charts/argo-workflows/templates/controller/workflow-controller-config-map.yaml @@ -126,37 +126,35 @@ data: {{- if .Values.controller.workflowDefaults }} workflowDefaults: {{ toYaml .Values.controller.workflowDefaults | indent 6 }}{{- end }} - {{- with .Values.server.sso }} + {{- if .Values.server.sso.enabled }} sso: - issuer: {{ .issuer }} + issuer: {{ .Values.server.sso.issuer }} clientId: - name: {{ .clientId.name }} - key: {{ .clientId.key }} + name: {{ .Values.server.sso.clientId.name }} + key: {{ .Values.server.sso.clientId.key }} clientSecret: - name: {{ .clientSecret.name }} - key: {{ .clientSecret.key }} - redirectUrl: {{ .redirectUrl }} - {{- with .rbac }} + name: {{ .Values.server.sso.clientSecret.name }} + key: {{ .Values.server.sso.clientSecret.key }} + redirectUrl: {{ .Values.server.sso.redirectUrl }} rbac: - enabled: {{ .enabled }} + enabled: {{ .Values.server.sso.rbac.enabled }} + {{- with .Values.server.sso.scopes }} + scopes: {{ toYaml . | nindent 8 }} {{- end }} - {{- if .scopes }} - scopes: {{ toYaml .scopes | nindent 8 }} + {{- with .Values.server.sso.issuerAlias }} + issuerAlias: {{ toYaml . }} {{- end }} - {{- if .issuerAlias }} - issuerAlias: {{ .issuerAlias }} + {{- with .Values.server.sso.sessionExpiry }} + sessionExpiry: {{ toYaml . }} {{- end }} - {{- if .sessionExpiry }} - sessionExpiry: {{ .sessionExpiry }} + {{- with .Values.server.sso.customGroupClaimName }} + customGroupClaimName: {{ toYaml . }} {{- end }} - {{- if .customGroupClaimName }} - customGroupClaimName: {{ .customGroupClaimName }} + {{- with .Values.server.sso.userInfoPath }} + userInfoPath: {{ toYaml . }} {{- end }} - {{- if .userInfoPath }} - userInfoPath: {{ .userInfoPath }} - {{- end }} - {{- if .insecureSkipVerify }} - insecureSkipVerify: {{ .insecureSkipVerify }} + {{- with .Values.server.sso.insecureSkipVerify }} + insecureSkipVerify: {{ toYaml . }} {{- end }} {{- end }} {{- with .Values.controller.workflowRestrictions }} @@ -184,4 +182,4 @@ data: {{- end }} {{- with .Values.controller.podGCDeleteDelayDuration }} podGCDeleteDelayDuration: {{ . }} - {{- end }} \ No newline at end of file + {{- end }} diff --git a/charts/argo-workflows/templates/server/server-cluster-roles.yaml b/charts/argo-workflows/templates/server/server-cluster-roles.yaml index 96f12bfa0..2a52d9567 100644 --- a/charts/argo-workflows/templates/server/server-cluster-roles.yaml +++ b/charts/argo-workflows/templates/server/server-cluster-roles.yaml @@ -38,7 +38,7 @@ rules: verbs: - get - list -{{- if .Values.server.sso }} +{{- if .Values.server.sso.enabled }} - apiGroups: - "" resources: @@ -54,7 +54,7 @@ rules: - secrets verbs: - create - {{- if .Values.server.sso.rbac }} + {{- if .Values.server.sso.rbac.enabled }} - apiGroups: - "" resources: @@ -73,11 +73,9 @@ rules: - get - list - watch -{{- if .Values.server.sso }} - {{- if .Values.server.sso.rbac }} - {{- with .Values.server.sso.rbac.secretWhitelist }} +{{- if and .Values.server.sso.enabled .Values.server.sso.rbac.enabled }} + {{- with .Values.server.sso.rbac.secretWhitelist }} resourceNames: {{- toYaml . | nindent 4 }} - {{- end }} {{- end }} {{- end }} - apiGroups: diff --git a/charts/argo-workflows/values.yaml b/charts/argo-workflows/values.yaml index b65fd4f87..64a81d927 100644 --- a/charts/argo-workflows/values.yaml +++ b/charts/argo-workflows/values.yaml @@ -618,35 +618,50 @@ server: # -- Give the server permissions to edit ClusterWorkflowTemplates. enableEditing: true - # -- SSO configuration when SSO is specified as a server auth mode. - sso: {} - ## All the values are required. SSO is activated by adding --auth-mode=sso - ## to the server command line. - # - ## The root URL of the OIDC identity provider. - # issuer: https://accounts.google.com - ## Name of a secret and a key in it to retrieve the app OIDC client ID from. - # clientId: - # name: argo-server-sso - # key: client-id - ## Name of a secret and a key in it to retrieve the app OIDC client secret from. - # clientSecret: - # name: argo-server-sso - # key: client-secret - ## The OIDC redirect URL. Should be in the form /oauth2/callback. - # redirectUrl: https://argo/oauth2/callback - # rbac: - # enabled: true + # SSO configuration when SSO is specified as a server auth mode. + sso: + # -- Create SSO configuration + ## SSO is activated by adding --auth-mode=sso to the server command line. + enabled: false + # -- The root URL of the OIDC identity provider + issuer: https://accounts.google.com + clientId: + # -- Name of secret to retrieve the app OIDC client ID + name: argo-server-sso + # -- Key of secret to retrieve the app OIDC client ID + key: client-id + clientSecret: + # -- Name of a secret to retrieve the app OIDC client secret + name: argo-server-sso + # -- Key of a secret to retrieve the app OIDC client secret + key: client-secret + # - The OIDC redirect URL. Should be in the form /oauth2/callback. + redirectUrl: https://argo/oauth2/callback + rbac: + # -- Adds ServiceAccount Policy to server (Cluster)Role. + enabled: true + # -- Whitelist to allow server to fetch Secrets ## When present, restricts secrets the server can read to a given list. ## You can use it to restrict the server to only be able to access the ## service account token secrets that are associated with service accounts ## used for authorization. - # secretWhitelist: [] - ## Scopes requested from the SSO ID provider. The 'groups' scope requests - ## group membership information, which is usually used for authorization - ## decisions. - # scopes: - # - groups + secretWhitelist: [] + # -- Scopes requested from the SSO ID provider + ## The 'groups' scope requests group membership information, which is usually used for authorization decisions. + scopes: [] + # - groups + # -- Define how long your login is valid for (in hours) + ## If omitted, defaults to 10h. + sessionExpiry: "" + # -- Alternate root URLs that can be included for some OIDC providers + issuerAlias: "" + # -- Override claim name for OIDC groups + customGroupClaimName: "" + # -- Specify the user info endpoint that contains the groups claim + ## Configure this if your OIDC provider provides groups information only using the user-info endpoint (e.g. Okta) + userInfoPath: "" + # -- Skip TLS verification for the HTTP client + insecureSkipVerify: false # -- Extra containers to be added to the server deployment extraContainers: [] From 3a7e4b1de7908a39cb979358d1562daa582cde2c Mon Sep 17 00:00:00 2001 From: Aikawa Date: Sun, 4 Jun 2023 20:07:40 +0900 Subject: [PATCH 209/356] feat(argo-rollouts): Support Traffic Router Plugins (#2090) Signed-off-by: yu-croco Co-authored-by: Jason Meridth --- charts/argo-rollouts/Chart.yaml | 4 ++-- charts/argo-rollouts/README.md | 1 + charts/argo-rollouts/templates/controller/configmap.yaml | 3 +++ charts/argo-rollouts/values.yaml | 7 +++++++ 4 files changed, 13 insertions(+), 2 deletions(-) diff --git a/charts/argo-rollouts/Chart.yaml b/charts/argo-rollouts/Chart.yaml index 0acb2c64e..671754697 100644 --- a/charts/argo-rollouts/Chart.yaml +++ b/charts/argo-rollouts/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v2 appVersion: v1.5.0 description: A Helm chart for Argo Rollouts name: argo-rollouts -version: 2.30.1 +version: 2.31.0 home: https://github.com/argoproj/argo-helm icon: https://argoproj.github.io/argo-rollouts/assets/logo.png keywords: @@ -19,4 +19,4 @@ annotations: url: https://argoproj.github.io/argo-helm/pgp_keys.asc artifacthub.io/changes: | - kind: added - description: Missing get access for configmaps in argo rollouts dashboard service account role + description: Support Traffic Router Plugins diff --git a/charts/argo-rollouts/README.md b/charts/argo-rollouts/README.md index a7f8a0607..5add40c3e 100644 --- a/charts/argo-rollouts/README.md +++ b/charts/argo-rollouts/README.md @@ -111,6 +111,7 @@ For full list of changes please check ArtifactHub [changelog]. | controller.resources | object | `{}` | Resource limits and requests for the controller pods. | | controller.tolerations | list | `[]` | [Tolerations] for use with node taints | | controller.topologySpreadConstraints | list | `[]` | Assign custom [TopologySpreadConstraints] rules to the controller | +| controller.trafficRouterPlugins | object | `{}` | Configures 3rd party traffic router plugins for controller | | controller.volumeMounts | list | `[]` | Additional volumeMounts to add to the controller container | | controller.volumes | list | `[]` | Additional volumes to add to the controller pod | | podAnnotations | object | `{}` | Annotations for the all deployed pods | diff --git a/charts/argo-rollouts/templates/controller/configmap.yaml b/charts/argo-rollouts/templates/controller/configmap.yaml index 8eb2bbe2a..1978b2b62 100644 --- a/charts/argo-rollouts/templates/controller/configmap.yaml +++ b/charts/argo-rollouts/templates/controller/configmap.yaml @@ -10,3 +10,6 @@ data: {{- with .Values.controller.metricProviderPlugins }} {{- toYaml . | nindent 2 }} {{- end }} + {{- with .Values.controller.trafficRouterPlugins }} + {{- toYaml . | nindent 2 }} + {{- end }} diff --git a/charts/argo-rollouts/values.yaml b/charts/argo-rollouts/values.yaml index 6a533eaf8..b81ee53a9 100644 --- a/charts/argo-rollouts/values.yaml +++ b/charts/argo-rollouts/values.yaml @@ -194,6 +194,13 @@ controller: # - name: "argoproj-labs/sample-prometheus" # name of the plugin, it must match the name required by the plugin so that it can find its configuration # location: "file://./my-custom-plugin" # supports http(s):// urls and file:// + # -- Configures 3rd party traffic router plugins for controller + ## Ref: https://argo-rollouts.readthedocs.io/en/stable/features/traffic-management/plugins/ + trafficRouterPlugins: {} + # trafficRouterPlugins: |- + # - name: "argoproj-labs/sample-nginx" # name of the plugin, it must match the name required by the plugin so it can find it's configuration + # location: "file://./my-custom-plugin" # supports http(s):// urls and file:// + serviceAccount: # -- Specifies whether a service account should be created create: true From 5771a0697794f592a10eae3215981205a3077e98 Mon Sep 17 00:00:00 2001 From: Alexandre Joris Date: Mon, 5 Jun 2023 16:15:07 +0200 Subject: [PATCH 210/356] fix(argo-workflows): Fixed gcs keyFormat template example in values.yaml (#2085) * fix(argo-workflows): #2073: Fixed gcs keyFormat template example in values.yaml Signed-off-by: Alexandre Joris * bumped chart version to v0.28.3 ; added artifacthub.io/changes changelog Signed-off-by: Alexandre Joris * fixed Chart.yaml trailing spaces Signed-off-by: Alexandre Joris * chore(deps): bump pascalgn/size-label-action from 0.4.3 to 0.5.0 (#2092) Signed-off-by: Alexandre Joris * chore(deps): bump github/codeql-action from 2.3.5 to 2.3.6 (#2091) Signed-off-by: Alexandre Joris * chore(argo-workflows): Declare SSO configuration explicitly on values.yaml (#2089) Signed-off-by: yu-croco Co-authored-by: Jason Meridth Signed-off-by: Alexandre Joris * feat(argo-rollouts): Support Traffic Router Plugins (#2090) Signed-off-by: yu-croco Co-authored-by: Jason Meridth Signed-off-by: Alexandre Joris --------- Signed-off-by: Alexandre Joris Signed-off-by: yu-croco Signed-off-by: Alexandre Joris Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Jason Meridth Co-authored-by: Aikawa --- charts/argo-workflows/Chart.yaml | 6 +++--- charts/argo-workflows/values.yaml | 2 +- 2 files changed, 4 insertions(+), 4 deletions(-) diff --git a/charts/argo-workflows/Chart.yaml b/charts/argo-workflows/Chart.yaml index 8f899e6ca..44ba18996 100644 --- a/charts/argo-workflows/Chart.yaml +++ b/charts/argo-workflows/Chart.yaml @@ -3,7 +3,7 @@ appVersion: v3.4.8 name: argo-workflows description: A Helm chart for Argo Workflows type: application -version: 0.29.0 +version: 0.29.1 icon: https://argoproj.github.io/argo-workflows/assets/logo.png home: https://github.com/argoproj/argo-helm sources: @@ -16,5 +16,5 @@ annotations: fingerprint: 2B8F22F57260EFA67BE1C5824B11F800CD9D2252 url: https://argoproj.github.io/argo-helm/pgp_keys.asc artifacthub.io/changes: | - - kind: changed - description: Declare SSO configuration explicitly on values.yaml + - kind: fixed + description: Fixed GCS keyFormat template example in values.yaml diff --git a/charts/argo-workflows/values.yaml b/charts/argo-workflows/values.yaml index 64a81d927..8c442d97f 100644 --- a/charts/argo-workflows/values.yaml +++ b/charts/argo-workflows/values.yaml @@ -724,7 +724,7 @@ artifactRepository: # @default -- `{}` (See [values.yaml]) gcs: {} # bucket: -argo - # keyFormat: "{{workflow.namespace}}/{{workflow.name}}/{{pod.name}}" + # keyFormat: "{{ \"{{workflow.namespace}}/{{workflow.name}}/{{pod.name}}\" }}" # serviceAccountKeySecret is a secret selector. # It references the k8s secret named 'my-gcs-credentials'. # This secret is expected to have have the key 'serviceAccountKey', From a6a7468973946d00533ecbb07db7e475382333e3 Mon Sep 17 00:00:00 2001 From: Aikawa Date: Mon, 5 Jun 2023 23:28:10 +0900 Subject: [PATCH 211/356] chore(argo-cd): Upgrade supported Kubernetes version to v1.23.0 (#2087) * chore(argo-cd): Upgrade supported Kubernetes version to 1.23.0 due to Amazon EKS EoL Signed-off-by: yu-croco * chore(argo-cd): modify changelog Signed-off-by: yu-croco * fix(argo-cd): simpler description Signed-off-by: yu-croco * fix(argo-cd): reflect review point Signed-off-by: yu-croco --------- Signed-off-by: yu-croco Co-authored-by: Jason Meridth --- charts/argo-cd/Chart.yaml | 8 ++++---- charts/argo-cd/README.md | 8 +++++++- charts/argo-cd/README.md.gotmpl | 7 +++++++ 3 files changed, 18 insertions(+), 5 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index 0f570ca38..5be3308fa 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -1,9 +1,9 @@ apiVersion: v2 appVersion: v2.7.3 -kubeVersion: ">=1.22.0-0" +kubeVersion: ">=1.23.0-0" description: A Helm chart for Argo CD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 5.34.6 +version: 5.35.0 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png sources: @@ -26,5 +26,5 @@ annotations: fingerprint: 2B8F22F57260EFA67BE1C5824B11F800CD9D2252 url: https://argoproj.github.io/argo-helm/pgp_keys.asc artifacthub.io/changes: | - - kind: added - description: Option to set appProtocol for Argocd server https service port + - kind: changed + description: Upgrade supported Kubernetes version to 1.23.0 due to Amazon EKS EoL diff --git a/charts/argo-cd/README.md b/charts/argo-cd/README.md index 1fa388ed5..bd3796fc4 100644 --- a/charts/argo-cd/README.md +++ b/charts/argo-cd/README.md @@ -105,6 +105,11 @@ For full list of changes please check ArtifactHub [changelog]. Highlighted versions provide information about additional steps that should be performed by user when upgrading to newer version. +### 5.35.0 +This version supports Kubernetes version `>=1.23.0-0`. The current supported version of Kubernetes is v1.24 or later and we align with Amazon EKS calendar, because many of AWS users and conservative approach. + +Please see more information about EoL: [Amazon EKS EoL][EKS EoL]. + ### 5.31.0 The manifests are now using [`tini` as entrypoint][tini], instead of `entrypoint.sh`. Until Argo CD v2.8, `entrypoint.sh` is retained for upgrade compatibility. This means that the deployment manifests have to be updated after upgrading to Argo CD v2.7, and before upgrading to Argo CD v2.8 later. @@ -356,7 +361,7 @@ server: ## Prerequisites -- Kubernetes: `>=1.22.0-0` +- Kubernetes: `>=1.23.0-0` - Helm v3.0.0+ ## Installing the Chart @@ -1215,3 +1220,4 @@ Autogenerated from chart metadata using [helm-docs](https://github.com/norwoodj/ [values.yaml]: values.yaml [v2.2 to 2.3 upgrade instructions]: https://github.com/argoproj/argo-cd/blob/v2.3.0/docs/operator-manual/upgrading/2.2-2.3.md [tini]: https://github.com/argoproj/argo-cd/pull/12707 +[EKS EoL]: https://endoflife.date/amazon-eks diff --git a/charts/argo-cd/README.md.gotmpl b/charts/argo-cd/README.md.gotmpl index 92d7f354a..6b5efffce 100644 --- a/charts/argo-cd/README.md.gotmpl +++ b/charts/argo-cd/README.md.gotmpl @@ -104,6 +104,12 @@ For full list of changes please check ArtifactHub [changelog]. Highlighted versions provide information about additional steps that should be performed by user when upgrading to newer version. +### 5.35.0 +This version supports Kubernetes version `>=1.23.0-0`. The current supported version of Kubernetes is v1.24 or later and we align with Amazon EKS calendar, because many of AWS users and conservative approach. + +Please see more information about EoL: [Amazon EKS EoL][EKS EoL]. + + ### 5.31.0 The manifests are now using [`tini` as entrypoint][tini], instead of `entrypoint.sh`. Until Argo CD v2.8, `entrypoint.sh` is retained for upgrade compatibility. This means that the deployment manifests have to be updated after upgrading to Argo CD v2.7, and before upgrading to Argo CD v2.8 later. @@ -552,3 +558,4 @@ Autogenerated from chart metadata using [helm-docs](https://github.com/norwoodj/ [values.yaml]: values.yaml [v2.2 to 2.3 upgrade instructions]: https://github.com/argoproj/argo-cd/blob/v2.3.0/docs/operator-manual/upgrading/2.2-2.3.md [tini]: https://github.com/argoproj/argo-cd/pull/12707 +[EKS EoL]: https://endoflife.date/amazon-eks From 2538371fecba8e3bc7a161f6484e3d752f71d1e1 Mon Sep 17 00:00:00 2001 From: Aikawa Date: Tue, 6 Jun 2023 13:34:59 +0900 Subject: [PATCH 212/356] chore(argo-cd): Upgrade Argo CD to v2.7.4 (#2095) --- charts/argo-cd/Chart.yaml | 8 +++++--- charts/argo-cd/values.yaml | 5 ++++- 2 files changed, 9 insertions(+), 4 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index 5be3308fa..b6dfe773a 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -1,9 +1,9 @@ apiVersion: v2 -appVersion: v2.7.3 +appVersion: v2.7.4 kubeVersion: ">=1.23.0-0" description: A Helm chart for Argo CD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 5.35.0 +version: 5.35.1 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png sources: @@ -27,4 +27,6 @@ annotations: url: https://argoproj.github.io/argo-helm/pgp_keys.asc artifacthub.io/changes: | - kind: changed - description: Upgrade supported Kubernetes version to 1.23.0 due to Amazon EKS EoL + description: Upgrade Argo CD to v2.7.4 + - kind: added + description: Update knownHosts diff --git a/charts/argo-cd/values.yaml b/charts/argo-cd/values.yaml index cbe46d2e2..531b2360c 100644 --- a/charts/argo-cd/values.yaml +++ b/charts/argo-cd/values.yaml @@ -315,8 +315,11 @@ configs: # -- Known hosts to be added to the known host list by default. # @default -- See [values.yaml] knownHosts: | - bitbucket.org ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIIazEu89wgQZ4bqs3d63QSMzYVa0MuJ2e2gKTKqu+UUO + [ssh.github.com]:443 ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBEmKSENjQEezOmxkZMy7opKgwFB9nkt5YRrYMjNuG5N87uRgg6CLrbo5wAdT/y6v0mKV0U2w0WZ2YB/++Tpockg= + [ssh.github.com]:443 ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIOMqqnkVzrm0SdG6UOoqKLsabgH5C9okWi0dh2l9GKJl + [ssh.github.com]:443 ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABgQCj7ndNxQowgcQnjshcLrqPEiiphnt+VTTvDP6mHBL9j1aNUkY4Ue1gvwnGLVlOhGeYrnZaMgRK6+PKCUXaDbC7qtbW8gIkhL7aGCsOr/C56SJMy/BCZfxd1nWzAOxSDPgVsmerOBYfNqltV9/hWCqBywINIR+5dIg6JTJ72pcEpEjcYgXkE2YEFXV1JHnsKgbLWNlhScqb2UmyRkQyytRLtL+38TGxkxCflmO+5Z8CSSNY7GidjMIZ7Q4zMjA2n1nGrlTDkzwDCsw+wqFPGQA179cnfGWOWRVruj16z6XyvxvjJwbz0wQZ75XK5tKSb7FNyeIEs4TT4jk+S4dhPeAUC5y+bDYirYgM4GC7uEnztnZyaVWQ7B381AK4Qdrwt51ZqExKbQpTUNn+EjqoTwvqNj4kqx5QUCI0ThS/YkOxJCXmPUWZbhjpCg56i+2aB6CmK2JGhn57K5mj0MNdBXA4/WnwH6XoPWJzK5Nyu2zB3nAZp+S5hpQs+p1vN1/wsjk= bitbucket.org ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBPIQmuzMBuKdWeF4+a2sjSSpBK0iqitSQ+5BM9KhpexuGt20JpTVM7u5BDZngncgrqDMbWdxMWWOGtZ9UgbqgZE= + bitbucket.org ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIIazEu89wgQZ4bqs3d63QSMzYVa0MuJ2e2gKTKqu+UUO bitbucket.org ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAQEAubiN81eDcafrgMeLzaFPsw2kNvEcqTKl/VqLat/MaB33pZy0y3rJZtnqwR2qOOvbwKZYKiEO1O6VqNEBxKvJJelCq0dTXWT5pbO2gDXC6h6QDXCaHo6pOHGPUy+YBaGQRGuSusMEASYiWunYN0vCAI8QaXnWMXNMdFP3jHAJH0eDsoiGnLPBlBp4TNm6rYI74nMzgz3B9IikW4WVK+dc8KZJZWYjAuORU3jc1c/NPskD2ASinf8v3xnfXeukU0sJ5N6m5E8VLjObPEO+mN2t/FZTMZLiFqPWc/ALSqnMnnhwrNi2rbfg/rd/IpL8Le3pSBne8+seeFVBoGqzHM9yXw== github.com ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBEmKSENjQEezOmxkZMy7opKgwFB9nkt5YRrYMjNuG5N87uRgg6CLrbo5wAdT/y6v0mKV0U2w0WZ2YB/++Tpockg= github.com ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIOMqqnkVzrm0SdG6UOoqKLsabgH5C9okWi0dh2l9GKJl From 49c2ca254826742217167ba2d0147a6eea562144 Mon Sep 17 00:00:00 2001 From: Joe Lee Date: Wed, 7 Jun 2023 16:52:02 +0800 Subject: [PATCH 213/356] feat(argo-cd): Add "global.env" for all deployed containers (#2096) * add global env for argo-cd Signed-off-by: Joe Lee * update readme Signed-off-by: Joe Lee * fix typo Signed-off-by: Joe Lee * feat(argo-cd): Add "global.env" for all deployed containers Signed-off-by: Joe Lee * update doc Signed-off-by: Joe Lee * remove note Signed-off-by: Joe Lee * update changes Signed-off-by: Joe Lee --------- Signed-off-by: Joe Lee --- charts/argo-cd/Chart.yaml | 6 ++---- charts/argo-cd/README.md | 1 + .../argocd-application-controller/statefulset.yaml | 2 +- .../argo-cd/templates/argocd-applicationset/deployment.yaml | 2 +- .../argo-cd/templates/argocd-notifications/deployment.yaml | 2 +- charts/argo-cd/templates/argocd-repo-server/deployment.yaml | 2 +- charts/argo-cd/templates/argocd-server/deployment.yaml | 2 +- charts/argo-cd/templates/dex/deployment.yaml | 2 +- charts/argo-cd/templates/redis/deployment.yaml | 4 ++-- charts/argo-cd/values.yaml | 3 +++ 10 files changed, 14 insertions(+), 12 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index b6dfe773a..1c26de8d9 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -3,7 +3,7 @@ appVersion: v2.7.4 kubeVersion: ">=1.23.0-0" description: A Helm chart for Argo CD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 5.35.1 +version: 5.36.0 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png sources: @@ -26,7 +26,5 @@ annotations: fingerprint: 2B8F22F57260EFA67BE1C5824B11F800CD9D2252 url: https://argoproj.github.io/argo-helm/pgp_keys.asc artifacthub.io/changes: | - - kind: changed - description: Upgrade Argo CD to v2.7.4 - kind: added - description: Update knownHosts + description: Add .Values.global.env for all deployed containers diff --git a/charts/argo-cd/README.md b/charts/argo-cd/README.md index bd3796fc4..f5a6a8865 100644 --- a/charts/argo-cd/README.md +++ b/charts/argo-cd/README.md @@ -407,6 +407,7 @@ NAME: my-release | global.affinity.podAntiAffinity | string | `"soft"` | Default pod anti-affinity rules. Either: `none`, `soft` or `hard` | | global.deploymentAnnotations | object | `{}` | Annotations for the all deployed Deployments | | global.deploymentStrategy | object | `{}` | Deployment strategy for the all deployed Deployments | +| global.env | list | `[]` | Environment variables to pass to all deployed Deployments | | global.hostAliases | list | `[]` | Mapping between IP and hostnames that will be injected as entries in the pod's hosts files | | global.image.imagePullPolicy | string | `"IfNotPresent"` | If defined, a imagePullPolicy applied to all Argo CD deployments | | global.image.repository | string | `"quay.io/argoproj/argocd"` | If defined, a repository applied to all Argo CD deployments | diff --git a/charts/argo-cd/templates/argocd-application-controller/statefulset.yaml b/charts/argo-cd/templates/argocd-application-controller/statefulset.yaml index 26b9d2f59..b671e245a 100644 --- a/charts/argo-cd/templates/argocd-application-controller/statefulset.yaml +++ b/charts/argo-cd/templates/argocd-application-controller/statefulset.yaml @@ -99,7 +99,7 @@ spec: imagePullPolicy: {{ default .Values.global.image.imagePullPolicy .Values.controller.image.imagePullPolicy }} name: {{ .Values.controller.name }} env: - {{- with .Values.controller.env }} + {{- with (concat .Values.global.env .Values.controller.env) }} {{- toYaml . | nindent 10 }} {{- end }} - name: ARGOCD_CONTROLLER_REPLICAS diff --git a/charts/argo-cd/templates/argocd-applicationset/deployment.yaml b/charts/argo-cd/templates/argocd-applicationset/deployment.yaml index f3ce127a2..3ae8410c9 100644 --- a/charts/argo-cd/templates/argocd-applicationset/deployment.yaml +++ b/charts/argo-cd/templates/argocd-applicationset/deployment.yaml @@ -79,7 +79,7 @@ spec: {{- toYaml . | nindent 12 }} {{- end }} env: - {{- with .Values.applicationSet.extraEnv }} + {{- with (concat .Values.global.env .Values.applicationSet.extraEnv) }} {{- toYaml . | nindent 12 }} {{- end }} - name: NAMESPACE diff --git a/charts/argo-cd/templates/argocd-notifications/deployment.yaml b/charts/argo-cd/templates/argocd-notifications/deployment.yaml index d3f21b02a..8df6c8bb1 100644 --- a/charts/argo-cd/templates/argocd-notifications/deployment.yaml +++ b/charts/argo-cd/templates/argocd-notifications/deployment.yaml @@ -66,7 +66,7 @@ spec: {{- range .Values.notifications.extraArgs }} - {{ . | squote }} {{- end }} - {{- with .Values.notifications.extraEnv }} + {{- with (concat .Values.global.env .Values.notifications.extraEnv) }} env: {{- toYaml . | nindent 12 }} {{- end }} diff --git a/charts/argo-cd/templates/argocd-repo-server/deployment.yaml b/charts/argo-cd/templates/argocd-repo-server/deployment.yaml index 759dc587b..f438c8b57 100755 --- a/charts/argo-cd/templates/argocd-repo-server/deployment.yaml +++ b/charts/argo-cd/templates/argocd-repo-server/deployment.yaml @@ -77,7 +77,7 @@ spec: {{- toYaml . | nindent 8 }} {{- end }} env: - {{- with .Values.repoServer.env }} + {{- with (concat .Values.global.env .Values.repoServer.env) }} {{- toYaml . | nindent 10 }} {{- end }} {{- if .Values.openshift.enabled }} diff --git a/charts/argo-cd/templates/argocd-server/deployment.yaml b/charts/argo-cd/templates/argocd-server/deployment.yaml index 62436af7f..cc9289812 100755 --- a/charts/argo-cd/templates/argocd-server/deployment.yaml +++ b/charts/argo-cd/templates/argocd-server/deployment.yaml @@ -74,7 +74,7 @@ spec: {{- toYaml . | nindent 8 }} {{- end }} env: - {{- with .Values.server.env }} + {{- with (concat .Values.global.env .Values.server.env) }} {{- toYaml . | nindent 10 }} {{- end }} - name: ARGOCD_SERVER_INSECURE diff --git a/charts/argo-cd/templates/dex/deployment.yaml b/charts/argo-cd/templates/dex/deployment.yaml index c623315f7..ce9741d2b 100755 --- a/charts/argo-cd/templates/dex/deployment.yaml +++ b/charts/argo-cd/templates/dex/deployment.yaml @@ -70,7 +70,7 @@ spec: {{- toYaml . | nindent 8 }} {{- end }} env: - {{- with .Values.dex.env }} + {{- with (concat .Values.global.env .Values.dex.env) }} {{- toYaml . | nindent 10 }} {{- end }} - name: ARGOCD_DEX_SERVER_DISABLE_TLS diff --git a/charts/argo-cd/templates/redis/deployment.yaml b/charts/argo-cd/templates/redis/deployment.yaml index bfe7c4807..ffdaed888 100755 --- a/charts/argo-cd/templates/redis/deployment.yaml +++ b/charts/argo-cd/templates/redis/deployment.yaml @@ -61,7 +61,7 @@ spec: {{- with .Values.redis.extraArgs }} {{- toYaml . | nindent 8 }} {{- end }} - {{- with .Values.redis.env }} + {{- with (concat .Values.global.env .Values.redis.env) }} env: {{- toYaml . | nindent 8 }} {{- end }} @@ -92,7 +92,7 @@ spec: value: {{ printf "redis://localhost:%v" .Values.redis.containerPorts.redis }} - name: REDIS_EXPORTER_WEB_LISTEN_ADDRESS value: {{ printf "0.0.0.0:%v" .Values.redis.containerPorts.metrics }} - {{- with .Values.redis.exporter.env }} + {{- with (concat .Values.global.env .Values.redis.exporter.env) }} {{- toYaml . | nindent 8 }} {{- end }} ports: diff --git a/charts/argo-cd/values.yaml b/charts/argo-cd/values.yaml index 531b2360c..c2dd9b525 100644 --- a/charts/argo-cd/values.yaml +++ b/charts/argo-cd/values.yaml @@ -144,6 +144,9 @@ global: # maxSurge: 25% # maxUnavailable: 25% + # -- Environment variables to pass to all deployed Deployments + env: [] + ## Argo Configs configs: # General Argo CD configuration From e7c3090cbfee94128f42568b749a36a38296a6ab Mon Sep 17 00:00:00 2001 From: Simon Hewitt Date: Wed, 7 Jun 2023 20:48:05 -0700 Subject: [PATCH 214/356] feat(argo-workflows): Add support for UI columns configuration (#2098) --- charts/argo-workflows/Chart.yaml | 6 +++--- charts/argo-workflows/README.md | 2 ++ charts/argo-workflows/README.md.gotmpl | 1 + .../controller/workflow-controller-config-map.yaml | 3 +++ charts/argo-workflows/values.yaml | 3 +++ 5 files changed, 12 insertions(+), 3 deletions(-) diff --git a/charts/argo-workflows/Chart.yaml b/charts/argo-workflows/Chart.yaml index 44ba18996..5cfc70f72 100644 --- a/charts/argo-workflows/Chart.yaml +++ b/charts/argo-workflows/Chart.yaml @@ -3,7 +3,7 @@ appVersion: v3.4.8 name: argo-workflows description: A Helm chart for Argo Workflows type: application -version: 0.29.1 +version: 0.29.2 icon: https://argoproj.github.io/argo-workflows/assets/logo.png home: https://github.com/argoproj/argo-helm sources: @@ -16,5 +16,5 @@ annotations: fingerprint: 2B8F22F57260EFA67BE1C5824B11F800CD9D2252 url: https://argoproj.github.io/argo-helm/pgp_keys.asc artifacthub.io/changes: | - - kind: fixed - description: Fixed GCS keyFormat template example in values.yaml + - kind: added + description: Add support for UI columns configuration diff --git a/charts/argo-workflows/README.md b/charts/argo-workflows/README.md index f46d10e08..6a19bba09 100644 --- a/charts/argo-workflows/README.md +++ b/charts/argo-workflows/README.md @@ -134,6 +134,7 @@ Fields to note: |-----|------|---------|-------------| | controller.affinity | object | `{}` | Assign custom [affinity] rules | | controller.clusterWorkflowTemplates.enabled | bool | `true` | Create a ClusterRole and CRB for the controller to access ClusterWorkflowTemplates. | +| controller.columns | list | `[]` | Configure Argo Server to show custom [columns] | | controller.deploymentAnnotations | object | `{}` | deploymentAnnotations is an optional map of annotations to be applied to the controller Deployment | | controller.extraArgs | list | `[]` | Extra arguments to be added to the controller | | controller.extraContainers | list | `[]` | Extra containers to be added to the controller deployment | @@ -357,6 +358,7 @@ Fields to note: [BackendConfigSpec]: https://cloud.google.com/kubernetes-engine/docs/concepts/backendconfig#backendconfigspec_v1beta1_cloudgooglecom [FrontendConfigSpec]: https://cloud.google.com/kubernetes-engine/docs/how-to/ingress-features#configuring_ingress_features_through_frontendconfig_parameters [links]: https://argoproj.github.io/argo-workflows/links/ +[columns]: https://github.com/argoproj/argo-workflows/pull/10693 [Node selector]: https://kubernetes.io/docs/user-guide/node-selection/ [Pod Disruption Budget]: https://kubernetes.io/docs/tasks/run-application/configure-pdb/ [probe]: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle/#container-probes diff --git a/charts/argo-workflows/README.md.gotmpl b/charts/argo-workflows/README.md.gotmpl index ab8554f51..8316e9a0a 100644 --- a/charts/argo-workflows/README.md.gotmpl +++ b/charts/argo-workflows/README.md.gotmpl @@ -191,6 +191,7 @@ Fields to note: [BackendConfigSpec]: https://cloud.google.com/kubernetes-engine/docs/concepts/backendconfig#backendconfigspec_v1beta1_cloudgooglecom [FrontendConfigSpec]: https://cloud.google.com/kubernetes-engine/docs/how-to/ingress-features#configuring_ingress_features_through_frontendconfig_parameters [links]: https://argoproj.github.io/argo-workflows/links/ +[columns]: https://github.com/argoproj/argo-workflows/pull/10693 [Node selector]: https://kubernetes.io/docs/user-guide/node-selection/ [Pod Disruption Budget]: https://kubernetes.io/docs/tasks/run-application/configure-pdb/ [probe]: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle/#container-probes diff --git a/charts/argo-workflows/templates/controller/workflow-controller-config-map.yaml b/charts/argo-workflows/templates/controller/workflow-controller-config-map.yaml index ef39ddc7d..22033e4cd 100644 --- a/charts/argo-workflows/templates/controller/workflow-controller-config-map.yaml +++ b/charts/argo-workflows/templates/controller/workflow-controller-config-map.yaml @@ -163,6 +163,9 @@ data: {{- with .Values.controller.links }} links: {{- toYaml . | nindent 6 }} {{- end }} + {{- with .Values.controller.columns }} + columns: {{- toYaml . | nindent 6 }} + {{- end }} {{- with .Values.controller.navColor }} navColor: {{ . }} {{- end }} diff --git a/charts/argo-workflows/values.yaml b/charts/argo-workflows/values.yaml index 8c442d97f..410ce958d 100644 --- a/charts/argo-workflows/values.yaml +++ b/charts/argo-workflows/values.yaml @@ -305,6 +305,9 @@ controller: # -- Configure Argo Server to show custom [links] ## Ref: https://argoproj.github.io/argo-workflows/links/ links: [] + # -- Configure Argo Server to show custom [columns] + ## Ref: https://github.com/argoproj/argo-workflows/pull/10693 + columns: [] # -- Set ui navigation bar background color navColor: "" clusterWorkflowTemplates: From 9a79f32cd488a97ee0f95d55da05eba397d4a2ad Mon Sep 17 00:00:00 2001 From: ausias-armesto Date: Fri, 9 Jun 2023 00:52:13 +0200 Subject: [PATCH 215/356] fix(argo-cd): Allow specify redis config file (#2100) * fix(argo-cd): Allow specify redis config file Signed-off-by: ausias-armesto * fix(argo-cd): Bump version Signed-off-by: ausias-armesto --- charts/argo-cd/Chart.yaml | 6 +++--- charts/argo-cd/templates/redis/deployment.yaml | 6 +++--- 2 files changed, 6 insertions(+), 6 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index 1c26de8d9..aaf5fab26 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -3,7 +3,7 @@ appVersion: v2.7.4 kubeVersion: ">=1.23.0-0" description: A Helm chart for Argo CD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 5.36.0 +version: 5.36.1 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png sources: @@ -26,5 +26,5 @@ annotations: fingerprint: 2B8F22F57260EFA67BE1C5824B11F800CD9D2252 url: https://argoproj.github.io/argo-helm/pgp_keys.asc artifacthub.io/changes: | - - kind: added - description: Add .Values.global.env for all deployed containers + - kind: fixed + description: Allow to specify redis.conf file diff --git a/charts/argo-cd/templates/redis/deployment.yaml b/charts/argo-cd/templates/redis/deployment.yaml index ffdaed888..419e5f316 100755 --- a/charts/argo-cd/templates/redis/deployment.yaml +++ b/charts/argo-cd/templates/redis/deployment.yaml @@ -54,13 +54,13 @@ spec: image: {{ .Values.redis.image.repository }}:{{ .Values.redis.image.tag }} imagePullPolicy: {{ default .Values.global.image.imagePullPolicy .Values.redis.image.imagePullPolicy }} args: + {{- with .Values.redis.extraArgs }} + {{- toYaml . | nindent 8 }} + {{- end }} - --save - "" - --appendonly - "no" - {{- with .Values.redis.extraArgs }} - {{- toYaml . | nindent 8 }} - {{- end }} {{- with (concat .Values.global.env .Values.redis.env) }} env: {{- toYaml . | nindent 8 }} From f8f282266cf91b6e38c8ad42b837925234ff41cb Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Sat, 10 Jun 2023 22:41:04 +0900 Subject: [PATCH 216/356] chore(deps): bump actions/checkout from 3.5.2 to 3.5.3 (#2104) Bumps [actions/checkout](https://github.com/actions/checkout) from 3.5.2 to 3.5.3. - [Release notes](https://github.com/actions/checkout/releases) - [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md) - [Commits](https://github.com/actions/checkout/compare/8e5e7e5ab8b370d6c329ec480221332ada57f0ab...c85c95e3d7251135ab7dc9ce3241c5835cc595a9) --- updated-dependencies: - dependency-name: actions/checkout dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> --- .github/workflows/lint-and-test.yml | 4 ++-- .github/workflows/publish.yml | 2 +- .github/workflows/scorecard.yml | 2 +- 3 files changed, 4 insertions(+), 4 deletions(-) diff --git a/.github/workflows/lint-and-test.yml b/.github/workflows/lint-and-test.yml index b750cc2cf..c96b4b85f 100644 --- a/.github/workflows/lint-and-test.yml +++ b/.github/workflows/lint-and-test.yml @@ -13,7 +13,7 @@ jobs: options: --user 1001 steps: - name: Checkout - uses: actions/checkout@8e5e7e5ab8b370d6c329ec480221332ada57f0ab # v3.5.2 + uses: actions/checkout@c85c95e3d7251135ab7dc9ce3241c5835cc595a9 # v3.5.3 - name: Run ah lint working-directory: ./charts run: ah lint @@ -22,7 +22,7 @@ jobs: runs-on: ubuntu-latest steps: - name: Checkout - uses: actions/checkout@8e5e7e5ab8b370d6c329ec480221332ada57f0ab # v3.5.2 + uses: actions/checkout@c85c95e3d7251135ab7dc9ce3241c5835cc595a9 # v3.5.3 with: fetch-depth: 0 diff --git a/.github/workflows/publish.yml b/.github/workflows/publish.yml index 58d7d22d5..c1d940259 100644 --- a/.github/workflows/publish.yml +++ b/.github/workflows/publish.yml @@ -15,7 +15,7 @@ jobs: runs-on: ubuntu-latest steps: - name: Checkout - uses: actions/checkout@8e5e7e5ab8b370d6c329ec480221332ada57f0ab # v3.5.2 + uses: actions/checkout@c85c95e3d7251135ab7dc9ce3241c5835cc595a9 # v3.5.3 with: fetch-depth: 0 diff --git a/.github/workflows/scorecard.yml b/.github/workflows/scorecard.yml index 4a2072698..f78b94664 100644 --- a/.github/workflows/scorecard.yml +++ b/.github/workflows/scorecard.yml @@ -33,7 +33,7 @@ jobs: steps: - name: "Checkout code" - uses: actions/checkout@8e5e7e5ab8b370d6c329ec480221332ada57f0ab # v3.5.2 + uses: actions/checkout@c85c95e3d7251135ab7dc9ce3241c5835cc595a9 # v3.5.3 with: persist-credentials: false From 04d88b65b633724646303b5a3562b74e85700c9c Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Sat, 10 Jun 2023 23:24:11 +0900 Subject: [PATCH 217/356] chore(deps): bump actions/labeler from 4.0.4 to 4.1.0 (#2103) Bumps [actions/labeler](https://github.com/actions/labeler) from 4.0.4 to 4.1.0. - [Release notes](https://github.com/actions/labeler/releases) - [Commits](https://github.com/actions/labeler/compare/0776a679364a9a16110aac8d0f40f5e11009e327...9fcb2c2f5584144ca754f8bfe8c6f81e77753375) --- updated-dependencies: - dependency-name: actions/labeler dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> --- .github/workflows/pr-sizing.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/pr-sizing.yml b/.github/workflows/pr-sizing.yml index 1b6d3699d..93cc6b018 100644 --- a/.github/workflows/pr-sizing.yml +++ b/.github/workflows/pr-sizing.yml @@ -16,7 +16,7 @@ jobs: triage: runs-on: ubuntu-latest steps: - - uses: actions/labeler@0776a679364a9a16110aac8d0f40f5e11009e327 # v4.0.4 + - uses: actions/labeler@9fcb2c2f5584144ca754f8bfe8c6f81e77753375 # v4.1.0 with: configuration-path: ".github/configs/labeler.yaml" repo-token: "${{ secrets.GITHUB_TOKEN }}" From 783439b71482bdf68ecefa92a349f337e6f2491f Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Sat, 10 Jun 2023 23:27:52 +0900 Subject: [PATCH 218/356] chore(deps): bump github/codeql-action from 2.3.6 to 2.13.4 (#2102) Bumps [github/codeql-action](https://github.com/github/codeql-action) from 2.3.6 to 2.13.4. - [Release notes](https://github.com/github/codeql-action/releases) - [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md) - [Commits](https://github.com/github/codeql-action/compare/83f0fe6c4988d98a455712a27f0255212bba9bd4...cdcdbb579706841c47f7063dda365e292e5cad7a) --- updated-dependencies: - dependency-name: github/codeql-action dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> --- .github/workflows/scorecard.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/scorecard.yml b/.github/workflows/scorecard.yml index f78b94664..6cdcfd552 100644 --- a/.github/workflows/scorecard.yml +++ b/.github/workflows/scorecard.yml @@ -68,6 +68,6 @@ jobs: # Upload the results to GitHub's code scanning dashboard. - name: "Upload to code-scanning" - uses: github/codeql-action/upload-sarif@83f0fe6c4988d98a455712a27f0255212bba9bd4 # v2.3.6 + uses: github/codeql-action/upload-sarif@cdcdbb579706841c47f7063dda365e292e5cad7a # v2.13.4 with: sarif_file: results.sarif From aec5d9d7230a53d1b1cb7651dfe6ff13feb2e2ee Mon Sep 17 00:00:00 2001 From: Jason Meridth Date: Fri, 16 Jun 2023 23:55:17 -0500 Subject: [PATCH 219/356] chore(argo-cd): upgrade argo-cd to v2.7.5 (#2108) --- charts/argo-cd/Chart.yaml | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index aaf5fab26..4746db47b 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -1,9 +1,9 @@ apiVersion: v2 -appVersion: v2.7.4 +appVersion: v2.7.5 kubeVersion: ">=1.23.0-0" description: A Helm chart for Argo CD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 5.36.1 +version: 5.36.2 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png sources: @@ -26,5 +26,5 @@ annotations: fingerprint: 2B8F22F57260EFA67BE1C5824B11F800CD9D2252 url: https://argoproj.github.io/argo-helm/pgp_keys.asc artifacthub.io/changes: | - - kind: fixed - description: Allow to specify redis.conf file + - kind: changed + description: Upgrade Argo CD to v2.7.5 From 68f24d146c3c08e64117d98e3d58a6f073ec27a5 Mon Sep 17 00:00:00 2001 From: Lukas Jost Date: Mon, 19 Jun 2023 05:31:38 +0200 Subject: [PATCH 220/356] chore(github): Generate release notes (#2115) chore: Generate release notes Signed-off-by: Lukas Jost --- .github/configs/cr.yaml | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/.github/configs/cr.yaml b/.github/configs/cr.yaml index a0d425dca..154dbfbfb 100644 --- a/.github/configs/cr.yaml +++ b/.github/configs/cr.yaml @@ -6,3 +6,7 @@ sign: true key: Argo Helm maintainers # keyring: # Set via env variable CR_KEYRING # passphrase-file: # Set via env variable CR_PASSPHRASE_FILE + +# Enable automatic generation of release notes using GitHubs release notes generator. +# see: https://docs.github.com/en/repositories/releasing-projects-on-github/automatically-generated-release-notes +generate-release-notes: true From eb968668f84c7fbffeeaf67e84f59e283338b0d8 Mon Sep 17 00:00:00 2001 From: patrickli-foxtel <123523506+patrickli-foxtel@users.noreply.github.com> Date: Tue, 20 Jun 2023 10:05:25 +1000 Subject: [PATCH 221/356] fix(argo-cd): helm lint error when `extraObjects` is defined (#2116) Fix helm lint error when `extraObjects` is defined Signed-off-by: Patrick Li --- charts/argo-cd/Chart.yaml | 6 +++--- charts/argo-cd/templates/extra-manifests.yaml | 2 +- 2 files changed, 4 insertions(+), 4 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index 4746db47b..36e500d4b 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -3,7 +3,7 @@ appVersion: v2.7.5 kubeVersion: ">=1.23.0-0" description: A Helm chart for Argo CD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 5.36.2 +version: 5.36.3 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png sources: @@ -26,5 +26,5 @@ annotations: fingerprint: 2B8F22F57260EFA67BE1C5824B11F800CD9D2252 url: https://argoproj.github.io/argo-helm/pgp_keys.asc artifacthub.io/changes: | - - kind: changed - description: Upgrade Argo CD to v2.7.5 + - kind: fixed + description: Fix helm lint error when `extraObjects` is defined diff --git a/charts/argo-cd/templates/extra-manifests.yaml b/charts/argo-cd/templates/extra-manifests.yaml index f17b1a93b..fc9a76b88 100644 --- a/charts/argo-cd/templates/extra-manifests.yaml +++ b/charts/argo-cd/templates/extra-manifests.yaml @@ -1,6 +1,6 @@ {{ range .Values.extraObjects }} --- -{{- if typeIs "string" . }} +{{ if typeIs "string" . }} {{- tpl . $ }} {{- else }} {{- tpl (toYaml .) $ }} From 7959fee689ec3a72df5c1d966044c3d93e8f414a Mon Sep 17 00:00:00 2001 From: Aikawa Date: Tue, 20 Jun 2023 22:07:27 +0900 Subject: [PATCH 222/356] chore(argo-cd): Add `app.kubernetes.io/version` label (#2122) --- charts/argo-cd/Chart.yaml | 6 +++--- charts/argo-cd/templates/_common.tpl | 3 ++- 2 files changed, 5 insertions(+), 4 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index 36e500d4b..3afd19488 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -3,7 +3,7 @@ appVersion: v2.7.5 kubeVersion: ">=1.23.0-0" description: A Helm chart for Argo CD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 5.36.3 +version: 5.36.4 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png sources: @@ -26,5 +26,5 @@ annotations: fingerprint: 2B8F22F57260EFA67BE1C5824B11F800CD9D2252 url: https://argoproj.github.io/argo-helm/pgp_keys.asc artifacthub.io/changes: | - - kind: fixed - description: Fix helm lint error when `extraObjects` is defined + - kind: added + description: Add `app.kubernetes.io/version` label diff --git a/charts/argo-cd/templates/_common.tpl b/charts/argo-cd/templates/_common.tpl index bf0c1e842..54423f999 100644 --- a/charts/argo-cd/templates/_common.tpl +++ b/charts/argo-cd/templates/_common.tpl @@ -46,6 +46,7 @@ helm.sh/chart: {{ include "argo-cd.chart" .context }} {{ include "argo-cd.selectorLabels" (dict "context" .context "component" .component "name" .name) }} app.kubernetes.io/managed-by: {{ .context.Release.Service }} app.kubernetes.io/part-of: argocd +app.kubernetes.io/version: {{ include "argo-cd.defaultTag" .context }} {{- with .context.Values.global.additionalLabels }} {{ toYaml . }} {{- end }} @@ -123,7 +124,7 @@ nodeAffinity: {{/* Common deployment strategy definition -- Recreate don't have additional fields, we need to remove them if added by the mergeOverwrite +- Recreate don't have additional fields, we need to remove them if added by the mergeOverwrite */}} {{- define "argo-cd.strategy" -}} {{- $preset := . -}} From db0484fe5182d81a91624eb5d3306d137f93433b Mon Sep 17 00:00:00 2001 From: Aikawa Date: Wed, 21 Jun 2023 13:27:33 +0900 Subject: [PATCH 223/356] chore(argo-cd): Upgrade Argo CD to v2.7.6 (#2123) --- charts/argo-cd/Chart.yaml | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index 3afd19488..35494d4dd 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -1,9 +1,9 @@ apiVersion: v2 -appVersion: v2.7.5 +appVersion: v2.7.6 kubeVersion: ">=1.23.0-0" description: A Helm chart for Argo CD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 5.36.4 +version: 5.36.5 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png sources: @@ -26,5 +26,5 @@ annotations: fingerprint: 2B8F22F57260EFA67BE1C5824B11F800CD9D2252 url: https://argoproj.github.io/argo-helm/pgp_keys.asc artifacthub.io/changes: | - - kind: added - description: Add `app.kubernetes.io/version` label + - kind: changed + description: Upgrade Argo CD to v2.7.6 From c44f10eb379a620dcbdec8bf62d88bb1d62e4919 Mon Sep 17 00:00:00 2001 From: ceguimaraes <36728438+ceguimaraes@users.noreply.github.com> Date: Wed, 21 Jun 2023 22:41:34 +1000 Subject: [PATCH 224/356] fix(argo-events): add managed namespace configuration (#2121) --- charts/argo-events/Chart.yaml | 8 +++++--- charts/argo-events/README.md | 1 + .../templates/argo-events-controller/deployment.yaml | 4 ++++ charts/argo-events/values.yaml | 2 ++ 4 files changed, 12 insertions(+), 3 deletions(-) diff --git a/charts/argo-events/Chart.yaml b/charts/argo-events/Chart.yaml index c35d0f960..bfb82ea11 100644 --- a/charts/argo-events/Chart.yaml +++ b/charts/argo-events/Chart.yaml @@ -1,8 +1,8 @@ apiVersion: v2 -appVersion: v1.7.6 +appVersion: v1.8.0 description: A Helm chart for Argo Events, the event-driven workflow automation framework name: argo-events -version: 2.3.3 +version: 2.4.0 home: https://github.com/argoproj/argo-helm icon: https://avatars.githubusercontent.com/u/30269780?s=200&v=4 keywords: @@ -18,5 +18,7 @@ annotations: fingerprint: 2B8F22F57260EFA67BE1C5824B11F800CD9D2252 url: https://argoproj.github.io/argo-helm/pgp_keys.asc artifacthub.io/changes: | + - kind: changed + description: Upgrade Argo Events to v1.8.0 - kind: added - description: Introduce chart signing + description: Add managed namespace configuration diff --git a/charts/argo-events/README.md b/charts/argo-events/README.md index f06f9d3ac..0abf2c31c 100644 --- a/charts/argo-events/README.md +++ b/charts/argo-events/README.md @@ -127,6 +127,7 @@ done | controller.podLabels | object | `{}` | Labels to be added to events controller pods | | controller.priorityClassName | string | `""` | Priority class for the events controller pods | | controller.rbac.enabled | bool | `true` | Create events controller RBAC | +| controller.rbac.managedNamespace | string | `""` | Additional namespace to be monitored by the controller | | controller.rbac.namespaced | bool | `false` | Restrict events controller to operate only in a single namespace instead of cluster-wide scope. | | controller.rbac.rules | list | `[]` | Additional user rules for event controller's rbac | | controller.readinessProbe.failureThreshold | int | `3` | Minimum consecutive failures for the [probe] to be considered failed after having succeeded | diff --git a/charts/argo-events/templates/argo-events-controller/deployment.yaml b/charts/argo-events/templates/argo-events-controller/deployment.yaml index 9b7ace1b9..a3614c732 100644 --- a/charts/argo-events/templates/argo-events-controller/deployment.yaml +++ b/charts/argo-events/templates/argo-events-controller/deployment.yaml @@ -48,6 +48,10 @@ spec: {{- if .Values.controller.rbac.namespaced }} - --namespaced {{- end }} + {{- if .Values.controller.rbac.managedNamespace }} + - --managed-namespace + - {{ .Values.controller.rbac.managedNamespace }} + {{- end }} {{- with .Values.controller.containerSecurityContext }} securityContext: {{- toYaml . | nindent 10 }} diff --git a/charts/argo-events/values.yaml b/charts/argo-events/values.yaml index 89a7323d7..faba6939b 100644 --- a/charts/argo-events/values.yaml +++ b/charts/argo-events/values.yaml @@ -138,6 +138,8 @@ controller: enabled: true # -- Restrict events controller to operate only in a single namespace instead of cluster-wide scope. namespaced: false + # -- Additional namespace to be monitored by the controller + managedNamespace: "" # -- Additional user rules for event controller's rbac rules: [] From b8c29f7db6ba38126551c1789a78763e702cde62 Mon Sep 17 00:00:00 2001 From: Tero Ahonen <85343093+teroahonen-vungle@users.noreply.github.com> Date: Wed, 21 Jun 2023 17:54:04 +0300 Subject: [PATCH 225/356] fix(argo-cd): Default applicationSet metrics port to 8085 (#2125) Change applicationSet controller metrics port to 8085 Signed-off-by: Tero Ahonen Co-authored-by: Tero Ahonen --- charts/argo-cd/Chart.yaml | 4 +++- charts/argo-cd/README.md | 2 +- charts/argo-cd/values.yaml | 2 +- 3 files changed, 5 insertions(+), 3 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index 35494d4dd..7c5c20e77 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -3,7 +3,7 @@ appVersion: v2.7.6 kubeVersion: ">=1.23.0-0" description: A Helm chart for Argo CD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 5.36.5 +version: 5.36.6 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png sources: @@ -28,3 +28,5 @@ annotations: artifacthub.io/changes: | - kind: changed description: Upgrade Argo CD to v2.7.6 + - kind: changed + description: applicationSet.containerPorts.metrics to 8085 diff --git a/charts/argo-cd/README.md b/charts/argo-cd/README.md index f5a6a8865..6d2e0b89d 100644 --- a/charts/argo-cd/README.md +++ b/charts/argo-cd/README.md @@ -1044,7 +1044,7 @@ If you want to use an existing Redis (eg. a managed service from a cloud provide | applicationSet.certificate.privateKey.size | int | `2048` | Key bit size of the private key. If algorithm is set to `Ed25519`, size is ignored. | | applicationSet.certificate.renewBefore | string | `""` (defaults to 360h = 15d if not specified) | How long before the expiry a certificate should be renewed. | | applicationSet.certificate.secretName | string | `"argocd-application-controller-tls"` | The name of the Secret that will be automatically created and managed by this Certificate resource | -| applicationSet.containerPorts.metrics | int | `8080` | Metrics container port | +| applicationSet.containerPorts.metrics | int | `8085` | Metrics container port | | applicationSet.containerPorts.probe | int | `8081` | Probe container port | | applicationSet.containerPorts.webhook | int | `7000` | Webhook container port | | applicationSet.containerSecurityContext | object | See [values.yaml] | ApplicationSet controller container-level security context | diff --git a/charts/argo-cd/values.yaml b/charts/argo-cd/values.yaml index c2dd9b525..2c3fe694e 100644 --- a/charts/argo-cd/values.yaml +++ b/charts/argo-cd/values.yaml @@ -2506,7 +2506,7 @@ applicationSet: # ApplicationSet controller container ports containerPorts: # -- Metrics container port - metrics: 8080 + metrics: 8085 # -- Probe container port probe: 8081 # -- Webhook container port From 172ce600a1d686d3de1ba4967a07a8bbe7c121f1 Mon Sep 17 00:00:00 2001 From: Marco Kilchhofer Date: Fri, 23 Jun 2023 15:59:14 +0200 Subject: [PATCH 226/356] fix(argo-cd): Revert "Default applicationSet metrics port to 8085" (#2130) Signed-off-by: Marco Kilchhofer --- charts/argo-cd/Chart.yaml | 6 +++--- charts/argo-cd/README.md | 4 ++-- charts/argo-cd/values.yaml | 4 ++-- 3 files changed, 7 insertions(+), 7 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index 7c5c20e77..edb176c78 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -3,7 +3,7 @@ appVersion: v2.7.6 kubeVersion: ">=1.23.0-0" description: A Helm chart for Argo CD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 5.36.6 +version: 5.36.7 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png sources: @@ -27,6 +27,6 @@ annotations: url: https://argoproj.github.io/argo-helm/pgp_keys.asc artifacthub.io/changes: | - kind: changed - description: Upgrade Argo CD to v2.7.6 + description: Adapt `applicationSet.containerPorts.metrics` to 8080 (revert previous release) - kind: changed - description: applicationSet.containerPorts.metrics to 8085 + description: Adapt `applicationSet.metrics.service.servicePort` to 8080 diff --git a/charts/argo-cd/README.md b/charts/argo-cd/README.md index 6d2e0b89d..cde67925b 100644 --- a/charts/argo-cd/README.md +++ b/charts/argo-cd/README.md @@ -1044,7 +1044,7 @@ If you want to use an existing Redis (eg. a managed service from a cloud provide | applicationSet.certificate.privateKey.size | int | `2048` | Key bit size of the private key. If algorithm is set to `Ed25519`, size is ignored. | | applicationSet.certificate.renewBefore | string | `""` (defaults to 360h = 15d if not specified) | How long before the expiry a certificate should be renewed. | | applicationSet.certificate.secretName | string | `"argocd-application-controller-tls"` | The name of the Secret that will be automatically created and managed by this Certificate resource | -| applicationSet.containerPorts.metrics | int | `8085` | Metrics container port | +| applicationSet.containerPorts.metrics | int | `8080` | Metrics container port | | applicationSet.containerPorts.probe | int | `8081` | Probe container port | | applicationSet.containerPorts.webhook | int | `7000` | Webhook container port | | applicationSet.containerSecurityContext | object | See [values.yaml] | ApplicationSet controller container-level security context | @@ -1075,7 +1075,7 @@ If you want to use an existing Redis (eg. a managed service from a cloud provide | applicationSet.metrics.service.clusterIP | string | `""` | Metrics service clusterIP. `None` makes a "headless service" (no virtual IP) | | applicationSet.metrics.service.labels | object | `{}` | Metrics service labels | | applicationSet.metrics.service.portName | string | `"http-metrics"` | Metrics service port name | -| applicationSet.metrics.service.servicePort | int | `8085` | Metrics service port | +| applicationSet.metrics.service.servicePort | int | `8080` | Metrics service port | | applicationSet.metrics.service.type | string | `"ClusterIP"` | Metrics service type | | applicationSet.metrics.serviceMonitor.additionalLabels | object | `{}` | Prometheus ServiceMonitor labels | | applicationSet.metrics.serviceMonitor.annotations | object | `{}` | Prometheus ServiceMonitor annotations | diff --git a/charts/argo-cd/values.yaml b/charts/argo-cd/values.yaml index 2c3fe694e..d1687b539 100644 --- a/charts/argo-cd/values.yaml +++ b/charts/argo-cd/values.yaml @@ -2433,7 +2433,7 @@ applicationSet: # -- Metrics service labels labels: {} # -- Metrics service port - servicePort: 8085 + servicePort: 8080 # -- Metrics service port name portName: http-metrics serviceMonitor: @@ -2506,7 +2506,7 @@ applicationSet: # ApplicationSet controller container ports containerPorts: # -- Metrics container port - metrics: 8085 + metrics: 8080 # -- Probe container port probe: 8081 # -- Webhook container port From 490ffa574c0917def580efafa94e810e28ce02cb Mon Sep 17 00:00:00 2001 From: frauniki Date: Sat, 24 Jun 2023 01:35:01 +0900 Subject: [PATCH 227/356] fix(argo-workflows): Change argo-workflows-server crb creation conditions (#2124) Change server's crb creation conditions Signed-off-by: frauniki Co-authored-by: Jason Meridth Co-authored-by: Aikawa --- charts/argo-workflows/Chart.yaml | 6 +++--- charts/argo-workflows/templates/server/server-crb.yaml | 2 +- 2 files changed, 4 insertions(+), 4 deletions(-) diff --git a/charts/argo-workflows/Chart.yaml b/charts/argo-workflows/Chart.yaml index 5cfc70f72..331998be1 100644 --- a/charts/argo-workflows/Chart.yaml +++ b/charts/argo-workflows/Chart.yaml @@ -3,7 +3,7 @@ appVersion: v3.4.8 name: argo-workflows description: A Helm chart for Argo Workflows type: application -version: 0.29.2 +version: 0.29.3 icon: https://argoproj.github.io/argo-workflows/assets/logo.png home: https://github.com/argoproj/argo-helm sources: @@ -16,5 +16,5 @@ annotations: fingerprint: 2B8F22F57260EFA67BE1C5824B11F800CD9D2252 url: https://argoproj.github.io/argo-helm/pgp_keys.asc artifacthub.io/changes: | - - kind: added - description: Add support for UI columns configuration + - kind: fixed + description: Modify to allow ClusterRoleBinding to be created even if the server's ServiceAccount is not created diff --git a/charts/argo-workflows/templates/server/server-crb.yaml b/charts/argo-workflows/templates/server/server-crb.yaml index ec4f6435a..e8d6511de 100644 --- a/charts/argo-workflows/templates/server/server-crb.yaml +++ b/charts/argo-workflows/templates/server/server-crb.yaml @@ -1,4 +1,4 @@ -{{- if and .Values.server.enabled .Values.server.serviceAccount.create .Values.server.rbac.create -}} +{{- if and .Values.server.enabled .Values.server.rbac.create -}} apiVersion: rbac.authorization.k8s.io/v1 {{- if .Values.singleNamespace }} kind: RoleBinding From 4ff88759c9acc9b0b77ffae239c9b6c88a552432 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Sat, 24 Jun 2023 08:18:56 -0500 Subject: [PATCH 228/356] chore(deps): bump ossf/scorecard-action from 2.1.3 to 2.2.0 (#2131) --- .github/workflows/scorecard.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/scorecard.yml b/.github/workflows/scorecard.yml index 6cdcfd552..066d3c57e 100644 --- a/.github/workflows/scorecard.yml +++ b/.github/workflows/scorecard.yml @@ -38,7 +38,7 @@ jobs: persist-credentials: false - name: "Run analysis" - uses: ossf/scorecard-action@80e868c13c90f172d68d1f4501dee99e2479f7af # v2.1.3 + uses: ossf/scorecard-action@08b4669551908b1024bb425080c797723083c031 # v2.2.0 with: results_file: results.sarif results_format: sarif From f1526ec558709387080e5967d1475f8e7d64eef7 Mon Sep 17 00:00:00 2001 From: toyamagu <83329336+toyamagu-2021@users.noreply.github.com> Date: Sun, 25 Jun 2023 07:28:46 +0900 Subject: [PATCH 229/356] fix(argo-workflows): artifactRepository will not be configured by default (#2132) (#2134) --- charts/argo-workflows/Chart.yaml | 4 +- .../ci/enable-artifact-repo-values.yaml | 46 +++++++++++++++++++ .../workflow-controller-config-map.yaml | 8 ++-- charts/argo-workflows/values.yaml | 22 ++++----- 4 files changed, 64 insertions(+), 16 deletions(-) create mode 100644 charts/argo-workflows/ci/enable-artifact-repo-values.yaml diff --git a/charts/argo-workflows/Chart.yaml b/charts/argo-workflows/Chart.yaml index 331998be1..b12335a50 100644 --- a/charts/argo-workflows/Chart.yaml +++ b/charts/argo-workflows/Chart.yaml @@ -3,7 +3,7 @@ appVersion: v3.4.8 name: argo-workflows description: A Helm chart for Argo Workflows type: application -version: 0.29.3 +version: 0.30.0 icon: https://argoproj.github.io/argo-workflows/assets/logo.png home: https://github.com/argoproj/argo-helm sources: @@ -17,4 +17,4 @@ annotations: url: https://argoproj.github.io/argo-helm/pgp_keys.asc artifacthub.io/changes: | - kind: fixed - description: Modify to allow ClusterRoleBinding to be created even if the server's ServiceAccount is not created + description: artifactRepository will not be configured by default diff --git a/charts/argo-workflows/ci/enable-artifact-repo-values.yaml b/charts/argo-workflows/ci/enable-artifact-repo-values.yaml new file mode 100644 index 000000000..c20a57751 --- /dev/null +++ b/charts/argo-workflows/ci/enable-artifact-repo-values.yaml @@ -0,0 +1,46 @@ +# Test with artifact repository +crds: + keep: false + +useStaticCredentials: true +artifactRepository: + archiveLogs: false + s3: + accessKeySecret: + name: "{{ .Release.Name }}-minio" + key: accesskey + secretKeySecret: + name: "{{ .Release.Name }}-minio" + key: secretkey + insecure: false + bucket: + endpoint: + region: + roleARN: + useSDKCreds: true + encryptionOptions: + enableEncryption: true + gcs: + bucket: project-argo + keyFormat: "{{ `{{workflow.namespace}}/{{workflow.name}}/{{pod.name}}` }}" + serviceAccountKeySecret: + name: my-gcs-credentials + key: serviceAccountKey + azure: + endpoint: https://mystorageaccountname.blob.core.windows.net + container: my-container-name + blobNameFormat: path/in/container + useSDKCreds: true + accountKeySecret: + name: my-azure-storage-credentials + key: account-access-key + +customArtifactRepository: + artifactory: + repoUrl: https://artifactory.example.com/raw + usernameSecret: + name: artifactory-creds + key: username + passwordSecret: + name: artifactory-creds + key: password diff --git a/charts/argo-workflows/templates/controller/workflow-controller-config-map.yaml b/charts/argo-workflows/templates/controller/workflow-controller-config-map.yaml index 22033e4cd..680b436fc 100644 --- a/charts/argo-workflows/templates/controller/workflow-controller-config-map.yaml +++ b/charts/argo-workflows/templates/controller/workflow-controller-config-map.yaml @@ -55,6 +55,7 @@ data: securityContext: {{- toYaml . | nindent 8 }} {{- end }} {{- end }} + {{- if or .Values.artifactRepository.s3 .Values.artifactRepository.gcs .Values.artifactRepository.azure .Values.customArtifactRepository }} artifactRepository: {{- if .Values.artifactRepository.archiveLogs }} archiveLogs: {{ .Values.artifactRepository.archiveLogs }} @@ -65,7 +66,7 @@ data: {{- with .Values.artifactRepository.azure }} azure: {{- tpl (toYaml .) $ | nindent 8 }} {{- end }} - {{- if and (not .Values.artifactRepository.gcs) (not .Values.artifactRepository.azure) }} + {{- if .Values.artifactRepository.s3 }} s3: {{- if .Values.useStaticCredentials }} accessKeySecret: @@ -95,8 +96,9 @@ data: {{- toYaml . | nindent 10 }} {{- end }} {{- end }} - {{- if .Values.customArtifactRepository }} - {{- toYaml .Values.customArtifactRepository | nindent 6 }} + {{- if .Values.customArtifactRepository }} + {{- toYaml .Values.customArtifactRepository | nindent 6 }} + {{- end }} {{- end }} {{- if .Values.controller.metricsConfig.enabled }} metricsConfig: diff --git a/charts/argo-workflows/values.yaml b/charts/argo-workflows/values.yaml index 410ce958d..21970f438 100644 --- a/charts/argo-workflows/values.yaml +++ b/charts/argo-workflows/values.yaml @@ -705,17 +705,17 @@ artifactRepository: archiveLogs: false # -- Store artifact in a S3-compliant object store # @default -- See [values.yaml] - s3: - # Note the `key` attribute is not the actual secret, it's the PATH to - # the contents in the associated secret, as defined by the `name` attribute. - accessKeySecret: - name: "{{ .Release.Name }}-minio" - key: accesskey - secretKeySecret: - name: "{{ .Release.Name }}-minio" - key: secretkey - # insecure will disable TLS. Primarily used for minio installs not configured with TLS - insecure: false + s3: {} + # # Note the `key` attribute is not the actual secret, it's the PATH to + # # the contents in the associated secret, as defined by the `name` attribute. + # accessKeySecret: + # name: "{{ .Release.Name }}-minio" + # key: accesskey + # secretKeySecret: + # name: "{{ .Release.Name }}-minio" + # key: secretkey + # # insecure will disable TLS. Primarily used for minio installs not configured with TLS + # insecure: false # bucket: # endpoint: # region: From 4d0ae17c2f8e40c60e7775c5d21ddaabdc03380e Mon Sep 17 00:00:00 2001 From: Josh Baird Date: Mon, 26 Jun 2023 10:31:20 -0400 Subject: [PATCH 230/356] feat(argo-cd): Conditionally create the argocd-cmd-params-cm ConfigMap (#2129) * Add conditional for params cm. Signed-off-by: Josh Baird * Add value for create. Signed-off-by: Josh Baird * Update CHANGELOG. Signed-off-by: Josh Baird * Extra space. Signed-off-by: Josh Baird * Update docs. Signed-off-by: Josh Baird * Extra space. Signed-off-by: Josh Baird * Bump to 5.36.9 Signed-off-by: Josh Baird --------- Signed-off-by: Josh Baird --- charts/argo-cd/Chart.yaml | 8 +++----- charts/argo-cd/README.md | 1 + .../templates/argocd-configs/argocd-cmd-params-cm.yaml | 2 ++ charts/argo-cd/values.yaml | 4 ++++ 4 files changed, 10 insertions(+), 5 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index edb176c78..ee6d023c2 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -3,7 +3,7 @@ appVersion: v2.7.6 kubeVersion: ">=1.23.0-0" description: A Helm chart for Argo CD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 5.36.7 +version: 5.36.9 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png sources: @@ -26,7 +26,5 @@ annotations: fingerprint: 2B8F22F57260EFA67BE1C5824B11F800CD9D2252 url: https://argoproj.github.io/argo-helm/pgp_keys.asc artifacthub.io/changes: | - - kind: changed - description: Adapt `applicationSet.containerPorts.metrics` to 8080 (revert previous release) - - kind: changed - description: Adapt `applicationSet.metrics.service.servicePort` to 8080 + - kind: added + description: Added `configs.params.create` value to the argo-cd chart diff --git a/charts/argo-cd/README.md b/charts/argo-cd/README.md index cde67925b..dbf3f0121 100644 --- a/charts/argo-cd/README.md +++ b/charts/argo-cd/README.md @@ -464,6 +464,7 @@ NAME: my-release | configs.params."server.staticassets" | string | `"/shared/app"` | Directory path that contains additional static assets | | configs.params."server.x.frame.options" | string | `"sameorigin"` | Set X-Frame-Options header in HTTP responses to value. To disable, set to "". | | configs.params.annotations | object | `{}` | Annotations to be added to the argocd-cmd-params-cm ConfigMap | +| configs.params.create | bool | `true` | Create the argocd-cmd-params-cm configmap If false, it is expected the configmap will be created by something else. | | configs.rbac."policy.csv" | string | `''` (See [values.yaml]) | File containing user-defined policies and role definitions. | | configs.rbac."policy.default" | string | `""` | The name of the default role which Argo CD will falls back to, when authorizing API requests (optional). If omitted or empty, users may be still be able to login, but will see no apps, projects, etc... | | configs.rbac.annotations | object | `{}` | Annotations to be added to argocd-rbac-cm configmap | diff --git a/charts/argo-cd/templates/argocd-configs/argocd-cmd-params-cm.yaml b/charts/argo-cd/templates/argocd-configs/argocd-cmd-params-cm.yaml index 18fead9bb..9d60d932f 100644 --- a/charts/argo-cd/templates/argocd-configs/argocd-cmd-params-cm.yaml +++ b/charts/argo-cd/templates/argocd-configs/argocd-cmd-params-cm.yaml @@ -1,3 +1,4 @@ +{{- if .Values.configs.params.create }} apiVersion: v1 kind: ConfigMap metadata: @@ -13,3 +14,4 @@ metadata: {{- end }} data: {{- include "argo-cd.config.params" . | trim | nindent 2 }} +{{- end }} diff --git a/charts/argo-cd/values.yaml b/charts/argo-cd/values.yaml index d1687b539..c7129babf 100644 --- a/charts/argo-cd/values.yaml +++ b/charts/argo-cd/values.yaml @@ -217,6 +217,10 @@ configs: # Argo CD configuration parameters ## Ref: https://github.com/argoproj/argo-cd/blob/master/docs/operator-manual/argocd-cmd-params-cm.yaml params: + # -- Create the argocd-cmd-params-cm configmap + # If false, it is expected the configmap will be created by something else. + create: true + # -- Annotations to be added to the argocd-cmd-params-cm ConfigMap annotations: {} From 78e99e991119b5e982a0de6eea8c3609409033a5 Mon Sep 17 00:00:00 2001 From: Josh Baird Date: Mon, 26 Jun 2023 10:53:40 -0400 Subject: [PATCH 231/356] feat(argo-cd): Add support for configuring argo-notifications log level and format (#2127) * Add env vars for notification logging. Signed-off-by: Josh Baird * Indent. Signed-off-by: Josh Baird * Update CHANGELOG. Signed-off-by: Josh Baird * Bump chart version. Signed-off-by: Josh Baird * Remove extra line. Signed-off-by: Josh Baird * Bump to 5.6.38. Signed-off-by: Josh Baird --------- Signed-off-by: Josh Baird --- charts/argo-cd/Chart.yaml | 4 ++-- .../argocd-notifications/deployment.yaml | 18 +++++++++++++++--- 2 files changed, 17 insertions(+), 5 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index ee6d023c2..484611006 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -3,7 +3,7 @@ appVersion: v2.7.6 kubeVersion: ">=1.23.0-0" description: A Helm chart for Argo CD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 5.36.9 +version: 5.36.10 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png sources: @@ -27,4 +27,4 @@ annotations: url: https://argoproj.github.io/argo-helm/pgp_keys.asc artifacthub.io/changes: | - kind: added - description: Added `configs.params.create` value to the argo-cd chart + description: Add `ARGOCD_NOTIFICATIONS_CONTROLLER_LOGLEVEL` and `ARGOCD_NOTIFICATIONS_CONTROLLER_LOGFORMAT` env vars to argo-notifications Deployment diff --git a/charts/argo-cd/templates/argocd-notifications/deployment.yaml b/charts/argo-cd/templates/argocd-notifications/deployment.yaml index 8df6c8bb1..d2eca77f4 100644 --- a/charts/argo-cd/templates/argocd-notifications/deployment.yaml +++ b/charts/argo-cd/templates/argocd-notifications/deployment.yaml @@ -66,10 +66,22 @@ spec: {{- range .Values.notifications.extraArgs }} - {{ . | squote }} {{- end }} - {{- with (concat .Values.global.env .Values.notifications.extraEnv) }} env: - {{- toYaml . | nindent 12 }} - {{- end }} + {{- with (concat .Values.global.env .Values.notifications.extraEnv) }} + {{- toYaml . | nindent 12 }} + {{- end }} + - name: ARGOCD_NOTIFICATIONS_CONTROLLER_LOGLEVEL + valueFrom: + configMapKeyRef: + key: notificationscontroller.log.level + name: argocd-cmd-params-cm + optional: true + - name: ARGOCD_NOTIFICATIONS_CONTROLLER_LOGFORMAT + valueFrom: + configMapKeyRef: + key: notificationscontroller.log.format + name: argocd-cmd-params-cm + optional: true {{- with .Values.notifications.extraEnvFrom }} envFrom: {{- toYaml . | nindent 12 }} From 675803c02dc5390440b9b13a089b4ad45e7645bb Mon Sep 17 00:00:00 2001 From: dchien234 Date: Fri, 30 Jun 2023 00:02:15 +0800 Subject: [PATCH 232/356] fix(argo-cd): fix gRPC service target port (#2138) * fix(argo-cd): update grpc service to use proper targetPort Signed-off-by: d.chien * fix(argo-cd): update Chart changelog Signed-off-by: d.chien --------- Signed-off-by: d.chien --- charts/argo-cd/Chart.yaml | 6 +++--- charts/argo-cd/templates/argocd-server/aws/service.yaml | 4 ++-- 2 files changed, 5 insertions(+), 5 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index 484611006..d000da107 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -3,7 +3,7 @@ appVersion: v2.7.6 kubeVersion: ">=1.23.0-0" description: A Helm chart for Argo CD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 5.36.10 +version: 5.36.11 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png sources: @@ -26,5 +26,5 @@ annotations: fingerprint: 2B8F22F57260EFA67BE1C5824B11F800CD9D2252 url: https://argoproj.github.io/argo-helm/pgp_keys.asc artifacthub.io/changes: | - - kind: added - description: Add `ARGOCD_NOTIFICATIONS_CONTROLLER_LOGLEVEL` and `ARGOCD_NOTIFICATIONS_CONTROLLER_LOGFORMAT` env vars to argo-notifications Deployment + - kind: changed + description: Change `targetPort` to use proper `.Values.server.containerPorts.server` value in argo-cd/argo-server for grpc Service so that AWS ALB will not fail the health check for this extra Service. diff --git a/charts/argo-cd/templates/argocd-server/aws/service.yaml b/charts/argo-cd/templates/argocd-server/aws/service.yaml index 02c543d52..e9032f92b 100644 --- a/charts/argo-cd/templates/argocd-server/aws/service.yaml +++ b/charts/argo-cd/templates/argocd-server/aws/service.yaml @@ -13,11 +13,11 @@ spec: - name: {{ .Values.server.service.servicePortHttpName }} protocol: TCP port: {{ .Values.server.service.servicePortHttp }} - targetPort: server + targetPort: {{ .Values.server.containerPorts.server }} - name: {{ .Values.server.service.servicePortHttpsName }} protocol: TCP port: {{ .Values.server.service.servicePortHttps }} - targetPort: server + targetPort: {{ .Values.server.containerPorts.server }} selector: {{- include "argo-cd.selectorLabels" (dict "context" . "name" .Values.server.name) | nindent 4 }} sessionAffinity: None From 8213fc37c0a98a0479637d52d9730c4c4a62f7e5 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Sat, 1 Jul 2023 08:39:17 -0500 Subject: [PATCH 233/356] chore(deps): bump actions/labeler from 4.1.0 to 4.2.0 (#2140) --- .github/workflows/pr-sizing.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/pr-sizing.yml b/.github/workflows/pr-sizing.yml index 93cc6b018..18a87c50e 100644 --- a/.github/workflows/pr-sizing.yml +++ b/.github/workflows/pr-sizing.yml @@ -16,7 +16,7 @@ jobs: triage: runs-on: ubuntu-latest steps: - - uses: actions/labeler@9fcb2c2f5584144ca754f8bfe8c6f81e77753375 # v4.1.0 + - uses: actions/labeler@0967ca812e7fdc8f5f71402a1b486d5bd061fe20 # v4.2.0 with: configuration-path: ".github/configs/labeler.yaml" repo-token: "${{ secrets.GITHUB_TOKEN }}" From 7c3553de9d973594369389c5256235af455e79f2 Mon Sep 17 00:00:00 2001 From: Aikawa Date: Sun, 2 Jul 2023 12:16:30 +0900 Subject: [PATCH 234/356] chore(argo-cd): Added note about Kubernetes Compatibility Matrix (#2141) --- charts/argo-cd/Chart.yaml | 6 +++--- charts/argo-cd/README.md | 3 +++ charts/argo-cd/README.md.gotmpl | 3 +++ 3 files changed, 9 insertions(+), 3 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index d000da107..eacaef396 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -3,7 +3,7 @@ appVersion: v2.7.6 kubeVersion: ">=1.23.0-0" description: A Helm chart for Argo CD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 5.36.11 +version: 5.36.12 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png sources: @@ -26,5 +26,5 @@ annotations: fingerprint: 2B8F22F57260EFA67BE1C5824B11F800CD9D2252 url: https://argoproj.github.io/argo-helm/pgp_keys.asc artifacthub.io/changes: | - - kind: changed - description: Change `targetPort` to use proper `.Values.server.containerPorts.server` value in argo-cd/argo-server for grpc Service so that AWS ALB will not fail the health check for this extra Service. + - kind: added + description: Added note about Kubernetes Compatibility Matrix diff --git a/charts/argo-cd/README.md b/charts/argo-cd/README.md index dbf3f0121..9c2d3c4a1 100644 --- a/charts/argo-cd/README.md +++ b/charts/argo-cd/README.md @@ -362,6 +362,8 @@ server: ## Prerequisites - Kubernetes: `>=1.23.0-0` + - We align with [Amazon EKS calendar][EKS EoL] because there are many AWS users and it's a conservative approach. + - Please check [Support Matrix of Argo CD][Kubernetes Compatibility Matrix] for official info. - Helm v3.0.0+ ## Installing the Chart @@ -1223,3 +1225,4 @@ Autogenerated from chart metadata using [helm-docs](https://github.com/norwoodj/ [v2.2 to 2.3 upgrade instructions]: https://github.com/argoproj/argo-cd/blob/v2.3.0/docs/operator-manual/upgrading/2.2-2.3.md [tini]: https://github.com/argoproj/argo-cd/pull/12707 [EKS EoL]: https://endoflife.date/amazon-eks +[Kubernetes Compatibility Matrix]: https://argo-cd.readthedocs.io/en/stable/operator-manual/installation/#supported-versions diff --git a/charts/argo-cd/README.md.gotmpl b/charts/argo-cd/README.md.gotmpl index 6b5efffce..f1dea7f2d 100644 --- a/charts/argo-cd/README.md.gotmpl +++ b/charts/argo-cd/README.md.gotmpl @@ -363,6 +363,8 @@ server: ## Prerequisites - {{ template "chart.kubeVersionLine" . }} + - We align with [Amazon EKS calendar][EKS EoL] because there are many AWS users and it's a conservative approach. + - Please check [Support Matrix of Argo CD][Kubernetes Compatibility Matrix] for official info. - Helm v3.0.0+ ## Installing the Chart @@ -559,3 +561,4 @@ Autogenerated from chart metadata using [helm-docs](https://github.com/norwoodj/ [v2.2 to 2.3 upgrade instructions]: https://github.com/argoproj/argo-cd/blob/v2.3.0/docs/operator-manual/upgrading/2.2-2.3.md [tini]: https://github.com/argoproj/argo-cd/pull/12707 [EKS EoL]: https://endoflife.date/amazon-eks +[Kubernetes Compatibility Matrix]: https://argo-cd.readthedocs.io/en/stable/operator-manual/installation/#supported-versions From 167c112bcbbebfd4b0c18d38c9bbb063fab7f78b Mon Sep 17 00:00:00 2001 From: Elad Shmitanka Date: Sun, 2 Jul 2023 11:07:17 +0300 Subject: [PATCH 235/356] fix(argo-cd): Add usages to ArgoCD server certificate (#2143) --- charts/argo-cd/Chart.yaml | 4 ++-- charts/argo-cd/README.md | 1 + charts/argo-cd/templates/argocd-server/certificate.yaml | 4 ++++ charts/argo-cd/values.yaml | 3 +++ 4 files changed, 10 insertions(+), 2 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index eacaef396..bec859df0 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -3,7 +3,7 @@ appVersion: v2.7.6 kubeVersion: ">=1.23.0-0" description: A Helm chart for Argo CD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 5.36.12 +version: 5.36.13 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png sources: @@ -27,4 +27,4 @@ annotations: url: https://argoproj.github.io/argo-helm/pgp_keys.asc artifacthub.io/changes: | - kind: added - description: Added note about Kubernetes Compatibility Matrix + description: Support for setting server certificate usages diff --git a/charts/argo-cd/README.md b/charts/argo-cd/README.md index 9c2d3c4a1..907cd0fe2 100644 --- a/charts/argo-cd/README.md +++ b/charts/argo-cd/README.md @@ -688,6 +688,7 @@ NAME: my-release | server.certificate.privateKey.size | int | `2048` | Key bit size of the private key. If algorithm is set to `Ed25519`, size is ignored. | | server.certificate.renewBefore | string | `""` (defaults to 360h = 15d if not specified) | How long before the expiry a certificate should be renewed. | | server.certificate.secretName | string | `"argocd-server-tls"` | The name of the Secret that will be automatically created and managed by this Certificate resource | +| server.certificate.usages | list | `[]` | Usages for the certificate | | server.certificateSecret.annotations | object | `{}` | Annotations to be added to argocd-server-tls secret | | server.certificateSecret.crt | string | `""` | Certificate data | | server.certificateSecret.enabled | bool | `false` | Create argocd-server-tls secret | diff --git a/charts/argo-cd/templates/argocd-server/certificate.yaml b/charts/argo-cd/templates/argocd-server/certificate.yaml index eec82ae6a..1ec9bb028 100644 --- a/charts/argo-cd/templates/argocd-server/certificate.yaml +++ b/charts/argo-cd/templates/argocd-server/certificate.yaml @@ -30,4 +30,8 @@ spec: privateKey: {{- toYaml . | nindent 4 }} {{- end }} + {{- with .Values.server.certificate.usages }} + usages: + {{- toYaml . | nindent 4 }} + {{- end }} {{- end }} diff --git a/charts/argo-cd/values.yaml b/charts/argo-cd/values.yaml index c7129babf..63588ea9b 100644 --- a/charts/argo-cd/values.yaml +++ b/charts/argo-cd/values.yaml @@ -1743,6 +1743,9 @@ server: algorithm: RSA # -- Key bit size of the private key. If algorithm is set to `Ed25519`, size is ignored. size: 2048 + # -- Usages for the certificate + ### Ref: https://cert-manager.io/docs/reference/api-docs/#cert-manager.io/v1.KeyUsage + usages: [] # TLS certificate configuration via Secret ## Ref: https://argo-cd.readthedocs.io/en/stable/operator-manual/tls/#tls-certificates-used-by-argocd-server From b9f610e319ee725ac602303714b774c4cc7c1be8 Mon Sep 17 00:00:00 2001 From: Laurent Lavaud Date: Mon, 3 Jul 2023 19:55:01 +0200 Subject: [PATCH 236/356] fix(argo-cd): Update `argo-cd.strategy` template (#2144) - Convert `$preset.type` to string to prevent an "incompatible types for comparison" when no strategy are defined Signed-off-by: Laurent Lavaud --- charts/argo-cd/Chart.yaml | 6 +++--- charts/argo-cd/templates/_common.tpl | 4 ++-- 2 files changed, 5 insertions(+), 5 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index bec859df0..91e3285e4 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -3,7 +3,7 @@ appVersion: v2.7.6 kubeVersion: ">=1.23.0-0" description: A Helm chart for Argo CD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 5.36.13 +version: 5.36.14 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png sources: @@ -26,5 +26,5 @@ annotations: fingerprint: 2B8F22F57260EFA67BE1C5824B11F800CD9D2252 url: https://argoproj.github.io/argo-helm/pgp_keys.asc artifacthub.io/changes: | - - kind: added - description: Support for setting server certificate usages + - kind: fixed + description: Update argo-cd.strategy template diff --git a/charts/argo-cd/templates/_common.tpl b/charts/argo-cd/templates/_common.tpl index 54423f999..f8c84c9c2 100644 --- a/charts/argo-cd/templates/_common.tpl +++ b/charts/argo-cd/templates/_common.tpl @@ -128,9 +128,9 @@ Common deployment strategy definition */}} {{- define "argo-cd.strategy" -}} {{- $preset := . -}} -{{- if (eq $preset.type "Recreate") }} +{{- if (eq (toString $preset.type) "Recreate") }} type: Recreate -{{- else if (eq $preset.type "RollingUpdate") }} +{{- else if (eq (toString $preset.type) "RollingUpdate") }} type: RollingUpdate {{- with $preset.rollingUpdate }} rollingUpdate: From 5c4506b4810eda6583cd89443903956d9c4df6ab Mon Sep 17 00:00:00 2001 From: Atkins Date: Tue, 4 Jul 2023 17:22:19 +0800 Subject: [PATCH 237/356] feat(argo-cd): remove necessary create entry in `argocd-cmd-params-cm` ConfigMap (#2146) fix(argo-cd): remove necessary `create` entry in `argocd-cmd-params-cm` ConfigMap Signed-off-by: Atkins Chang --- charts/argo-cd/Chart.yaml | 4 ++-- charts/argo-cd/templates/_helpers.tpl | 2 +- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index 91e3285e4..c84c0f907 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -3,7 +3,7 @@ appVersion: v2.7.6 kubeVersion: ">=1.23.0-0" description: A Helm chart for Argo CD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 5.36.14 +version: 5.36.15 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png sources: @@ -27,4 +27,4 @@ annotations: url: https://argoproj.github.io/argo-helm/pgp_keys.asc artifacthub.io/changes: | - kind: fixed - description: Update argo-cd.strategy template + description: Remove necessary `create` entry in `argocd-cmd-params-cm` ConfigMap diff --git a/charts/argo-cd/templates/_helpers.tpl b/charts/argo-cd/templates/_helpers.tpl index 2338d1c03..2786d6ede 100644 --- a/charts/argo-cd/templates/_helpers.tpl +++ b/charts/argo-cd/templates/_helpers.tpl @@ -207,7 +207,7 @@ applicationsetcontroller.enable.leader.election: {{ gt (.Values.applicationSet.r Merge Argo Params Configuration with Preset Configuration */}} {{- define "argo-cd.config.params" -}} -{{- $config := omit .Values.configs.params "annotations" }} +{{- $config := omit .Values.configs.params "create" "annotations" }} {{- $preset := include "argo-cd.config.params.presets" . | fromYaml | default dict -}} {{- range $key, $value := mergeOverwrite $preset $config }} {{ $key }}: {{ toString $value | toYaml }} From 5f55ef2c4cc16d4c91faaf1bdb7e0c1d7385435a Mon Sep 17 00:00:00 2001 From: Laurent Lavaud Date: Tue, 4 Jul 2023 16:07:03 +0200 Subject: [PATCH 238/356] feat(argo-cd): Update appset deployment template (#2145) - add cmd-params checksum annotation to the applicationSet deployment to trigger an automated rollout when changed. Signed-off-by: Laurent Lavaud Signed-off-by: Laurent Lavaud --- charts/argo-cd/Chart.yaml | 6 +++--- .../argo-cd/templates/argocd-applicationset/deployment.yaml | 5 +++-- 2 files changed, 6 insertions(+), 5 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index c84c0f907..513438a5c 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -3,7 +3,7 @@ appVersion: v2.7.6 kubeVersion: ">=1.23.0-0" description: A Helm chart for Argo CD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 5.36.15 +version: 5.37.0 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png sources: @@ -26,5 +26,5 @@ annotations: fingerprint: 2B8F22F57260EFA67BE1C5824B11F800CD9D2252 url: https://argoproj.github.io/argo-helm/pgp_keys.asc artifacthub.io/changes: | - - kind: fixed - description: Remove necessary `create` entry in `argocd-cmd-params-cm` ConfigMap + - kind: added + description: add applicationSet deployment cmd-params checksum diff --git a/charts/argo-cd/templates/argocd-applicationset/deployment.yaml b/charts/argo-cd/templates/argocd-applicationset/deployment.yaml index 3ae8410c9..0e00e28d4 100644 --- a/charts/argo-cd/templates/argocd-applicationset/deployment.yaml +++ b/charts/argo-cd/templates/argocd-applicationset/deployment.yaml @@ -24,12 +24,13 @@ spec: {{- include "argo-cd.selectorLabels" (dict "context" . "name" .Values.applicationSet.name) | nindent 6 }} template: metadata: - {{- with (mergeOverwrite (deepCopy .Values.global.podAnnotations) .Values.applicationSet.podAnnotations) }} annotations: + checksum/cmd-params: {{ include (print $.Template.BasePath "/argocd-configs/argocd-cmd-params-cm.yaml") . | sha256sum }} + {{- with (mergeOverwrite (deepCopy .Values.global.podAnnotations) .Values.applicationSet.podAnnotations) }} {{- range $key, $value := . }} {{ $key }}: {{ $value | quote }} {{- end }} - {{- end }} + {{- end }} labels: {{- include "argo-cd.labels" (dict "context" . "component" .Values.applicationSet.name "name" .Values.applicationSet.name) | nindent 8 }} {{- with (mergeOverwrite (deepCopy .Values.global.podLabels) .Values.applicationSet.podLabels) }} From 5e5bad5262ecad870b70d73df2465182b1e86f3d Mon Sep 17 00:00:00 2001 From: Andre Krueger <32708635+1337andre@users.noreply.github.com> Date: Thu, 6 Jul 2023 10:25:47 +0200 Subject: [PATCH 239/356] chore(argo-cd): Upgrade Argo CD to v2.7.7 (#2147) Signed-off-by: Andre Krueger <32708635+1337andre@users.noreply.github.com> --- charts/argo-cd/Chart.yaml | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index 513438a5c..cbc97da17 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -1,9 +1,9 @@ apiVersion: v2 -appVersion: v2.7.6 +appVersion: v2.7.7 kubeVersion: ">=1.23.0-0" description: A Helm chart for Argo CD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 5.37.0 +version: 5.37.1 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png sources: @@ -26,5 +26,5 @@ annotations: fingerprint: 2B8F22F57260EFA67BE1C5824B11F800CD9D2252 url: https://argoproj.github.io/argo-helm/pgp_keys.asc artifacthub.io/changes: | - - kind: added - description: add applicationSet deployment cmd-params checksum + - kind: changed + description: Upgrade Argo CD to v2.7.7 From f858ab6cb3f880a05e7f3ba89c83408dd5d509eb Mon Sep 17 00:00:00 2001 From: shirtabachii Date: Sun, 9 Jul 2023 18:58:28 +0300 Subject: [PATCH 240/356] Create new workflow for copy Redis image to Quay --- .github/workflows/copy-redis-image.yml | 39 ++++++++++++++++++++++++++ 1 file changed, 39 insertions(+) create mode 100644 .github/workflows/copy-redis-image.yml diff --git a/.github/workflows/copy-redis-image.yml b/.github/workflows/copy-redis-image.yml new file mode 100644 index 000000000..c0656d141 --- /dev/null +++ b/.github/workflows/copy-redis-image.yml @@ -0,0 +1,39 @@ +name: Copy Redis Image + +on: + push: + branches: + - argo-cd + +jobs: + copy: + runs-on: ubuntu-latest + + steps: + - name: Check out code + uses: actions/checkout@v2 + + - name: Extract Redis Image Tag from values.yaml + id: get_redis_image_tag + run: | + echo "VERSION=$(yq e .redis.image.tag ../../charts/argo-cd/values.yaml)" >> $GITHUB_ENV + + - name: Login to Quay + uses: docker/login-action@v1 + with: + registry: quay.io + username: ${{ secrets.QUAY_USER }} + password: ${{ secrets.QUAY_TOKEN }} + + - name: Install regctl + run: | + curl -Lo regctl https://github.com/regclient/regclient/releases/download/v0.5.0/regctl-linux-amd64 + chmod +x regctl + sudo mv regctl /usr/local/bin/ + + - name: Copy Redis Image + env: + SRC_IMAGE_REPO: public.ecr.aws/docker/library/redis + DST_IMAGE_REPO: quay.io/codefresh/redis + run: | + regctl image copy "${{ env.SRC_IMAGE_REPO }}":"${{ env.VERSION }}" "${{ env.DST_IMAGE_REPO }}":"${{ env.VERSION }}" --verbosity debug From 337f351a97410229e312622b83b3caa602549377 Mon Sep 17 00:00:00 2001 From: shirtabachii Date: Sun, 9 Jul 2023 19:00:12 +0300 Subject: [PATCH 241/356] Create new workflow for copy Redis image to Quay --- .github/workflows/copy-redis-image.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/copy-redis-image.yml b/.github/workflows/copy-redis-image.yml index c0656d141..a5d13d0b9 100644 --- a/.github/workflows/copy-redis-image.yml +++ b/.github/workflows/copy-redis-image.yml @@ -34,6 +34,6 @@ jobs: - name: Copy Redis Image env: SRC_IMAGE_REPO: public.ecr.aws/docker/library/redis - DST_IMAGE_REPO: quay.io/codefresh/redis + DST_IMAGE_REPO: quay.io/codefresh/redis-test run: | regctl image copy "${{ env.SRC_IMAGE_REPO }}":"${{ env.VERSION }}" "${{ env.DST_IMAGE_REPO }}":"${{ env.VERSION }}" --verbosity debug From 43a84e4074d7c3ca06cb4f777c64c86aa98ee838 Mon Sep 17 00:00:00 2001 From: shirtabachii Date: Sun, 9 Jul 2023 19:05:56 +0300 Subject: [PATCH 242/356] Create new workflow for copy Redis image to Quay --- .github/workflows/copy-redis-image.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/copy-redis-image.yml b/.github/workflows/copy-redis-image.yml index a5d13d0b9..dc9fcf382 100644 --- a/.github/workflows/copy-redis-image.yml +++ b/.github/workflows/copy-redis-image.yml @@ -3,7 +3,7 @@ name: Copy Redis Image on: push: branches: - - argo-cd + - argocd/cr-19101-copy-redis-image jobs: copy: From 34e3157c84e1d6b75fc59af2cd6637364ae43989 Mon Sep 17 00:00:00 2001 From: shirtabachii Date: Sun, 9 Jul 2023 19:08:36 +0300 Subject: [PATCH 243/356] Create new workflow for copy Redis image to Quay --- .github/workflows/copy-redis-image.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/.github/workflows/copy-redis-image.yml b/.github/workflows/copy-redis-image.yml index dc9fcf382..57599f946 100644 --- a/.github/workflows/copy-redis-image.yml +++ b/.github/workflows/copy-redis-image.yml @@ -16,7 +16,7 @@ jobs: - name: Extract Redis Image Tag from values.yaml id: get_redis_image_tag run: | - echo "VERSION=$(yq e .redis.image.tag ../../charts/argo-cd/values.yaml)" >> $GITHUB_ENV + echo "VERSION=$(yq e .redis.image.tag charts/argo-cd/values.yaml)" >> $GITHUB_ENV - name: Login to Quay uses: docker/login-action@v1 @@ -36,4 +36,4 @@ jobs: SRC_IMAGE_REPO: public.ecr.aws/docker/library/redis DST_IMAGE_REPO: quay.io/codefresh/redis-test run: | - regctl image copy "${{ env.SRC_IMAGE_REPO }}":"${{ env.VERSION }}" "${{ env.DST_IMAGE_REPO }}":"${{ env.VERSION }}" --verbosity debug + regctl image copy ${{ env.SRC_IMAGE_REPO }}:${{ env.VERSION }} ${{ env.DST_IMAGE_REPO }}:${{ env.VERSION }} --verbosity debug From 4f6f25198e9ebb8085c3c2a561d6750205dcb0bd Mon Sep 17 00:00:00 2001 From: Venkata Mutyala Date: Mon, 10 Jul 2023 01:14:16 -0700 Subject: [PATCH 244/356] feat(argo-cd): upgrade dexIDP from 2.36.0 -> 2.37.0 (#2155) feat: upgrade dexIDP from 2.36.0 -> 2.37.0 Signed-off-by: Venkata Mutyala --- charts/argo-cd/Chart.yaml | 4 ++-- charts/argo-cd/README.md | 2 +- charts/argo-cd/values.yaml | 2 +- 3 files changed, 4 insertions(+), 4 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index cbc97da17..32e6dfa66 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -3,7 +3,7 @@ appVersion: v2.7.7 kubeVersion: ">=1.23.0-0" description: A Helm chart for Argo CD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 5.37.1 +version: 5.38.0 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png sources: @@ -27,4 +27,4 @@ annotations: url: https://argoproj.github.io/argo-helm/pgp_keys.asc artifacthub.io/changes: | - kind: changed - description: Upgrade Argo CD to v2.7.7 + description: Upgrade dexidp from v2.36.0 to v2.37.0 diff --git a/charts/argo-cd/README.md b/charts/argo-cd/README.md index 907cd0fe2..51db48705 100644 --- a/charts/argo-cd/README.md +++ b/charts/argo-cd/README.md @@ -857,7 +857,7 @@ server: | dex.extraContainers | list | `[]` | Additional containers to be added to the dex pod | | dex.image.imagePullPolicy | string | `""` (defaults to global.image.imagePullPolicy) | Dex imagePullPolicy | | dex.image.repository | string | `"ghcr.io/dexidp/dex"` | Dex image repository | -| dex.image.tag | string | `"v2.36.0"` | Dex image tag | +| dex.image.tag | string | `"v2.37.0"` | Dex image tag | | dex.imagePullSecrets | list | `[]` (defaults to global.imagePullSecrets) | Secrets with credentials to pull images from a private registry | | dex.initContainers | list | `[]` | Init containers to add to the dex pod | | dex.initImage.imagePullPolicy | string | `""` (defaults to global.image.imagePullPolicy) | Argo CD init image imagePullPolicy | diff --git a/charts/argo-cd/values.yaml b/charts/argo-cd/values.yaml index 63588ea9b..08f3404a0 100644 --- a/charts/argo-cd/values.yaml +++ b/charts/argo-cd/values.yaml @@ -928,7 +928,7 @@ dex: # -- Dex image repository repository: ghcr.io/dexidp/dex # -- Dex image tag - tag: v2.36.0 + tag: v2.37.0 # -- Dex imagePullPolicy # @default -- `""` (defaults to global.image.imagePullPolicy) imagePullPolicy: "" From 3931c8e55b29be871ee2b5f461b93f8e3d2f4a0f Mon Sep 17 00:00:00 2001 From: shirtabachii Date: Mon, 10 Jul 2023 12:10:58 +0300 Subject: [PATCH 245/356] Create new workflow for copy Redis image to Quay --- .github/workflows/copy-redis-image.yml | 8 ++------ 1 file changed, 2 insertions(+), 6 deletions(-) diff --git a/.github/workflows/copy-redis-image.yml b/.github/workflows/copy-redis-image.yml index 57599f946..b2466032f 100644 --- a/.github/workflows/copy-redis-image.yml +++ b/.github/workflows/copy-redis-image.yml @@ -1,9 +1,5 @@ name: Copy Redis Image - -on: - push: - branches: - - argocd/cr-19101-copy-redis-image +on: pull_request jobs: copy: @@ -34,6 +30,6 @@ jobs: - name: Copy Redis Image env: SRC_IMAGE_REPO: public.ecr.aws/docker/library/redis - DST_IMAGE_REPO: quay.io/codefresh/redis-test + DST_IMAGE_REPO: quay.io/codefresh/redis run: | regctl image copy ${{ env.SRC_IMAGE_REPO }}:${{ env.VERSION }} ${{ env.DST_IMAGE_REPO }}:${{ env.VERSION }} --verbosity debug From 86ad9ce9a023fea68532695e7240fb013c4970a4 Mon Sep 17 00:00:00 2001 From: ilia-medvedev-codefresh Date: Mon, 10 Jul 2023 12:25:12 +0300 Subject: [PATCH 246/356] Rename copy-redis-image.yml to codefresh-copy-redis-image.yml Signed-off-by: ilia-medvedev-codefresh --- .../{copy-redis-image.yml => codefresh-copy-redis-image.yml} | 0 1 file changed, 0 insertions(+), 0 deletions(-) rename .github/workflows/{copy-redis-image.yml => codefresh-copy-redis-image.yml} (100%) diff --git a/.github/workflows/copy-redis-image.yml b/.github/workflows/codefresh-copy-redis-image.yml similarity index 100% rename from .github/workflows/copy-redis-image.yml rename to .github/workflows/codefresh-copy-redis-image.yml From 5ec59e90fa8f03229b8c49fe6cf50fb79572b1bf Mon Sep 17 00:00:00 2001 From: gussan <83329336+toyamagu-2021@users.noreply.github.com> Date: Tue, 11 Jul 2023 21:07:08 +0900 Subject: [PATCH 247/356] feat(argo-workflows): Add support for artifactRepositoryRef (#2135) Signed-off-by: tomoki-yamaguchi Co-authored-by: Aikawa Co-authored-by: Tim Collins <45351296+tico24@users.noreply.github.com> --- charts/argo-workflows/Chart.yaml | 6 +- charts/argo-workflows/README.md | 1 + .../ci/enable-artifact-repo-ref.yaml | 41 ++++++++++++ .../artifact-repository-ref-cm.yaml | 19 ++++++ charts/argo-workflows/values.yaml | 63 ++++++++++++++++++- 5 files changed, 124 insertions(+), 6 deletions(-) create mode 100644 charts/argo-workflows/ci/enable-artifact-repo-ref.yaml create mode 100644 charts/argo-workflows/templates/controller/artifact-repository-ref-cm.yaml diff --git a/charts/argo-workflows/Chart.yaml b/charts/argo-workflows/Chart.yaml index b12335a50..ade0d8b5d 100644 --- a/charts/argo-workflows/Chart.yaml +++ b/charts/argo-workflows/Chart.yaml @@ -3,7 +3,7 @@ appVersion: v3.4.8 name: argo-workflows description: A Helm chart for Argo Workflows type: application -version: 0.30.0 +version: 0.31.0 icon: https://argoproj.github.io/argo-workflows/assets/logo.png home: https://github.com/argoproj/argo-helm sources: @@ -16,5 +16,5 @@ annotations: fingerprint: 2B8F22F57260EFA67BE1C5824B11F800CD9D2252 url: https://argoproj.github.io/argo-helm/pgp_keys.asc artifacthub.io/changes: | - - kind: fixed - description: artifactRepository will not be configured by default + - kind: added + description: Add support for artifactRepositoryRef diff --git a/charts/argo-workflows/README.md b/charts/argo-workflows/README.md index 6a19bba09..b445df25a 100644 --- a/charts/argo-workflows/README.md +++ b/charts/argo-workflows/README.md @@ -331,6 +331,7 @@ Fields to note: | artifactRepository.azure | object | `{}` (See [values.yaml]) | Store artifact in Azure Blob Storage | | artifactRepository.gcs | object | `{}` (See [values.yaml]) | Store artifact in a GCS object store | | artifactRepository.s3 | object | See [values.yaml] | Store artifact in a S3-compliant object store | +| artifactRepositoryRef | object | `{}` (See [values.yaml]) | The section of [artifact repository ref](https://argoproj.github.io/argo-workflows/artifact-repository-ref/). Each map key is the name of configmap | | customArtifactRepository | object | `{}` | The section of custom artifact repository. Utilize a custom artifact repository that is not one of the current base ones (s3, gcs, azure) | | useStaticCredentials | bool | `true` | Use static credentials for S3 (eg. when not using AWS IRSA) | diff --git a/charts/argo-workflows/ci/enable-artifact-repo-ref.yaml b/charts/argo-workflows/ci/enable-artifact-repo-ref.yaml new file mode 100644 index 000000000..54c6c5236 --- /dev/null +++ b/charts/argo-workflows/ci/enable-artifact-repo-ref.yaml @@ -0,0 +1,41 @@ +artifactRepositoryRef: + # 1st ConfigMap + artifact-repositories: + annotations: + workflows.argoproj.io/default-artifact-repository: default-v1-s3-artifact-repository + # 1st data + default-v1-s3-artifact-repository: + archiveLogs: true + s3: + bucket: my-bucket + endpoint: minio:9000 + insecure: true + accessKeySecret: + name: my-minio-cred + key: accesskey + secretKeySecret: + name: my-minio-cred + key: secretkey + # 2nd data + oss-artifact-repository: + archiveLogs: false + oss: + endpoint: http://oss-cn-zhangjiakou-internal.aliyuncs.com + bucket: $mybucket + accessKeySecret: + name: $mybucket-credentials + key: accessKey + secretKeySecret: + name: $mybucket-credentials + key: secretKey + # 2nd ConfigMap + another-artifact-repositories: + annotations: + workflows.argoproj.io/default-artifact-repository: gcs + gcs: + archiveLogs: false + bucket: my-bucket + keyFormat: prefix/in/bucket/{{workflow.name}}/{{pod.name}} + serviceAccountKeySecret: + name: my-gcs-credentials + key: serviceAccountKey diff --git a/charts/argo-workflows/templates/controller/artifact-repository-ref-cm.yaml b/charts/argo-workflows/templates/controller/artifact-repository-ref-cm.yaml new file mode 100644 index 000000000..ce7cd55b4 --- /dev/null +++ b/charts/argo-workflows/templates/controller/artifact-repository-ref-cm.yaml @@ -0,0 +1,19 @@ +{{- range $cm_name, $cm_val := .Values.artifactRepositoryRef }} +--- +apiVersion: v1 +kind: ConfigMap +metadata: + name: {{ $cm_name }} + namespace: {{ $.Release.Namespace | quote }} + labels: + {{- include "argo-workflows.labels" (dict "context" $ "component" $.Values.controller.name "name" $cm_name) | nindent 4 }} + {{- with $cm_val.annotations }} + annotations: + {{- toYaml . | nindent 4 }} + {{- end }} +data: + {{- range $data_key, $data_val := (omit $cm_val "annotations") }} + {{- $data_key | nindent 2 }}: | + {{- toYaml $data_val | nindent 4 }} + {{- end }} +{{- end }} diff --git a/charts/argo-workflows/values.yaml b/charts/argo-workflows/values.yaml index 21970f438..cd992c100 100644 --- a/charts/argo-workflows/values.yaml +++ b/charts/argo-workflows/values.yaml @@ -161,9 +161,13 @@ controller: # Only valid for 2.7+ ## See more: https://argoproj.github.io/argo-workflows/default-workflow-specs/ workflowDefaults: {} - # spec: - # ttlStrategy: - # secondsAfterCompletion: 84600 + # spec: + # ttlStrategy: + # secondsAfterCompletion: 84600 + # # Ref: https://argoproj.github.io/argo-workflows/artifact-repository-ref/ + # artifactRepositoryRef: + # configMap: my-artifact-repository # default is "artifact-repositories" + # key: v2-s3-artifact-repository # default can be set by the `workflows.argoproj.io/default-artifact-repository` annotation in config map. # -- Number of workflow workers workflowWorkers: # 32 @@ -770,6 +774,59 @@ customArtifactRepository: {} # name: artifactory-creds # key: password +# -- The section of [artifact repository ref](https://argoproj.github.io/argo-workflows/artifact-repository-ref/). +# Each map key is the name of configmap +# @default -- `{}` (See [values.yaml]) +artifactRepositoryRef: {} + # # -- 1st ConfigMap + # # If you want to use this config map by default, name it "artifact-repositories". + # # Otherwise, you can provide a reference to a + # # different config map in `artifactRepositoryRef.configMap`. + # artifact-repositories: + # # -- v3.0 and after - if you want to use a specific key, put that key into this annotation. + # annotations: + # workflows.argoproj.io/default-artifact-repository: default-v1-s3-artifact-repository + # # 1st data of configmap. See above artifactRepository or customArtifactRepository. + # default-v1-s3-artifact-repository: + # archiveLogs: false + # s3: + # bucket: my-bucket + # endpoint: minio:9000 + # insecure: true + # accessKeySecret: + # name: my-minio-cred + # key: accesskey + # secretKeySecret: + # name: my-minio-cred + # key: secretkey + # # 2nd data + # oss-artifact-repository: + # archiveLogs: false + # oss: + # endpoint: http://oss-cn-zhangjiakou-internal.aliyuncs.com + # bucket: $mybucket + # # accessKeySecret and secretKeySecret are secret selectors. + # # It references the k8s secret named 'bucket-workflow-artifect-credentials'. + # # This secret is expected to have have the keys 'accessKey' + # # and 'secretKey', containing the base64 encoded credentials + # # to the bucket. + # accessKeySecret: + # name: $mybucket-credentials + # key: accessKey + # secretKeySecret: + # name: $mybucket-credentials + # key: secretKey + # # 2nd ConfigMap + # another-artifact-repositories: + # annotations: + # workflows.argoproj.io/default-artifact-repository: gcs + # gcs: + # bucket: my-bucket + # keyFormat: prefix/in/bucket/{{workflow.name}}/{{pod.name}} + # serviceAccountKeySecret: + # name: my-gcs-credentials + # key: serviceAccountKey + emissary: # -- The command/args for each image on workflow, needed when the command is not specified and the emissary executor is used. ## See more: https://argoproj.github.io/argo-workflows/workflow-executors/#emissary-emissary From 2fb60497519698eda8f217bf9fd3534b85c1704e Mon Sep 17 00:00:00 2001 From: Amit Ben Ami Date: Tue, 11 Jul 2023 16:01:02 +0300 Subject: [PATCH 248/356] feat(argo-cd): adding annotations option for `Certificate` (#2156) * feat(certificate): adding annotations options for the `Certificate` resources Signed-off-by: Amit Ben Ami * feat: bumping the chart version Signed-off-by: Amit Ben Ami --------- Signed-off-by: Amit Ben Ami Co-authored-by: Marco Kilchhofer --- charts/argo-cd/Chart.yaml | 6 +++--- charts/argo-cd/README.md | 3 +++ .../templates/argocd-applicationset/certificate.yaml | 6 ++++++ charts/argo-cd/templates/argocd-server/certificate.yaml | 6 ++++++ charts/argo-cd/values.yaml | 7 +++++++ 5 files changed, 25 insertions(+), 3 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index 32e6dfa66..d0fcc0450 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -3,7 +3,7 @@ appVersion: v2.7.7 kubeVersion: ">=1.23.0-0" description: A Helm chart for Argo CD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 5.38.0 +version: 5.38.1 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png sources: @@ -26,5 +26,5 @@ annotations: fingerprint: 2B8F22F57260EFA67BE1C5824B11F800CD9D2252 url: https://argoproj.github.io/argo-helm/pgp_keys.asc artifacthub.io/changes: | - - kind: changed - description: Upgrade dexidp from v2.36.0 to v2.37.0 + - kind: added + description: Adding the option to set `annotations` for `Certificate` resources diff --git a/charts/argo-cd/README.md b/charts/argo-cd/README.md index 51db48705..048a62e9d 100644 --- a/charts/argo-cd/README.md +++ b/charts/argo-cd/README.md @@ -407,6 +407,7 @@ NAME: my-release | global.affinity.nodeAffinity.matchExpressions | list | `[]` | Default match expressions for node affinity | | global.affinity.nodeAffinity.type | string | `"hard"` | Default node affinity rules. Either: `none`, `soft` or `hard` | | global.affinity.podAntiAffinity | string | `"soft"` | Default pod anti-affinity rules. Either: `none`, `soft` or `hard` | +| global.certificateAnnotations | object | `{}` | Annotations for the all deployed Certificates | | global.deploymentAnnotations | object | `{}` | Annotations for the all deployed Deployments | | global.deploymentStrategy | object | `{}` | Deployment strategy for the all deployed Deployments | | global.env | list | `[]` | Environment variables to pass to all deployed Deployments | @@ -676,6 +677,7 @@ NAME: my-release | server.autoscaling.targetCPUUtilizationPercentage | int | `50` | Average CPU utilization percentage for the Argo CD server [HPA] | | server.autoscaling.targetMemoryUtilizationPercentage | int | `50` | Average memory utilization percentage for the Argo CD server [HPA] | | server.certificate.additionalHosts | list | `[]` | Certificate Subject Alternate Names (SANs) | +| server.certificate.annotations | object | `{}` | Annotations to be applied to the Server Certificate | | server.certificate.domain | string | `"argocd.example.com"` | Certificate primary domain (commonName) | | server.certificate.duration | string | `""` (defaults to 2160h = 90d if not specified) | The requested 'duration' (i.e. lifetime) of the certificate. | | server.certificate.enabled | bool | `false` | Deploy a Certificate resource (requires cert-manager) | @@ -1036,6 +1038,7 @@ If you want to use an existing Redis (eg. a managed service from a cloud provide | applicationSet.affinity | object | `{}` (defaults to global.affinity preset) | Assign custom [affinity] rules | | applicationSet.args | object | `{}` | DEPRECATED - ApplicationSet controller command line flags | | applicationSet.certificate.additionalHosts | list | `[]` | Certificate Subject Alternate Names (SANs) | +| applicationSet.certificate.annotations | object | `{}` | Annotations to be applied to the ApplicationSet Certificate | | applicationSet.certificate.domain | string | `"argocd.example.com"` | Certificate primary domain (commonName) | | applicationSet.certificate.duration | string | `""` (defaults to 2160h = 90d if not specified) | The requested 'duration' (i.e. lifetime) of the certificate. | | applicationSet.certificate.enabled | bool | `false` | Deploy a Certificate resource (requires cert-manager) | diff --git a/charts/argo-cd/templates/argocd-applicationset/certificate.yaml b/charts/argo-cd/templates/argocd-applicationset/certificate.yaml index 505a70fc8..f3b7d5d15 100644 --- a/charts/argo-cd/templates/argocd-applicationset/certificate.yaml +++ b/charts/argo-cd/templates/argocd-applicationset/certificate.yaml @@ -2,6 +2,12 @@ apiVersion: {{ include "argo-cd.apiVersion.cert-manager" . }} kind: Certificate metadata: + {{- with (mergeOverwrite (deepCopy .Values.global.certificateAnnotations) .Values.applicationSet.certificate.annotations) }} + annotations: + {{- range $key, $value := . }} + {{ $key }}: {{ $value | quote }} + {{- end }} + {{- end }} name: {{ template "argo-cd.applicationSet.fullname" . }} namespace: {{ .Release.Namespace | quote }} labels: diff --git a/charts/argo-cd/templates/argocd-server/certificate.yaml b/charts/argo-cd/templates/argocd-server/certificate.yaml index 1ec9bb028..716c38ea1 100644 --- a/charts/argo-cd/templates/argocd-server/certificate.yaml +++ b/charts/argo-cd/templates/argocd-server/certificate.yaml @@ -2,6 +2,12 @@ apiVersion: {{ include "argo-cd.apiVersion.cert-manager" . }} kind: Certificate metadata: + {{- with (mergeOverwrite (deepCopy .Values.global.certificateAnnotations) .Values.server.certificate.annotations) }} + annotations: + {{- range $key, $value := . }} + {{ $key }}: {{ $value | quote }} + {{- end }} + {{- end }} name: {{ include "argo-cd.server.fullname" . }} namespace: {{ .Release.Namespace | quote }} labels: diff --git a/charts/argo-cd/values.yaml b/charts/argo-cd/values.yaml index 08f3404a0..b6216977e 100644 --- a/charts/argo-cd/values.yaml +++ b/charts/argo-cd/values.yaml @@ -147,6 +147,9 @@ global: # -- Environment variables to pass to all deployed Deployments env: [] + # -- Annotations for the all deployed Certificates + certificateAnnotations: {} + ## Argo Configs configs: # General Argo CD configuration @@ -1743,6 +1746,8 @@ server: algorithm: RSA # -- Key bit size of the private key. If algorithm is set to `Ed25519`, size is ignored. size: 2048 + # -- Annotations to be applied to the Server Certificate + annotations: {} # -- Usages for the certificate ### Ref: https://cert-manager.io/docs/reference/api-docs/#cert-manager.io/v1.KeyUsage usages: [] @@ -2681,6 +2686,8 @@ applicationSet: algorithm: RSA # -- Key bit size of the private key. If algorithm is set to `Ed25519`, size is ignored. size: 2048 + # -- Annotations to be applied to the ApplicationSet Certificate + annotations: {} ## Notifications controller notifications: From 047ba6b24df9977ec773ca5cf0f00a70565e5c06 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Fabi=C3=A1n=20Sell=C3=A9s=20Rosa?= <1088313+Fsero@users.noreply.github.com> Date: Tue, 11 Jul 2023 17:39:35 +0200 Subject: [PATCH 249/356] feat(argocd-apps): add permitOnlyProjectScopedClusters flag (#2149) MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: Fabián Sellés Rosa <1088313+Fsero@users.noreply.github.com> --- charts/argocd-apps/Chart.yaml | 4 ++-- charts/argocd-apps/templates/projects.yaml | 3 +++ charts/argocd-apps/values.yaml | 1 + 3 files changed, 6 insertions(+), 2 deletions(-) diff --git a/charts/argocd-apps/Chart.yaml b/charts/argocd-apps/Chart.yaml index fc733b22f..8eeb0888c 100644 --- a/charts/argocd-apps/Chart.yaml +++ b/charts/argocd-apps/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v2 name: argocd-apps description: A Helm chart for managing additional Argo CD Applications and Projects type: application -version: 1.2.0 +version: 1.3.0 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png keywords: @@ -18,4 +18,4 @@ annotations: url: https://argoproj.github.io/argo-helm/pgp_keys.asc artifacthub.io/changes: | - kind: added - description: Rollout strategy for ApplicationSet + description: add permitOnlyProjectScopedClusters flag to Projects defaulting to false diff --git a/charts/argocd-apps/templates/projects.yaml b/charts/argocd-apps/templates/projects.yaml index f747d1b61..f4c273e8a 100644 --- a/charts/argocd-apps/templates/projects.yaml +++ b/charts/argocd-apps/templates/projects.yaml @@ -22,6 +22,9 @@ metadata: {{- toYaml . | nindent 4 }} {{- end }} spec: + {{- with .permitOnlyProjectScopedClusters }} + permitOnlyProjectScopedClusters: {{ . }} + {{- end }} description: {{ .description }} {{- with .sourceRepos }} sourceRepos: diff --git a/charts/argocd-apps/values.yaml b/charts/argocd-apps/values.yaml index 500849df7..0c329dfe3 100644 --- a/charts/argocd-apps/values.yaml +++ b/charts/argocd-apps/values.yaml @@ -48,6 +48,7 @@ projects: [] # namespace: argocd # additionalLabels: {} # additionalAnnotations: {} +# permitOnlyProjectScopedClusters: false # finalizers: # - resources-finalizer.argocd.argoproj.io # description: Example Project From 4d0a645607047a5bf84b36ae4f7c9f57bf179b27 Mon Sep 17 00:00:00 2001 From: Ilia Medvedev Date: Tue, 11 Jul 2023 19:32:35 +0300 Subject: [PATCH 250/356] shorten chart version --- charts/argo-cd/Chart.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index db894848d..1ef99b803 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -3,7 +3,7 @@ appVersion: v2.7.0-cap-CR-18361-custom-instance-label kubeVersion: ">=1.23.0-0" description: A Helm chart for Argo CD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 5.38.1-0-v2.7.0-cap-CR-18361-custom-instance-label +version: 5.38.1-1-cap-CR-18361 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png sources: From e15b7b70185f56ae98b372eca367b437d6feb271 Mon Sep 17 00:00:00 2001 From: Angelo Ross Date: Thu, 13 Jul 2023 11:05:13 -0300 Subject: [PATCH 251/356] feat(argo-cd): Allow configuring Dex's init image resources separately (#2161) Allow configuring Dex's init image resources separately Signed-off-by: Angelo Ross --- charts/argo-cd/Chart.yaml | 4 ++-- charts/argo-cd/README.md | 1 + charts/argo-cd/templates/dex/deployment.yaml | 2 +- charts/argo-cd/values.yaml | 9 +++++++++ 4 files changed, 13 insertions(+), 3 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index d0fcc0450..bd9a8de46 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -3,7 +3,7 @@ appVersion: v2.7.7 kubeVersion: ">=1.23.0-0" description: A Helm chart for Argo CD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 5.38.1 +version: 5.39.0 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png sources: @@ -27,4 +27,4 @@ annotations: url: https://argoproj.github.io/argo-helm/pgp_keys.asc artifacthub.io/changes: | - kind: added - description: Adding the option to set `annotations` for `Certificate` resources + description: Allow configuring Dex's init image resources separately diff --git a/charts/argo-cd/README.md b/charts/argo-cd/README.md index 048a62e9d..deaad2ba2 100644 --- a/charts/argo-cd/README.md +++ b/charts/argo-cd/README.md @@ -864,6 +864,7 @@ server: | dex.initContainers | list | `[]` | Init containers to add to the dex pod | | dex.initImage.imagePullPolicy | string | `""` (defaults to global.image.imagePullPolicy) | Argo CD init image imagePullPolicy | | dex.initImage.repository | string | `""` (defaults to global.image.repository) | Argo CD init image repository | +| dex.initImage.resources | object | `{}` (defaults to dex.resources) | Argo CD init image resources | | dex.initImage.tag | string | `""` (defaults to global.image.tag) | Argo CD init image tag | | dex.livenessProbe.enabled | bool | `false` | Enable Kubernetes liveness probe for Dex >= 2.28.0 | | dex.livenessProbe.failureThreshold | int | `3` | Minimum consecutive failures for the [probe] to be considered failed after having succeeded | diff --git a/charts/argo-cd/templates/dex/deployment.yaml b/charts/argo-cd/templates/dex/deployment.yaml index ce9741d2b..abca6e142 100755 --- a/charts/argo-cd/templates/dex/deployment.yaml +++ b/charts/argo-cd/templates/dex/deployment.yaml @@ -149,7 +149,7 @@ spec: - mountPath: /tmp name: dexconfig resources: - {{- toYaml .Values.dex.resources | nindent 10 }} + {{- toYaml (default .Values.dex.resources .Values.dex.initImage.resources) | nindent 10 }} {{- with .Values.dex.containerSecurityContext }} securityContext: {{- toYaml . | nindent 10 }} diff --git a/charts/argo-cd/values.yaml b/charts/argo-cd/values.yaml index b6216977e..83ecff3eb 100644 --- a/charts/argo-cd/values.yaml +++ b/charts/argo-cd/values.yaml @@ -951,6 +951,15 @@ dex: # -- Argo CD init image imagePullPolicy # @default -- `""` (defaults to global.image.imagePullPolicy) imagePullPolicy: "" + # -- Argo CD init image resources + # @default -- `{}` (defaults to dex.resources) + resources: {} + # requests: + # cpu: 5m + # memory: 96Mi + # limits: + # cpu: 10m + # memory: 144Mi # -- Environment variables to pass to the Dex server env: [] From a7b65a37f999dc4c647611f1311c55eee16318e8 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Mon, 17 Jul 2023 15:37:43 +0900 Subject: [PATCH 252/356] chore(deps): bump helm/kind-action from 1.7.0 to 1.8.0 (#2163) Bumps [helm/kind-action](https://github.com/helm/kind-action) from 1.7.0 to 1.8.0. - [Release notes](https://github.com/helm/kind-action/releases) - [Commits](https://github.com/helm/kind-action/compare/fa81e57adff234b2908110485695db0f181f3c67...dda0770415bac9fc20092cacbc54aa298604d140) --- updated-dependencies: - dependency-name: helm/kind-action dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> --- .github/workflows/lint-and-test.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/lint-and-test.yml b/.github/workflows/lint-and-test.yml index c96b4b85f..c7c22af1a 100644 --- a/.github/workflows/lint-and-test.yml +++ b/.github/workflows/lint-and-test.yml @@ -70,7 +70,7 @@ jobs: fi - name: Create kind cluster - uses: helm/kind-action@fa81e57adff234b2908110485695db0f181f3c67 # v1.7.0 + uses: helm/kind-action@dda0770415bac9fc20092cacbc54aa298604d140 # v1.8.0 if: steps.list-changed.outputs.changed == 'true' with: config: .github/configs/kind-config.yaml From 3821d6309fb480143b833f2a68034a51630ead9e Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Mon, 17 Jul 2023 15:39:22 +0900 Subject: [PATCH 253/356] chore(deps): bump actions/labeler from 4.2.0 to 4.3.0 (#2164) Bumps [actions/labeler](https://github.com/actions/labeler) from 4.2.0 to 4.3.0. - [Release notes](https://github.com/actions/labeler/releases) - [Commits](https://github.com/actions/labeler/compare/0967ca812e7fdc8f5f71402a1b486d5bd061fe20...ac9175f8a1f3625fd0d4fb234536d26811351594) --- updated-dependencies: - dependency-name: actions/labeler dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Aikawa --- .github/workflows/pr-sizing.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/pr-sizing.yml b/.github/workflows/pr-sizing.yml index 18a87c50e..d22ac7503 100644 --- a/.github/workflows/pr-sizing.yml +++ b/.github/workflows/pr-sizing.yml @@ -16,7 +16,7 @@ jobs: triage: runs-on: ubuntu-latest steps: - - uses: actions/labeler@0967ca812e7fdc8f5f71402a1b486d5bd061fe20 # v4.2.0 + - uses: actions/labeler@ac9175f8a1f3625fd0d4fb234536d26811351594 # v4.3.0 with: configuration-path: ".github/configs/labeler.yaml" repo-token: "${{ secrets.GITHUB_TOKEN }}" From 6dab4fa326a1beb1a468ac5d4eb69aabd0942587 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Mon, 17 Jul 2023 15:53:14 +0900 Subject: [PATCH 254/356] chore(deps): bump actions/setup-python from 4.6.1 to 4.7.0 (#2165) Bumps [actions/setup-python](https://github.com/actions/setup-python) from 4.6.1 to 4.7.0. - [Release notes](https://github.com/actions/setup-python/releases) - [Commits](https://github.com/actions/setup-python/compare/bd6b4b6205c4dbad673328db7b31b7fab9e241c0...61a6322f88396a6271a6ee3565807d608ecaddd1) --- updated-dependencies: - dependency-name: actions/setup-python dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Aikawa --- .github/workflows/lint-and-test.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/lint-and-test.yml b/.github/workflows/lint-and-test.yml index c7c22af1a..bd8d22554 100644 --- a/.github/workflows/lint-and-test.yml +++ b/.github/workflows/lint-and-test.yml @@ -32,7 +32,7 @@ jobs: version: v3.10.1 # Also update in publish.yaml - name: Set up python - uses: actions/setup-python@bd6b4b6205c4dbad673328db7b31b7fab9e241c0 # v4.6.1 + uses: actions/setup-python@61a6322f88396a6271a6ee3565807d608ecaddd1 # v4.7.0 with: python-version: 3.9 From e053486fab0d0363e631d0742779d0af79a97b15 Mon Sep 17 00:00:00 2001 From: Mathieu Parent Date: Mon, 17 Jul 2023 11:56:13 +0200 Subject: [PATCH 255/356] fix(argo-cd): Ensure `app.kubernetes.io/version` label is valid (#2148) Signed-off-by: Mathieu Parent --- charts/argo-cd/Chart.yaml | 6 +++--- charts/argo-cd/templates/_common.tpl | 9 ++++++++- 2 files changed, 11 insertions(+), 4 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index bd9a8de46..b87afdd3a 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -3,7 +3,7 @@ appVersion: v2.7.7 kubeVersion: ">=1.23.0-0" description: A Helm chart for Argo CD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 5.39.0 +version: 5.39.1 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png sources: @@ -26,5 +26,5 @@ annotations: fingerprint: 2B8F22F57260EFA67BE1C5824B11F800CD9D2252 url: https://argoproj.github.io/argo-helm/pgp_keys.asc artifacthub.io/changes: | - - kind: added - description: Allow configuring Dex's init image resources separately + - kind: fixed + description: Ensure `app.kubernetes.io/version` label is valid diff --git a/charts/argo-cd/templates/_common.tpl b/charts/argo-cd/templates/_common.tpl index f8c84c9c2..4173876c6 100644 --- a/charts/argo-cd/templates/_common.tpl +++ b/charts/argo-cd/templates/_common.tpl @@ -38,6 +38,13 @@ Create Argo CD app version {{- default .Chart.AppVersion .Values.global.image.tag }} {{- end -}} +{{/* +Return valid version label +*/}} +{{- define "argo-cd.versionLabelValue" -}} +{{ regexReplaceAll "[^-A-Za-z0-9_.]" (include "argo-cd.defaultTag" .) "-" | trunc 63 | trimAll "-" | trimAll "_" | trimAll "." | quote }} +{{- end -}} + {{/* Common labels */}} @@ -46,7 +53,7 @@ helm.sh/chart: {{ include "argo-cd.chart" .context }} {{ include "argo-cd.selectorLabels" (dict "context" .context "component" .component "name" .name) }} app.kubernetes.io/managed-by: {{ .context.Release.Service }} app.kubernetes.io/part-of: argocd -app.kubernetes.io/version: {{ include "argo-cd.defaultTag" .context }} +app.kubernetes.io/version: {{ include "argo-cd.versionLabelValue" .context }} {{- with .context.Values.global.additionalLabels }} {{ toYaml . }} {{- end }} From afccb2e5d469c61b327d6f47001297b5ba079422 Mon Sep 17 00:00:00 2001 From: Zach Swanson <1272954+zswanson@users.noreply.github.com> Date: Mon, 17 Jul 2023 08:20:47 -0400 Subject: [PATCH 256/356] feat(argo-cd): allow configurable hpa metrics (#2166) * allow configurable HPA metrics Signed-off-by: Zach Swanson * update docs Signed-off-by: Zach Swanson * Update chart version and changelog Signed-off-by: Zach Swanson Signed-off-by: Zach Swanson * Fix values/readme reference to repo server Signed-off-by: Zach Swanson --------- Signed-off-by: Zach Swanson Signed-off-by: Zach Swanson Signed-off-by: Zach Swanson <1272954+zswanson@users.noreply.github.com> --- charts/argo-cd/Chart.yaml | 6 +++--- charts/argo-cd/README.md | 2 ++ charts/argo-cd/templates/argocd-repo-server/hpa.yaml | 4 ++++ charts/argo-cd/templates/argocd-server/hpa.yaml | 4 ++++ charts/argo-cd/values.yaml | 6 ++++++ 5 files changed, 19 insertions(+), 3 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index b87afdd3a..3736bba15 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -3,7 +3,7 @@ appVersion: v2.7.7 kubeVersion: ">=1.23.0-0" description: A Helm chart for Argo CD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 5.39.1 +version: 5.40.0 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png sources: @@ -26,5 +26,5 @@ annotations: fingerprint: 2B8F22F57260EFA67BE1C5824B11F800CD9D2252 url: https://argoproj.github.io/argo-helm/pgp_keys.asc artifacthub.io/changes: | - - kind: fixed - description: Ensure `app.kubernetes.io/version` label is valid + - kind: changed + description: Allow configurable metrics in server and repoServer HPAs diff --git a/charts/argo-cd/README.md b/charts/argo-cd/README.md index deaad2ba2..863ae8bbe 100644 --- a/charts/argo-cd/README.md +++ b/charts/argo-cd/README.md @@ -576,6 +576,7 @@ NAME: my-release | repoServer.autoscaling.behavior | object | `{}` | Configures the scaling behavior of the target in both Up and Down directions. This is only available on HPA apiVersion `autoscaling/v2beta2` and newer | | repoServer.autoscaling.enabled | bool | `false` | Enable Horizontal Pod Autoscaler ([HPA]) for the repo server | | repoServer.autoscaling.maxReplicas | int | `5` | Maximum number of replicas for the repo server [HPA] | +| repoServer.autoscaling.metrics | list | `[]` | Configures custom HPA metrics for the Argo CD repo server Ref: https://kubernetes.io/docs/tasks/run-application/horizontal-pod-autoscale/ | | repoServer.autoscaling.minReplicas | int | `1` | Minimum number of replicas for the repo server [HPA] | | repoServer.autoscaling.targetCPUUtilizationPercentage | int | `50` | Average CPU utilization percentage for the repo server [HPA] | | repoServer.autoscaling.targetMemoryUtilizationPercentage | int | `50` | Average memory utilization percentage for the repo server [HPA] | @@ -673,6 +674,7 @@ NAME: my-release | server.autoscaling.behavior | object | `{}` | Configures the scaling behavior of the target in both Up and Down directions. This is only available on HPA apiVersion `autoscaling/v2beta2` and newer | | server.autoscaling.enabled | bool | `false` | Enable Horizontal Pod Autoscaler ([HPA]) for the Argo CD server | | server.autoscaling.maxReplicas | int | `5` | Maximum number of replicas for the Argo CD server [HPA] | +| server.autoscaling.metrics | list | `[]` | Configures custom HPA metrics for the Argo CD server Ref: https://kubernetes.io/docs/tasks/run-application/horizontal-pod-autoscale/ | | server.autoscaling.minReplicas | int | `1` | Minimum number of replicas for the Argo CD server [HPA] | | server.autoscaling.targetCPUUtilizationPercentage | int | `50` | Average CPU utilization percentage for the Argo CD server [HPA] | | server.autoscaling.targetMemoryUtilizationPercentage | int | `50` | Average memory utilization percentage for the Argo CD server [HPA] | diff --git a/charts/argo-cd/templates/argocd-repo-server/hpa.yaml b/charts/argo-cd/templates/argocd-repo-server/hpa.yaml index 2cba83248..ef3d5e80b 100644 --- a/charts/argo-cd/templates/argocd-repo-server/hpa.yaml +++ b/charts/argo-cd/templates/argocd-repo-server/hpa.yaml @@ -14,6 +14,9 @@ spec: minReplicas: {{ .Values.repoServer.autoscaling.minReplicas }} maxReplicas: {{ .Values.repoServer.autoscaling.maxReplicas }} metrics: + {{- if .Values.repoServer.autoscaling.metrics }} + {{- toYaml .Values.repoServer.autoscaling.metrics | nindent 4 }} + {{- else }} {{- with .Values.repoServer.autoscaling.targetMemoryUtilizationPercentage }} - type: Resource resource: @@ -38,6 +41,7 @@ spec: type: Utilization {{- end }} {{- end }} + {{- end }} {{- with .Values.repoServer.autoscaling.behavior }} behavior: {{- toYaml . | nindent 4 }} diff --git a/charts/argo-cd/templates/argocd-server/hpa.yaml b/charts/argo-cd/templates/argocd-server/hpa.yaml index cbc17c319..c19b89433 100644 --- a/charts/argo-cd/templates/argocd-server/hpa.yaml +++ b/charts/argo-cd/templates/argocd-server/hpa.yaml @@ -14,6 +14,9 @@ spec: minReplicas: {{ .Values.server.autoscaling.minReplicas }} maxReplicas: {{ .Values.server.autoscaling.maxReplicas }} metrics: + {{- if .Values.server.autoscaling.metrics }} + {{ toYaml .Values.server.autoscaling.metrics | nindent 4 }} + {{- else }} {{- with .Values.server.autoscaling.targetMemoryUtilizationPercentage }} - type: Resource resource: @@ -38,6 +41,7 @@ spec: type: Utilization {{- end }} {{- end }} + {{- end}} {{- with .Values.server.autoscaling.behavior }} behavior: {{- toYaml . | nindent 4 }} diff --git a/charts/argo-cd/values.yaml b/charts/argo-cd/values.yaml index 83ecff3eb..38f9b2d7f 100644 --- a/charts/argo-cd/values.yaml +++ b/charts/argo-cd/values.yaml @@ -1476,6 +1476,9 @@ server: # - type: Pods # value: 2 # periodSeconds: 60 + # -- Configures custom HPA metrics for the Argo CD server + # Ref: https://kubernetes.io/docs/tasks/run-application/horizontal-pod-autoscale/ + metrics: [] ## Argo CD server Pod Disruption Budget ## Ref: https://kubernetes.io/docs/tasks/run-application/configure-pdb/ @@ -2043,6 +2046,9 @@ repoServer: # - type: Pods # value: 2 # periodSeconds: 60 + # -- Configures custom HPA metrics for the Argo CD repo server + # Ref: https://kubernetes.io/docs/tasks/run-application/horizontal-pod-autoscale/ + metrics: [] ## Repo server Pod Disruption Budget ## Ref: https://kubernetes.io/docs/tasks/run-application/configure-pdb/ From c2f813ec6241b016a6907238c87eadf8a9feb505 Mon Sep 17 00:00:00 2001 From: Alex Souslik Date: Tue, 18 Jul 2023 09:51:14 +0300 Subject: [PATCH 257/356] feat(argo-cd): make ServiceMonitor deployment conditional on CRD existence (#2154) * made ServiceMonitor deployment conditional on CRD existence Signed-off-by: alex-souslik-hs * remove non ArgoCD changes Signed-off-by: alex-souslik-hs * add newline Signed-off-by: Alex Souslik * Change chage description Signed-off-by: Alex Souslik * Update charts/argo-cd/Chart.yaml Co-authored-by: Marco Kilchhofer Signed-off-by: Alex Souslik --------- Signed-off-by: alex-souslik-hs Signed-off-by: Alex Souslik Co-authored-by: Marco Kilchhofer --- charts/argo-cd/Chart.yaml | 4 ++-- .../argocd-application-controller/servicemonitor.yaml | 2 +- .../templates/argocd-applicationset/servicemonitor.yaml | 2 +- .../templates/argocd-notifications/servicemonitor.yaml | 2 +- .../argo-cd/templates/argocd-repo-server/servicemonitor.yaml | 2 +- charts/argo-cd/templates/argocd-server/servicemonitor.yaml | 2 +- charts/argo-cd/templates/dex/servicemonitor.yaml | 2 +- charts/argo-cd/templates/redis/servicemonitor.yaml | 2 +- 8 files changed, 9 insertions(+), 9 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index 3736bba15..1b8a0ae18 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -3,7 +3,7 @@ appVersion: v2.7.7 kubeVersion: ">=1.23.0-0" description: A Helm chart for Argo CD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 5.40.0 +version: 5.41.0 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png sources: @@ -27,4 +27,4 @@ annotations: url: https://argoproj.github.io/argo-helm/pgp_keys.asc artifacthub.io/changes: | - kind: changed - description: Allow configurable metrics in server and repoServer HPAs + description: Make ServiceMonitor deployment conditional on CRD existence diff --git a/charts/argo-cd/templates/argocd-application-controller/servicemonitor.yaml b/charts/argo-cd/templates/argocd-application-controller/servicemonitor.yaml index 10ba77678..3ce0c10da 100644 --- a/charts/argo-cd/templates/argocd-application-controller/servicemonitor.yaml +++ b/charts/argo-cd/templates/argocd-application-controller/servicemonitor.yaml @@ -1,4 +1,4 @@ -{{- if and .Values.controller.metrics.enabled .Values.controller.metrics.serviceMonitor.enabled }} +{{- if and (.Capabilities.APIVersions.Has "monitoring.coreos.com/v1") .Values.controller.metrics.enabled .Values.controller.metrics.serviceMonitor.enabled }} apiVersion: monitoring.coreos.com/v1 kind: ServiceMonitor metadata: diff --git a/charts/argo-cd/templates/argocd-applicationset/servicemonitor.yaml b/charts/argo-cd/templates/argocd-applicationset/servicemonitor.yaml index bb814a254..b3554675a 100644 --- a/charts/argo-cd/templates/argocd-applicationset/servicemonitor.yaml +++ b/charts/argo-cd/templates/argocd-applicationset/servicemonitor.yaml @@ -1,5 +1,5 @@ {{- if .Values.applicationSet.enabled }} -{{- if and .Values.applicationSet.metrics.enabled .Values.applicationSet.metrics.serviceMonitor.enabled }} +{{- if and (.Capabilities.APIVersions.Has "monitoring.coreos.com/v1") .Values.applicationSet.metrics.enabled .Values.applicationSet.metrics.serviceMonitor.enabled }} apiVersion: monitoring.coreos.com/v1 kind: ServiceMonitor metadata: diff --git a/charts/argo-cd/templates/argocd-notifications/servicemonitor.yaml b/charts/argo-cd/templates/argocd-notifications/servicemonitor.yaml index de3cc5a35..18849886b 100644 --- a/charts/argo-cd/templates/argocd-notifications/servicemonitor.yaml +++ b/charts/argo-cd/templates/argocd-notifications/servicemonitor.yaml @@ -1,4 +1,4 @@ -{{- if and .Values.notifications.enabled .Values.notifications.metrics.enabled .Values.notifications.metrics.serviceMonitor.enabled }} +{{- if and (.Capabilities.APIVersions.Has "monitoring.coreos.com/v1") .Values.notifications.enabled .Values.notifications.metrics.enabled .Values.notifications.metrics.serviceMonitor.enabled }} apiVersion: monitoring.coreos.com/v1 kind: ServiceMonitor metadata: diff --git a/charts/argo-cd/templates/argocd-repo-server/servicemonitor.yaml b/charts/argo-cd/templates/argocd-repo-server/servicemonitor.yaml index aec96461c..c41520b72 100644 --- a/charts/argo-cd/templates/argocd-repo-server/servicemonitor.yaml +++ b/charts/argo-cd/templates/argocd-repo-server/servicemonitor.yaml @@ -1,4 +1,4 @@ -{{- if and .Values.repoServer.metrics.enabled .Values.repoServer.metrics.serviceMonitor.enabled }} +{{- if and (.Capabilities.APIVersions.Has "monitoring.coreos.com/v1") .Values.repoServer.metrics.enabled .Values.repoServer.metrics.serviceMonitor.enabled }} apiVersion: monitoring.coreos.com/v1 kind: ServiceMonitor metadata: diff --git a/charts/argo-cd/templates/argocd-server/servicemonitor.yaml b/charts/argo-cd/templates/argocd-server/servicemonitor.yaml index 65d102e3b..f876a1a18 100644 --- a/charts/argo-cd/templates/argocd-server/servicemonitor.yaml +++ b/charts/argo-cd/templates/argocd-server/servicemonitor.yaml @@ -1,4 +1,4 @@ -{{- if and .Values.server.metrics.enabled .Values.server.metrics.serviceMonitor.enabled }} +{{- if and (.Capabilities.APIVersions.Has "monitoring.coreos.com/v1") .Values.server.metrics.enabled .Values.server.metrics.serviceMonitor.enabled }} apiVersion: monitoring.coreos.com/v1 kind: ServiceMonitor metadata: diff --git a/charts/argo-cd/templates/dex/servicemonitor.yaml b/charts/argo-cd/templates/dex/servicemonitor.yaml index 21d12be25..00f2a238d 100644 --- a/charts/argo-cd/templates/dex/servicemonitor.yaml +++ b/charts/argo-cd/templates/dex/servicemonitor.yaml @@ -1,4 +1,4 @@ -{{- if and .Values.dex.metrics.enabled .Values.dex.metrics.serviceMonitor.enabled }} +{{- if and (.Capabilities.APIVersions.Has "monitoring.coreos.com/v1") .Values.dex.metrics.enabled .Values.dex.metrics.serviceMonitor.enabled }} apiVersion: monitoring.coreos.com/v1 kind: ServiceMonitor metadata: diff --git a/charts/argo-cd/templates/redis/servicemonitor.yaml b/charts/argo-cd/templates/redis/servicemonitor.yaml index 46a7e32ca..6f036a804 100644 --- a/charts/argo-cd/templates/redis/servicemonitor.yaml +++ b/charts/argo-cd/templates/redis/servicemonitor.yaml @@ -1,5 +1,5 @@ {{- $redisHa := (index .Values "redis-ha") -}} -{{- if and .Values.redis.enabled (not $redisHa.enabled) .Values.redis.metrics.enabled .Values.redis.metrics.serviceMonitor.enabled -}} +{{- if and (.Capabilities.APIVersions.Has "monitoring.coreos.com/v1") .Values.redis.enabled (not $redisHa.enabled) .Values.redis.metrics.enabled .Values.redis.metrics.serviceMonitor.enabled -}} apiVersion: monitoring.coreos.com/v1 kind: ServiceMonitor metadata: From 5f46ee820fd19e0b24c50f71aa9169be59192eac Mon Sep 17 00:00:00 2001 From: smcavallo Date: Wed, 19 Jul 2023 18:26:08 -0400 Subject: [PATCH 258/356] feat(argo-cd): Upgrade argocd to v2.7.8 (#2173) Signed-off-by: smcavallo --- charts/argo-cd/Chart.yaml | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index 1b8a0ae18..72c178b1b 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -1,9 +1,9 @@ apiVersion: v2 -appVersion: v2.7.7 +appVersion: v2.7.8 kubeVersion: ">=1.23.0-0" description: A Helm chart for Argo CD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 5.41.0 +version: 5.41.1 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png sources: @@ -27,4 +27,4 @@ annotations: url: https://argoproj.github.io/argo-helm/pgp_keys.asc artifacthub.io/changes: | - kind: changed - description: Make ServiceMonitor deployment conditional on CRD existence + description: Update to app version 2.7.8 From 000d8c71285f60c7fccc8e40bfab805da7dddebb Mon Sep 17 00:00:00 2001 From: Takuma Kume Date: Fri, 21 Jul 2023 02:26:23 +0900 Subject: [PATCH 259/356] feat(argo-rollouts): Upgrade Argo Rollouts to v1.5.1 (#2174) --- charts/argo-rollouts/Chart.yaml | 8 ++++---- charts/argo-rollouts/templates/crds/rollout-crd.yaml | 3 --- 2 files changed, 4 insertions(+), 7 deletions(-) diff --git a/charts/argo-rollouts/Chart.yaml b/charts/argo-rollouts/Chart.yaml index 671754697..62ab9f05c 100644 --- a/charts/argo-rollouts/Chart.yaml +++ b/charts/argo-rollouts/Chart.yaml @@ -1,8 +1,8 @@ apiVersion: v2 -appVersion: v1.5.0 +appVersion: v1.5.1 description: A Helm chart for Argo Rollouts name: argo-rollouts -version: 2.31.0 +version: 2.31.1 home: https://github.com/argoproj/argo-helm icon: https://argoproj.github.io/argo-rollouts/assets/logo.png keywords: @@ -18,5 +18,5 @@ annotations: fingerprint: 2B8F22F57260EFA67BE1C5824B11F800CD9D2252 url: https://argoproj.github.io/argo-helm/pgp_keys.asc artifacthub.io/changes: | - - kind: added - description: Support Traffic Router Plugins + - kind: changed + description: Update to app version 1.5.1 diff --git a/charts/argo-rollouts/templates/crds/rollout-crd.yaml b/charts/argo-rollouts/templates/crds/rollout-crd.yaml index 0fafbab35..45f59ee0c 100644 --- a/charts/argo-rollouts/templates/crds/rollout-crd.yaml +++ b/charts/argo-rollouts/templates/crds/rollout-crd.yaml @@ -3328,7 +3328,6 @@ spec: type: string required: - arn - - fullName - name type: object loadBalancer: @@ -3341,7 +3340,6 @@ spec: type: string required: - arn - - fullName - name type: object stableTargetGroup: @@ -3354,7 +3352,6 @@ spec: type: string required: - arn - - fullName - name type: object type: object From 137bb9e177f85f63a8c1214c17ec82830f069760 Mon Sep 17 00:00:00 2001 From: Jason Meridth Date: Thu, 20 Jul 2023 18:19:59 -0500 Subject: [PATCH 260/356] chore(argo-workflows): Upgrade to 3.4.9 (#2175) chore(argo-workflow): Upgrade to 3.4.9 - [ ] update CRD changes Signed-off-by: jmeridth --- charts/argo-workflows/Chart.yaml | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/charts/argo-workflows/Chart.yaml b/charts/argo-workflows/Chart.yaml index ade0d8b5d..96912cf20 100644 --- a/charts/argo-workflows/Chart.yaml +++ b/charts/argo-workflows/Chart.yaml @@ -1,9 +1,9 @@ apiVersion: v2 -appVersion: v3.4.8 +appVersion: v3.4.9 name: argo-workflows description: A Helm chart for Argo Workflows type: application -version: 0.31.0 +version: 0.32.0 icon: https://argoproj.github.io/argo-workflows/assets/logo.png home: https://github.com/argoproj/argo-helm sources: @@ -16,5 +16,5 @@ annotations: fingerprint: 2B8F22F57260EFA67BE1C5824B11F800CD9D2252 url: https://argoproj.github.io/argo-helm/pgp_keys.asc artifacthub.io/changes: | - - kind: added - description: Add support for artifactRepositoryRef + - kind: changed + description: Upgrade to Argo Workflows v3.4.9 From 83e5d83492f18c301fe62eebb56e6db98757cabb Mon Sep 17 00:00:00 2001 From: Mathieu Parent Date: Sat, 22 Jul 2023 15:46:38 +0200 Subject: [PATCH 261/356] feat(argocd-apps): syncOptions for applications (#2176) Signed-off-by: Mathieu Parent Co-authored-by: Aikawa --- charts/argocd-apps/Chart.yaml | 4 ++-- charts/argocd-apps/templates/applications.yaml | 4 ++++ charts/argocd-apps/values.yaml | 2 ++ 3 files changed, 8 insertions(+), 2 deletions(-) diff --git a/charts/argocd-apps/Chart.yaml b/charts/argocd-apps/Chart.yaml index 8eeb0888c..cc690f7f2 100644 --- a/charts/argocd-apps/Chart.yaml +++ b/charts/argocd-apps/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v2 name: argocd-apps description: A Helm chart for managing additional Argo CD Applications and Projects type: application -version: 1.3.0 +version: 1.4.0 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png keywords: @@ -18,4 +18,4 @@ annotations: url: https://argoproj.github.io/argo-helm/pgp_keys.asc artifacthub.io/changes: | - kind: added - description: add permitOnlyProjectScopedClusters flag to Projects defaulting to false + description: syncOptions for applications diff --git a/charts/argocd-apps/templates/applications.yaml b/charts/argocd-apps/templates/applications.yaml index df0ea5eb8..0cf3420bd 100644 --- a/charts/argocd-apps/templates/applications.yaml +++ b/charts/argocd-apps/templates/applications.yaml @@ -37,6 +37,10 @@ spec: syncPolicy: {{- toYaml . | nindent 4 }} {{- end }} + {{- with .syncOptions }} + syncOptions: + {{- toYaml . | nindent 4 }} + {{- end }} {{- with .revisionHistoryLimit }} revisionHistoryLimit: {{ . }} {{- end }} diff --git a/charts/argocd-apps/values.yaml b/charts/argocd-apps/values.yaml index 0c329dfe3..9311a44c6 100644 --- a/charts/argocd-apps/values.yaml +++ b/charts/argocd-apps/values.yaml @@ -30,6 +30,8 @@ applications: [] # automated: # prune: false # selfHeal: false +# syncOptions: +# - CreateNamespace=true # revisionHistoryLimit: null # ignoreDifferences: # - group: apps From 0453552b320712d20be65d9ba3f56644842dd84c Mon Sep 17 00:00:00 2001 From: Aikawa Date: Sun, 23 Jul 2023 13:25:51 +0900 Subject: [PATCH 262/356] fix(argocd-apps): fix indent of syncOptions (#2181) --- charts/argocd-apps/Chart.yaml | 4 ++-- charts/argocd-apps/ci/applications-values.yaml | 2 ++ charts/argocd-apps/templates/applications.yaml | 4 ---- charts/argocd-apps/values.yaml | 4 ++-- 4 files changed, 6 insertions(+), 8 deletions(-) diff --git a/charts/argocd-apps/Chart.yaml b/charts/argocd-apps/Chart.yaml index cc690f7f2..5494db993 100644 --- a/charts/argocd-apps/Chart.yaml +++ b/charts/argocd-apps/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v2 name: argocd-apps description: A Helm chart for managing additional Argo CD Applications and Projects type: application -version: 1.4.0 +version: 1.4.1 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png keywords: @@ -17,5 +17,5 @@ annotations: fingerprint: 2B8F22F57260EFA67BE1C5824B11F800CD9D2252 url: https://argoproj.github.io/argo-helm/pgp_keys.asc artifacthub.io/changes: | - - kind: added + - kind: fixed description: syncOptions for applications diff --git a/charts/argocd-apps/ci/applications-values.yaml b/charts/argocd-apps/ci/applications-values.yaml index 9d8b21bfb..28a627ff0 100644 --- a/charts/argocd-apps/ci/applications-values.yaml +++ b/charts/argocd-apps/ci/applications-values.yaml @@ -20,6 +20,8 @@ applications: automated: prune: false selfHeal: false + syncOptions: + - ApplyOutOfSyncOnly=true revisionHistoryLimit: null ignoreDifferences: - group: apps diff --git a/charts/argocd-apps/templates/applications.yaml b/charts/argocd-apps/templates/applications.yaml index 0cf3420bd..df0ea5eb8 100644 --- a/charts/argocd-apps/templates/applications.yaml +++ b/charts/argocd-apps/templates/applications.yaml @@ -37,10 +37,6 @@ spec: syncPolicy: {{- toYaml . | nindent 4 }} {{- end }} - {{- with .syncOptions }} - syncOptions: - {{- toYaml . | nindent 4 }} - {{- end }} {{- with .revisionHistoryLimit }} revisionHistoryLimit: {{ . }} {{- end }} diff --git a/charts/argocd-apps/values.yaml b/charts/argocd-apps/values.yaml index 9311a44c6..a79963692 100644 --- a/charts/argocd-apps/values.yaml +++ b/charts/argocd-apps/values.yaml @@ -30,8 +30,8 @@ applications: [] # automated: # prune: false # selfHeal: false -# syncOptions: -# - CreateNamespace=true +# syncOptions: +# - CreateNamespace=true # revisionHistoryLimit: null # ignoreDifferences: # - group: apps From f2da20bb753a7d9f28157f0ba39d6db62922431e Mon Sep 17 00:00:00 2001 From: Anton Gilgur <4970083+agilgur5@users.noreply.github.com> Date: Sun, 23 Jul 2023 19:48:47 -0400 Subject: [PATCH 263/356] chore(github): use table for Emeritus (#2182) - to matches how `argoproj` lists Alumni (https://github.com/argoproj/argoproj/blob/6011d3e17300d4b642a1ab5bdb3551c5f6da9021/MAINTAINERS.md?plain=1#L11) - though it has more details including role and affiliation. could do that here too, but I don't know what all those are, so left those columns out - fortunately everyone's name was listed on their profile, so just copy+paste those! - confirmed that all links work Signed-off-by: Anton Gilgur --- EMERITUS.md | 14 ++++++++------ 1 file changed, 8 insertions(+), 6 deletions(-) diff --git a/EMERITUS.md b/EMERITUS.md index 2c2996902..c0ff96740 100644 --- a/EMERITUS.md +++ b/EMERITUS.md @@ -4,9 +4,11 @@ These are the people who have been approvers in the past, and have since retired We thank them for their service to the project. -* @oliverbaehler -* @stefansedich -* @paguos -* @yann-soubeyrand -* @davidkarlsen -* @jbehling +| Emeritus | GitHub ID | +| -------- | --------- | +| Oliver Bähler | [oliverbaehler](https://github.com/oliverbaehler) | +| Stefan Sedich | [stefansedich](https://github.com/stefansedich) | +| Pablo Osinaga | [paguos](https://github.com/paguos) | +| Yann Soubeyrand | [yann-soubeyrand](https://github.com/yann-soubeyrand) | +| David J. M. Karlsen | [davidkarlsen](https://github.com/davidkarlsen) | +| John Behling | [jbehling](https://github.com/jbehling) | From 5f1d08de0b0f10a650d09609abf17b22816430d5 Mon Sep 17 00:00:00 2001 From: Artur Date: Tue, 25 Jul 2023 03:22:46 +0300 Subject: [PATCH 264/356] fix(argo-rollouts): Use annotation cont metrics (#2184) * fix(argo-rollouts): Use annotation cont metrics Signed-off-by: Artur Mudrykh * fix(argo-rollouts): add changes and bump version Signed-off-by: Artur Mudrykh * fix chart.yaml Signed-off-by: Artur Mudrykh --------- Signed-off-by: Artur Mudrykh Co-authored-by: Artur Mudrykh --- charts/argo-rollouts/Chart.yaml | 6 +++--- charts/argo-rollouts/README.md | 1 + .../argo-rollouts/templates/controller/metrics-service.yaml | 5 ++++- charts/argo-rollouts/values.yaml | 2 ++ 4 files changed, 10 insertions(+), 4 deletions(-) diff --git a/charts/argo-rollouts/Chart.yaml b/charts/argo-rollouts/Chart.yaml index 62ab9f05c..c073adcb6 100644 --- a/charts/argo-rollouts/Chart.yaml +++ b/charts/argo-rollouts/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v2 appVersion: v1.5.1 description: A Helm chart for Argo Rollouts name: argo-rollouts -version: 2.31.1 +version: 2.31.2 home: https://github.com/argoproj/argo-helm icon: https://argoproj.github.io/argo-rollouts/assets/logo.png keywords: @@ -18,5 +18,5 @@ annotations: fingerprint: 2B8F22F57260EFA67BE1C5824B11F800CD9D2252 url: https://argoproj.github.io/argo-helm/pgp_keys.asc artifacthub.io/changes: | - - kind: changed - description: Update to app version 1.5.1 + - kind: fixed + description: Fix use prometheus metrics service diff --git a/charts/argo-rollouts/README.md b/charts/argo-rollouts/README.md index 5add40c3e..4e0287795 100644 --- a/charts/argo-rollouts/README.md +++ b/charts/argo-rollouts/README.md @@ -91,6 +91,7 @@ For full list of changes please check ArtifactHub [changelog]. | controller.livenessProbe | object | See [values.yaml] | Configure liveness [probe] for the controller | | controller.metricProviderPlugins | object | `{}` | Configures 3rd party metric providers for controller | | controller.metrics.enabled | bool | `false` | Deploy metrics service | +| controller.metrics.service.annotations | object | `{}` | Service annotations | | controller.metrics.service.port | int | `8090` | Metrics service port | | controller.metrics.service.portName | string | `"metrics"` | Metrics service port name | | controller.metrics.serviceMonitor.additionalAnnotations | object | `{}` | Annotations to be added to the ServiceMonitor | diff --git a/charts/argo-rollouts/templates/controller/metrics-service.yaml b/charts/argo-rollouts/templates/controller/metrics-service.yaml index e04d326a8..671a08374 100644 --- a/charts/argo-rollouts/templates/controller/metrics-service.yaml +++ b/charts/argo-rollouts/templates/controller/metrics-service.yaml @@ -7,8 +7,11 @@ metadata: labels: app.kubernetes.io/component: {{ .Values.controller.component }} {{- include "argo-rollouts.labels" . | nindent 4 }} - {{- with .Values.serviceAnnotations }} annotations: + {{- with .Values.serviceAnnotations }} + {{- toYaml . | nindent 4 }} + {{- end }} + {{- with .Values.controller.metrics.service.annotations }} {{- toYaml . | nindent 4 }} {{- end }} spec: diff --git a/charts/argo-rollouts/values.yaml b/charts/argo-rollouts/values.yaml index b81ee53a9..f9d8e1cfe 100644 --- a/charts/argo-rollouts/values.yaml +++ b/charts/argo-rollouts/values.yaml @@ -127,6 +127,8 @@ controller: portName: metrics # -- Metrics service port port: 8090 + # -- Service annotations + annotations: {} serviceMonitor: # -- Enable a prometheus ServiceMonitor enabled: false From 278a32671bebe8ea503b7d73619b3cdf389105a2 Mon Sep 17 00:00:00 2001 From: Venkata Mutyala Date: Mon, 24 Jul 2023 19:09:41 -0700 Subject: [PATCH 265/356] chore(argo-cd): Upgrade Argo CD to v2.7.9 (#2186) feat(argo-cd): Upgrade argocd to v2.7.9 Signed-off-by: Venkata Mutyala --- charts/argo-cd/Chart.yaml | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index 72c178b1b..79b9fb030 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -1,9 +1,9 @@ apiVersion: v2 -appVersion: v2.7.8 +appVersion: v2.7.9 kubeVersion: ">=1.23.0-0" description: A Helm chart for Argo CD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 5.41.1 +version: 5.41.2 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png sources: @@ -27,4 +27,4 @@ annotations: url: https://argoproj.github.io/argo-helm/pgp_keys.asc artifacthub.io/changes: | - kind: changed - description: Update to app version 2.7.8 + description: Update to app version v2.7.9 From 98da71eb87def0ea9cb57dfe86e17c6256407cd0 Mon Sep 17 00:00:00 2001 From: Andy Cobaugh Date: Thu, 27 Jul 2023 09:57:46 -0400 Subject: [PATCH 266/356] feat(argo-workflows): allow setting executor args (#2177) --- charts/argo-workflows/Chart.yaml | 6 +++--- charts/argo-workflows/README.md | 1 + .../controller/workflow-controller-config-map.yaml | 5 ++++- charts/argo-workflows/values.yaml | 2 ++ 4 files changed, 10 insertions(+), 4 deletions(-) diff --git a/charts/argo-workflows/Chart.yaml b/charts/argo-workflows/Chart.yaml index 96912cf20..681b73b9f 100644 --- a/charts/argo-workflows/Chart.yaml +++ b/charts/argo-workflows/Chart.yaml @@ -3,7 +3,7 @@ appVersion: v3.4.9 name: argo-workflows description: A Helm chart for Argo Workflows type: application -version: 0.32.0 +version: 0.32.1 icon: https://argoproj.github.io/argo-workflows/assets/logo.png home: https://github.com/argoproj/argo-helm sources: @@ -16,5 +16,5 @@ annotations: fingerprint: 2B8F22F57260EFA67BE1C5824B11F800CD9D2252 url: https://argoproj.github.io/argo-helm/pgp_keys.asc artifacthub.io/changes: | - - kind: changed - description: Upgrade to Argo Workflows v3.4.9 + - kind: added + description: Add support for executor args diff --git a/charts/argo-workflows/README.md b/charts/argo-workflows/README.md index b445df25a..eb57fe448 100644 --- a/charts/argo-workflows/README.md +++ b/charts/argo-workflows/README.md @@ -230,6 +230,7 @@ Fields to note: | Key | Type | Default | Description | |-----|------|---------|-------------| +| executor.args | list | `[]` | Passes arguments to the executor processes | | executor.env | list | `[]` | Adds environment variables for the executor. | | executor.image.pullPolicy | string | `""` | Image PullPolicy to use for the Workflow Executors. Defaults to `.Values.images.pullPolicy`. | | executor.image.registry | string | `"quay.io"` | Registry to use for the Workflow Executors | diff --git a/charts/argo-workflows/templates/controller/workflow-controller-config-map.yaml b/charts/argo-workflows/templates/controller/workflow-controller-config-map.yaml index 680b436fc..d4728a30f 100644 --- a/charts/argo-workflows/templates/controller/workflow-controller-config-map.yaml +++ b/charts/argo-workflows/templates/controller/workflow-controller-config-map.yaml @@ -42,12 +42,15 @@ data: securityContext: {{- toYaml . | nindent 8 }} {{- end }} {{- end }} - {{- if or .Values.executor.resources .Values.executor.env .Values.executor.securityContext}} + {{- if or .Values.executor.resources .Values.executor.env .Values.executor.args .Values.executor.securityContext}} executor: imagePullPolicy: {{ default (.Values.images.pullPolicy) .Values.executor.image.pullPolicy }} {{- with .Values.executor.resources }} resources: {{- toYaml . | nindent 8 }} {{- end }} + {{- with .Values.executor.args }} + args: {{- toYaml . | nindent 8 }} + {{- end }} {{- with .Values.executor.env }} env: {{- toYaml . | nindent 8 }} {{- end }} diff --git a/charts/argo-workflows/values.yaml b/charts/argo-workflows/values.yaml index cd992c100..bfc3ce3f5 100644 --- a/charts/argo-workflows/values.yaml +++ b/charts/argo-workflows/values.yaml @@ -382,6 +382,8 @@ executor: pullPolicy: "" # -- Resource limits and requests for the Workflow Executors resources: {} + # -- Passes arguments to the executor processes + args: [] # -- Adds environment variables for the executor. env: [] # -- sets security context for the executor container From c358b5e71f8a9259d937c9bb1a6a34c9f1f478d8 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?carlos=20gonz=C3=A1lez?= Date: Thu, 27 Jul 2023 23:44:15 +0200 Subject: [PATCH 267/356] feat(argo-cd): add labels to notifications secret (#2191) (#2192) MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: carlos gonzález --- charts/argo-cd/Chart.yaml | 6 +++--- charts/argo-cd/README.md | 1 + .../argocd-configs/argocd-notifications-secret.yaml | 3 +++ charts/argo-cd/values.yaml | 3 +++ 4 files changed, 10 insertions(+), 3 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index 79b9fb030..bb9181780 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -3,7 +3,7 @@ appVersion: v2.7.9 kubeVersion: ">=1.23.0-0" description: A Helm chart for Argo CD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 5.41.2 +version: 5.42.0 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png sources: @@ -26,5 +26,5 @@ annotations: fingerprint: 2B8F22F57260EFA67BE1C5824B11F800CD9D2252 url: https://argoproj.github.io/argo-helm/pgp_keys.asc artifacthub.io/changes: | - - kind: changed - description: Update to app version v2.7.9 + - kind: added + description: Extra secret labels with .Values.notifications.secret.labels diff --git a/charts/argo-cd/README.md b/charts/argo-cd/README.md index 863ae8bbe..79d134b66 100644 --- a/charts/argo-cd/README.md +++ b/charts/argo-cd/README.md @@ -1195,6 +1195,7 @@ If you want to use an existing Redis (eg. a managed service from a cloud provide | notifications.secret.annotations | object | `{}` | key:value pairs of annotations to be added to the secret | | notifications.secret.create | bool | `true` | Whether helm chart creates notifications controller secret | | notifications.secret.items | object | `{}` | Generic key:value pairs to be inserted into the secret | +| notifications.secret.labels | object | `{}` | key:value pairs of labels to be added to the secret | | notifications.serviceAccount.annotations | object | `{}` | Annotations applied to created service account | | notifications.serviceAccount.automountServiceAccountToken | bool | `true` | Automount API credentials for the Service Account | | notifications.serviceAccount.create | bool | `true` | Create notifications controller service account | diff --git a/charts/argo-cd/templates/argocd-configs/argocd-notifications-secret.yaml b/charts/argo-cd/templates/argocd-configs/argocd-notifications-secret.yaml index cde4d555b..75027ed5a 100644 --- a/charts/argo-cd/templates/argocd-configs/argocd-notifications-secret.yaml +++ b/charts/argo-cd/templates/argocd-configs/argocd-notifications-secret.yaml @@ -6,6 +6,9 @@ metadata: namespace: {{ .Release.Namespace | quote }} labels: {{- include "argo-cd.labels" (dict "context" . "component" .Values.notifications.name "name" .Values.notifications.name) | nindent 4 }} + {{- with .Values.notifications.secret.labels }} + {{- toYaml . | nindent 4 }} + {{- end }} {{- with .Values.notifications.secret.annotations }} annotations: {{- range $key, $value := . }} diff --git a/charts/argo-cd/values.yaml b/charts/argo-cd/values.yaml index 38f9b2d7f..aa0716441 100644 --- a/charts/argo-cd/values.yaml +++ b/charts/argo-cd/values.yaml @@ -2795,6 +2795,9 @@ notifications: # -- key:value pairs of annotations to be added to the secret annotations: {} + # -- key:value pairs of labels to be added to the secret + labels: {} + # -- Generic key:value pairs to be inserted into the secret ## Can be used for templates, notification services etc. Some examples given below. ## For more information: https://argocd-notifications.readthedocs.io/en/stable/services/overview/ From 4ebeac0d8c89582f81cd9ab2daee1b158ad01cbf Mon Sep 17 00:00:00 2001 From: Aikawa Date: Tue, 1 Aug 2023 14:57:18 +0900 Subject: [PATCH 268/356] chore(argo-cd): Upgrade Argo CD to v2.7.10 (#2197) Signed-off-by: yu-croco --- charts/argo-cd/Chart.yaml | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index bb9181780..a78601a5e 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -1,9 +1,9 @@ apiVersion: v2 -appVersion: v2.7.9 +appVersion: v2.7.10 kubeVersion: ">=1.23.0-0" description: A Helm chart for Argo CD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 5.42.0 +version: 5.42.1 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png sources: @@ -26,5 +26,5 @@ annotations: fingerprint: 2B8F22F57260EFA67BE1C5824B11F800CD9D2252 url: https://argoproj.github.io/argo-helm/pgp_keys.asc artifacthub.io/changes: | - - kind: added - description: Extra secret labels with .Values.notifications.secret.labels + - kind: changed + description: Upgrade Argo CD to v2.7.10 From 962342fe2acef6022ac5c1a3eb352b336308b3eb Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Gr=C3=A9gory=20SANCHEZ?= Date: Tue, 1 Aug 2023 11:07:17 +0200 Subject: [PATCH 269/356] fix(argo-rollouts): fix helm lint error when extraObjects is defined (#2196) MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit fix(extra-manifests): fix helm lint error when extraObjecrts is defined Signed-off-by: Grégory SANCHEZ Co-authored-by: Jason Meridth --- charts/argo-rollouts/Chart.yaml | 4 ++-- charts/argo-rollouts/templates/extra-manifests.yaml | 2 +- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/charts/argo-rollouts/Chart.yaml b/charts/argo-rollouts/Chart.yaml index c073adcb6..1846575db 100644 --- a/charts/argo-rollouts/Chart.yaml +++ b/charts/argo-rollouts/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v2 appVersion: v1.5.1 description: A Helm chart for Argo Rollouts name: argo-rollouts -version: 2.31.2 +version: 2.31.3 home: https://github.com/argoproj/argo-helm icon: https://argoproj.github.io/argo-rollouts/assets/logo.png keywords: @@ -19,4 +19,4 @@ annotations: url: https://argoproj.github.io/argo-helm/pgp_keys.asc artifacthub.io/changes: | - kind: fixed - description: Fix use prometheus metrics service + description: Fix helm lint error when `extraObjects` is defined diff --git a/charts/argo-rollouts/templates/extra-manifests.yaml b/charts/argo-rollouts/templates/extra-manifests.yaml index f17b1a93b..fc9a76b88 100644 --- a/charts/argo-rollouts/templates/extra-manifests.yaml +++ b/charts/argo-rollouts/templates/extra-manifests.yaml @@ -1,6 +1,6 @@ {{ range .Values.extraObjects }} --- -{{- if typeIs "string" . }} +{{ if typeIs "string" . }} {{- tpl . $ }} {{- else }} {{- tpl (toYaml .) $ }} From f0ac0b7cf400f9f00005e9436de41881a584547d Mon Sep 17 00:00:00 2001 From: Petr Drastil Date: Sat, 5 Aug 2023 12:16:40 +0200 Subject: [PATCH 270/356] fix(argo-cd): Template configuration keys as a string instead of map (#2205) --- charts/argo-cd/Chart.yaml | 6 ++--- charts/argo-cd/templates/_helpers.tpl | 37 +++++++++++++++------------ 2 files changed, 23 insertions(+), 20 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index a78601a5e..8a4769acc 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -3,7 +3,7 @@ appVersion: v2.7.10 kubeVersion: ">=1.23.0-0" description: A Helm chart for Argo CD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 5.42.1 +version: 5.42.2 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png sources: @@ -26,5 +26,5 @@ annotations: fingerprint: 2B8F22F57260EFA67BE1C5824B11F800CD9D2252 url: https://argoproj.github.io/argo-helm/pgp_keys.asc artifacthub.io/changes: | - - kind: changed - description: Upgrade Argo CD to v2.7.10 + - kind: fixed + description: Templates for global presets properly renders keys as a string instead of map diff --git a/charts/argo-cd/templates/_helpers.tpl b/charts/argo-cd/templates/_helpers.tpl index 2786d6ede..c4c814daf 100644 --- a/charts/argo-cd/templates/_helpers.tpl +++ b/charts/argo-cd/templates/_helpers.tpl @@ -162,9 +162,11 @@ Create the name of the notifications service account to use Argo Configuration Preset Values (Incluenced by Values configuration) */}} {{- define "argo-cd.config.cm.presets" -}} +{{- $presets := dict -}} {{- if .Values.configs.styles -}} -ui.cssurl: "./custom/custom.styles.css" +{{- $_ := set $presets "ui.cssurl" "./custom/custom.styles.css" -}} {{- end -}} +{{- toYaml $presets }} {{- end -}} {{/* @@ -183,24 +185,25 @@ Merge Argo Configuration with Preset Configuration {{/* Argo Params Default Configuration Presets +NOTE: Configuration keys must be stored as dict because YAML treats dot as separator */}} {{- define "argo-cd.config.params.presets" -}} -repo.server: "{{ include "argo-cd.repoServer.fullname" . }}:{{ .Values.repoServer.service.port }}" -server.repo.server.strict.tls: {{ .Values.repoServer.certificateSecret.enabled | toString }} -{{- with include "argo-cd.redis.server" . }} -redis.server: {{ . | quote }} -{{- end }} -{{- if .Values.dex.enabled }} -server.dex.server: {{ include "argo-cd.dex.server" . | quote }} -server.dex.server.strict.tls: {{ .Values.dex.certificateSecret.enabled | toString }} -{{- end }} -{{- range $component := tuple "applicationsetcontroller" "controller" "server" "reposerver" }} -{{ $component }}.log.format: {{ $.Values.global.logging.format | quote }} -{{ $component }}.log.level: {{ $.Values.global.logging.level | quote }} -{{- end }} -{{- if .Values.applicationSet.enabled }} -applicationsetcontroller.enable.leader.election: {{ gt (.Values.applicationSet.replicaCount | int64) 1 }} -{{- end }} +{{- $presets := dict -}} +{{- $_ := set $presets "repo.server" (printf "%s:%s" (include "argo-cd.repoServer.fullname" .) (.Values.repoServer.service.port | toString)) -}} +{{- $_ := set $presets "server.repo.server.strict.tls" (.Values.repoServer.certificateSecret.enabled | toString ) -}} +{{- $_ := set $presets "redis.server" (include "argo-cd.redis.server" .) -}} +{{- if .Values.dex.enabled -}} +{{- $_ := set $presets "server.dex.server" (include "argo-cd.dex.server" .) -}} +{{- $_ := set $presets "server.dex.server.strict.tls" .Values.dex.certificateSecret.enabled -}} +{{- end -}} +{{- range $component := tuple "applicationsetcontroller" "controller" "server" "reposerver" -}} +{{- $_ := set $presets (printf "%s.log.format" $component) $.Values.global.logging.format -}} +{{- $_ := set $presets (printf "%s.log.format" $component) $.Values.global.logging.format -}} +{{- end -}} +{{- if .Values.applicationSet.enabled -}} +{{- $_ := set $presets "applicationsetcontroller.enable.leader.election" (gt (.Values.applicationSet.replicaCount | int64) 1) -}} +{{- end -}} +{{- toYaml $presets }} {{- end -}} {{/* From eae0bdd87117c2eb5e4f666196b6886f13b3f999 Mon Sep 17 00:00:00 2001 From: Aikawa Date: Sat, 5 Aug 2023 19:26:24 +0900 Subject: [PATCH 271/356] fix(argo-rollouts): Add required ingress permission (#2207) --- charts/argo-rollouts/Chart.yaml | 4 ++-- charts/argo-rollouts/templates/controller/clusterrole.yaml | 1 + charts/argo-rollouts/templates/controller/role.yaml | 1 + 3 files changed, 4 insertions(+), 2 deletions(-) diff --git a/charts/argo-rollouts/Chart.yaml b/charts/argo-rollouts/Chart.yaml index 1846575db..8cc669fb6 100644 --- a/charts/argo-rollouts/Chart.yaml +++ b/charts/argo-rollouts/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v2 appVersion: v1.5.1 description: A Helm chart for Argo Rollouts name: argo-rollouts -version: 2.31.3 +version: 2.31.4 home: https://github.com/argoproj/argo-helm icon: https://argoproj.github.io/argo-rollouts/assets/logo.png keywords: @@ -19,4 +19,4 @@ annotations: url: https://argoproj.github.io/argo-helm/pgp_keys.asc artifacthub.io/changes: | - kind: fixed - description: Fix helm lint error when `extraObjects` is defined + description: Add required ingress permission diff --git a/charts/argo-rollouts/templates/controller/clusterrole.yaml b/charts/argo-rollouts/templates/controller/clusterrole.yaml index 964daed3d..ab0f7ee15 100644 --- a/charts/argo-rollouts/templates/controller/clusterrole.yaml +++ b/charts/argo-rollouts/templates/controller/clusterrole.yaml @@ -135,6 +135,7 @@ rules: - get - list - watch + - update - patch # job access needed for analysis template job metrics - apiGroups: diff --git a/charts/argo-rollouts/templates/controller/role.yaml b/charts/argo-rollouts/templates/controller/role.yaml index e3b80672b..eb69db628 100644 --- a/charts/argo-rollouts/templates/controller/role.yaml +++ b/charts/argo-rollouts/templates/controller/role.yaml @@ -136,6 +136,7 @@ rules: - get - list - watch + - update - patch # job access needed for analysis template job metrics - apiGroups: From ebd1ad5103d3f352a4317fab935b305c91a1b9f3 Mon Sep 17 00:00:00 2001 From: Aikawa Date: Tue, 8 Aug 2023 15:11:34 +0900 Subject: [PATCH 272/356] chore(argo-cd): Upgrade Argo CD to v2.7.11 (#2210) Signed-off-by: yu-croco --- charts/argo-cd/Chart.yaml | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index 8a4769acc..1e77b9dbd 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -1,9 +1,9 @@ apiVersion: v2 -appVersion: v2.7.10 +appVersion: v2.7.11 kubeVersion: ">=1.23.0-0" description: A Helm chart for Argo CD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 5.42.2 +version: 5.42.3 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png sources: @@ -26,5 +26,5 @@ annotations: fingerprint: 2B8F22F57260EFA67BE1C5824B11F800CD9D2252 url: https://argoproj.github.io/argo-helm/pgp_keys.asc artifacthub.io/changes: | - - kind: fixed - description: Templates for global presets properly renders keys as a string instead of map + - kind: changed + description: Upgrade Argo CD to v2.7.11 From 4eae23b5806a97a5e081b0f3f877b9e3b5bf9cf1 Mon Sep 17 00:00:00 2001 From: Engin Diri Date: Tue, 8 Aug 2023 16:08:58 +0200 Subject: [PATCH 273/356] feat(github): add Helm OCI support (#2209) Signed-off-by: Engin Diri --- .github/workflows/publish.yml | 20 ++++++++++++++++++++ 1 file changed, 20 insertions(+) diff --git a/.github/workflows/publish.yml b/.github/workflows/publish.yml index c1d940259..c2d1dc24e 100644 --- a/.github/workflows/publish.yml +++ b/.github/workflows/publish.yml @@ -4,6 +4,8 @@ on: push: branches: - main + paths: + - "charts/**" permissions: contents: read @@ -12,6 +14,7 @@ jobs: publish: permissions: contents: write # for helm/chart-releaser-action to push chart release and create a release + packages: write # to push OCI chart package to GitHub Registry runs-on: ubuntu-latest steps: - name: Checkout @@ -60,3 +63,20 @@ jobs: config: "./.github/configs/cr.yaml" env: CR_TOKEN: "${{ secrets.GITHUB_TOKEN }}" + + - name: Login to GHCR + uses: docker/login-action@465a07811f14bebb1938fbed4728c6a1ff8901fc # v2.2.0 + with: + registry: ghcr.io + username: ${{ github.actor }} + password: ${{ secrets.GITHUB_TOKEN }} + + - name: Push chart to GHCR + run: | + shopt -s nullglob + for pkg in .cr-release-packages/*.tgz; do + if [ -z "${pkg:-}" ]; then + break + fi + helm push "${pkg}" oci://ghcr.io/${{ github.repository }} + done From 3e35b0c7f7d758d553b17f369cc5940484ef5d89 Mon Sep 17 00:00:00 2001 From: Petr Drastil Date: Tue, 8 Aug 2023 16:35:41 +0200 Subject: [PATCH 274/356] feat(argo-cd): Upgrade Argo CD to 2.8.0 (#2170) Signed-off-by: Petr Drastil Co-authored-by: Aikawa --- charts/argo-cd/Chart.yaml | 6 +- charts/argo-cd/README.md | 2 +- .../statefulset.yaml | 12 + .../argocd-applicationset/deployment.yaml | 73 +- .../argocd-repo-server/deployment.yaml | 12 + .../templates/argocd-server/deployment.yaml | 12 + .../templates/crds/crd-application.yaml | 168 +- .../templates/crds/crd-applicationset.yaml | 5794 +++++++++++------ charts/argo-cd/values.yaml | 2 +- 9 files changed, 4160 insertions(+), 1921 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index 1e77b9dbd..f85b8bb3b 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -1,9 +1,9 @@ apiVersion: v2 -appVersion: v2.7.11 +appVersion: v2.8.0 kubeVersion: ">=1.23.0-0" description: A Helm chart for Argo CD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 5.42.3 +version: 5.43.0 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png sources: @@ -27,4 +27,4 @@ annotations: url: https://argoproj.github.io/argo-helm/pgp_keys.asc artifacthub.io/changes: | - kind: changed - description: Upgrade Argo CD to v2.7.11 + description: Upgrade Argo CD to 2.8.0 diff --git a/charts/argo-cd/README.md b/charts/argo-cd/README.md index 79d134b66..305f09232 100644 --- a/charts/argo-cd/README.md +++ b/charts/argo-cd/README.md @@ -461,7 +461,7 @@ NAME: my-release | configs.params."reposerver.parallelism.limit" | int | `0` | Limit on number of concurrent manifests generate requests. Any value less the 1 means no limit. | | configs.params."server.basehref" | string | `"/"` | Value for base href in index.html. Used if Argo CD is running behind reverse proxy under subpath different from / | | configs.params."server.disable.auth" | bool | `false` | Disable Argo CD RBAC for user authentication | -| configs.params."server.enable.gzip" | bool | `false` | Enable GZIP compression | +| configs.params."server.enable.gzip" | bool | `true` | Enable GZIP compression | | configs.params."server.insecure" | bool | `false` | Run server without TLS | | configs.params."server.rootpath" | string | `""` | Used if Argo CD is running behind reverse proxy under subpath different from / | | configs.params."server.staticassets" | string | `"/shared/app"` | Directory path that contains additional static assets | diff --git a/charts/argo-cd/templates/argocd-application-controller/statefulset.yaml b/charts/argo-cd/templates/argocd-application-controller/statefulset.yaml index b671e245a..8faac38da 100644 --- a/charts/argo-cd/templates/argocd-application-controller/statefulset.yaml +++ b/charts/argo-cd/templates/argocd-application-controller/statefulset.yaml @@ -236,6 +236,18 @@ spec: name: argocd-cmd-params-cm key: application.namespaces optional: true + - name: ARGOCD_CONTROLLER_SHARDING_ALGORITHM + valueFrom: + configMapKeyRef: + name: argocd-cmd-params-cm + key: controller.sharding.algorithm + optional: true + - name: ARGOCD_APPLICATION_CONTROLLER_KUBECTL_PARALLELISM_LIMIT + valueFrom: + configMapKeyRef: + name: argocd-cmd-params-cm + key: controller.kubectl.parallelism.limit + optional: true {{- with .Values.controller.envFrom }} envFrom: {{- toYaml . | nindent 10 }} diff --git a/charts/argo-cd/templates/argocd-applicationset/deployment.yaml b/charts/argo-cd/templates/argocd-applicationset/deployment.yaml index 0e00e28d4..4da1597c2 100644 --- a/charts/argo-cd/templates/argocd-applicationset/deployment.yaml +++ b/charts/argo-cd/templates/argocd-applicationset/deployment.yaml @@ -93,12 +93,6 @@ spec: key: applicationsetcontroller.enable.leader.election name: argocd-cmd-params-cm optional: true - - name: ARGOCD_APPLICATIONSET_CONTROLLER_NAMESPACE - valueFrom: - configMapKeyRef: - key: applicationsetcontroller.namespace - name: argocd-cmd-params-cm - optional: true - name: ARGOCD_APPLICATIONSET_CONTROLLER_REPO_SERVER valueFrom: configMapKeyRef: @@ -111,6 +105,12 @@ spec: key: applicationsetcontroller.policy name: argocd-cmd-params-cm optional: true + - name: ARGOCD_APPLICATIONSET_CONTROLLER_ENABLE_POLICY_OVERRIDE + valueFrom: + configMapKeyRef: + key: applicationsetcontroller.enable.policy.override + name: argocd-cmd-params-cm + optional: true - name: ARGOCD_APPLICATIONSET_CONTROLLER_DEBUG valueFrom: configMapKeyRef: @@ -147,6 +147,54 @@ spec: key: applicationsetcontroller.enable.progressive.syncs name: argocd-cmd-params-cm optional: true + - name: ARGOCD_APPLICATIONSET_CONTROLLER_ENABLE_NEW_GIT_FILE_GLOBBING + valueFrom: + configMapKeyRef: + key: applicationsetcontroller.enable.new.git.file.globbing + name: argocd-cmd-params-cm + optional: true + - name: ARGOCD_APPLICATIONSET_CONTROLLER_REPO_SERVER_PLAINTEXT + valueFrom: + configMapKeyRef: + name: argocd-cmd-params-cm + key: applicationsetcontroller.repo.server.plaintext + optional: true + - name: ARGOCD_APPLICATIONSET_CONTROLLER_REPO_SERVER_STRICT_TLS + valueFrom: + configMapKeyRef: + name: argocd-cmd-params-cm + key: applicationsetcontroller.repo.server.strict.tls + optional: true + - name: ARGOCD_APPLICATIONSET_CONTROLLER_REPO_SERVER_TIMEOUT_SECONDS + valueFrom: + configMapKeyRef: + name: argocd-cmd-params-cm + key: applicationsetcontroller.repo.server.timeout.seconds + optional: true + - name: ARGOCD_APPLICATIONSET_CONTROLLER_CONCURRENT_RECONCILIATIONS + valueFrom: + configMapKeyRef: + name: argocd-cmd-params-cm + key: applicationsetcontroller.concurrent.reconciliations.max + optional: true + - name: ARGOCD_APPLICATIONSET_CONTROLLER_NAMESPACES + valueFrom: + configMapKeyRef: + key: applicationsetcontroller.namespaces + name: argocd-cmd-params-cm + optional: true + - name: ARGOCD_APPLICATIONSET_CONTROLLER_SCM_ROOT_CA_PATH + valueFrom: + configMapKeyRef: + key: applicationsetcontroller.scm.root.ca.path + name: argocd-cmd-params-cm + optional: true + - name: ARGOCD_APPLICATIONSET_CONTROLLER_ALLOWED_SCM_PROVIDERS + valueFrom: + configMapKeyRef: + name: argocd-cmd-params-cm + key: applicationsetcontroller.allowed.scm.providers + optional: true {{- with .Values.applicationSet.extraEnvFrom }} envFrom: {{- toYaml . | nindent 12 }} @@ -199,6 +247,8 @@ spec: name: gpg-keys - mountPath: /app/config/gpg/keys name: gpg-keyring + - mountPath: /app/config/reposerver/tls + name: argocd-repo-server-tls - mountPath: /tmp name: tmp {{- with .Values.applicationSet.extraContainers }} @@ -248,6 +298,17 @@ spec: emptyDir: {} - name: tmp emptyDir: {} + - name: argocd-repo-server-tls + secret: + secretName: argocd-repo-server-tls + optional: true + items: + - key: tls.crt + path: tls.crt + - key: tls.key + path: tls.key + - key: ca.crt + path: ca.crt {{- with .Values.applicationSet.dnsConfig }} dnsConfig: {{- toYaml . | nindent 8 }} diff --git a/charts/argo-cd/templates/argocd-repo-server/deployment.yaml b/charts/argo-cd/templates/argocd-repo-server/deployment.yaml index f438c8b57..b9959018e 100755 --- a/charts/argo-cd/templates/argocd-repo-server/deployment.yaml +++ b/charts/argo-cd/templates/argocd-repo-server/deployment.yaml @@ -108,6 +108,18 @@ spec: name: argocd-cmd-params-cm key: reposerver.parallelism.limit optional: true + - name: ARGOCD_REPO_SERVER_LISTEN_ADDRESS + valueFrom: + configMapKeyRef: + name: argocd-cmd-params-cm + key: reposerver.listen.address + optional: true + - name: ARGOCD_REPO_SERVER_LISTEN_METRICS_ADDRESS + valueFrom: + configMapKeyRef: + name: argocd-cmd-params-cm + key: reposerver.metrics.listen.address + optional: true - name: ARGOCD_REPO_SERVER_DISABLE_TLS valueFrom: configMapKeyRef: diff --git a/charts/argo-cd/templates/argocd-server/deployment.yaml b/charts/argo-cd/templates/argocd-server/deployment.yaml index cc9289812..e3f322cb2 100755 --- a/charts/argo-cd/templates/argocd-server/deployment.yaml +++ b/charts/argo-cd/templates/argocd-server/deployment.yaml @@ -263,6 +263,18 @@ spec: name: argocd-cmd-params-cm key: server.http.cookie.maxnumber optional: true + - name: ARGOCD_SERVER_LISTEN_ADDRESS + valueFrom: + configMapKeyRef: + name: argocd-cmd-params-cm + key: server.listen.address + optional: true + - name: ARGOCD_SERVER_METRICS_LISTEN_ADDRESS + valueFrom: + configMapKeyRef: + name: argocd-cmd-params-cm + key: server.metrics.listen.address + optional: true - name: ARGOCD_SERVER_OTLP_ADDRESS valueFrom: configMapKeyRef: diff --git a/charts/argo-cd/templates/crds/crd-application.yaml b/charts/argo-cd/templates/crds/crd-application.yaml index cbb480e65..b4d13a15e 100644 --- a/charts/argo-cd/templates/crds/crd-application.yaml +++ b/charts/argo-cd/templates/crds/crd-application.yaml @@ -297,8 +297,15 @@ spec: type: array values: description: Values specifies Helm values to be passed - to helm template, typically defined as a block + to helm template, typically defined as a block. ValuesObject + takes precedence over Values, so use one or the other. type: string + valuesObject: + description: ValuesObject specifies Helm values to be + passed to helm template, defined as a map. This takes + precedence over Values. + type: object + x-kubernetes-preserve-unknown-fields: true version: description: Version is the Helm version to use for templating ("3") @@ -586,8 +593,15 @@ spec: type: array values: description: Values specifies Helm values to be passed - to helm template, typically defined as a block + to helm template, typically defined as a block. ValuesObject + takes precedence over Values, so use one or the other. type: string + valuesObject: + description: ValuesObject specifies Helm values to be + passed to helm template, defined as a map. This takes + precedence over Values. + type: object + x-kubernetes-preserve-unknown-fields: true version: description: Version is the Helm version to use for templating ("3") @@ -992,8 +1006,15 @@ spec: type: array values: description: Values specifies Helm values to be passed to - helm template, typically defined as a block + helm template, typically defined as a block. ValuesObject + takes precedence over Values, so use one or the other. type: string + valuesObject: + description: ValuesObject specifies Helm values to be passed + to helm template, defined as a map. This takes precedence + over Values. + type: object + x-kubernetes-preserve-unknown-fields: true version: description: Version is the Helm version to use for templating ("3") @@ -1272,8 +1293,15 @@ spec: type: array values: description: Values specifies Helm values to be passed to - helm template, typically defined as a block + helm template, typically defined as a block. ValuesObject + takes precedence over Values, so use one or the other. type: string + valuesObject: + description: ValuesObject specifies Helm values to be passed + to helm template, defined as a map. This takes precedence + over Values. + type: object + x-kubernetes-preserve-unknown-fields: true version: description: Version is the Helm version to use for templating ("3") @@ -1438,7 +1466,7 @@ spec: as part of automated sync (default: false)' type: boolean selfHeal: - description: 'SelfHeal specifes whether to revert resources + description: 'SelfHeal specifies whether to revert resources back to their desired state upon modification in the cluster (default: false)' type: boolean @@ -1502,7 +1530,7 @@ spec: conditions items: description: ApplicationCondition contains details about an application - condition, which is usally an error or warning + condition, which is usually an error or warning properties: lastTransitionTime: description: LastTransitionTime is the time the condition was @@ -1521,6 +1549,10 @@ spec: - type type: object type: array + controllerNamespace: + description: ControllerNamespace indicates the namespace in which + the application controller is located + type: string health: description: Health contains information about the application's current health status @@ -1700,8 +1732,15 @@ spec: type: array values: description: Values specifies Helm values to be passed - to helm template, typically defined as a block + to helm template, typically defined as a block. ValuesObject + takes precedence over Values, so use one or the other. type: string + valuesObject: + description: ValuesObject specifies Helm values to be + passed to helm template, defined as a map. This takes + precedence over Values. + type: object + x-kubernetes-preserve-unknown-fields: true version: description: Version is the Helm version to use for templating ("3") @@ -1993,8 +2032,16 @@ spec: type: array values: description: Values specifies Helm values to be passed - to helm template, typically defined as a block + to helm template, typically defined as a block. + ValuesObject takes precedence over Values, so use + one or the other. type: string + valuesObject: + description: ValuesObject specifies Helm values to + be passed to helm template, defined as a map. This + takes precedence over Values. + type: object + x-kubernetes-preserve-unknown-fields: true version: description: Version is the Helm version to use for templating ("3") @@ -2431,8 +2478,15 @@ spec: values: description: Values specifies Helm values to be passed to helm template, typically defined as - a block + a block. ValuesObject takes precedence over + Values, so use one or the other. type: string + valuesObject: + description: ValuesObject specifies Helm values + to be passed to helm template, defined as a + map. This takes precedence over Values. + type: object + x-kubernetes-preserve-unknown-fields: true version: description: Version is the Helm version to use for templating ("3") @@ -2740,8 +2794,15 @@ spec: values: description: Values specifies Helm values to be passed to helm template, typically defined - as a block + as a block. ValuesObject takes precedence + over Values, so use one or the other. type: string + valuesObject: + description: ValuesObject specifies Helm values + to be passed to helm template, defined as + a map. This takes precedence over Values. + type: object + x-kubernetes-preserve-unknown-fields: true version: description: Version is the Helm version to use for templating ("3") @@ -2951,6 +3012,19 @@ spec: syncResult: description: SyncResult is the result of a Sync operation properties: + managedNamespaceMetadata: + description: ManagedNamespaceMetadata contains the current + sync state of managed namespace metadata + properties: + annotations: + additionalProperties: + type: string + type: object + labels: + additionalProperties: + type: string + type: object + type: object resources: description: Resources contains a list of sync result items for each individual resource in a sync operation @@ -3153,8 +3227,16 @@ spec: type: array values: description: Values specifies Helm values to be passed - to helm template, typically defined as a block + to helm template, typically defined as a block. + ValuesObject takes precedence over Values, so use + one or the other. type: string + valuesObject: + description: ValuesObject specifies Helm values to + be passed to helm template, defined as a map. This + takes precedence over Values. + type: object + x-kubernetes-preserve-unknown-fields: true version: description: Version is the Helm version to use for templating ("3") @@ -3457,8 +3539,15 @@ spec: values: description: Values specifies Helm values to be passed to helm template, typically defined as - a block + a block. ValuesObject takes precedence over Values, + so use one or the other. type: string + valuesObject: + description: ValuesObject specifies Helm values + to be passed to helm template, defined as a map. + This takes precedence over Values. + type: object + x-kubernetes-preserve-unknown-fields: true version: description: Version is the Helm version to use for templating ("3") @@ -3728,6 +3817,42 @@ spec: and must be set to the Kubernetes control plane API type: string type: object + ignoreDifferences: + description: IgnoreDifferences is a reference to the application's + ignored differences used for comparison + items: + description: ResourceIgnoreDifferences contains resource + filter and list of json paths which should be ignored + during comparison with live state. + properties: + group: + type: string + jqPathExpressions: + items: + type: string + type: array + jsonPointers: + items: + type: string + type: array + kind: + type: string + managedFieldsManagers: + description: ManagedFieldsManagers is a list of trusted + managers. Fields mutated by those managers will take + precedence over the desired state defined in the SCM + and won't be displayed in diffs + items: + type: string + type: array + name: + type: string + namespace: + type: string + required: + - kind + type: object + type: array source: description: Source is a reference to the application's source used for comparison @@ -3866,8 +3991,16 @@ spec: type: array values: description: Values specifies Helm values to be passed - to helm template, typically defined as a block + to helm template, typically defined as a block. + ValuesObject takes precedence over Values, so use + one or the other. type: string + valuesObject: + description: ValuesObject specifies Helm values to + be passed to helm template, defined as a map. This + takes precedence over Values. + type: object + x-kubernetes-preserve-unknown-fields: true version: description: Version is the Helm version to use for templating ("3") @@ -4170,8 +4303,15 @@ spec: values: description: Values specifies Helm values to be passed to helm template, typically defined as - a block + a block. ValuesObject takes precedence over Values, + so use one or the other. type: string + valuesObject: + description: ValuesObject specifies Helm values + to be passed to helm template, defined as a map. + This takes precedence over Values. + type: object + x-kubernetes-preserve-unknown-fields: true version: description: Version is the Helm version to use for templating ("3") diff --git a/charts/argo-cd/templates/crds/crd-applicationset.yaml b/charts/argo-cd/templates/crds/crd-applicationset.yaml index ad35b0628..fa0d926a7 100644 --- a/charts/argo-cd/templates/crds/crd-applicationset.yaml +++ b/charts/argo-cd/templates/crds/crd-applicationset.yaml @@ -40,6 +40,8 @@ spec: type: object spec: properties: + applyNestedSelectors: + type: boolean generators: items: properties: @@ -235,6 +237,9 @@ spec: type: array values: type: string + valuesObject: + type: object + x-kubernetes-preserve-unknown-fields: true version: type: string type: object @@ -412,6 +417,9 @@ spec: type: array values: type: string + valuesObject: + type: object + x-kubernetes-preserve-unknown-fields: true version: type: string type: object @@ -748,6 +756,9 @@ spec: type: array values: type: string + valuesObject: + type: object + x-kubernetes-preserve-unknown-fields: true version: type: string type: object @@ -925,6 +936,9 @@ spec: type: array values: type: string + valuesObject: + type: object + x-kubernetes-preserve-unknown-fields: true version: type: string type: object @@ -1265,6 +1279,9 @@ spec: type: array values: type: string + valuesObject: + type: object + x-kubernetes-preserve-unknown-fields: true version: type: string type: object @@ -1442,6 +1459,9 @@ spec: type: array values: type: string + valuesObject: + type: object + x-kubernetes-preserve-unknown-fields: true version: type: string type: object @@ -1586,6 +1606,10 @@ spec: - metadata - spec type: object + values: + additionalProperties: + type: string + type: object required: - repoURL - revision @@ -1758,6 +1782,9 @@ spec: type: array values: type: string + valuesObject: + type: object + x-kubernetes-preserve-unknown-fields: true version: type: string type: object @@ -1935,6 +1962,9 @@ spec: type: array values: type: string + valuesObject: + type: object + x-kubernetes-preserve-unknown-fields: true version: type: string type: object @@ -2279,6 +2309,9 @@ spec: type: array values: type: string + valuesObject: + type: object + x-kubernetes-preserve-unknown-fields: true version: type: string type: object @@ -2456,6 +2489,9 @@ spec: type: array values: type: string + valuesObject: + type: object + x-kubernetes-preserve-unknown-fields: true version: type: string type: object @@ -2792,6 +2828,9 @@ spec: type: array values: type: string + valuesObject: + type: object + x-kubernetes-preserve-unknown-fields: true version: type: string type: object @@ -2969,6 +3008,9 @@ spec: type: array values: type: string + valuesObject: + type: object + x-kubernetes-preserve-unknown-fields: true version: type: string type: object @@ -3309,6 +3351,9 @@ spec: type: array values: type: string + valuesObject: + type: object + x-kubernetes-preserve-unknown-fields: true version: type: string type: object @@ -3486,6 +3531,9 @@ spec: type: array values: type: string + valuesObject: + type: object + x-kubernetes-preserve-unknown-fields: true version: type: string type: object @@ -3630,6 +3678,10 @@ spec: - metadata - spec type: object + values: + additionalProperties: + type: string + type: object required: - repoURL - revision @@ -3802,6 +3854,9 @@ spec: type: array values: type: string + valuesObject: + type: object + x-kubernetes-preserve-unknown-fields: true version: type: string type: object @@ -3979,6 +4034,9 @@ spec: type: array values: type: string + valuesObject: + type: object + x-kubernetes-preserve-unknown-fields: true version: type: string type: object @@ -4130,123 +4188,21 @@ spec: x-kubernetes-preserve-unknown-fields: true merge: x-kubernetes-preserve-unknown-fields: true - pullRequest: + plugin: properties: - bitbucketServer: - properties: - api: - type: string - basicAuth: - properties: - passwordRef: - properties: - key: - type: string - secretName: - type: string - required: - - key - - secretName - type: object - username: - type: string - required: - - passwordRef - - username - type: object - project: - type: string - repo: - type: string - required: - - api - - project - - repo - type: object - filters: - items: - properties: - branchMatch: - type: string - type: object - type: array - gitea: - properties: - api: - type: string - insecure: - type: boolean - owner: - type: string - repo: - type: string - tokenRef: - properties: - key: - type: string - secretName: - type: string - required: - - key - - secretName - type: object - required: - - api - - owner - - repo - type: object - github: + configMapRef: properties: - api: - type: string - appSecretName: - type: string - labels: - items: - type: string - type: array - owner: - type: string - repo: + name: type: string - tokenRef: - properties: - key: - type: string - secretName: - type: string - required: - - key - - secretName - type: object required: - - owner - - repo + - name type: object - gitlab: + input: properties: - api: - type: string - labels: - items: - type: string - type: array - project: - type: string - pullRequestState: - type: string - tokenRef: - properties: - key: - type: string - secretName: - type: string - required: - - key - - secretName + parameters: + additionalProperties: + x-kubernetes-preserve-unknown-fields: true type: object - required: - - project type: object requeueAfterSeconds: format: int64 @@ -4411,6 +4367,9 @@ spec: type: array values: type: string + valuesObject: + type: object + x-kubernetes-preserve-unknown-fields: true version: type: string type: object @@ -4588,6 +4547,9 @@ spec: type: array values: type: string + valuesObject: + type: object + x-kubernetes-preserve-unknown-fields: true version: type: string type: object @@ -4732,12 +4694,30 @@ spec: - metadata - spec type: object + values: + additionalProperties: + type: string + type: object + required: + - configMapRef type: object - scmProvider: + pullRequest: properties: - azureDevOps: + azuredevops: properties: - accessTokenRef: + api: + type: string + labels: + items: + type: string + type: array + organization: + type: string + project: + type: string + repo: + type: string + tokenRef: properties: key: type: string @@ -4747,46 +4727,58 @@ spec: - key - secretName type: object - allBranches: - type: boolean - api: - type: string - organization: - type: string - teamProject: - type: string required: - - accessTokenRef - organization - - teamProject + - project + - repo type: object bitbucket: properties: - allBranches: - type: boolean - appPasswordRef: + api: + type: string + basicAuth: properties: - key: - type: string - secretName: + passwordRef: + properties: + key: + type: string + secretName: + type: string + required: + - key + - secretName + type: object + username: type: string required: - - key - - secretName + - passwordRef + - username + type: object + bearerToken: + properties: + tokenRef: + properties: + key: + type: string + secretName: + type: string + required: + - key + - secretName + type: object + required: + - tokenRef type: object owner: type: string - user: + repo: type: string required: - - appPasswordRef - owner - - user + - repo type: object bitbucketServer: properties: - allBranches: - type: boolean api: type: string basicAuth: @@ -4809,41 +4801,32 @@ spec: type: object project: type: string + repo: + type: string required: - api - project + - repo type: object - cloneProtocol: - type: string filters: items: properties: branchMatch: type: string - labelMatch: - type: string - pathsDoNotExist: - items: - type: string - type: array - pathsExist: - items: - type: string - type: array - repositoryMatch: + targetBranchMatch: type: string type: object type: array gitea: properties: - allBranches: - type: boolean api: type: string insecure: type: boolean owner: type: string + repo: + type: string tokenRef: properties: key: @@ -4857,16 +4840,21 @@ spec: required: - api - owner + - repo type: object github: properties: - allBranches: - type: boolean api: type: string appSecretName: type: string - organization: + labels: + items: + type: string + type: array + owner: + type: string + repo: type: string tokenRef: properties: @@ -4879,18 +4867,23 @@ spec: - secretName type: object required: - - organization + - owner + - repo type: object gitlab: properties: - allBranches: - type: boolean api: type: string - group: - type: string - includeSubgroups: + insecure: type: boolean + labels: + items: + type: string + type: array + project: + type: string + pullRequestState: + type: string tokenRef: properties: key: @@ -4902,7 +4895,7 @@ spec: - secretName type: object required: - - group + - project type: object requeueAfterSeconds: format: int64 @@ -5067,6 +5060,9 @@ spec: type: array values: type: string + valuesObject: + type: object + x-kubernetes-preserve-unknown-fields: true version: type: string type: object @@ -5244,6 +5240,9 @@ spec: type: array values: type: string + valuesObject: + type: object + x-kubernetes-preserve-unknown-fields: true version: type: string type: object @@ -5389,562 +5388,212 @@ spec: - spec type: object type: object - selector: + scmProvider: properties: - matchExpressions: - items: - properties: - key: - type: string - operator: - type: string - values: - items: - type: string - type: array - required: - - key - - operator - type: object - type: array - matchLabels: - additionalProperties: - type: string - type: object - type: object - type: object - type: array - template: - properties: - metadata: - properties: - annotations: - additionalProperties: - type: string - type: object - finalizers: - items: - type: string - type: array - labels: - additionalProperties: - type: string - type: object - name: - type: string - namespace: - type: string - type: object - spec: - properties: - destination: - properties: - name: - type: string - namespace: - type: string - server: - type: string - type: object - ignoreDifferences: - items: + awsCodeCommit: properties: - group: + allBranches: + type: boolean + region: type: string - jqPathExpressions: - items: - type: string - type: array - jsonPointers: - items: - type: string - type: array - kind: + role: type: string - managedFieldsManagers: + tagFilters: items: - type: string + properties: + key: + type: string + value: + type: string + required: + - key + type: object type: array - name: + type: object + azureDevOps: + properties: + accessTokenRef: + properties: + key: + type: string + secretName: + type: string + required: + - key + - secretName + type: object + allBranches: + type: boolean + api: type: string - namespace: + organization: + type: string + teamProject: type: string required: - - kind + - accessTokenRef + - organization + - teamProject type: object - type: array - info: - items: + bitbucket: properties: - name: + allBranches: + type: boolean + appPasswordRef: + properties: + key: + type: string + secretName: + type: string + required: + - key + - secretName + type: object + owner: type: string - value: + user: type: string required: - - name - - value + - appPasswordRef + - owner + - user type: object - type: array - project: - type: string - revisionHistoryLimit: - format: int64 - type: integer - source: - properties: - chart: - type: string - directory: - properties: - exclude: - type: string - include: - type: string - jsonnet: - properties: - extVars: - items: - properties: - code: - type: boolean - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - libs: - items: - type: string - type: array - tlas: - items: - properties: - code: - type: boolean - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - type: object - recurse: - type: boolean - type: object - helm: - properties: - fileParameters: - items: + bitbucketServer: + properties: + allBranches: + type: boolean + api: + type: string + basicAuth: + properties: + passwordRef: properties: - name: + key: type: string - path: + secretName: type: string + required: + - key + - secretName type: object + username: + type: string + required: + - passwordRef + - username + type: object + project: + type: string + required: + - api + - project + type: object + cloneProtocol: + type: string + filters: + items: + properties: + branchMatch: + type: string + labelMatch: + type: string + pathsDoNotExist: + items: + type: string type: array - ignoreMissingValueFiles: - type: boolean - parameters: + pathsExist: items: - properties: - forceString: - type: boolean - name: - type: string - value: - type: string - type: object + type: string type: array - passCredentials: - type: boolean - releaseName: - type: string - skipCrds: - type: boolean - valueFiles: - items: - type: string - type: array - values: - type: string - version: + repositoryMatch: type: string type: object - kustomize: - properties: - commonAnnotations: - additionalProperties: - type: string - type: object - commonAnnotationsEnvsubst: - type: boolean - commonLabels: - additionalProperties: + type: array + gitea: + properties: + allBranches: + type: boolean + api: + type: string + insecure: + type: boolean + owner: + type: string + tokenRef: + properties: + key: type: string - type: object - forceCommonAnnotations: - type: boolean - forceCommonLabels: - type: boolean - images: - items: + secretName: type: string - type: array - namePrefix: - type: string - nameSuffix: - type: string - namespace: - type: string - replicas: - items: - properties: - count: - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - name: - type: string - required: - - count - - name - type: object - type: array - version: - type: string - type: object - path: - type: string - plugin: - properties: - env: - items: - properties: - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - name: - type: string - parameters: - items: - properties: - array: - items: - type: string - type: array - map: - additionalProperties: - type: string - type: object - name: - type: string - string: - type: string - type: object - type: array - type: object - ref: - type: string - repoURL: - type: string - targetRevision: - type: string - required: - - repoURL - type: object - sources: - items: + required: + - key + - secretName + type: object + required: + - api + - owner + type: object + github: properties: - chart: + allBranches: + type: boolean + api: type: string - directory: + appSecretName: + type: string + organization: + type: string + tokenRef: properties: - exclude: + key: type: string - include: + secretName: type: string - jsonnet: - properties: - extVars: - items: - properties: - code: - type: boolean - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - libs: - items: - type: string - type: array - tlas: - items: - properties: - code: - type: boolean - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - type: object - recurse: - type: boolean + required: + - key + - secretName type: object - helm: + required: + - organization + type: object + gitlab: + properties: + allBranches: + type: boolean + api: + type: string + group: + type: string + includeSubgroups: + type: boolean + insecure: + type: boolean + tokenRef: properties: - fileParameters: - items: - properties: - name: - type: string - path: - type: string - type: object - type: array - ignoreMissingValueFiles: - type: boolean - parameters: - items: - properties: - forceString: - type: boolean - name: - type: string - value: - type: string - type: object - type: array - passCredentials: - type: boolean - releaseName: - type: string - skipCrds: - type: boolean - valueFiles: - items: - type: string - type: array - values: + key: type: string - version: + secretName: type: string + required: + - key + - secretName type: object - kustomize: + required: + - group + type: object + requeueAfterSeconds: + format: int64 + type: integer + template: + properties: + metadata: properties: - commonAnnotations: + annotations: additionalProperties: type: string type: object - commonAnnotationsEnvsubst: - type: boolean - commonLabels: - additionalProperties: - type: string - type: object - forceCommonAnnotations: - type: boolean - forceCommonLabels: - type: boolean - images: - items: - type: string - type: array - namePrefix: - type: string - nameSuffix: - type: string - namespace: - type: string - replicas: - items: - properties: - count: - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - name: - type: string - required: - - count - - name - type: object - type: array - version: - type: string - type: object - path: - type: string - plugin: - properties: - env: - items: - properties: - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - name: - type: string - parameters: - items: - properties: - array: - items: - type: string - type: array - map: - additionalProperties: - type: string - type: object - name: - type: string - string: - type: string - type: object - type: array - type: object - ref: - type: string - repoURL: - type: string - targetRevision: - type: string - required: - - repoURL - type: object - type: array - syncPolicy: - properties: - automated: - properties: - allowEmpty: - type: boolean - prune: - type: boolean - selfHeal: - type: boolean - type: object - managedNamespaceMetadata: - properties: - annotations: - additionalProperties: - type: string - type: object - labels: - additionalProperties: - type: string - type: object - type: object - retry: - properties: - backoff: - properties: - duration: - type: string - factor: - format: int64 - type: integer - maxDuration: - type: string - type: object - limit: - format: int64 - type: integer - type: object - syncOptions: - items: - type: string - type: array - type: object - required: - - destination - - project - type: object - required: - - metadata - - spec - type: object - required: - - generators - type: object - merge: - properties: - generators: - items: - properties: - clusterDecisionResource: - properties: - configMapRef: - type: string - labelSelector: - properties: - matchExpressions: - items: - properties: - key: - type: string - operator: - type: string - values: - items: - type: string - type: array - required: - - key - - operator - type: object - type: array - matchLabels: - additionalProperties: - type: string - type: object - type: object - name: - type: string - requeueAfterSeconds: - format: int64 - type: integer - template: - properties: - metadata: - properties: - annotations: - additionalProperties: - type: string - type: object - finalizers: - items: + finalizers: + items: type: string type: array labels: @@ -6095,6 +5744,9 @@ spec: type: array values: type: string + valuesObject: + type: object + x-kubernetes-preserve-unknown-fields: true version: type: string type: object @@ -6272,6 +5924,9 @@ spec: type: array values: type: string + valuesObject: + type: object + x-kubernetes-preserve-unknown-fields: true version: type: string type: object @@ -6420,560 +6075,568 @@ spec: additionalProperties: type: string type: object - required: - - configMapRef type: object - clusters: + selector: properties: - selector: - properties: - matchExpressions: - items: - properties: - key: - type: string - operator: - type: string - values: - items: - type: string - type: array - required: - - key - - operator - type: object - type: array - matchLabels: - additionalProperties: + matchExpressions: + items: + properties: + key: type: string - type: object - type: object - template: - properties: - metadata: - properties: - annotations: - additionalProperties: - type: string - type: object - finalizers: - items: - type: string - type: array - labels: - additionalProperties: - type: string - type: object - name: - type: string - namespace: + operator: + type: string + values: + items: type: string - type: object - spec: - properties: - destination: - properties: - name: - type: string - namespace: - type: string - server: - type: string - type: object - ignoreDifferences: - items: - properties: - group: - type: string - jqPathExpressions: - items: - type: string - type: array - jsonPointers: - items: - type: string - type: array - kind: - type: string - managedFieldsManagers: - items: - type: string - type: array - name: - type: string - namespace: - type: string - required: - - kind - type: object - type: array - info: - items: - properties: - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - project: - type: string - revisionHistoryLimit: - format: int64 - type: integer - source: - properties: - chart: - type: string - directory: - properties: - exclude: - type: string - include: - type: string - jsonnet: - properties: - extVars: - items: - properties: - code: - type: boolean - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - libs: - items: - type: string - type: array - tlas: - items: - properties: - code: - type: boolean - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - type: object - recurse: - type: boolean - type: object - helm: + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + type: object + type: object + type: object + type: array + template: + properties: + metadata: + properties: + annotations: + additionalProperties: + type: string + type: object + finalizers: + items: + type: string + type: array + labels: + additionalProperties: + type: string + type: object + name: + type: string + namespace: + type: string + type: object + spec: + properties: + destination: + properties: + name: + type: string + namespace: + type: string + server: + type: string + type: object + ignoreDifferences: + items: + properties: + group: + type: string + jqPathExpressions: + items: + type: string + type: array + jsonPointers: + items: + type: string + type: array + kind: + type: string + managedFieldsManagers: + items: + type: string + type: array + name: + type: string + namespace: + type: string + required: + - kind + type: object + type: array + info: + items: + properties: + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + project: + type: string + revisionHistoryLimit: + format: int64 + type: integer + source: + properties: + chart: + type: string + directory: + properties: + exclude: + type: string + include: + type: string + jsonnet: + properties: + extVars: + items: properties: - fileParameters: - items: - properties: - name: - type: string - path: - type: string - type: object - type: array - ignoreMissingValueFiles: - type: boolean - parameters: - items: - properties: - forceString: - type: boolean - name: - type: string - value: - type: string - type: object - type: array - passCredentials: - type: boolean - releaseName: - type: string - skipCrds: + code: type: boolean - valueFiles: - items: - type: string - type: array - values: + name: type: string - version: + value: type: string + required: + - name + - value type: object - kustomize: + type: array + libs: + items: + type: string + type: array + tlas: + items: properties: - commonAnnotations: - additionalProperties: - type: string - type: object - commonAnnotationsEnvsubst: - type: boolean - commonLabels: - additionalProperties: - type: string - type: object - forceCommonAnnotations: - type: boolean - forceCommonLabels: + code: type: boolean - images: - items: - type: string - type: array - namePrefix: + name: type: string - nameSuffix: - type: string - namespace: - type: string - replicas: - items: - properties: - count: - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - name: - type: string - required: - - count - - name - type: object - type: array - version: + value: type: string + required: + - name + - value type: object + type: array + type: object + recurse: + type: boolean + type: object + helm: + properties: + fileParameters: + items: + properties: + name: + type: string path: type: string - plugin: - properties: - env: - items: - properties: - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - name: - type: string - parameters: - items: - properties: - array: - items: - type: string - type: array - map: - additionalProperties: - type: string - type: object - name: - type: string - string: - type: string - type: object - type: array - type: object - ref: + type: object + type: array + ignoreMissingValueFiles: + type: boolean + parameters: + items: + properties: + forceString: + type: boolean + name: type: string - repoURL: + value: type: string - targetRevision: + type: object + type: array + passCredentials: + type: boolean + releaseName: + type: string + skipCrds: + type: boolean + valueFiles: + items: + type: string + type: array + values: + type: string + valuesObject: + type: object + x-kubernetes-preserve-unknown-fields: true + version: + type: string + type: object + kustomize: + properties: + commonAnnotations: + additionalProperties: + type: string + type: object + commonAnnotationsEnvsubst: + type: boolean + commonLabels: + additionalProperties: + type: string + type: object + forceCommonAnnotations: + type: boolean + forceCommonLabels: + type: boolean + images: + items: + type: string + type: array + namePrefix: + type: string + nameSuffix: + type: string + namespace: + type: string + replicas: + items: + properties: + count: + anyOf: + - type: integer + - type: string + x-kubernetes-int-or-string: true + name: type: string required: - - repoURL + - count + - name type: object - sources: - items: - properties: - chart: + type: array + version: + type: string + type: object + path: + type: string + plugin: + properties: + env: + items: + properties: + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + name: + type: string + parameters: + items: + properties: + array: + items: type: string - directory: + type: array + map: + additionalProperties: + type: string + type: object + name: + type: string + string: + type: string + type: object + type: array + type: object + ref: + type: string + repoURL: + type: string + targetRevision: + type: string + required: + - repoURL + type: object + sources: + items: + properties: + chart: + type: string + directory: + properties: + exclude: + type: string + include: + type: string + jsonnet: + properties: + extVars: + items: properties: - exclude: + code: + type: boolean + name: type: string - include: + value: type: string - jsonnet: - properties: - extVars: - items: - properties: - code: - type: boolean - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - libs: - items: - type: string - type: array - tlas: - items: - properties: - code: - type: boolean - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - type: object - recurse: - type: boolean + required: + - name + - value type: object - helm: - properties: - fileParameters: - items: - properties: - name: - type: string - path: - type: string - type: object - type: array - ignoreMissingValueFiles: - type: boolean - parameters: - items: - properties: - forceString: - type: boolean - name: - type: string - value: - type: string - type: object - type: array - passCredentials: - type: boolean - releaseName: - type: string - skipCrds: - type: boolean - valueFiles: - items: - type: string - type: array - values: - type: string - version: - type: string - type: object - kustomize: + type: array + libs: + items: + type: string + type: array + tlas: + items: properties: - commonAnnotations: - additionalProperties: - type: string - type: object - commonAnnotationsEnvsubst: - type: boolean - commonLabels: - additionalProperties: - type: string - type: object - forceCommonAnnotations: - type: boolean - forceCommonLabels: + code: type: boolean - images: - items: - type: string - type: array - namePrefix: - type: string - nameSuffix: - type: string - namespace: + name: type: string - replicas: - items: - properties: - count: - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - name: - type: string - required: - - count - - name - type: object - type: array - version: + value: type: string + required: + - name + - value type: object - path: + type: array + type: object + recurse: + type: boolean + type: object + helm: + properties: + fileParameters: + items: + properties: + name: type: string - plugin: - properties: - env: - items: - properties: - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - name: - type: string - parameters: - items: - properties: - array: - items: - type: string - type: array - map: - additionalProperties: - type: string - type: object - name: - type: string - string: - type: string - type: object - type: array - type: object - ref: + path: type: string - repoURL: + type: object + type: array + ignoreMissingValueFiles: + type: boolean + parameters: + items: + properties: + forceString: + type: boolean + name: type: string - targetRevision: + value: type: string - required: - - repoURL type: object type: array - syncPolicy: - properties: - automated: - properties: - allowEmpty: - type: boolean - prune: - type: boolean - selfHeal: - type: boolean - type: object - managedNamespaceMetadata: - properties: - annotations: - additionalProperties: - type: string - type: object - labels: - additionalProperties: - type: string - type: object - type: object - retry: - properties: - backoff: - properties: - duration: - type: string - factor: - format: int64 - type: integer - maxDuration: - type: string - type: object - limit: - format: int64 - type: integer - type: object - syncOptions: - items: - type: string - type: array + passCredentials: + type: boolean + releaseName: + type: string + skipCrds: + type: boolean + valueFiles: + items: + type: string + type: array + values: + type: string + valuesObject: type: object - required: - - destination - - project + x-kubernetes-preserve-unknown-fields: true + version: + type: string type: object - required: - - metadata - - spec - type: object - values: - additionalProperties: - type: string - type: object - type: object - git: - properties: - directories: - items: - properties: - exclude: - type: boolean - path: - type: string - required: - - path - type: object - type: array - files: - items: - properties: - path: - type: string - required: - - path - type: object - type: array - pathParamPrefix: - type: string - repoURL: - type: string - requeueAfterSeconds: - format: int64 - type: integer - revision: - type: string - template: - properties: - metadata: + kustomize: properties: - annotations: + commonAnnotations: additionalProperties: type: string type: object - finalizers: + commonAnnotationsEnvsubst: + type: boolean + commonLabels: + additionalProperties: + type: string + type: object + forceCommonAnnotations: + type: boolean + forceCommonLabels: + type: boolean + images: + items: + type: string + type: array + namePrefix: + type: string + nameSuffix: + type: string + namespace: + type: string + replicas: + items: + properties: + count: + anyOf: + - type: integer + - type: string + x-kubernetes-int-or-string: true + name: + type: string + required: + - count + - name + type: object + type: array + version: + type: string + type: object + path: + type: string + plugin: + properties: + env: + items: + properties: + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + name: + type: string + parameters: + items: + properties: + array: + items: + type: string + type: array + map: + additionalProperties: + type: string + type: object + name: + type: string + string: + type: string + type: object + type: array + type: object + ref: + type: string + repoURL: + type: string + targetRevision: + type: string + required: + - repoURL + type: object + type: array + syncPolicy: + properties: + automated: + properties: + allowEmpty: + type: boolean + prune: + type: boolean + selfHeal: + type: boolean + type: object + managedNamespaceMetadata: + properties: + annotations: + additionalProperties: + type: string + type: object + labels: + additionalProperties: + type: string + type: object + type: object + retry: + properties: + backoff: + properties: + duration: + type: string + factor: + format: int64 + type: integer + maxDuration: + type: string + type: object + limit: + format: int64 + type: integer + type: object + syncOptions: + items: + type: string + type: array + type: object + required: + - destination + - project + type: object + required: + - metadata + - spec + type: object + required: + - generators + type: object + merge: + properties: + generators: + items: + properties: + clusterDecisionResource: + properties: + configMapRef: + type: string + labelSelector: + properties: + matchExpressions: + items: + properties: + key: + type: string + operator: + type: string + values: + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + type: object + type: object + name: + type: string + requeueAfterSeconds: + format: int64 + type: integer + template: + properties: + metadata: + properties: + annotations: + additionalProperties: + type: string + type: object + finalizers: items: type: string type: array @@ -7125,6 +6788,9 @@ spec: type: array values: type: string + valuesObject: + type: object + x-kubernetes-preserve-unknown-fields: true version: type: string type: object @@ -7302,6 +6968,9 @@ spec: type: array values: type: string + valuesObject: + type: object + x-kubernetes-preserve-unknown-fields: true version: type: string type: object @@ -7446,18 +7115,38 @@ spec: - metadata - spec type: object + values: + additionalProperties: + type: string + type: object required: - - repoURL - - revision + - configMapRef type: object - list: + clusters: properties: - elements: - items: - x-kubernetes-preserve-unknown-fields: true - type: array - elementsYaml: - type: string + selector: + properties: + matchExpressions: + items: + properties: + key: + type: string + operator: + type: string + values: + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + type: object + type: object template: properties: metadata: @@ -7618,6 +7307,9 @@ spec: type: array values: type: string + valuesObject: + type: object + x-kubernetes-preserve-unknown-fields: true version: type: string type: object @@ -7795,6 +7487,9 @@ spec: type: array values: type: string + valuesObject: + type: object + x-kubernetes-preserve-unknown-fields: true version: type: string type: object @@ -7939,134 +7634,42 @@ spec: - metadata - spec type: object - required: - - elements + values: + additionalProperties: + type: string + type: object type: object - matrix: - x-kubernetes-preserve-unknown-fields: true - merge: - x-kubernetes-preserve-unknown-fields: true - pullRequest: + git: properties: - bitbucketServer: - properties: - api: - type: string - basicAuth: - properties: - passwordRef: - properties: - key: - type: string - secretName: - type: string - required: - - key - - secretName - type: object - username: - type: string - required: - - passwordRef - - username - type: object - project: - type: string - repo: - type: string - required: - - api - - project - - repo - type: object - filters: + directories: items: properties: - branchMatch: + exclude: + type: boolean + path: type: string + required: + - path type: object type: array - gitea: - properties: - api: - type: string - insecure: - type: boolean - owner: - type: string - repo: - type: string - tokenRef: - properties: - key: - type: string - secretName: - type: string - required: - - key - - secretName - type: object - required: - - api - - owner - - repo - type: object - github: - properties: - api: - type: string - appSecretName: - type: string - labels: - items: - type: string - type: array - owner: - type: string - repo: - type: string - tokenRef: - properties: - key: - type: string - secretName: - type: string - required: - - key - - secretName - type: object - required: - - owner - - repo - type: object - gitlab: - properties: - api: - type: string - labels: - items: + files: + items: + properties: + path: type: string - type: array - project: - type: string - pullRequestState: - type: string - tokenRef: - properties: - key: - type: string - secretName: - type: string - required: - - key - - secretName - type: object - required: - - project - type: object + required: + - path + type: object + type: array + pathParamPrefix: + type: string + repoURL: + type: string requeueAfterSeconds: format: int64 type: integer + revision: + type: string template: properties: metadata: @@ -8227,6 +7830,9 @@ spec: type: array values: type: string + valuesObject: + type: object + x-kubernetes-preserve-unknown-fields: true version: type: string type: object @@ -8404,6 +8010,9 @@ spec: type: array values: type: string + valuesObject: + type: object + x-kubernetes-preserve-unknown-fields: true version: type: string type: object @@ -8548,253 +8157,94 @@ spec: - metadata - spec type: object + values: + additionalProperties: + type: string + type: object + required: + - repoURL + - revision type: object - scmProvider: + list: properties: - azureDevOps: - properties: - accessTokenRef: - properties: - key: - type: string - secretName: - type: string - required: - - key - - secretName - type: object - allBranches: - type: boolean - api: - type: string - organization: - type: string - teamProject: - type: string - required: - - accessTokenRef - - organization - - teamProject - type: object - bitbucket: + elements: + items: + x-kubernetes-preserve-unknown-fields: true + type: array + elementsYaml: + type: string + template: properties: - allBranches: - type: boolean - appPasswordRef: + metadata: properties: - key: + annotations: + additionalProperties: + type: string + type: object + finalizers: + items: + type: string + type: array + labels: + additionalProperties: + type: string + type: object + name: type: string - secretName: + namespace: type: string - required: - - key - - secretName type: object - owner: - type: string - user: - type: string - required: - - appPasswordRef - - owner - - user - type: object - bitbucketServer: - properties: - allBranches: - type: boolean - api: - type: string - basicAuth: + spec: properties: - passwordRef: + destination: properties: - key: + name: type: string - secretName: + namespace: + type: string + server: type: string - required: - - key - - secretName type: object - username: - type: string - required: - - passwordRef - - username - type: object - project: - type: string - required: - - api - - project - type: object - cloneProtocol: - type: string - filters: - items: - properties: - branchMatch: - type: string - labelMatch: - type: string - pathsDoNotExist: - items: - type: string - type: array - pathsExist: - items: - type: string - type: array - repositoryMatch: - type: string - type: object - type: array - gitea: - properties: - allBranches: - type: boolean - api: - type: string - insecure: - type: boolean - owner: - type: string - tokenRef: - properties: - key: - type: string - secretName: - type: string - required: - - key - - secretName - type: object - required: - - api - - owner - type: object - github: - properties: - allBranches: - type: boolean - api: - type: string - appSecretName: - type: string - organization: - type: string - tokenRef: - properties: - key: - type: string - secretName: - type: string - required: - - key - - secretName - type: object - required: - - organization - type: object - gitlab: - properties: - allBranches: - type: boolean - api: - type: string - group: - type: string - includeSubgroups: - type: boolean - tokenRef: - properties: - key: - type: string - secretName: - type: string - required: - - key - - secretName - type: object - required: - - group - type: object - requeueAfterSeconds: - format: int64 - type: integer - template: - properties: - metadata: - properties: - annotations: - additionalProperties: - type: string - type: object - finalizers: - items: - type: string - type: array - labels: - additionalProperties: - type: string - type: object - name: - type: string - namespace: - type: string - type: object - spec: - properties: - destination: - properties: - name: - type: string - namespace: - type: string - server: - type: string - type: object - ignoreDifferences: - items: - properties: - group: - type: string - jqPathExpressions: - items: - type: string - type: array - jsonPointers: - items: - type: string - type: array - kind: - type: string - managedFieldsManagers: - items: - type: string - type: array - name: - type: string - namespace: - type: string - required: - - kind - type: object - type: array - info: - items: - properties: - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - project: + ignoreDifferences: + items: + properties: + group: + type: string + jqPathExpressions: + items: + type: string + type: array + jsonPointers: + items: + type: string + type: array + kind: + type: string + managedFieldsManagers: + items: + type: string + type: array + name: + type: string + namespace: + type: string + required: + - kind + type: object + type: array + info: + items: + properties: + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + project: type: string revisionHistoryLimit: format: int64 @@ -8836,404 +8286,2814 @@ spec: type: boolean name: type: string - value: + value: + type: string + required: + - name + - value + type: object + type: array + type: object + recurse: + type: boolean + type: object + helm: + properties: + fileParameters: + items: + properties: + name: + type: string + path: + type: string + type: object + type: array + ignoreMissingValueFiles: + type: boolean + parameters: + items: + properties: + forceString: + type: boolean + name: + type: string + value: + type: string + type: object + type: array + passCredentials: + type: boolean + releaseName: + type: string + skipCrds: + type: boolean + valueFiles: + items: + type: string + type: array + values: + type: string + valuesObject: + type: object + x-kubernetes-preserve-unknown-fields: true + version: + type: string + type: object + kustomize: + properties: + commonAnnotations: + additionalProperties: + type: string + type: object + commonAnnotationsEnvsubst: + type: boolean + commonLabels: + additionalProperties: + type: string + type: object + forceCommonAnnotations: + type: boolean + forceCommonLabels: + type: boolean + images: + items: + type: string + type: array + namePrefix: + type: string + nameSuffix: + type: string + namespace: + type: string + replicas: + items: + properties: + count: + anyOf: + - type: integer + - type: string + x-kubernetes-int-or-string: true + name: + type: string + required: + - count + - name + type: object + type: array + version: + type: string + type: object + path: + type: string + plugin: + properties: + env: + items: + properties: + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + name: + type: string + parameters: + items: + properties: + array: + items: + type: string + type: array + map: + additionalProperties: + type: string + type: object + name: + type: string + string: + type: string + type: object + type: array + type: object + ref: + type: string + repoURL: + type: string + targetRevision: + type: string + required: + - repoURL + type: object + sources: + items: + properties: + chart: + type: string + directory: + properties: + exclude: + type: string + include: + type: string + jsonnet: + properties: + extVars: + items: + properties: + code: + type: boolean + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + libs: + items: + type: string + type: array + tlas: + items: + properties: + code: + type: boolean + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + type: object + recurse: + type: boolean + type: object + helm: + properties: + fileParameters: + items: + properties: + name: + type: string + path: + type: string + type: object + type: array + ignoreMissingValueFiles: + type: boolean + parameters: + items: + properties: + forceString: + type: boolean + name: + type: string + value: + type: string + type: object + type: array + passCredentials: + type: boolean + releaseName: + type: string + skipCrds: + type: boolean + valueFiles: + items: + type: string + type: array + values: + type: string + valuesObject: + type: object + x-kubernetes-preserve-unknown-fields: true + version: + type: string + type: object + kustomize: + properties: + commonAnnotations: + additionalProperties: + type: string + type: object + commonAnnotationsEnvsubst: + type: boolean + commonLabels: + additionalProperties: + type: string + type: object + forceCommonAnnotations: + type: boolean + forceCommonLabels: + type: boolean + images: + items: + type: string + type: array + namePrefix: + type: string + nameSuffix: + type: string + namespace: + type: string + replicas: + items: + properties: + count: + anyOf: + - type: integer + - type: string + x-kubernetes-int-or-string: true + name: + type: string + required: + - count + - name + type: object + type: array + version: + type: string + type: object + path: + type: string + plugin: + properties: + env: + items: + properties: + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + name: + type: string + parameters: + items: + properties: + array: + items: + type: string + type: array + map: + additionalProperties: + type: string + type: object + name: + type: string + string: + type: string + type: object + type: array + type: object + ref: + type: string + repoURL: + type: string + targetRevision: + type: string + required: + - repoURL + type: object + type: array + syncPolicy: + properties: + automated: + properties: + allowEmpty: + type: boolean + prune: + type: boolean + selfHeal: + type: boolean + type: object + managedNamespaceMetadata: + properties: + annotations: + additionalProperties: + type: string + type: object + labels: + additionalProperties: + type: string + type: object + type: object + retry: + properties: + backoff: + properties: + duration: + type: string + factor: + format: int64 + type: integer + maxDuration: + type: string + type: object + limit: + format: int64 + type: integer + type: object + syncOptions: + items: + type: string + type: array + type: object + required: + - destination + - project + type: object + required: + - metadata + - spec + type: object + required: + - elements + type: object + matrix: + x-kubernetes-preserve-unknown-fields: true + merge: + x-kubernetes-preserve-unknown-fields: true + plugin: + properties: + configMapRef: + properties: + name: + type: string + required: + - name + type: object + input: + properties: + parameters: + additionalProperties: + x-kubernetes-preserve-unknown-fields: true + type: object + type: object + requeueAfterSeconds: + format: int64 + type: integer + template: + properties: + metadata: + properties: + annotations: + additionalProperties: + type: string + type: object + finalizers: + items: + type: string + type: array + labels: + additionalProperties: + type: string + type: object + name: + type: string + namespace: + type: string + type: object + spec: + properties: + destination: + properties: + name: + type: string + namespace: + type: string + server: + type: string + type: object + ignoreDifferences: + items: + properties: + group: + type: string + jqPathExpressions: + items: + type: string + type: array + jsonPointers: + items: + type: string + type: array + kind: + type: string + managedFieldsManagers: + items: + type: string + type: array + name: + type: string + namespace: + type: string + required: + - kind + type: object + type: array + info: + items: + properties: + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + project: + type: string + revisionHistoryLimit: + format: int64 + type: integer + source: + properties: + chart: + type: string + directory: + properties: + exclude: + type: string + include: + type: string + jsonnet: + properties: + extVars: + items: + properties: + code: + type: boolean + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + libs: + items: + type: string + type: array + tlas: + items: + properties: + code: + type: boolean + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + type: object + recurse: + type: boolean + type: object + helm: + properties: + fileParameters: + items: + properties: + name: + type: string + path: + type: string + type: object + type: array + ignoreMissingValueFiles: + type: boolean + parameters: + items: + properties: + forceString: + type: boolean + name: + type: string + value: + type: string + type: object + type: array + passCredentials: + type: boolean + releaseName: + type: string + skipCrds: + type: boolean + valueFiles: + items: + type: string + type: array + values: + type: string + valuesObject: + type: object + x-kubernetes-preserve-unknown-fields: true + version: + type: string + type: object + kustomize: + properties: + commonAnnotations: + additionalProperties: + type: string + type: object + commonAnnotationsEnvsubst: + type: boolean + commonLabels: + additionalProperties: + type: string + type: object + forceCommonAnnotations: + type: boolean + forceCommonLabels: + type: boolean + images: + items: + type: string + type: array + namePrefix: + type: string + nameSuffix: + type: string + namespace: + type: string + replicas: + items: + properties: + count: + anyOf: + - type: integer + - type: string + x-kubernetes-int-or-string: true + name: + type: string + required: + - count + - name + type: object + type: array + version: + type: string + type: object + path: + type: string + plugin: + properties: + env: + items: + properties: + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + name: + type: string + parameters: + items: + properties: + array: + items: + type: string + type: array + map: + additionalProperties: + type: string + type: object + name: + type: string + string: + type: string + type: object + type: array + type: object + ref: + type: string + repoURL: + type: string + targetRevision: + type: string + required: + - repoURL + type: object + sources: + items: + properties: + chart: + type: string + directory: + properties: + exclude: + type: string + include: + type: string + jsonnet: + properties: + extVars: + items: + properties: + code: + type: boolean + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + libs: + items: + type: string + type: array + tlas: + items: + properties: + code: + type: boolean + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + type: object + recurse: + type: boolean + type: object + helm: + properties: + fileParameters: + items: + properties: + name: + type: string + path: + type: string + type: object + type: array + ignoreMissingValueFiles: + type: boolean + parameters: + items: + properties: + forceString: + type: boolean + name: + type: string + value: + type: string + type: object + type: array + passCredentials: + type: boolean + releaseName: + type: string + skipCrds: + type: boolean + valueFiles: + items: + type: string + type: array + values: + type: string + valuesObject: + type: object + x-kubernetes-preserve-unknown-fields: true + version: + type: string + type: object + kustomize: + properties: + commonAnnotations: + additionalProperties: + type: string + type: object + commonAnnotationsEnvsubst: + type: boolean + commonLabels: + additionalProperties: + type: string + type: object + forceCommonAnnotations: + type: boolean + forceCommonLabels: + type: boolean + images: + items: + type: string + type: array + namePrefix: + type: string + nameSuffix: + type: string + namespace: + type: string + replicas: + items: + properties: + count: + anyOf: + - type: integer + - type: string + x-kubernetes-int-or-string: true + name: + type: string + required: + - count + - name + type: object + type: array + version: + type: string + type: object + path: + type: string + plugin: + properties: + env: + items: + properties: + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + name: + type: string + parameters: + items: + properties: + array: + items: + type: string + type: array + map: + additionalProperties: + type: string + type: object + name: + type: string + string: + type: string + type: object + type: array + type: object + ref: + type: string + repoURL: + type: string + targetRevision: + type: string + required: + - repoURL + type: object + type: array + syncPolicy: + properties: + automated: + properties: + allowEmpty: + type: boolean + prune: + type: boolean + selfHeal: + type: boolean + type: object + managedNamespaceMetadata: + properties: + annotations: + additionalProperties: + type: string + type: object + labels: + additionalProperties: + type: string + type: object + type: object + retry: + properties: + backoff: + properties: + duration: + type: string + factor: + format: int64 + type: integer + maxDuration: + type: string + type: object + limit: + format: int64 + type: integer + type: object + syncOptions: + items: + type: string + type: array + type: object + required: + - destination + - project + type: object + required: + - metadata + - spec + type: object + values: + additionalProperties: + type: string + type: object + required: + - configMapRef + type: object + pullRequest: + properties: + azuredevops: + properties: + api: + type: string + labels: + items: + type: string + type: array + organization: + type: string + project: + type: string + repo: + type: string + tokenRef: + properties: + key: + type: string + secretName: + type: string + required: + - key + - secretName + type: object + required: + - organization + - project + - repo + type: object + bitbucket: + properties: + api: + type: string + basicAuth: + properties: + passwordRef: + properties: + key: + type: string + secretName: + type: string + required: + - key + - secretName + type: object + username: + type: string + required: + - passwordRef + - username + type: object + bearerToken: + properties: + tokenRef: + properties: + key: + type: string + secretName: + type: string + required: + - key + - secretName + type: object + required: + - tokenRef + type: object + owner: + type: string + repo: + type: string + required: + - owner + - repo + type: object + bitbucketServer: + properties: + api: + type: string + basicAuth: + properties: + passwordRef: + properties: + key: + type: string + secretName: + type: string + required: + - key + - secretName + type: object + username: + type: string + required: + - passwordRef + - username + type: object + project: + type: string + repo: + type: string + required: + - api + - project + - repo + type: object + filters: + items: + properties: + branchMatch: + type: string + targetBranchMatch: + type: string + type: object + type: array + gitea: + properties: + api: + type: string + insecure: + type: boolean + owner: + type: string + repo: + type: string + tokenRef: + properties: + key: + type: string + secretName: + type: string + required: + - key + - secretName + type: object + required: + - api + - owner + - repo + type: object + github: + properties: + api: + type: string + appSecretName: + type: string + labels: + items: + type: string + type: array + owner: + type: string + repo: + type: string + tokenRef: + properties: + key: + type: string + secretName: + type: string + required: + - key + - secretName + type: object + required: + - owner + - repo + type: object + gitlab: + properties: + api: + type: string + insecure: + type: boolean + labels: + items: + type: string + type: array + project: + type: string + pullRequestState: + type: string + tokenRef: + properties: + key: + type: string + secretName: + type: string + required: + - key + - secretName + type: object + required: + - project + type: object + requeueAfterSeconds: + format: int64 + type: integer + template: + properties: + metadata: + properties: + annotations: + additionalProperties: + type: string + type: object + finalizers: + items: + type: string + type: array + labels: + additionalProperties: + type: string + type: object + name: + type: string + namespace: + type: string + type: object + spec: + properties: + destination: + properties: + name: + type: string + namespace: + type: string + server: + type: string + type: object + ignoreDifferences: + items: + properties: + group: + type: string + jqPathExpressions: + items: + type: string + type: array + jsonPointers: + items: + type: string + type: array + kind: + type: string + managedFieldsManagers: + items: + type: string + type: array + name: + type: string + namespace: + type: string + required: + - kind + type: object + type: array + info: + items: + properties: + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + project: + type: string + revisionHistoryLimit: + format: int64 + type: integer + source: + properties: + chart: + type: string + directory: + properties: + exclude: + type: string + include: + type: string + jsonnet: + properties: + extVars: + items: + properties: + code: + type: boolean + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + libs: + items: + type: string + type: array + tlas: + items: + properties: + code: + type: boolean + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + type: object + recurse: + type: boolean + type: object + helm: + properties: + fileParameters: + items: + properties: + name: + type: string + path: + type: string + type: object + type: array + ignoreMissingValueFiles: + type: boolean + parameters: + items: + properties: + forceString: + type: boolean + name: + type: string + value: + type: string + type: object + type: array + passCredentials: + type: boolean + releaseName: + type: string + skipCrds: + type: boolean + valueFiles: + items: + type: string + type: array + values: + type: string + valuesObject: + type: object + x-kubernetes-preserve-unknown-fields: true + version: + type: string + type: object + kustomize: + properties: + commonAnnotations: + additionalProperties: + type: string + type: object + commonAnnotationsEnvsubst: + type: boolean + commonLabels: + additionalProperties: + type: string + type: object + forceCommonAnnotations: + type: boolean + forceCommonLabels: + type: boolean + images: + items: + type: string + type: array + namePrefix: + type: string + nameSuffix: + type: string + namespace: + type: string + replicas: + items: + properties: + count: + anyOf: + - type: integer + - type: string + x-kubernetes-int-or-string: true + name: + type: string + required: + - count + - name + type: object + type: array + version: + type: string + type: object + path: + type: string + plugin: + properties: + env: + items: + properties: + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + name: + type: string + parameters: + items: + properties: + array: + items: + type: string + type: array + map: + additionalProperties: + type: string + type: object + name: + type: string + string: + type: string + type: object + type: array + type: object + ref: + type: string + repoURL: + type: string + targetRevision: + type: string + required: + - repoURL + type: object + sources: + items: + properties: + chart: + type: string + directory: + properties: + exclude: + type: string + include: + type: string + jsonnet: + properties: + extVars: + items: + properties: + code: + type: boolean + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + libs: + items: + type: string + type: array + tlas: + items: + properties: + code: + type: boolean + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + type: object + recurse: + type: boolean + type: object + helm: + properties: + fileParameters: + items: + properties: + name: + type: string + path: + type: string + type: object + type: array + ignoreMissingValueFiles: + type: boolean + parameters: + items: + properties: + forceString: + type: boolean + name: + type: string + value: + type: string + type: object + type: array + passCredentials: + type: boolean + releaseName: + type: string + skipCrds: + type: boolean + valueFiles: + items: + type: string + type: array + values: + type: string + valuesObject: + type: object + x-kubernetes-preserve-unknown-fields: true + version: + type: string + type: object + kustomize: + properties: + commonAnnotations: + additionalProperties: + type: string + type: object + commonAnnotationsEnvsubst: + type: boolean + commonLabels: + additionalProperties: + type: string + type: object + forceCommonAnnotations: + type: boolean + forceCommonLabels: + type: boolean + images: + items: + type: string + type: array + namePrefix: + type: string + nameSuffix: + type: string + namespace: + type: string + replicas: + items: + properties: + count: + anyOf: + - type: integer + - type: string + x-kubernetes-int-or-string: true + name: + type: string + required: + - count + - name + type: object + type: array + version: + type: string + type: object + path: + type: string + plugin: + properties: + env: + items: + properties: + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + name: + type: string + parameters: + items: + properties: + array: + items: + type: string + type: array + map: + additionalProperties: + type: string + type: object + name: + type: string + string: + type: string + type: object + type: array + type: object + ref: + type: string + repoURL: + type: string + targetRevision: + type: string + required: + - repoURL + type: object + type: array + syncPolicy: + properties: + automated: + properties: + allowEmpty: + type: boolean + prune: + type: boolean + selfHeal: + type: boolean + type: object + managedNamespaceMetadata: + properties: + annotations: + additionalProperties: + type: string + type: object + labels: + additionalProperties: + type: string + type: object + type: object + retry: + properties: + backoff: + properties: + duration: + type: string + factor: + format: int64 + type: integer + maxDuration: + type: string + type: object + limit: + format: int64 + type: integer + type: object + syncOptions: + items: + type: string + type: array + type: object + required: + - destination + - project + type: object + required: + - metadata + - spec + type: object + type: object + scmProvider: + properties: + awsCodeCommit: + properties: + allBranches: + type: boolean + region: + type: string + role: + type: string + tagFilters: + items: + properties: + key: + type: string + value: + type: string + required: + - key + type: object + type: array + type: object + azureDevOps: + properties: + accessTokenRef: + properties: + key: + type: string + secretName: + type: string + required: + - key + - secretName + type: object + allBranches: + type: boolean + api: + type: string + organization: + type: string + teamProject: + type: string + required: + - accessTokenRef + - organization + - teamProject + type: object + bitbucket: + properties: + allBranches: + type: boolean + appPasswordRef: + properties: + key: + type: string + secretName: + type: string + required: + - key + - secretName + type: object + owner: + type: string + user: + type: string + required: + - appPasswordRef + - owner + - user + type: object + bitbucketServer: + properties: + allBranches: + type: boolean + api: + type: string + basicAuth: + properties: + passwordRef: + properties: + key: + type: string + secretName: + type: string + required: + - key + - secretName + type: object + username: + type: string + required: + - passwordRef + - username + type: object + project: + type: string + required: + - api + - project + type: object + cloneProtocol: + type: string + filters: + items: + properties: + branchMatch: + type: string + labelMatch: + type: string + pathsDoNotExist: + items: + type: string + type: array + pathsExist: + items: + type: string + type: array + repositoryMatch: + type: string + type: object + type: array + gitea: + properties: + allBranches: + type: boolean + api: + type: string + insecure: + type: boolean + owner: + type: string + tokenRef: + properties: + key: + type: string + secretName: + type: string + required: + - key + - secretName + type: object + required: + - api + - owner + type: object + github: + properties: + allBranches: + type: boolean + api: + type: string + appSecretName: + type: string + organization: + type: string + tokenRef: + properties: + key: + type: string + secretName: + type: string + required: + - key + - secretName + type: object + required: + - organization + type: object + gitlab: + properties: + allBranches: + type: boolean + api: + type: string + group: + type: string + includeSubgroups: + type: boolean + insecure: + type: boolean + tokenRef: + properties: + key: + type: string + secretName: + type: string + required: + - key + - secretName + type: object + required: + - group + type: object + requeueAfterSeconds: + format: int64 + type: integer + template: + properties: + metadata: + properties: + annotations: + additionalProperties: + type: string + type: object + finalizers: + items: + type: string + type: array + labels: + additionalProperties: + type: string + type: object + name: + type: string + namespace: + type: string + type: object + spec: + properties: + destination: + properties: + name: + type: string + namespace: + type: string + server: + type: string + type: object + ignoreDifferences: + items: + properties: + group: + type: string + jqPathExpressions: + items: + type: string + type: array + jsonPointers: + items: + type: string + type: array + kind: + type: string + managedFieldsManagers: + items: + type: string + type: array + name: + type: string + namespace: + type: string + required: + - kind + type: object + type: array + info: + items: + properties: + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + project: + type: string + revisionHistoryLimit: + format: int64 + type: integer + source: + properties: + chart: + type: string + directory: + properties: + exclude: + type: string + include: + type: string + jsonnet: + properties: + extVars: + items: + properties: + code: + type: boolean + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + libs: + items: + type: string + type: array + tlas: + items: + properties: + code: + type: boolean + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + type: object + recurse: + type: boolean + type: object + helm: + properties: + fileParameters: + items: + properties: + name: + type: string + path: + type: string + type: object + type: array + ignoreMissingValueFiles: + type: boolean + parameters: + items: + properties: + forceString: + type: boolean + name: + type: string + value: + type: string + type: object + type: array + passCredentials: + type: boolean + releaseName: + type: string + skipCrds: + type: boolean + valueFiles: + items: + type: string + type: array + values: + type: string + valuesObject: + type: object + x-kubernetes-preserve-unknown-fields: true + version: + type: string + type: object + kustomize: + properties: + commonAnnotations: + additionalProperties: + type: string + type: object + commonAnnotationsEnvsubst: + type: boolean + commonLabels: + additionalProperties: + type: string + type: object + forceCommonAnnotations: + type: boolean + forceCommonLabels: + type: boolean + images: + items: + type: string + type: array + namePrefix: + type: string + nameSuffix: + type: string + namespace: + type: string + replicas: + items: + properties: + count: + anyOf: + - type: integer + - type: string + x-kubernetes-int-or-string: true + name: + type: string + required: + - count + - name + type: object + type: array + version: + type: string + type: object + path: + type: string + plugin: + properties: + env: + items: + properties: + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + name: + type: string + parameters: + items: + properties: + array: + items: + type: string + type: array + map: + additionalProperties: + type: string + type: object + name: + type: string + string: + type: string + type: object + type: array + type: object + ref: + type: string + repoURL: + type: string + targetRevision: + type: string + required: + - repoURL + type: object + sources: + items: + properties: + chart: + type: string + directory: + properties: + exclude: + type: string + include: + type: string + jsonnet: + properties: + extVars: + items: + properties: + code: + type: boolean + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + libs: + items: + type: string + type: array + tlas: + items: + properties: + code: + type: boolean + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + type: object + recurse: + type: boolean + type: object + helm: + properties: + fileParameters: + items: + properties: + name: + type: string + path: + type: string + type: object + type: array + ignoreMissingValueFiles: + type: boolean + parameters: + items: + properties: + forceString: + type: boolean + name: + type: string + value: + type: string + type: object + type: array + passCredentials: + type: boolean + releaseName: + type: string + skipCrds: + type: boolean + valueFiles: + items: + type: string + type: array + values: + type: string + valuesObject: + type: object + x-kubernetes-preserve-unknown-fields: true + version: + type: string + type: object + kustomize: + properties: + commonAnnotations: + additionalProperties: + type: string + type: object + commonAnnotationsEnvsubst: + type: boolean + commonLabels: + additionalProperties: + type: string + type: object + forceCommonAnnotations: + type: boolean + forceCommonLabels: + type: boolean + images: + items: + type: string + type: array + namePrefix: + type: string + nameSuffix: + type: string + namespace: + type: string + replicas: + items: + properties: + count: + anyOf: + - type: integer + - type: string + x-kubernetes-int-or-string: true + name: + type: string + required: + - count + - name + type: object + type: array + version: + type: string + type: object + path: + type: string + plugin: + properties: + env: + items: + properties: + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + name: + type: string + parameters: + items: + properties: + array: + items: + type: string + type: array + map: + additionalProperties: type: string - required: - - name - - value - type: object - type: array - type: object - recurse: - type: boolean - type: object - helm: + type: object + name: + type: string + string: + type: string + type: object + type: array + type: object + ref: + type: string + repoURL: + type: string + targetRevision: + type: string + required: + - repoURL + type: object + type: array + syncPolicy: + properties: + automated: properties: - fileParameters: - items: - properties: - name: - type: string - path: - type: string - type: object - type: array - ignoreMissingValueFiles: + allowEmpty: type: boolean - parameters: - items: - properties: - forceString: - type: boolean - name: - type: string - value: - type: string - type: object - type: array - passCredentials: + prune: type: boolean - releaseName: - type: string - skipCrds: + selfHeal: type: boolean - valueFiles: - items: - type: string - type: array - values: - type: string - version: - type: string type: object - kustomize: + managedNamespaceMetadata: properties: - commonAnnotations: + annotations: additionalProperties: type: string type: object - commonAnnotationsEnvsubst: - type: boolean - commonLabels: + labels: additionalProperties: type: string type: object - forceCommonAnnotations: - type: boolean - forceCommonLabels: + type: object + retry: + properties: + backoff: + properties: + duration: + type: string + factor: + format: int64 + type: integer + maxDuration: + type: string + type: object + limit: + format: int64 + type: integer + type: object + syncOptions: + items: + type: string + type: array + type: object + required: + - destination + - project + type: object + required: + - metadata + - spec + type: object + values: + additionalProperties: + type: string + type: object + type: object + selector: + properties: + matchExpressions: + items: + properties: + key: + type: string + operator: + type: string + values: + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + type: object + type: object + type: object + type: array + mergeKeys: + items: + type: string + type: array + template: + properties: + metadata: + properties: + annotations: + additionalProperties: + type: string + type: object + finalizers: + items: + type: string + type: array + labels: + additionalProperties: + type: string + type: object + name: + type: string + namespace: + type: string + type: object + spec: + properties: + destination: + properties: + name: + type: string + namespace: + type: string + server: + type: string + type: object + ignoreDifferences: + items: + properties: + group: + type: string + jqPathExpressions: + items: + type: string + type: array + jsonPointers: + items: + type: string + type: array + kind: + type: string + managedFieldsManagers: + items: + type: string + type: array + name: + type: string + namespace: + type: string + required: + - kind + type: object + type: array + info: + items: + properties: + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + project: + type: string + revisionHistoryLimit: + format: int64 + type: integer + source: + properties: + chart: + type: string + directory: + properties: + exclude: + type: string + include: + type: string + jsonnet: + properties: + extVars: + items: + properties: + code: type: boolean - images: - items: - type: string - type: array - namePrefix: - type: string - nameSuffix: - type: string - namespace: + name: type: string - replicas: - items: - properties: - count: - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - name: - type: string - required: - - count - - name - type: object - type: array - version: + value: type: string + required: + - name + - value type: object - path: + type: array + libs: + items: type: string - plugin: + type: array + tlas: + items: properties: - env: - items: - properties: - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array + code: + type: boolean name: type: string - parameters: - items: - properties: - array: - items: - type: string - type: array - map: - additionalProperties: - type: string - type: object - name: - type: string - string: - type: string - type: object - type: array + value: + type: string + required: + - name + - value type: object - ref: + type: array + type: object + recurse: + type: boolean + type: object + helm: + properties: + fileParameters: + items: + properties: + name: type: string - repoURL: + path: type: string - targetRevision: + type: object + type: array + ignoreMissingValueFiles: + type: boolean + parameters: + items: + properties: + forceString: + type: boolean + name: + type: string + value: + type: string + type: object + type: array + passCredentials: + type: boolean + releaseName: + type: string + skipCrds: + type: boolean + valueFiles: + items: + type: string + type: array + values: + type: string + valuesObject: + type: object + x-kubernetes-preserve-unknown-fields: true + version: + type: string + type: object + kustomize: + properties: + commonAnnotations: + additionalProperties: + type: string + type: object + commonAnnotationsEnvsubst: + type: boolean + commonLabels: + additionalProperties: + type: string + type: object + forceCommonAnnotations: + type: boolean + forceCommonLabels: + type: boolean + images: + items: + type: string + type: array + namePrefix: + type: string + nameSuffix: + type: string + namespace: + type: string + replicas: + items: + properties: + count: + anyOf: + - type: integer + - type: string + x-kubernetes-int-or-string: true + name: type: string required: - - repoURL + - count + - name type: object - sources: - items: - properties: - chart: + type: array + version: + type: string + type: object + path: + type: string + plugin: + properties: + env: + items: + properties: + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + name: + type: string + parameters: + items: + properties: + array: + items: type: string - directory: - properties: - exclude: - type: string - include: - type: string - jsonnet: - properties: - extVars: - items: - properties: - code: - type: boolean - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - libs: - items: - type: string - type: array - tlas: - items: - properties: - code: - type: boolean - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - type: object - recurse: - type: boolean - type: object - helm: + type: array + map: + additionalProperties: + type: string + type: object + name: + type: string + string: + type: string + type: object + type: array + type: object + ref: + type: string + repoURL: + type: string + targetRevision: + type: string + required: + - repoURL + type: object + sources: + items: + properties: + chart: + type: string + directory: + properties: + exclude: + type: string + include: + type: string + jsonnet: + properties: + extVars: + items: properties: - fileParameters: - items: - properties: - name: - type: string - path: - type: string - type: object - type: array - ignoreMissingValueFiles: - type: boolean - parameters: - items: - properties: - forceString: - type: boolean - name: - type: string - value: - type: string - type: object - type: array - passCredentials: - type: boolean - releaseName: - type: string - skipCrds: + code: type: boolean - valueFiles: - items: - type: string - type: array - values: + name: type: string - version: + value: type: string + required: + - name + - value type: object - kustomize: + type: array + libs: + items: + type: string + type: array + tlas: + items: properties: - commonAnnotations: - additionalProperties: - type: string - type: object - commonAnnotationsEnvsubst: - type: boolean - commonLabels: - additionalProperties: - type: string - type: object - forceCommonAnnotations: - type: boolean - forceCommonLabels: + code: type: boolean - images: - items: - type: string - type: array - namePrefix: - type: string - nameSuffix: - type: string - namespace: + name: type: string - replicas: - items: - properties: - count: - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - name: - type: string - required: - - count - - name - type: object - type: array - version: + value: type: string + required: + - name + - value type: object + type: array + type: object + recurse: + type: boolean + type: object + helm: + properties: + fileParameters: + items: + properties: + name: + type: string path: type: string - plugin: - properties: - env: - items: - properties: - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - name: - type: string - parameters: - items: - properties: - array: - items: - type: string - type: array - map: - additionalProperties: - type: string - type: object - name: - type: string - string: - type: string - type: object - type: array - type: object - ref: + type: object + type: array + ignoreMissingValueFiles: + type: boolean + parameters: + items: + properties: + forceString: + type: boolean + name: type: string - repoURL: + value: type: string - targetRevision: + type: object + type: array + passCredentials: + type: boolean + releaseName: + type: string + skipCrds: + type: boolean + valueFiles: + items: + type: string + type: array + values: + type: string + valuesObject: + type: object + x-kubernetes-preserve-unknown-fields: true + version: + type: string + type: object + kustomize: + properties: + commonAnnotations: + additionalProperties: + type: string + type: object + commonAnnotationsEnvsubst: + type: boolean + commonLabels: + additionalProperties: + type: string + type: object + forceCommonAnnotations: + type: boolean + forceCommonLabels: + type: boolean + images: + items: + type: string + type: array + namePrefix: + type: string + nameSuffix: + type: string + namespace: + type: string + replicas: + items: + properties: + count: + anyOf: + - type: integer + - type: string + x-kubernetes-int-or-string: true + name: type: string required: - - repoURL + - count + - name type: object type: array - syncPolicy: - properties: - automated: - properties: - allowEmpty: - type: boolean - prune: - type: boolean - selfHeal: - type: boolean - type: object - managedNamespaceMetadata: - properties: - annotations: - additionalProperties: - type: string - type: object - labels: - additionalProperties: - type: string - type: object - type: object - retry: - properties: - backoff: - properties: - duration: - type: string - factor: - format: int64 - type: integer - maxDuration: - type: string - type: object - limit: - format: int64 - type: integer - type: object - syncOptions: - items: + version: + type: string + type: object + path: + type: string + plugin: + properties: + env: + items: + properties: + name: type: string - type: array - type: object - required: - - destination - - project + value: + type: string + required: + - name + - value + type: object + type: array + name: + type: string + parameters: + items: + properties: + array: + items: + type: string + type: array + map: + additionalProperties: + type: string + type: object + name: + type: string + string: + type: string + type: object + type: array type: object + ref: + type: string + repoURL: + type: string + targetRevision: + type: string required: - - metadata - - spec + - repoURL type: object - type: object - selector: - properties: - matchExpressions: - items: + type: array + syncPolicy: + properties: + automated: properties: - key: - type: string - operator: - type: string - values: - items: + allowEmpty: + type: boolean + prune: + type: boolean + selfHeal: + type: boolean + type: object + managedNamespaceMetadata: + properties: + annotations: + additionalProperties: type: string - type: array - required: - - key - - operator + type: object + labels: + additionalProperties: + type: string + type: object type: object - type: array - matchLabels: - additionalProperties: - type: string - type: object - type: object - type: object - type: array - mergeKeys: - items: - type: string - type: array + retry: + properties: + backoff: + properties: + duration: + type: string + factor: + format: int64 + type: integer + maxDuration: + type: string + type: object + limit: + format: int64 + type: integer + type: object + syncOptions: + items: + type: string + type: array + type: object + required: + - destination + - project + type: object + required: + - metadata + - spec + type: object + required: + - generators + - mergeKeys + type: object + plugin: + properties: + configMapRef: + properties: + name: + type: string + required: + - name + type: object + input: + properties: + parameters: + additionalProperties: + x-kubernetes-preserve-unknown-fields: true + type: object + type: object + requeueAfterSeconds: + format: int64 + type: integer template: properties: metadata: @@ -9394,6 +11254,9 @@ spec: type: array values: type: string + valuesObject: + type: object + x-kubernetes-preserve-unknown-fields: true version: type: string type: object @@ -9571,6 +11434,9 @@ spec: type: array values: type: string + valuesObject: + type: object + x-kubernetes-preserve-unknown-fields: true version: type: string type: object @@ -9715,12 +11581,89 @@ spec: - metadata - spec type: object + values: + additionalProperties: + type: string + type: object required: - - generators - - mergeKeys + - configMapRef type: object pullRequest: properties: + azuredevops: + properties: + api: + type: string + labels: + items: + type: string + type: array + organization: + type: string + project: + type: string + repo: + type: string + tokenRef: + properties: + key: + type: string + secretName: + type: string + required: + - key + - secretName + type: object + required: + - organization + - project + - repo + type: object + bitbucket: + properties: + api: + type: string + basicAuth: + properties: + passwordRef: + properties: + key: + type: string + secretName: + type: string + required: + - key + - secretName + type: object + username: + type: string + required: + - passwordRef + - username + type: object + bearerToken: + properties: + tokenRef: + properties: + key: + type: string + secretName: + type: string + required: + - key + - secretName + type: object + required: + - tokenRef + type: object + owner: + type: string + repo: + type: string + required: + - owner + - repo + type: object bitbucketServer: properties: api: @@ -9757,6 +11700,8 @@ spec: properties: branchMatch: type: string + targetBranchMatch: + type: string type: object type: array gitea: @@ -9816,6 +11761,8 @@ spec: properties: api: type: string + insecure: + type: boolean labels: items: type: string @@ -10000,6 +11947,9 @@ spec: type: array values: type: string + valuesObject: + type: object + x-kubernetes-preserve-unknown-fields: true version: type: string type: object @@ -10177,6 +12127,9 @@ spec: type: array values: type: string + valuesObject: + type: object + x-kubernetes-preserve-unknown-fields: true version: type: string type: object @@ -10324,6 +12277,26 @@ spec: type: object scmProvider: properties: + awsCodeCommit: + properties: + allBranches: + type: boolean + region: + type: string + role: + type: string + tagFilters: + items: + properties: + key: + type: string + value: + type: string + required: + - key + type: object + type: array + type: object azureDevOps: properties: accessTokenRef: @@ -10480,6 +12453,8 @@ spec: type: string includeSubgroups: type: boolean + insecure: + type: boolean tokenRef: properties: key: @@ -10656,6 +12631,9 @@ spec: type: array values: type: string + valuesObject: + type: object + x-kubernetes-preserve-unknown-fields: true version: type: string type: object @@ -10833,6 +12811,9 @@ spec: type: array values: type: string + valuesObject: + type: object + x-kubernetes-preserve-unknown-fields: true version: type: string type: object @@ -10977,6 +12958,10 @@ spec: - metadata - spec type: object + values: + additionalProperties: + type: string + type: object type: object selector: properties: @@ -11005,6 +12990,10 @@ spec: type: array goTemplate: type: boolean + goTemplateOptions: + items: + type: string + type: array preservedFields: properties: annotations: @@ -11045,6 +13034,13 @@ spec: type: object syncPolicy: properties: + applicationsSync: + enum: + - create-only + - create-update + - create-delete + - sync + type: string preserveResourcesOnDeletion: type: boolean type: object @@ -11208,6 +13204,9 @@ spec: type: array values: type: string + valuesObject: + type: object + x-kubernetes-preserve-unknown-fields: true version: type: string type: object @@ -11385,6 +13384,9 @@ spec: type: array values: type: string + valuesObject: + type: object + x-kubernetes-preserve-unknown-fields: true version: type: string type: object diff --git a/charts/argo-cd/values.yaml b/charts/argo-cd/values.yaml index aa0716441..fb1db35cd 100644 --- a/charts/argo-cd/values.yaml +++ b/charts/argo-cd/values.yaml @@ -253,7 +253,7 @@ configs: # -- Disable Argo CD RBAC for user authentication server.disable.auth: false # -- Enable GZIP compression - server.enable.gzip: false + server.enable.gzip: true # -- Set X-Frame-Options header in HTTP responses to value. To disable, set to "". server.x.frame.options: sameorigin From b9c7b3104a8957a221362dab7e3d4daab989a9dd Mon Sep 17 00:00:00 2001 From: Jason Meridth Date: Tue, 8 Aug 2023 19:03:57 -0500 Subject: [PATCH 275/356] fix(argo-rollouts): add CI for enabling extra objects for argo-rollouts (#2198) * fix(argo-rollouts): add CI for enabling extra objects for argo-rollouts Add CI for extra objects Signed-off-by: jmeridth * fix: rename extra objects ci file to have -values suffix Signed-off-by: jmeridth --------- Signed-off-by: jmeridth Co-authored-by: Aikawa --- charts/argo-rollouts/Chart.yaml | 6 +++--- .../ci/enable-extra-objects-values.yaml | 14 ++++++++++++++ 2 files changed, 17 insertions(+), 3 deletions(-) create mode 100644 charts/argo-rollouts/ci/enable-extra-objects-values.yaml diff --git a/charts/argo-rollouts/Chart.yaml b/charts/argo-rollouts/Chart.yaml index 8cc669fb6..0bf8dfcb8 100644 --- a/charts/argo-rollouts/Chart.yaml +++ b/charts/argo-rollouts/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v2 appVersion: v1.5.1 description: A Helm chart for Argo Rollouts name: argo-rollouts -version: 2.31.4 +version: 2.31.5 home: https://github.com/argoproj/argo-helm icon: https://argoproj.github.io/argo-rollouts/assets/logo.png keywords: @@ -18,5 +18,5 @@ annotations: fingerprint: 2B8F22F57260EFA67BE1C5824B11F800CD9D2252 url: https://argoproj.github.io/argo-helm/pgp_keys.asc artifacthub.io/changes: | - - kind: fixed - description: Add required ingress permission + - kind: added + description: Add CI example for extra objects diff --git a/charts/argo-rollouts/ci/enable-extra-objects-values.yaml b/charts/argo-rollouts/ci/enable-extra-objects-values.yaml new file mode 100644 index 000000000..8d18ecd30 --- /dev/null +++ b/charts/argo-rollouts/ci/enable-extra-objects-values.yaml @@ -0,0 +1,14 @@ +# Test with extraObjects enabled +# Do not deploy the CRDs as they are already present from the previous test +installCRDs: false + +extraObjects: + - apiVersion: v1 + kind: Secret + metadata: + name: datadog + type: Opaque + data: + address: aHR0cHM6Ly9hcGkuZGF0YWRvZ2hxLmNvbQo= # https://api.datadoghq.com + api-key: dGVzdC1hcGkta2V5Cg== # test-api-key + app-key: dGVzdC1hcHAta2V5Cg== # test-app-key From 51e22106314012c2b4e620ad90b59340b5afb39e Mon Sep 17 00:00:00 2001 From: Petr Drastil Date: Wed, 9 Aug 2023 10:19:54 +0200 Subject: [PATCH 276/356] fix(argo-cd): Fix global log level configuration (#2213) fix(argo-cd) - Fix global log level configuration Signed-off-by: Petr Drastil --- charts/argo-cd/Chart.yaml | 6 +++--- charts/argo-cd/templates/_helpers.tpl | 2 +- 2 files changed, 4 insertions(+), 4 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index f85b8bb3b..6140b2cb9 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -3,7 +3,7 @@ appVersion: v2.8.0 kubeVersion: ">=1.23.0-0" description: A Helm chart for Argo CD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 5.43.0 +version: 5.43.1 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png sources: @@ -26,5 +26,5 @@ annotations: fingerprint: 2B8F22F57260EFA67BE1C5824B11F800CD9D2252 url: https://argoproj.github.io/argo-helm/pgp_keys.asc artifacthub.io/changes: | - - kind: changed - description: Upgrade Argo CD to 2.8.0 + - kind: fixed + description: Fixed global log level configuration diff --git a/charts/argo-cd/templates/_helpers.tpl b/charts/argo-cd/templates/_helpers.tpl index c4c814daf..058526862 100644 --- a/charts/argo-cd/templates/_helpers.tpl +++ b/charts/argo-cd/templates/_helpers.tpl @@ -198,7 +198,7 @@ NOTE: Configuration keys must be stored as dict because YAML treats dot as separ {{- end -}} {{- range $component := tuple "applicationsetcontroller" "controller" "server" "reposerver" -}} {{- $_ := set $presets (printf "%s.log.format" $component) $.Values.global.logging.format -}} -{{- $_ := set $presets (printf "%s.log.format" $component) $.Values.global.logging.format -}} +{{- $_ := set $presets (printf "%s.log.level" $component) $.Values.global.logging.level -}} {{- end -}} {{- if .Values.applicationSet.enabled -}} {{- $_ := set $presets "applicationsetcontroller.enable.leader.election" (gt (.Values.applicationSet.replicaCount | int64) 1) -}} From 4b7dcd0d31531f44a275729e86880d52c75323ed Mon Sep 17 00:00:00 2001 From: Petr Drastil Date: Wed, 9 Aug 2023 10:35:48 +0200 Subject: [PATCH 277/356] chore(argo-cd): Change applicationSet replicaCount to replicas (#2214) Signed-off-by: Petr Drastil --- charts/argo-cd/Chart.yaml | 8 +++++--- charts/argo-cd/README.md | 2 +- charts/argo-cd/templates/NOTES.txt | 3 +++ .../templates/argocd-applicationset/deployment.yaml | 2 +- charts/argo-cd/values.yaml | 2 +- 5 files changed, 11 insertions(+), 6 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index 6140b2cb9..821de8504 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -3,7 +3,7 @@ appVersion: v2.8.0 kubeVersion: ">=1.23.0-0" description: A Helm chart for Argo CD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 5.43.1 +version: 5.43.2 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png sources: @@ -26,5 +26,7 @@ annotations: fingerprint: 2B8F22F57260EFA67BE1C5824B11F800CD9D2252 url: https://argoproj.github.io/argo-helm/pgp_keys.asc artifacthub.io/changes: | - - kind: fixed - description: Fixed global log level configuration + - kind: changed + description: Renamed applicationSet.replicaCount to replicas + - kind: deprecated + description: Option applicationSet.replicaCount diff --git a/charts/argo-cd/README.md b/charts/argo-cd/README.md index 305f09232..45a97eb52 100644 --- a/charts/argo-cd/README.md +++ b/charts/argo-cd/README.md @@ -1113,7 +1113,7 @@ If you want to use an existing Redis (eg. a managed service from a cloud provide | applicationSet.readinessProbe.periodSeconds | int | `10` | How often (in seconds) to perform the [probe] | | applicationSet.readinessProbe.successThreshold | int | `1` | Minimum consecutive successes for the [probe] to be considered successful after having failed | | applicationSet.readinessProbe.timeoutSeconds | int | `1` | Number of seconds after which the [probe] times out | -| applicationSet.replicaCount | int | `1` | The number of ApplicationSet controller pods to run | +| applicationSet.replicas | int | `1` | The number of ApplicationSet controller pods to run | | applicationSet.resources | object | `{}` | Resource limits and requests for the ApplicationSet controller pods. | | applicationSet.service.annotations | object | `{}` | ApplicationSet service annotations | | applicationSet.service.labels | object | `{}` | ApplicationSet service labels | diff --git a/charts/argo-cd/templates/NOTES.txt b/charts/argo-cd/templates/NOTES.txt index d79d95f0c..afd18a1b2 100644 --- a/charts/argo-cd/templates/NOTES.txt +++ b/charts/argo-cd/templates/NOTES.txt @@ -73,6 +73,9 @@ DEPRECATED option configs.tlsCertsAnnotations - Use configs.tls.annotations {{- if hasKey .Values.configs "tlsCerts" }} DEPRECATED option configs.tlsCerts.data - Use configs.tls.certificates {{- end }} +{{- if .Values.applicationSet.replicaCount }} +DEPRECATED option applicationSet.replicaCount - Use applicationSet.replicas +{{- end }} {{- if .Values.applicationSet.logFormat }} DEPRECATED option applicationSet.logFormat - Use configs.params.applicationsetcontroller.log.format {{- end }} diff --git a/charts/argo-cd/templates/argocd-applicationset/deployment.yaml b/charts/argo-cd/templates/argocd-applicationset/deployment.yaml index 4da1597c2..d8fb8cbc4 100644 --- a/charts/argo-cd/templates/argocd-applicationset/deployment.yaml +++ b/charts/argo-cd/templates/argocd-applicationset/deployment.yaml @@ -17,7 +17,7 @@ spec: strategy: {{- trim . | nindent 4 }} {{- end }} - replicas: {{ .Values.applicationSet.replicaCount }} + replicas: {{ .Values.applicationSet.replicas | default .Values.applicationSet.replicaCount }} revisionHistoryLimit: {{ .Values.global.revisionHistoryLimit }} selector: matchLabels: diff --git a/charts/argo-cd/values.yaml b/charts/argo-cd/values.yaml index fb1db35cd..341cf8da2 100644 --- a/charts/argo-cd/values.yaml +++ b/charts/argo-cd/values.yaml @@ -2373,7 +2373,7 @@ applicationSet: name: applicationset-controller # -- The number of ApplicationSet controller pods to run - replicaCount: 1 + replicas: 1 ## ApplicationSet controller Pod Disruption Budget ## Ref: https://kubernetes.io/docs/tasks/run-application/configure-pdb/ From 23708c6a30e059aa2896dbedc4a4ec52d7674ff7 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Micka=C3=ABl=20Can=C3=A9vet?= Date: Thu, 10 Aug 2023 00:18:37 +0200 Subject: [PATCH 278/356] fix(argo-cd): add missing permissions to run actions (#2212) MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: Mickaël Canévet --- charts/argo-cd/Chart.yaml | 8 +++----- .../argo-cd/templates/argocd-server/clusterrole.yaml | 12 ++++++++++++ 2 files changed, 15 insertions(+), 5 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index 821de8504..fc7614e1a 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -3,7 +3,7 @@ appVersion: v2.8.0 kubeVersion: ">=1.23.0-0" description: A Helm chart for Argo CD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 5.43.2 +version: 5.43.3 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png sources: @@ -26,7 +26,5 @@ annotations: fingerprint: 2B8F22F57260EFA67BE1C5824B11F800CD9D2252 url: https://argoproj.github.io/argo-helm/pgp_keys.asc artifacthub.io/changes: | - - kind: changed - description: Renamed applicationSet.replicaCount to replicas - - kind: deprecated - description: Option applicationSet.replicaCount + - kind: fixed + description: add missing permissions to run actions diff --git a/charts/argo-cd/templates/argocd-server/clusterrole.yaml b/charts/argo-cd/templates/argocd-server/clusterrole.yaml index 0f26d4707..3d2c44b55 100644 --- a/charts/argo-cd/templates/argocd-server/clusterrole.yaml +++ b/charts/argo-cd/templates/argocd-server/clusterrole.yaml @@ -45,4 +45,16 @@ rules: - list - update - watch + - apiGroups: + - batch + resources: + - jobs + verbs: + - create + - apiGroups: + - argoproj.io + resources: + - workflows + verbs: + - create {{- end }} From a64615414d61500835a3de0723a8a9e099540ade Mon Sep 17 00:00:00 2001 From: Anton Gilgur <4970083+agilgur5@users.noreply.github.com> Date: Thu, 10 Aug 2023 21:14:54 -0400 Subject: [PATCH 279/356] fix(argo-workflows): Server only needs `get` Secrets (#2211) - as of https://github.com/argoproj/argo-workflows/commit/aa366db345d794f0d330336d51eb2a88f14ebbe6, the Server no longer needs `list` or `watch` and only uses `get` - this was released as part of [v3.4.0](https://github.com/argoproj/argo-workflows/blob/master/CHANGELOG.md#v340-rc1-2022-08-09), and the current version of the chart uses v3.4.9 (per `Chart.yaml#appVersion`) - `update` is not needed either for SSO secret - manifests RBAC: https://github.com/argoproj/argo-workflows/blob/a68ea0feabc87c09d5e13d12e6f0d1a61adc5b16/manifests/cluster-install/argo-server-rbac/argo-server-clusterole.yaml#L18 - SSO source code only uses [`create`](https://github.com/argoproj/argo-workflows/blob/20d0923611f1df6b7147c3547aeeff6b6bfecf18/server/auth/sso/sso.go#L140) and [`get`](https://github.com/argoproj/argo-workflows/blob/20d0923611f1df6b7147c3547aeeff6b6bfecf18/server/auth/sso/sso.go#L151) - (also some `get`s above that for [`clientID`](https://github.com/argoproj/argo-workflows/blob/20d0923611f1df6b7147c3547aeeff6b6bfecf18/server/auth/sso/sso.go#L127) and [`clientSecret`](https://github.com/argoproj/argo-workflows/blob/20d0923611f1df6b7147c3547aeeff6b6bfecf18/server/auth/sso/sso.go#L106) as well) Signed-off-by: Anton Gilgur Co-authored-by: Aikawa Co-authored-by: Jason Meridth --- charts/argo-workflows/Chart.yaml | 6 +++--- .../templates/server/server-cluster-roles.yaml | 3 --- 2 files changed, 3 insertions(+), 6 deletions(-) diff --git a/charts/argo-workflows/Chart.yaml b/charts/argo-workflows/Chart.yaml index 681b73b9f..c9ae07a5a 100644 --- a/charts/argo-workflows/Chart.yaml +++ b/charts/argo-workflows/Chart.yaml @@ -3,7 +3,7 @@ appVersion: v3.4.9 name: argo-workflows description: A Helm chart for Argo Workflows type: application -version: 0.32.1 +version: 0.32.2 icon: https://argoproj.github.io/argo-workflows/assets/logo.png home: https://github.com/argoproj/argo-helm sources: @@ -16,5 +16,5 @@ annotations: fingerprint: 2B8F22F57260EFA67BE1C5824B11F800CD9D2252 url: https://argoproj.github.io/argo-helm/pgp_keys.asc artifacthub.io/changes: | - - kind: added - description: Add support for executor args + - kind: fixed + description: Removed Secrets list and watch from Server RBAC diff --git a/charts/argo-workflows/templates/server/server-cluster-roles.yaml b/charts/argo-workflows/templates/server/server-cluster-roles.yaml index 2a52d9567..56d4dcaaa 100644 --- a/charts/argo-workflows/templates/server/server-cluster-roles.yaml +++ b/charts/argo-workflows/templates/server/server-cluster-roles.yaml @@ -47,7 +47,6 @@ rules: - sso verbs: - get - - update - apiGroups: - "" resources: @@ -71,8 +70,6 @@ rules: - secrets verbs: - get - - list - - watch {{- if and .Values.server.sso.enabled .Values.server.sso.rbac.enabled }} {{- with .Values.server.sso.rbac.secretWhitelist }} resourceNames: {{- toYaml . | nindent 4 }} From 4e0698ec43f63267e63d741f9bcb8c8489c53859 Mon Sep 17 00:00:00 2001 From: Ali Reza Date: Tue, 15 Aug 2023 10:57:28 +0200 Subject: [PATCH 280/356] docs(argo-cd): Rename comment of repositoryCredentials to credentialTemplates (#2219) Rename comment of repositoryCredentials to credentialTemplates Signed-off-by: Ali Reza --- charts/argo-cd/Chart.yaml | 4 ++-- charts/argo-cd/values.yaml | 2 +- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index fc7614e1a..6865acb08 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -3,7 +3,7 @@ appVersion: v2.8.0 kubeVersion: ">=1.23.0-0" description: A Helm chart for Argo CD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 5.43.3 +version: 5.43.4 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png sources: @@ -27,4 +27,4 @@ annotations: url: https://argoproj.github.io/argo-helm/pgp_keys.asc artifacthub.io/changes: | - kind: fixed - description: add missing permissions to run actions + description: Rename comment of repositoryCredentials to credentialTemplates diff --git a/charts/argo-cd/values.yaml b/charts/argo-cd/values.yaml index 341cf8da2..d748234eb 100644 --- a/charts/argo-cd/values.yaml +++ b/charts/argo-cd/values.yaml @@ -476,7 +476,7 @@ configs: # -- Repositories list to be used by applications ## Creates a secret for each key/value specified below to create repositories - ## Note: the last example in the list would use a repository credential template, configured under "configs.repositoryCredentials". + ## Note: the last example in the list would use a repository credential template, configured under "configs.credentialTemplates". repositories: {} # istio-helm-repo: # url: https://storage.googleapis.com/istio-prerelease/daily-build/master-latest-daily/charts From 3737457b0fd8e3f05da8aec80da86911be24fcf6 Mon Sep 17 00:00:00 2001 From: Nick Kampe Date: Wed, 16 Aug 2023 02:01:43 -0500 Subject: [PATCH 281/356] feat(argo-rollouts): update servicemonitor.yaml to allow for namespace to be set (#2222) * Update servicemonitor.yaml to allow for namespace to be set Signed-off-by: Nick Kampe * Update README.md Signed-off-by: Nick Kampe * Update values.yaml Signed-off-by: Nick Kampe * Update Chart.yaml Signed-off-by: Nick Kampe * Update Chart.yaml Signed-off-by: Nick Kampe * Alphabetized namespace addition in README Signed-off-by: Nick Kampe --------- Signed-off-by: Nick Kampe --- charts/argo-rollouts/Chart.yaml | 4 ++-- charts/argo-rollouts/README.md | 1 + charts/argo-rollouts/templates/controller/servicemonitor.yaml | 2 +- charts/argo-rollouts/values.yaml | 2 ++ 4 files changed, 6 insertions(+), 3 deletions(-) diff --git a/charts/argo-rollouts/Chart.yaml b/charts/argo-rollouts/Chart.yaml index 0bf8dfcb8..2aba36f12 100644 --- a/charts/argo-rollouts/Chart.yaml +++ b/charts/argo-rollouts/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v2 appVersion: v1.5.1 description: A Helm chart for Argo Rollouts name: argo-rollouts -version: 2.31.5 +version: 2.31.6 home: https://github.com/argoproj/argo-helm icon: https://argoproj.github.io/argo-rollouts/assets/logo.png keywords: @@ -19,4 +19,4 @@ annotations: url: https://argoproj.github.io/argo-helm/pgp_keys.asc artifacthub.io/changes: | - kind: added - description: Add CI example for extra objects + description: Add ability to set namespace on ServiceMonitor resource diff --git a/charts/argo-rollouts/README.md b/charts/argo-rollouts/README.md index 4e0287795..b91989988 100644 --- a/charts/argo-rollouts/README.md +++ b/charts/argo-rollouts/README.md @@ -98,6 +98,7 @@ For full list of changes please check ArtifactHub [changelog]. | controller.metrics.serviceMonitor.additionalLabels | object | `{}` | Labels to be added to the ServiceMonitor | | controller.metrics.serviceMonitor.enabled | bool | `false` | Enable a prometheus ServiceMonitor | | controller.metrics.serviceMonitor.metricRelabelings | list | `[]` | MetricRelabelConfigs to apply to samples before ingestion | +| controller.metrics.serviceMonitor.namespace | string | `""` | Namespace to be used for the ServiceMonitor | | controller.metrics.serviceMonitor.relabelings | list | `[]` | RelabelConfigs to apply to samples before scraping | | controller.nodeSelector | object | `{}` | [Node selector] | | controller.pdb.annotations | object | `{}` | Annotations to be added to controller [Pod Disruption Budget] | diff --git a/charts/argo-rollouts/templates/controller/servicemonitor.yaml b/charts/argo-rollouts/templates/controller/servicemonitor.yaml index 62713764e..d7ab901e3 100644 --- a/charts/argo-rollouts/templates/controller/servicemonitor.yaml +++ b/charts/argo-rollouts/templates/controller/servicemonitor.yaml @@ -3,7 +3,7 @@ apiVersion: monitoring.coreos.com/v1 kind: ServiceMonitor metadata: name: {{ include "argo-rollouts.fullname" . }} - namespace: {{ .Release.Namespace | quote }} + namespace: {{ default .Release.Namespace .Values.controller.metrics.serviceMonitor.namespace | quote }} labels: app.kubernetes.io/component: {{ .Values.controller.component }} {{- include "argo-rollouts.labels" . | nindent 4 }} diff --git a/charts/argo-rollouts/values.yaml b/charts/argo-rollouts/values.yaml index f9d8e1cfe..b711ee37d 100644 --- a/charts/argo-rollouts/values.yaml +++ b/charts/argo-rollouts/values.yaml @@ -132,6 +132,8 @@ controller: serviceMonitor: # -- Enable a prometheus ServiceMonitor enabled: false + # -- Namespace to be used for the ServiceMonitor + namespace: "" # -- Labels to be added to the ServiceMonitor additionalLabels: {} # -- Annotations to be added to the ServiceMonitor From 92b2724b0fa82186bb13c452947c216cc04bd5f0 Mon Sep 17 00:00:00 2001 From: Jason Meridth Date: Wed, 16 Aug 2023 06:00:35 -0500 Subject: [PATCH 282/356] chore(argo-workflows): Upgrade to Argo Workflows v3.4.10 (#2220) --- charts/argo-workflows/Chart.yaml | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/charts/argo-workflows/Chart.yaml b/charts/argo-workflows/Chart.yaml index c9ae07a5a..6413a6589 100644 --- a/charts/argo-workflows/Chart.yaml +++ b/charts/argo-workflows/Chart.yaml @@ -1,9 +1,9 @@ apiVersion: v2 -appVersion: v3.4.9 +appVersion: v3.4.10 name: argo-workflows description: A Helm chart for Argo Workflows type: application -version: 0.32.2 +version: 0.32.3 icon: https://argoproj.github.io/argo-workflows/assets/logo.png home: https://github.com/argoproj/argo-helm sources: @@ -16,5 +16,5 @@ annotations: fingerprint: 2B8F22F57260EFA67BE1C5824B11F800CD9D2252 url: https://argoproj.github.io/argo-helm/pgp_keys.asc artifacthub.io/changes: | - - kind: fixed - description: Removed Secrets list and watch from Server RBAC + - kind: changed + description: Upgrade to Argo Workflows v3.4.10 From dc56fa63f3baceaf2684fe0874e6851d9f3451cb Mon Sep 17 00:00:00 2001 From: Fuochi Date: Thu, 17 Aug 2023 14:08:03 +0200 Subject: [PATCH 283/356] feat(argo-workflows): add imagePullSecret for workflow sa (#2226) Signed-off-by: Fuochi --- charts/argo-workflows/Chart.yaml | 6 +++--- charts/argo-workflows/README.md | 1 + charts/argo-workflows/templates/controller/workflow-sa.yaml | 4 ++++ charts/argo-workflows/values.yaml | 2 ++ 4 files changed, 10 insertions(+), 3 deletions(-) diff --git a/charts/argo-workflows/Chart.yaml b/charts/argo-workflows/Chart.yaml index 6413a6589..6741d7e0e 100644 --- a/charts/argo-workflows/Chart.yaml +++ b/charts/argo-workflows/Chart.yaml @@ -3,7 +3,7 @@ appVersion: v3.4.10 name: argo-workflows description: A Helm chart for Argo Workflows type: application -version: 0.32.3 +version: 0.33.0 icon: https://argoproj.github.io/argo-workflows/assets/logo.png home: https://github.com/argoproj/argo-helm sources: @@ -16,5 +16,5 @@ annotations: fingerprint: 2B8F22F57260EFA67BE1C5824B11F800CD9D2252 url: https://argoproj.github.io/argo-helm/pgp_keys.asc artifacthub.io/changes: | - - kind: changed - description: Upgrade to Argo Workflows v3.4.10 + - kind: added + description: add imagePullSecret for workflow sa diff --git a/charts/argo-workflows/README.md b/charts/argo-workflows/README.md index eb57fe448..ef78bc5ba 100644 --- a/charts/argo-workflows/README.md +++ b/charts/argo-workflows/README.md @@ -127,6 +127,7 @@ Fields to note: | workflow.serviceAccount.create | bool | `false` | Specifies whether a service account should be created | | workflow.serviceAccount.labels | object | `{}` | Labels applied to created service account | | workflow.serviceAccount.name | string | `"argo-workflow"` | Service account which is used to run workflows | +| workflow.serviceAccount.pullSecrets | list | `[]` | Secrets with credentials to pull images from a private registry. Same format as `.Values.images.pullSecrets` | ### Workflow Controller diff --git a/charts/argo-workflows/templates/controller/workflow-sa.yaml b/charts/argo-workflows/templates/controller/workflow-sa.yaml index 8928b32e8..273487c48 100644 --- a/charts/argo-workflows/templates/controller/workflow-sa.yaml +++ b/charts/argo-workflows/templates/controller/workflow-sa.yaml @@ -17,5 +17,9 @@ metadata: annotations: {{- toYaml . | nindent 4 }} {{- end }} + {{- with $.Values.workflow.serviceAccount.pullSecrets }} +imagePullSecrets: + {{- toYaml . | nindent 2 }} + {{- end }} {{- end }} {{- end }} diff --git a/charts/argo-workflows/values.yaml b/charts/argo-workflows/values.yaml index bfc3ce3f5..a9c827e70 100644 --- a/charts/argo-workflows/values.yaml +++ b/charts/argo-workflows/values.yaml @@ -54,6 +54,8 @@ workflow: annotations: {} # -- Service account which is used to run workflows name: "argo-workflow" + # -- Secrets with credentials to pull images from a private registry. Same format as `.Values.images.pullSecrets` + pullSecrets: [] rbac: # -- Adds Role and RoleBinding for the above specified service account to be able to run workflows. # A Role and Rolebinding pair is also created for each namespace in controller.workflowNamespaces (see below) From a9acf935ab3abc442f41ccadd0a62e94ec1cd205 Mon Sep 17 00:00:00 2001 From: Jeongwon Song <46633758+jsong336@users.noreply.github.com> Date: Sat, 19 Aug 2023 01:59:46 -0400 Subject: [PATCH 284/356] chore(argo-workflows): update comment for azure artifact repository blobNameFormat (#2229) --- charts/argo-workflows/Chart.yaml | 6 +++--- charts/argo-workflows/values.yaml | 2 +- 2 files changed, 4 insertions(+), 4 deletions(-) diff --git a/charts/argo-workflows/Chart.yaml b/charts/argo-workflows/Chart.yaml index 6741d7e0e..1c60fbb4f 100644 --- a/charts/argo-workflows/Chart.yaml +++ b/charts/argo-workflows/Chart.yaml @@ -3,7 +3,7 @@ appVersion: v3.4.10 name: argo-workflows description: A Helm chart for Argo Workflows type: application -version: 0.33.0 +version: 0.33.1 icon: https://argoproj.github.io/argo-workflows/assets/logo.png home: https://github.com/argoproj/argo-helm sources: @@ -16,5 +16,5 @@ annotations: fingerprint: 2B8F22F57260EFA67BE1C5824B11F800CD9D2252 url: https://argoproj.github.io/argo-helm/pgp_keys.asc artifacthub.io/changes: | - - kind: added - description: add imagePullSecret for workflow sa + - kind: fixed + description: fixed comment in values.yaml for blobNameFormat field diff --git a/charts/argo-workflows/values.yaml b/charts/argo-workflows/values.yaml index a9c827e70..d6d224646 100644 --- a/charts/argo-workflows/values.yaml +++ b/charts/argo-workflows/values.yaml @@ -752,7 +752,7 @@ artifactRepository: azure: {} # endpoint: https://mystorageaccountname.blob.core.windows.net # container: my-container-name - # blob: path/in/container + # blobNameFormat: path/in/container ## accountKeySecret is a secret selector. ## It references the k8s secret named 'my-azure-storage-credentials'. ## This secret is expected to have have the key 'account-access-key', From 7dcc174402d4a81dcdd6324bd7be095a3c52a921 Mon Sep 17 00:00:00 2001 From: Aikawa Date: Wed, 23 Aug 2023 12:52:03 +0900 Subject: [PATCH 285/356] chore(argo-cd): Upgrade Argo CD to v2.8.1 (#2230) Signed-off-by: yu-croco --- charts/argo-cd/Chart.yaml | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index 6865acb08..a9ecf5617 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -1,9 +1,9 @@ apiVersion: v2 -appVersion: v2.8.0 +appVersion: v2.8.1 kubeVersion: ">=1.23.0-0" description: A Helm chart for Argo CD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 5.43.4 +version: 5.43.5 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png sources: @@ -26,5 +26,5 @@ annotations: fingerprint: 2B8F22F57260EFA67BE1C5824B11F800CD9D2252 url: https://argoproj.github.io/argo-helm/pgp_keys.asc artifacthub.io/changes: | - - kind: fixed - description: Rename comment of repositoryCredentials to credentialTemplates + - kind: changed + description: Upgrade Argo CD to v2.8.1 From 69064e2730c2e407d26d3bac91fa383f90f5b6a7 Mon Sep 17 00:00:00 2001 From: Yaroslav Drachenko Date: Thu, 24 Aug 2023 17:37:20 +0300 Subject: [PATCH 286/356] Argo cd update chart (#19) * bump argocd version * bump version --- charts/argo-cd/Chart.yaml | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index 1ef99b803..49ccc8d13 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -1,9 +1,9 @@ apiVersion: v2 -appVersion: v2.7.0-cap-CR-18361-custom-instance-label +appVersion: v2.7.0-cap-CR-19754-deletion-fix kubeVersion: ">=1.23.0-0" description: A Helm chart for Argo CD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 5.38.1-1-cap-CR-18361 +version: 5.38.1-2-cap-CR-19754 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png sources: @@ -26,5 +26,5 @@ annotations: fingerprint: 2B8F22F57260EFA67BE1C5824B11F800CD9D2252 url: https://argoproj.github.io/argo-helm/pgp_keys.asc artifacthub.io/changes: | - - kind: added - description: Adding the option to set `annotations` for `Certificate` resources + - kind: changed + description: Update ArgoCD version to v2.7.0-cap-CR-19754-deletion-fix From 58999c1aae652baeef4df169a5a758cabebdadf7 Mon Sep 17 00:00:00 2001 From: Aikawa Date: Fri, 25 Aug 2023 17:45:53 +0900 Subject: [PATCH 287/356] chore(argo-cd): Upgrade Argo CD to v2.8.2 (#2231) Signed-off-by: yu-croco --- charts/argo-cd/Chart.yaml | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index a9ecf5617..01d4e8e18 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -1,9 +1,9 @@ apiVersion: v2 -appVersion: v2.8.1 +appVersion: v2.8.2 kubeVersion: ">=1.23.0-0" description: A Helm chart for Argo CD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 5.43.5 +version: 5.43.6 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png sources: @@ -27,4 +27,4 @@ annotations: url: https://argoproj.github.io/argo-helm/pgp_keys.asc artifacthub.io/changes: | - kind: changed - description: Upgrade Argo CD to v2.8.1 + description: Upgrade Argo CD to v2.8.2 From 86d92b95964e31c2f7ef071e6cd3dcc72be52f16 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Joonas=20Ven=C3=A4l=C3=A4inen?= <38143731+joonvena@users.noreply.github.com> Date: Fri, 25 Aug 2023 13:52:04 +0300 Subject: [PATCH 288/356] fix(argo-cd): Fix applicationSet HA examples in README.md (#2232) MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: Joonas Venäläinen --- charts/argo-cd/Chart.yaml | 6 +++--- charts/argo-cd/README.md | 4 ++-- charts/argo-cd/README.md.gotmpl | 4 ++-- 3 files changed, 7 insertions(+), 7 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index 01d4e8e18..4fa32c98d 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -3,7 +3,7 @@ appVersion: v2.8.2 kubeVersion: ">=1.23.0-0" description: A Helm chart for Argo CD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 5.43.6 +version: 5.43.7 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png sources: @@ -26,5 +26,5 @@ annotations: fingerprint: 2B8F22F57260EFA67BE1C5824B11F800CD9D2252 url: https://argoproj.github.io/argo-helm/pgp_keys.asc artifacthub.io/changes: | - - kind: changed - description: Upgrade Argo CD to v2.8.2 + - kind: fixed + description: Fix applicationSet HA examples in README.md diff --git a/charts/argo-cd/README.md b/charts/argo-cd/README.md index 45a97eb52..04a78ca41 100644 --- a/charts/argo-cd/README.md +++ b/charts/argo-cd/README.md @@ -42,7 +42,7 @@ repoServer: minReplicas: 2 applicationSet: - replicaCount: 2 + replicas: 2 ``` ### HA mode without autoscaling @@ -61,7 +61,7 @@ repoServer: replicas: 2 applicationSet: - replicaCount: 2 + replicas: 2 ``` ### Synchronizing Changes from Original Repository diff --git a/charts/argo-cd/README.md.gotmpl b/charts/argo-cd/README.md.gotmpl index f1dea7f2d..dce6d9224 100644 --- a/charts/argo-cd/README.md.gotmpl +++ b/charts/argo-cd/README.md.gotmpl @@ -41,7 +41,7 @@ repoServer: minReplicas: 2 applicationSet: - replicaCount: 2 + replicas: 2 ``` ### HA mode without autoscaling @@ -60,7 +60,7 @@ repoServer: replicas: 2 applicationSet: - replicaCount: 2 + replicas: 2 ``` ### Synchronizing Changes from Original Repository From 75221849eb5888768515c4ead5702bd4f683f118 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Sat, 26 Aug 2023 20:23:07 +0200 Subject: [PATCH 289/356] chore(deps): bump actions/checkout from 3.5.3 to 3.6.0 (#2234) Bumps [actions/checkout](https://github.com/actions/checkout) from 3.5.3 to 3.6.0. - [Release notes](https://github.com/actions/checkout/releases) - [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md) - [Commits](https://github.com/actions/checkout/compare/c85c95e3d7251135ab7dc9ce3241c5835cc595a9...f43a0e5ff2bd294095638e18286ca9a3d1956744) --- updated-dependencies: - dependency-name: actions/checkout dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> --- .github/workflows/lint-and-test.yml | 4 ++-- .github/workflows/publish.yml | 2 +- .github/workflows/scorecard.yml | 2 +- 3 files changed, 4 insertions(+), 4 deletions(-) diff --git a/.github/workflows/lint-and-test.yml b/.github/workflows/lint-and-test.yml index bd8d22554..a78bf610a 100644 --- a/.github/workflows/lint-and-test.yml +++ b/.github/workflows/lint-and-test.yml @@ -13,7 +13,7 @@ jobs: options: --user 1001 steps: - name: Checkout - uses: actions/checkout@c85c95e3d7251135ab7dc9ce3241c5835cc595a9 # v3.5.3 + uses: actions/checkout@f43a0e5ff2bd294095638e18286ca9a3d1956744 # v3.6.0 - name: Run ah lint working-directory: ./charts run: ah lint @@ -22,7 +22,7 @@ jobs: runs-on: ubuntu-latest steps: - name: Checkout - uses: actions/checkout@c85c95e3d7251135ab7dc9ce3241c5835cc595a9 # v3.5.3 + uses: actions/checkout@f43a0e5ff2bd294095638e18286ca9a3d1956744 # v3.6.0 with: fetch-depth: 0 diff --git a/.github/workflows/publish.yml b/.github/workflows/publish.yml index c2d1dc24e..9ad42ed76 100644 --- a/.github/workflows/publish.yml +++ b/.github/workflows/publish.yml @@ -18,7 +18,7 @@ jobs: runs-on: ubuntu-latest steps: - name: Checkout - uses: actions/checkout@c85c95e3d7251135ab7dc9ce3241c5835cc595a9 # v3.5.3 + uses: actions/checkout@f43a0e5ff2bd294095638e18286ca9a3d1956744 # v3.6.0 with: fetch-depth: 0 diff --git a/.github/workflows/scorecard.yml b/.github/workflows/scorecard.yml index 066d3c57e..3f00b6dd5 100644 --- a/.github/workflows/scorecard.yml +++ b/.github/workflows/scorecard.yml @@ -33,7 +33,7 @@ jobs: steps: - name: "Checkout code" - uses: actions/checkout@c85c95e3d7251135ab7dc9ce3241c5835cc595a9 # v3.5.3 + uses: actions/checkout@f43a0e5ff2bd294095638e18286ca9a3d1956744 # v3.6.0 with: persist-credentials: false From 2fc1fd04a01d98c6fb40b8fbad9fa01d1be2a477 Mon Sep 17 00:00:00 2001 From: Petr Drastil Date: Sun, 27 Aug 2023 04:20:39 +0200 Subject: [PATCH 290/356] chore(argo-cd): Upgrade redis-exporter to 1.53.0 (#2236) Signed-off-by: Petr Drastil Co-authored-by: Aikawa --- charts/argo-cd/Chart.yaml | 6 +++--- charts/argo-cd/README.md | 4 ++-- charts/argo-cd/values.yaml | 4 ++-- 3 files changed, 7 insertions(+), 7 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index 4fa32c98d..dc245d83b 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -3,7 +3,7 @@ appVersion: v2.8.2 kubeVersion: ">=1.23.0-0" description: A Helm chart for Argo CD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 5.43.7 +version: 5.43.8 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png sources: @@ -26,5 +26,5 @@ annotations: fingerprint: 2B8F22F57260EFA67BE1C5824B11F800CD9D2252 url: https://argoproj.github.io/argo-helm/pgp_keys.asc artifacthub.io/changes: | - - kind: fixed - description: Fix applicationSet HA examples in README.md + - kind: changed + description: Upgrade redis-exporter to 1.53.0 diff --git a/charts/argo-cd/README.md b/charts/argo-cd/README.md index 04a78ca41..ee37a2b74 100644 --- a/charts/argo-cd/README.md +++ b/charts/argo-cd/README.md @@ -942,7 +942,7 @@ server: | redis.exporter.env | list | `[]` | Environment variables to pass to the Redis exporter | | redis.exporter.image.imagePullPolicy | string | `""` (defaults to global.image.imagePullPolicy) | Image pull policy for the redis-exporter | | redis.exporter.image.repository | string | `"public.ecr.aws/bitnami/redis-exporter"` | Repository to use for the redis-exporter | -| redis.exporter.image.tag | string | `"1.45.0"` | Tag to use for the redis-exporter | +| redis.exporter.image.tag | string | `"1.53.0"` | Tag to use for the redis-exporter | | redis.exporter.resources | object | `{}` | Resource limits and requests for redis-exporter sidecar | | redis.extraArgs | list | `[]` | Additional command line arguments to pass to redis-server | | redis.extraContainers | list | `[]` | Additional containers to be added to the redis pod | @@ -1003,7 +1003,7 @@ The main options are listed here: | redis-ha.enabled | bool | `false` | Enables the Redis HA subchart and disables the custom Redis single node deployment | | redis-ha.exporter.enabled | bool | `false` | Enable Prometheus redis-exporter sidecar | | redis-ha.exporter.image | string | `"public.ecr.aws/bitnami/redis-exporter"` | Repository to use for the redis-exporter | -| redis-ha.exporter.tag | string | `"1.45.0"` | Tag to use for the redis-exporter | +| redis-ha.exporter.tag | string | `"1.53.0"` | Tag to use for the redis-exporter | | redis-ha.haproxy.enabled | bool | `true` | Enabled HAProxy LoadBalancing/Proxy | | redis-ha.haproxy.metrics.enabled | bool | `true` | HAProxy enable prometheus metric scraping | | redis-ha.image.tag | string | `"7.0.11-alpine"` | Redis tag | diff --git a/charts/argo-cd/values.yaml b/charts/argo-cd/values.yaml index d748234eb..fb2ca38dc 100644 --- a/charts/argo-cd/values.yaml +++ b/charts/argo-cd/values.yaml @@ -1182,7 +1182,7 @@ redis: # -- Repository to use for the redis-exporter repository: public.ecr.aws/bitnami/redis-exporter # -- Tag to use for the redis-exporter - tag: 1.45.0 + tag: 1.53.0 # -- Image pull policy for the redis-exporter # @default -- `""` (defaults to global.image.imagePullPolicy) imagePullPolicy: "" @@ -1388,7 +1388,7 @@ redis-ha: # -- Repository to use for the redis-exporter image: public.ecr.aws/bitnami/redis-exporter # -- Tag to use for the redis-exporter - tag: 1.45.0 + tag: 1.53.0 persistentVolume: # -- Configures persistence on Redis nodes enabled: false From 6797f01c1b564132670cf687ba010c72d5800de0 Mon Sep 17 00:00:00 2001 From: Petr Drastil Date: Sun, 27 Aug 2023 21:07:17 +0200 Subject: [PATCH 291/356] chore(argo-cd): Remove support for legacy cert-manager APIs (#2238) * chore(argo-cd): Remove support for legacy cert-manager APIs Signed-off-by: Petr Drastil * Bump minor version Signed-off-by: Petr Drastil --------- Signed-off-by: Petr Drastil --- charts/argo-cd/Chart.yaml | 6 +++--- charts/argo-cd/README.md | 1 - charts/argo-cd/templates/NOTES.txt | 3 +++ charts/argo-cd/templates/_versions.tpl | 18 ------------------ .../argocd-applicationset/certificate.yaml | 2 +- .../templates/argocd-server/certificate.yaml | 2 +- charts/argo-cd/values.yaml | 2 -- 7 files changed, 8 insertions(+), 26 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index dc245d83b..37d6e1ae6 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -3,7 +3,7 @@ appVersion: v2.8.2 kubeVersion: ">=1.23.0-0" description: A Helm chart for Argo CD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 5.43.8 +version: 5.44.0 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png sources: @@ -26,5 +26,5 @@ annotations: fingerprint: 2B8F22F57260EFA67BE1C5824B11F800CD9D2252 url: https://argoproj.github.io/argo-helm/pgp_keys.asc artifacthub.io/changes: | - - kind: changed - description: Upgrade redis-exporter to 1.53.0 + - kind: removed + description: Support for cert-manager APIs prior K8s 1.22 diff --git a/charts/argo-cd/README.md b/charts/argo-cd/README.md index ee37a2b74..bf76f1d6a 100644 --- a/charts/argo-cd/README.md +++ b/charts/argo-cd/README.md @@ -384,7 +384,6 @@ NAME: my-release | Key | Type | Default | Description | |-----|------|---------|-------------| | apiVersionOverrides.autoscaling | string | `""` | String to override apiVersion of autoscaling rendered by this helm chart | -| apiVersionOverrides.certmanager | string | `""` | String to override apiVersion of cert-manager resources rendered by this helm chart | | apiVersionOverrides.cloudgoogle | string | `""` | String to override apiVersion of GKE resources rendered by this helm chart | | crds.additionalLabels | object | `{}` | Addtional labels to be added to all CRDs | | crds.annotations | object | `{}` | Annotations to be added to all CRDs | diff --git a/charts/argo-cd/templates/NOTES.txt b/charts/argo-cd/templates/NOTES.txt index afd18a1b2..18b9a1a17 100644 --- a/charts/argo-cd/templates/NOTES.txt +++ b/charts/argo-cd/templates/NOTES.txt @@ -121,6 +121,9 @@ REMOVED option redis.containerPort - Use redis.containerPorts {{- if .Values.redis.metrics.containerPort }} REMOVED option redis.metrics.containerPort - Use redis.containerPorts {{- end }} +{{- if .Values.apiVersionOverrides.certmanager }} +REMOVED option apiVersionOverrides.certmanager - API v1 is only possible option after K8s 1.22 +{{- end }} In order to access the server UI you have the following options: diff --git a/charts/argo-cd/templates/_versions.tpl b/charts/argo-cd/templates/_versions.tpl index 8240c4b09..b8fcc32ef 100644 --- a/charts/argo-cd/templates/_versions.tpl +++ b/charts/argo-cd/templates/_versions.tpl @@ -19,24 +19,6 @@ Return the appropriate apiVersion for autoscaling {{- end -}} {{- end -}} -{{/* -Return the appropriate apiVersion for cert-manager -*/}} -{{- define "argo-cd.apiVersion.cert-manager" -}} -{{- if .Values.apiVersionOverrides.certmanager -}} -{{- print .Values.apiVersionOverrides.certmanager -}} -{{- else if .Capabilities.APIVersions.Has "cert-manager.io/v1" -}} -{{- print "cert-manager.io/v1" -}} -{{- else if .Capabilities.APIVersions.Has "cert-manager.io/v1beta1" -}} -{{- print "cert-manager.io/v1beta1" -}} -{{- else if .Capabilities.APIVersions.Has "cert-manager.io/v1alpha3" -}} -{{- print "cert-manager.io/v1alpha3" -}} -{{- else if .Capabilities.APIVersions.Has "cert-manager.io/v1alpha2" -}} -{{- print "cert-manager.io/v1alpha2" -}} -{{- else -}} -{{- print "certmanager.k8s.io/v1alpha1" -}} -{{- end -}} -{{- end -}} {{/* Return the appropriate apiVersion for GKE resources diff --git a/charts/argo-cd/templates/argocd-applicationset/certificate.yaml b/charts/argo-cd/templates/argocd-applicationset/certificate.yaml index f3b7d5d15..76e63eb31 100644 --- a/charts/argo-cd/templates/argocd-applicationset/certificate.yaml +++ b/charts/argo-cd/templates/argocd-applicationset/certificate.yaml @@ -1,5 +1,5 @@ {{- if .Values.applicationSet.certificate.enabled -}} -apiVersion: {{ include "argo-cd.apiVersion.cert-manager" . }} +apiVersion: cert-manager.io/v1 kind: Certificate metadata: {{- with (mergeOverwrite (deepCopy .Values.global.certificateAnnotations) .Values.applicationSet.certificate.annotations) }} diff --git a/charts/argo-cd/templates/argocd-server/certificate.yaml b/charts/argo-cd/templates/argocd-server/certificate.yaml index 716c38ea1..74066ef8f 100644 --- a/charts/argo-cd/templates/argocd-server/certificate.yaml +++ b/charts/argo-cd/templates/argocd-server/certificate.yaml @@ -1,5 +1,5 @@ {{- if .Values.server.certificate.enabled -}} -apiVersion: {{ include "argo-cd.apiVersion.cert-manager" . }} +apiVersion: cert-manager.io/v1 kind: Certificate metadata: {{- with (mergeOverwrite (deepCopy .Values.global.certificateAnnotations) .Values.server.certificate.annotations) }} diff --git a/charts/argo-cd/values.yaml b/charts/argo-cd/values.yaml index fb2ca38dc..81b96ad8f 100644 --- a/charts/argo-cd/values.yaml +++ b/charts/argo-cd/values.yaml @@ -12,8 +12,6 @@ kubeVersionOverride: "" # If you want to template helm charts but cannot access k8s API server # you can set api versions here apiVersionOverrides: - # -- String to override apiVersion of cert-manager resources rendered by this helm chart - certmanager: "" # cert-manager.io/v1 # -- String to override apiVersion of GKE resources rendered by this helm chart cloudgoogle: "" # cloud.google.com/v1 # -- String to override apiVersion of autoscaling rendered by this helm chart From 224a227fa49b00fabfb535825c9bd5648f16a30a Mon Sep 17 00:00:00 2001 From: Petr Drastil Date: Mon, 28 Aug 2023 10:12:29 +0200 Subject: [PATCH 292/356] chore(argo-cd): Remove support for autoscaling/v1 (#2237) Signed-off-by: Petr Drastil --- charts/argo-cd/Chart.yaml | 6 ++-- charts/argo-cd/README.md | 5 ++- charts/argo-cd/templates/NOTES.txt | 3 ++ charts/argo-cd/templates/_versions.tpl | 14 -------- .../templates/argocd-repo-server/hpa.yaml | 34 +++++++------------ .../argo-cd/templates/argocd-server/hpa.yaml | 34 +++++++------------ charts/argo-cd/values.yaml | 4 --- 7 files changed, 35 insertions(+), 65 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index 37d6e1ae6..4c262f653 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -3,7 +3,7 @@ appVersion: v2.8.2 kubeVersion: ">=1.23.0-0" description: A Helm chart for Argo CD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 5.44.0 +version: 5.45.0 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png sources: @@ -27,4 +27,6 @@ annotations: url: https://argoproj.github.io/argo-helm/pgp_keys.asc artifacthub.io/changes: | - kind: removed - description: Support for cert-manager APIs prior K8s 1.22 + description: Option apiVersionOverrides.autoscaling as v2 is now GA + - kind: removed + description: Codebase for autoscaling/v1 API diff --git a/charts/argo-cd/README.md b/charts/argo-cd/README.md index bf76f1d6a..125fcf697 100644 --- a/charts/argo-cd/README.md +++ b/charts/argo-cd/README.md @@ -383,7 +383,6 @@ NAME: my-release | Key | Type | Default | Description | |-----|------|---------|-------------| -| apiVersionOverrides.autoscaling | string | `""` | String to override apiVersion of autoscaling rendered by this helm chart | | apiVersionOverrides.cloudgoogle | string | `""` | String to override apiVersion of GKE resources rendered by this helm chart | | crds.additionalLabels | object | `{}` | Addtional labels to be added to all CRDs | | crds.annotations | object | `{}` | Annotations to be added to all CRDs | @@ -572,7 +571,7 @@ NAME: my-release | Key | Type | Default | Description | |-----|------|---------|-------------| | repoServer.affinity | object | `{}` (defaults to global.affinity preset) | Assign custom [affinity] rules to the deployment | -| repoServer.autoscaling.behavior | object | `{}` | Configures the scaling behavior of the target in both Up and Down directions. This is only available on HPA apiVersion `autoscaling/v2beta2` and newer | +| repoServer.autoscaling.behavior | object | `{}` | Configures the scaling behavior of the target in both Up and Down directions. | | repoServer.autoscaling.enabled | bool | `false` | Enable Horizontal Pod Autoscaler ([HPA]) for the repo server | | repoServer.autoscaling.maxReplicas | int | `5` | Maximum number of replicas for the repo server [HPA] | | repoServer.autoscaling.metrics | list | `[]` | Configures custom HPA metrics for the Argo CD repo server Ref: https://kubernetes.io/docs/tasks/run-application/horizontal-pod-autoscale/ | @@ -670,7 +669,7 @@ NAME: my-release | server.GKEmanagedCertificate.domains | list | `["argocd.example.com"]` | Domains for the Google Managed Certificate | | server.GKEmanagedCertificate.enabled | bool | `false` | Enable ManagedCertificate custom resource for Google Kubernetes Engine. | | server.affinity | object | `{}` (defaults to global.affinity preset) | Assign custom [affinity] rules to the deployment | -| server.autoscaling.behavior | object | `{}` | Configures the scaling behavior of the target in both Up and Down directions. This is only available on HPA apiVersion `autoscaling/v2beta2` and newer | +| server.autoscaling.behavior | object | `{}` | Configures the scaling behavior of the target in both Up and Down directions. | | server.autoscaling.enabled | bool | `false` | Enable Horizontal Pod Autoscaler ([HPA]) for the Argo CD server | | server.autoscaling.maxReplicas | int | `5` | Maximum number of replicas for the Argo CD server [HPA] | | server.autoscaling.metrics | list | `[]` | Configures custom HPA metrics for the Argo CD server Ref: https://kubernetes.io/docs/tasks/run-application/horizontal-pod-autoscale/ | diff --git a/charts/argo-cd/templates/NOTES.txt b/charts/argo-cd/templates/NOTES.txt index 18b9a1a17..1b6267969 100644 --- a/charts/argo-cd/templates/NOTES.txt +++ b/charts/argo-cd/templates/NOTES.txt @@ -121,6 +121,9 @@ REMOVED option redis.containerPort - Use redis.containerPorts {{- if .Values.redis.metrics.containerPort }} REMOVED option redis.metrics.containerPort - Use redis.containerPorts {{- end }} +{{- if .Values.apiVersionOverrides.autoscaling }} +REMOVED option apiVersionOverrides.autoscaling - API autoscaling/v2 is GA from 1.23 +{{- end }} {{- if .Values.apiVersionOverrides.certmanager }} REMOVED option apiVersionOverrides.certmanager - API v1 is only possible option after K8s 1.22 {{- end }} diff --git a/charts/argo-cd/templates/_versions.tpl b/charts/argo-cd/templates/_versions.tpl index b8fcc32ef..5d65fcd6d 100644 --- a/charts/argo-cd/templates/_versions.tpl +++ b/charts/argo-cd/templates/_versions.tpl @@ -6,20 +6,6 @@ Return the target Kubernetes version {{- default .Capabilities.KubeVersion.Version .Values.kubeVersionOverride }} {{- end }} -{{/* -Return the appropriate apiVersion for autoscaling -*/}} -{{- define "argo-cd.apiVersion.autoscaling" -}} -{{- if .Values.apiVersionOverrides.autoscaling -}} -{{- print .Values.apiVersionOverrides.autoscaling -}} -{{- else if semverCompare "<1.23-0" (include "argo-cd.kubeVersion" .) -}} -{{- print "autoscaling/v2beta1" -}} -{{- else -}} -{{- print "autoscaling/v2" -}} -{{- end -}} -{{- end -}} - - {{/* Return the appropriate apiVersion for GKE resources */}} diff --git a/charts/argo-cd/templates/argocd-repo-server/hpa.yaml b/charts/argo-cd/templates/argocd-repo-server/hpa.yaml index ef3d5e80b..ce6ed371d 100644 --- a/charts/argo-cd/templates/argocd-repo-server/hpa.yaml +++ b/charts/argo-cd/templates/argocd-repo-server/hpa.yaml @@ -1,46 +1,38 @@ {{- if .Values.repoServer.autoscaling.enabled }} -apiVersion: {{ include "argo-cd.apiVersion.autoscaling" . }} +apiVersion: autoscaling/v2 kind: HorizontalPodAutoscaler metadata: - labels: - {{- include "argo-cd.labels" (dict "context" . "component" .Values.repoServer.name "name" (printf "%s-hpa" .Values.repoServer.name)) | nindent 4 }} - name: {{ template "argo-cd.repoServer.fullname" . }}-hpa + name: {{ include "argo-cd.repoServer.fullname" . }} namespace: {{ .Release.Namespace | quote }} + labels: + {{- include "argo-cd.labels" (dict "context" . "component" .Values.repoServer.name "name" .Values.repoServer.name) | nindent 4 }} spec: scaleTargetRef: apiVersion: apps/v1 kind: Deployment - name: {{ template "argo-cd.repoServer.fullname" . }} + name: {{ include "argo-cd.repoServer.fullname" . }} minReplicas: {{ .Values.repoServer.autoscaling.minReplicas }} maxReplicas: {{ .Values.repoServer.autoscaling.maxReplicas }} metrics: - {{- if .Values.repoServer.autoscaling.metrics }} - {{- toYaml .Values.repoServer.autoscaling.metrics | nindent 4 }} + {{- with .Values.repoServer.autoscaling.metrics }} + {{- toYaml . | nindent 4 }} {{- else }} - {{- with .Values.repoServer.autoscaling.targetMemoryUtilizationPercentage }} + {{- with .Values.repoServer.autoscaling.targetMemoryUtilizationPercentage }} - type: Resource resource: name: memory - {{- if eq (include "argo-cd.apiVersion.autoscaling" $) "autoscaling/v2beta1" }} - targetAverageUtilization: {{ . }} - {{- else }} target: - averageUtilization: {{ . }} type: Utilization - {{- end }} - {{- end }} - {{- with .Values.repoServer.autoscaling.targetCPUUtilizationPercentage }} + averageUtilization: {{ . }} + {{- end }} + {{- with .Values.repoServer.autoscaling.targetCPUUtilizationPercentage }} - type: Resource resource: name: cpu - {{- if eq (include "argo-cd.apiVersion.autoscaling" $) "autoscaling/v2beta1" }} - targetAverageUtilization: {{ . }} - {{- else }} target: - averageUtilization: {{ . }} type: Utilization - {{- end }} - {{- end }} + averageUtilization: {{ . }} + {{- end }} {{- end }} {{- with .Values.repoServer.autoscaling.behavior }} behavior: diff --git a/charts/argo-cd/templates/argocd-server/hpa.yaml b/charts/argo-cd/templates/argocd-server/hpa.yaml index c19b89433..a509e5694 100644 --- a/charts/argo-cd/templates/argocd-server/hpa.yaml +++ b/charts/argo-cd/templates/argocd-server/hpa.yaml @@ -1,47 +1,39 @@ {{- if .Values.server.autoscaling.enabled }} -apiVersion: {{ include "argo-cd.apiVersion.autoscaling" . }} +apiVersion: autoscaling/v2 kind: HorizontalPodAutoscaler metadata: - labels: - {{- include "argo-cd.labels" (dict "context" . "component" .Values.server.name "name" (printf "%s-hpa" .Values.server.name)) | nindent 4 }} - name: {{ template "argo-cd.server.fullname" . }}-hpa + name: {{ include "argo-cd.server.fullname" . }} namespace: {{ .Release.Namespace | quote }} + labels: + {{- include "argo-cd.labels" (dict "context" . "component" .Values.server.name "name" .Values.server.name) | nindent 4 }} spec: scaleTargetRef: apiVersion: apps/v1 kind: Deployment - name: {{ template "argo-cd.server.fullname" . }} + name: {{ include "argo-cd.server.fullname" . }} minReplicas: {{ .Values.server.autoscaling.minReplicas }} maxReplicas: {{ .Values.server.autoscaling.maxReplicas }} metrics: - {{- if .Values.server.autoscaling.metrics }} - {{ toYaml .Values.server.autoscaling.metrics | nindent 4 }} + {{- with .Values.server.autoscaling.metrics }} + {{- toYaml . | nindent 4 }} {{- else }} - {{- with .Values.server.autoscaling.targetMemoryUtilizationPercentage }} + {{- with .Values.server.autoscaling.targetMemoryUtilizationPercentage }} - type: Resource resource: name: memory - {{- if eq (include "argo-cd.apiVersion.autoscaling" $) "autoscaling/v2beta1" }} - targetAverageUtilization: {{ . }} - {{- else }} target: - averageUtilization: {{ . }} type: Utilization - {{- end }} - {{- end }} - {{- with .Values.server.autoscaling.targetCPUUtilizationPercentage }} + averageUtilization: {{ . }} + {{- end }} + {{- with .Values.server.autoscaling.targetCPUUtilizationPercentage }} - type: Resource resource: name: cpu - {{- if eq (include "argo-cd.apiVersion.autoscaling" $) "autoscaling/v2beta1" }} - targetAverageUtilization: {{ . }} - {{- else }} target: - averageUtilization: {{ . }} type: Utilization - {{- end }} + averageUtilization: {{ . }} + {{- end }} {{- end }} - {{- end}} {{- with .Values.server.autoscaling.behavior }} behavior: {{- toYaml . | nindent 4 }} diff --git a/charts/argo-cd/values.yaml b/charts/argo-cd/values.yaml index 81b96ad8f..77501eb8a 100644 --- a/charts/argo-cd/values.yaml +++ b/charts/argo-cd/values.yaml @@ -14,8 +14,6 @@ kubeVersionOverride: "" apiVersionOverrides: # -- String to override apiVersion of GKE resources rendered by this helm chart cloudgoogle: "" # cloud.google.com/v1 - # -- String to override apiVersion of autoscaling rendered by this helm chart - autoscaling: "" # autoscaling/v2 # -- Create aggregated roles that extend existing cluster roles to interact with argo-cd resources ## Ref: https://kubernetes.io/docs/reference/access-authn-authz/rbac/#aggregated-clusterroles @@ -1460,7 +1458,6 @@ server: # -- Average memory utilization percentage for the Argo CD server [HPA] targetMemoryUtilizationPercentage: 50 # -- Configures the scaling behavior of the target in both Up and Down directions. - # This is only available on HPA apiVersion `autoscaling/v2beta2` and newer behavior: {} # scaleDown: # stabilizationWindowSeconds: 300 @@ -2030,7 +2027,6 @@ repoServer: # -- Average memory utilization percentage for the repo server [HPA] targetMemoryUtilizationPercentage: 50 # -- Configures the scaling behavior of the target in both Up and Down directions. - # This is only available on HPA apiVersion `autoscaling/v2beta2` and newer behavior: {} # scaleDown: # stabilizationWindowSeconds: 300 From 57da3549afc43c12d261768e69a6316db7b59e0d Mon Sep 17 00:00:00 2001 From: Jason Meridth Date: Sun, 3 Sep 2023 20:15:15 -0500 Subject: [PATCH 293/356] chore(argo-events): Upgrade argo-events to 1.8.1 (#2247) https://github.com/argoproj/argo-events/releases/tag/v1.8.1 Signed-off-by: jmeridth --- charts/argo-events/Chart.yaml | 8 +++----- 1 file changed, 3 insertions(+), 5 deletions(-) diff --git a/charts/argo-events/Chart.yaml b/charts/argo-events/Chart.yaml index bfb82ea11..b9f441fe8 100644 --- a/charts/argo-events/Chart.yaml +++ b/charts/argo-events/Chart.yaml @@ -1,8 +1,8 @@ apiVersion: v2 -appVersion: v1.8.0 +appVersion: v1.8.1 description: A Helm chart for Argo Events, the event-driven workflow automation framework name: argo-events -version: 2.4.0 +version: 2.4.1 home: https://github.com/argoproj/argo-helm icon: https://avatars.githubusercontent.com/u/30269780?s=200&v=4 keywords: @@ -19,6 +19,4 @@ annotations: url: https://argoproj.github.io/argo-helm/pgp_keys.asc artifacthub.io/changes: | - kind: changed - description: Upgrade Argo Events to v1.8.0 - - kind: added - description: Add managed namespace configuration + description: Upgrade Argo Events to v1.8.1 From cd5b9a06e33b9a7b4b717d2d5e38dee7e16ca20d Mon Sep 17 00:00:00 2001 From: JesseBot Date: Mon, 4 Sep 2023 13:01:36 +0200 Subject: [PATCH 294/356] fix(argo-cd): Update values.yaml - update custom css styles side bar example (#2245) * Update values.yaml - update custom css styles side barexample .nav-bar is no longer the css class name Signed-off-by: JesseBot * Update Chart.yaml - update patch version for values.yaml comment update Signed-off-by: JesseBot * Update Chart.yaml - update change log Signed-off-by: JesseBot --------- Signed-off-by: JesseBot --- charts/argo-cd/Chart.yaml | 8 +++----- charts/argo-cd/values.yaml | 2 +- 2 files changed, 4 insertions(+), 6 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index 4c262f653..18d2d2b48 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -3,7 +3,7 @@ appVersion: v2.8.2 kubeVersion: ">=1.23.0-0" description: A Helm chart for Argo CD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 5.45.0 +version: 5.45.1 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png sources: @@ -26,7 +26,5 @@ annotations: fingerprint: 2B8F22F57260EFA67BE1C5824B11F800CD9D2252 url: https://argoproj.github.io/argo-helm/pgp_keys.asc artifacthub.io/changes: | - - kind: removed - description: Option apiVersionOverrides.autoscaling as v2 is now GA - - kind: removed - description: Codebase for autoscaling/v1 API + - kind: fixed + description: fixed example for configs.styles to be sidebar instead of nav-bar diff --git a/charts/argo-cd/values.yaml b/charts/argo-cd/values.yaml index 77501eb8a..e0a605430 100644 --- a/charts/argo-cd/values.yaml +++ b/charts/argo-cd/values.yaml @@ -539,7 +539,7 @@ configs: ## Ref: https://argo-cd.readthedocs.io/en/stable/operator-manual/custom-styles/ styles: "" # styles: | - # .nav-bar { + # .sidebar { # background: linear-gradient(to bottom, #999, #777, #333, #222, #111); # } From 2557347583f98a34cbe2da83ec30fda68023b982 Mon Sep 17 00:00:00 2001 From: Gustav Kofoed Clausen Date: Thu, 7 Sep 2023 14:23:20 +0200 Subject: [PATCH 295/356] chore(argo-rollouts): Upgrade Argo Rollouts to v1.6.0 (#2252) * chore(argo-rollouts): Upgrade Argo Rollouts to v1.6.0 Signed-off-by: Gustav Kofoed Clausen * chore(argo-rollouts): Update CRDs to matching version Signed-off-by: Gustav Kofoed Clausen --------- Signed-off-by: Gustav Kofoed Clausen Co-authored-by: Gustav Kofoed Clausen --- charts/argo-rollouts/Chart.yaml | 8 +- .../templates/crds/analysis-run-crd.yaml | 63 +++++++++++++- .../templates/crds/analysis-template-crd.yaml | 63 +++++++++++++- .../crds/cluster-analysis-template-crd.yaml | 63 +++++++++++++- .../templates/crds/experiment-crd.yaml | 34 +++++++- .../templates/crds/rollout-crd.yaml | 85 ++++++++++++++++++- 6 files changed, 306 insertions(+), 10 deletions(-) diff --git a/charts/argo-rollouts/Chart.yaml b/charts/argo-rollouts/Chart.yaml index 2aba36f12..457f76a09 100644 --- a/charts/argo-rollouts/Chart.yaml +++ b/charts/argo-rollouts/Chart.yaml @@ -1,8 +1,8 @@ apiVersion: v2 -appVersion: v1.5.1 +appVersion: v1.6.0 description: A Helm chart for Argo Rollouts name: argo-rollouts -version: 2.31.6 +version: 2.32.0 home: https://github.com/argoproj/argo-helm icon: https://argoproj.github.io/argo-rollouts/assets/logo.png keywords: @@ -18,5 +18,5 @@ annotations: fingerprint: 2B8F22F57260EFA67BE1C5824B11F800CD9D2252 url: https://argoproj.github.io/argo-helm/pgp_keys.asc artifacthub.io/changes: | - - kind: added - description: Add ability to set namespace on ServiceMonitor resource + - kind: changed + description: Upgrade Argo Rollouts to v1.6.0 diff --git a/charts/argo-rollouts/templates/crds/analysis-run-crd.yaml b/charts/argo-rollouts/templates/crds/analysis-run-crd.yaml index bc2e61dbc..7324e908c 100644 --- a/charts/argo-rollouts/templates/crds/analysis-run-crd.yaml +++ b/charts/argo-rollouts/templates/crds/analysis-run-crd.yaml @@ -3,7 +3,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.7.0 + controller-gen.kubebuilder.io/version: v0.12.1 {{- if .Values.keepCRDs }} "helm.sh/resource-policy": keep {{- end }} @@ -310,6 +310,7 @@ spec: type: string type: object type: object + x-kubernetes-map-type: atomic suspend: type: boolean template: @@ -372,6 +373,7 @@ spec: type: object type: array type: object + x-kubernetes-map-type: atomic weight: format: int32 type: integer @@ -418,10 +420,12 @@ spec: type: object type: array type: object + x-kubernetes-map-type: atomic type: array required: - nodeSelectorTerms type: object + x-kubernetes-map-type: atomic type: object podAffinity: properties: @@ -453,6 +457,7 @@ spec: type: string type: object type: object + x-kubernetes-map-type: atomic namespaceSelector: properties: matchExpressions: @@ -476,6 +481,7 @@ spec: type: string type: object type: object + x-kubernetes-map-type: atomic namespaces: items: type: string @@ -519,6 +525,7 @@ spec: type: string type: object type: object + x-kubernetes-map-type: atomic namespaceSelector: properties: matchExpressions: @@ -542,6 +549,7 @@ spec: type: string type: object type: object + x-kubernetes-map-type: atomic namespaces: items: type: string @@ -583,6 +591,7 @@ spec: type: string type: object type: object + x-kubernetes-map-type: atomic namespaceSelector: properties: matchExpressions: @@ -606,6 +615,7 @@ spec: type: string type: object type: object + x-kubernetes-map-type: atomic namespaces: items: type: string @@ -649,6 +659,7 @@ spec: type: string type: object type: object + x-kubernetes-map-type: atomic namespaceSelector: properties: matchExpressions: @@ -672,6 +683,7 @@ spec: type: string type: object type: object + x-kubernetes-map-type: atomic namespaces: items: type: string @@ -717,6 +729,7 @@ spec: required: - key type: object + x-kubernetes-map-type: atomic fieldRef: properties: apiVersion: @@ -726,6 +739,7 @@ spec: required: - fieldPath type: object + x-kubernetes-map-type: atomic resourceFieldRef: properties: containerName: @@ -741,6 +755,7 @@ spec: required: - resource type: object + x-kubernetes-map-type: atomic secretKeyRef: properties: key: @@ -752,6 +767,7 @@ spec: required: - key type: object + x-kubernetes-map-type: atomic type: object required: - name @@ -767,6 +783,7 @@ spec: optional: type: boolean type: object + x-kubernetes-map-type: atomic prefix: type: string secretRef: @@ -776,6 +793,7 @@ spec: optional: type: boolean type: object + x-kubernetes-map-type: atomic type: object type: array image: @@ -1316,6 +1334,7 @@ spec: required: - key type: object + x-kubernetes-map-type: atomic fieldRef: properties: apiVersion: @@ -1325,6 +1344,7 @@ spec: required: - fieldPath type: object + x-kubernetes-map-type: atomic resourceFieldRef: properties: containerName: @@ -1340,6 +1360,7 @@ spec: required: - resource type: object + x-kubernetes-map-type: atomic secretKeyRef: properties: key: @@ -1351,6 +1372,7 @@ spec: required: - key type: object + x-kubernetes-map-type: atomic type: object required: - name @@ -1366,6 +1388,7 @@ spec: optional: type: boolean type: object + x-kubernetes-map-type: atomic prefix: type: string secretRef: @@ -1375,6 +1398,7 @@ spec: optional: type: boolean type: object + x-kubernetes-map-type: atomic type: object type: array image: @@ -1889,6 +1913,7 @@ spec: name: type: string type: object + x-kubernetes-map-type: atomic type: array initContainers: items: @@ -1921,6 +1946,7 @@ spec: required: - key type: object + x-kubernetes-map-type: atomic fieldRef: properties: apiVersion: @@ -1930,6 +1956,7 @@ spec: required: - fieldPath type: object + x-kubernetes-map-type: atomic resourceFieldRef: properties: containerName: @@ -1945,6 +1972,7 @@ spec: required: - resource type: object + x-kubernetes-map-type: atomic secretKeyRef: properties: key: @@ -1956,6 +1984,7 @@ spec: required: - key type: object + x-kubernetes-map-type: atomic type: object required: - name @@ -1971,6 +2000,7 @@ spec: optional: type: boolean type: object + x-kubernetes-map-type: atomic prefix: type: string secretRef: @@ -1980,6 +2010,7 @@ spec: optional: type: boolean type: object + x-kubernetes-map-type: atomic type: object type: array image: @@ -2628,6 +2659,7 @@ spec: type: string type: object type: object + x-kubernetes-map-type: atomic matchLabelKeys: items: type: string @@ -2775,8 +2807,37 @@ spec: properties: address: type: string + authentication: + properties: + sigv4: + properties: + profile: + type: string + region: + type: string + roleArn: + type: string + type: object + type: object + headers: + items: + properties: + key: + type: string + value: + type: string + required: + - key + - value + type: object + type: array + insecure: + type: boolean query: type: string + timeout: + format: int64 + type: integer type: object skywalking: properties: diff --git a/charts/argo-rollouts/templates/crds/analysis-template-crd.yaml b/charts/argo-rollouts/templates/crds/analysis-template-crd.yaml index 2c73c5c96..934790970 100644 --- a/charts/argo-rollouts/templates/crds/analysis-template-crd.yaml +++ b/charts/argo-rollouts/templates/crds/analysis-template-crd.yaml @@ -3,7 +3,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.7.0 + controller-gen.kubebuilder.io/version: v0.12.1 {{- if .Values.keepCRDs }} "helm.sh/resource-policy": keep {{- end }} @@ -306,6 +306,7 @@ spec: type: string type: object type: object + x-kubernetes-map-type: atomic suspend: type: boolean template: @@ -368,6 +369,7 @@ spec: type: object type: array type: object + x-kubernetes-map-type: atomic weight: format: int32 type: integer @@ -414,10 +416,12 @@ spec: type: object type: array type: object + x-kubernetes-map-type: atomic type: array required: - nodeSelectorTerms type: object + x-kubernetes-map-type: atomic type: object podAffinity: properties: @@ -449,6 +453,7 @@ spec: type: string type: object type: object + x-kubernetes-map-type: atomic namespaceSelector: properties: matchExpressions: @@ -472,6 +477,7 @@ spec: type: string type: object type: object + x-kubernetes-map-type: atomic namespaces: items: type: string @@ -515,6 +521,7 @@ spec: type: string type: object type: object + x-kubernetes-map-type: atomic namespaceSelector: properties: matchExpressions: @@ -538,6 +545,7 @@ spec: type: string type: object type: object + x-kubernetes-map-type: atomic namespaces: items: type: string @@ -579,6 +587,7 @@ spec: type: string type: object type: object + x-kubernetes-map-type: atomic namespaceSelector: properties: matchExpressions: @@ -602,6 +611,7 @@ spec: type: string type: object type: object + x-kubernetes-map-type: atomic namespaces: items: type: string @@ -645,6 +655,7 @@ spec: type: string type: object type: object + x-kubernetes-map-type: atomic namespaceSelector: properties: matchExpressions: @@ -668,6 +679,7 @@ spec: type: string type: object type: object + x-kubernetes-map-type: atomic namespaces: items: type: string @@ -713,6 +725,7 @@ spec: required: - key type: object + x-kubernetes-map-type: atomic fieldRef: properties: apiVersion: @@ -722,6 +735,7 @@ spec: required: - fieldPath type: object + x-kubernetes-map-type: atomic resourceFieldRef: properties: containerName: @@ -737,6 +751,7 @@ spec: required: - resource type: object + x-kubernetes-map-type: atomic secretKeyRef: properties: key: @@ -748,6 +763,7 @@ spec: required: - key type: object + x-kubernetes-map-type: atomic type: object required: - name @@ -763,6 +779,7 @@ spec: optional: type: boolean type: object + x-kubernetes-map-type: atomic prefix: type: string secretRef: @@ -772,6 +789,7 @@ spec: optional: type: boolean type: object + x-kubernetes-map-type: atomic type: object type: array image: @@ -1312,6 +1330,7 @@ spec: required: - key type: object + x-kubernetes-map-type: atomic fieldRef: properties: apiVersion: @@ -1321,6 +1340,7 @@ spec: required: - fieldPath type: object + x-kubernetes-map-type: atomic resourceFieldRef: properties: containerName: @@ -1336,6 +1356,7 @@ spec: required: - resource type: object + x-kubernetes-map-type: atomic secretKeyRef: properties: key: @@ -1347,6 +1368,7 @@ spec: required: - key type: object + x-kubernetes-map-type: atomic type: object required: - name @@ -1362,6 +1384,7 @@ spec: optional: type: boolean type: object + x-kubernetes-map-type: atomic prefix: type: string secretRef: @@ -1371,6 +1394,7 @@ spec: optional: type: boolean type: object + x-kubernetes-map-type: atomic type: object type: array image: @@ -1885,6 +1909,7 @@ spec: name: type: string type: object + x-kubernetes-map-type: atomic type: array initContainers: items: @@ -1917,6 +1942,7 @@ spec: required: - key type: object + x-kubernetes-map-type: atomic fieldRef: properties: apiVersion: @@ -1926,6 +1952,7 @@ spec: required: - fieldPath type: object + x-kubernetes-map-type: atomic resourceFieldRef: properties: containerName: @@ -1941,6 +1968,7 @@ spec: required: - resource type: object + x-kubernetes-map-type: atomic secretKeyRef: properties: key: @@ -1952,6 +1980,7 @@ spec: required: - key type: object + x-kubernetes-map-type: atomic type: object required: - name @@ -1967,6 +1996,7 @@ spec: optional: type: boolean type: object + x-kubernetes-map-type: atomic prefix: type: string secretRef: @@ -1976,6 +2006,7 @@ spec: optional: type: boolean type: object + x-kubernetes-map-type: atomic type: object type: array image: @@ -2624,6 +2655,7 @@ spec: type: string type: object type: object + x-kubernetes-map-type: atomic matchLabelKeys: items: type: string @@ -2771,8 +2803,37 @@ spec: properties: address: type: string + authentication: + properties: + sigv4: + properties: + profile: + type: string + region: + type: string + roleArn: + type: string + type: object + type: object + headers: + items: + properties: + key: + type: string + value: + type: string + required: + - key + - value + type: object + type: array + insecure: + type: boolean query: type: string + timeout: + format: int64 + type: integer type: object skywalking: properties: diff --git a/charts/argo-rollouts/templates/crds/cluster-analysis-template-crd.yaml b/charts/argo-rollouts/templates/crds/cluster-analysis-template-crd.yaml index 612608de4..669773748 100644 --- a/charts/argo-rollouts/templates/crds/cluster-analysis-template-crd.yaml +++ b/charts/argo-rollouts/templates/crds/cluster-analysis-template-crd.yaml @@ -3,7 +3,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.7.0 + controller-gen.kubebuilder.io/version: v0.12.1 {{- if .Values.keepCRDs }} "helm.sh/resource-policy": keep {{- end }} @@ -306,6 +306,7 @@ spec: type: string type: object type: object + x-kubernetes-map-type: atomic suspend: type: boolean template: @@ -368,6 +369,7 @@ spec: type: object type: array type: object + x-kubernetes-map-type: atomic weight: format: int32 type: integer @@ -414,10 +416,12 @@ spec: type: object type: array type: object + x-kubernetes-map-type: atomic type: array required: - nodeSelectorTerms type: object + x-kubernetes-map-type: atomic type: object podAffinity: properties: @@ -449,6 +453,7 @@ spec: type: string type: object type: object + x-kubernetes-map-type: atomic namespaceSelector: properties: matchExpressions: @@ -472,6 +477,7 @@ spec: type: string type: object type: object + x-kubernetes-map-type: atomic namespaces: items: type: string @@ -515,6 +521,7 @@ spec: type: string type: object type: object + x-kubernetes-map-type: atomic namespaceSelector: properties: matchExpressions: @@ -538,6 +545,7 @@ spec: type: string type: object type: object + x-kubernetes-map-type: atomic namespaces: items: type: string @@ -579,6 +587,7 @@ spec: type: string type: object type: object + x-kubernetes-map-type: atomic namespaceSelector: properties: matchExpressions: @@ -602,6 +611,7 @@ spec: type: string type: object type: object + x-kubernetes-map-type: atomic namespaces: items: type: string @@ -645,6 +655,7 @@ spec: type: string type: object type: object + x-kubernetes-map-type: atomic namespaceSelector: properties: matchExpressions: @@ -668,6 +679,7 @@ spec: type: string type: object type: object + x-kubernetes-map-type: atomic namespaces: items: type: string @@ -713,6 +725,7 @@ spec: required: - key type: object + x-kubernetes-map-type: atomic fieldRef: properties: apiVersion: @@ -722,6 +735,7 @@ spec: required: - fieldPath type: object + x-kubernetes-map-type: atomic resourceFieldRef: properties: containerName: @@ -737,6 +751,7 @@ spec: required: - resource type: object + x-kubernetes-map-type: atomic secretKeyRef: properties: key: @@ -748,6 +763,7 @@ spec: required: - key type: object + x-kubernetes-map-type: atomic type: object required: - name @@ -763,6 +779,7 @@ spec: optional: type: boolean type: object + x-kubernetes-map-type: atomic prefix: type: string secretRef: @@ -772,6 +789,7 @@ spec: optional: type: boolean type: object + x-kubernetes-map-type: atomic type: object type: array image: @@ -1312,6 +1330,7 @@ spec: required: - key type: object + x-kubernetes-map-type: atomic fieldRef: properties: apiVersion: @@ -1321,6 +1340,7 @@ spec: required: - fieldPath type: object + x-kubernetes-map-type: atomic resourceFieldRef: properties: containerName: @@ -1336,6 +1356,7 @@ spec: required: - resource type: object + x-kubernetes-map-type: atomic secretKeyRef: properties: key: @@ -1347,6 +1368,7 @@ spec: required: - key type: object + x-kubernetes-map-type: atomic type: object required: - name @@ -1362,6 +1384,7 @@ spec: optional: type: boolean type: object + x-kubernetes-map-type: atomic prefix: type: string secretRef: @@ -1371,6 +1394,7 @@ spec: optional: type: boolean type: object + x-kubernetes-map-type: atomic type: object type: array image: @@ -1885,6 +1909,7 @@ spec: name: type: string type: object + x-kubernetes-map-type: atomic type: array initContainers: items: @@ -1917,6 +1942,7 @@ spec: required: - key type: object + x-kubernetes-map-type: atomic fieldRef: properties: apiVersion: @@ -1926,6 +1952,7 @@ spec: required: - fieldPath type: object + x-kubernetes-map-type: atomic resourceFieldRef: properties: containerName: @@ -1941,6 +1968,7 @@ spec: required: - resource type: object + x-kubernetes-map-type: atomic secretKeyRef: properties: key: @@ -1952,6 +1980,7 @@ spec: required: - key type: object + x-kubernetes-map-type: atomic type: object required: - name @@ -1967,6 +1996,7 @@ spec: optional: type: boolean type: object + x-kubernetes-map-type: atomic prefix: type: string secretRef: @@ -1976,6 +2006,7 @@ spec: optional: type: boolean type: object + x-kubernetes-map-type: atomic type: object type: array image: @@ -2624,6 +2655,7 @@ spec: type: string type: object type: object + x-kubernetes-map-type: atomic matchLabelKeys: items: type: string @@ -2771,8 +2803,37 @@ spec: properties: address: type: string + authentication: + properties: + sigv4: + properties: + profile: + type: string + region: + type: string + roleArn: + type: string + type: object + type: object + headers: + items: + properties: + key: + type: string + value: + type: string + required: + - key + - value + type: object + type: array + insecure: + type: boolean query: type: string + timeout: + format: int64 + type: integer type: object skywalking: properties: diff --git a/charts/argo-rollouts/templates/crds/experiment-crd.yaml b/charts/argo-rollouts/templates/crds/experiment-crd.yaml index acf989351..2f60d415b 100644 --- a/charts/argo-rollouts/templates/crds/experiment-crd.yaml +++ b/charts/argo-rollouts/templates/crds/experiment-crd.yaml @@ -3,7 +3,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.7.0 + controller-gen.kubebuilder.io/version: v0.12.1 {{- if .Values.keepCRDs }} "helm.sh/resource-policy": keep {{- end }} @@ -158,6 +158,7 @@ spec: type: string type: object type: object + x-kubernetes-map-type: atomic service: properties: name: @@ -223,6 +224,7 @@ spec: type: object type: array type: object + x-kubernetes-map-type: atomic weight: format: int32 type: integer @@ -269,10 +271,12 @@ spec: type: object type: array type: object + x-kubernetes-map-type: atomic type: array required: - nodeSelectorTerms type: object + x-kubernetes-map-type: atomic type: object podAffinity: properties: @@ -304,6 +308,7 @@ spec: type: string type: object type: object + x-kubernetes-map-type: atomic namespaceSelector: properties: matchExpressions: @@ -327,6 +332,7 @@ spec: type: string type: object type: object + x-kubernetes-map-type: atomic namespaces: items: type: string @@ -370,6 +376,7 @@ spec: type: string type: object type: object + x-kubernetes-map-type: atomic namespaceSelector: properties: matchExpressions: @@ -393,6 +400,7 @@ spec: type: string type: object type: object + x-kubernetes-map-type: atomic namespaces: items: type: string @@ -434,6 +442,7 @@ spec: type: string type: object type: object + x-kubernetes-map-type: atomic namespaceSelector: properties: matchExpressions: @@ -457,6 +466,7 @@ spec: type: string type: object type: object + x-kubernetes-map-type: atomic namespaces: items: type: string @@ -500,6 +510,7 @@ spec: type: string type: object type: object + x-kubernetes-map-type: atomic namespaceSelector: properties: matchExpressions: @@ -523,6 +534,7 @@ spec: type: string type: object type: object + x-kubernetes-map-type: atomic namespaces: items: type: string @@ -568,6 +580,7 @@ spec: required: - key type: object + x-kubernetes-map-type: atomic fieldRef: properties: apiVersion: @@ -577,6 +590,7 @@ spec: required: - fieldPath type: object + x-kubernetes-map-type: atomic resourceFieldRef: properties: containerName: @@ -592,6 +606,7 @@ spec: required: - resource type: object + x-kubernetes-map-type: atomic secretKeyRef: properties: key: @@ -603,6 +618,7 @@ spec: required: - key type: object + x-kubernetes-map-type: atomic type: object required: - name @@ -618,6 +634,7 @@ spec: optional: type: boolean type: object + x-kubernetes-map-type: atomic prefix: type: string secretRef: @@ -627,6 +644,7 @@ spec: optional: type: boolean type: object + x-kubernetes-map-type: atomic type: object type: array image: @@ -1167,6 +1185,7 @@ spec: required: - key type: object + x-kubernetes-map-type: atomic fieldRef: properties: apiVersion: @@ -1176,6 +1195,7 @@ spec: required: - fieldPath type: object + x-kubernetes-map-type: atomic resourceFieldRef: properties: containerName: @@ -1191,6 +1211,7 @@ spec: required: - resource type: object + x-kubernetes-map-type: atomic secretKeyRef: properties: key: @@ -1202,6 +1223,7 @@ spec: required: - key type: object + x-kubernetes-map-type: atomic type: object required: - name @@ -1217,6 +1239,7 @@ spec: optional: type: boolean type: object + x-kubernetes-map-type: atomic prefix: type: string secretRef: @@ -1226,6 +1249,7 @@ spec: optional: type: boolean type: object + x-kubernetes-map-type: atomic type: object type: array image: @@ -1740,6 +1764,7 @@ spec: name: type: string type: object + x-kubernetes-map-type: atomic type: array initContainers: items: @@ -1772,6 +1797,7 @@ spec: required: - key type: object + x-kubernetes-map-type: atomic fieldRef: properties: apiVersion: @@ -1781,6 +1807,7 @@ spec: required: - fieldPath type: object + x-kubernetes-map-type: atomic resourceFieldRef: properties: containerName: @@ -1796,6 +1823,7 @@ spec: required: - resource type: object + x-kubernetes-map-type: atomic secretKeyRef: properties: key: @@ -1807,6 +1835,7 @@ spec: required: - key type: object + x-kubernetes-map-type: atomic type: object required: - name @@ -1822,6 +1851,7 @@ spec: optional: type: boolean type: object + x-kubernetes-map-type: atomic prefix: type: string secretRef: @@ -1831,6 +1861,7 @@ spec: optional: type: boolean type: object + x-kubernetes-map-type: atomic type: object type: array image: @@ -2479,6 +2510,7 @@ spec: type: string type: object type: object + x-kubernetes-map-type: atomic matchLabelKeys: items: type: string diff --git a/charts/argo-rollouts/templates/crds/rollout-crd.yaml b/charts/argo-rollouts/templates/crds/rollout-crd.yaml index 45f59ee0c..7faf37904 100644 --- a/charts/argo-rollouts/templates/crds/rollout-crd.yaml +++ b/charts/argo-rollouts/templates/crds/rollout-crd.yaml @@ -3,7 +3,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.7.0 + controller-gen.kubebuilder.io/version: v0.12.1 {{- if .Values.keepCRDs }} "helm.sh/resource-policy": keep {{- end }} @@ -118,6 +118,7 @@ spec: type: string type: object type: object + x-kubernetes-map-type: atomic strategy: properties: blueGreen: @@ -624,6 +625,7 @@ spec: type: string type: object type: object + x-kubernetes-map-type: atomic service: properties: name: @@ -742,6 +744,10 @@ spec: type: string ingress: type: string + ingresses: + items: + type: string + type: array rootService: type: string servicePort: @@ -759,7 +765,6 @@ spec: - enabled type: object required: - - ingress - servicePort type: object ambassador: @@ -1003,6 +1008,7 @@ spec: type: object type: array type: object + x-kubernetes-map-type: atomic weight: format: int32 type: integer @@ -1049,10 +1055,12 @@ spec: type: object type: array type: object + x-kubernetes-map-type: atomic type: array required: - nodeSelectorTerms type: object + x-kubernetes-map-type: atomic type: object podAffinity: properties: @@ -1084,6 +1092,7 @@ spec: type: string type: object type: object + x-kubernetes-map-type: atomic namespaceSelector: properties: matchExpressions: @@ -1107,6 +1116,7 @@ spec: type: string type: object type: object + x-kubernetes-map-type: atomic namespaces: items: type: string @@ -1150,6 +1160,7 @@ spec: type: string type: object type: object + x-kubernetes-map-type: atomic namespaceSelector: properties: matchExpressions: @@ -1173,6 +1184,7 @@ spec: type: string type: object type: object + x-kubernetes-map-type: atomic namespaces: items: type: string @@ -1214,6 +1226,7 @@ spec: type: string type: object type: object + x-kubernetes-map-type: atomic namespaceSelector: properties: matchExpressions: @@ -1237,6 +1250,7 @@ spec: type: string type: object type: object + x-kubernetes-map-type: atomic namespaces: items: type: string @@ -1280,6 +1294,7 @@ spec: type: string type: object type: object + x-kubernetes-map-type: atomic namespaceSelector: properties: matchExpressions: @@ -1303,6 +1318,7 @@ spec: type: string type: object type: object + x-kubernetes-map-type: atomic namespaces: items: type: string @@ -1348,6 +1364,7 @@ spec: required: - key type: object + x-kubernetes-map-type: atomic fieldRef: properties: apiVersion: @@ -1357,6 +1374,7 @@ spec: required: - fieldPath type: object + x-kubernetes-map-type: atomic resourceFieldRef: properties: containerName: @@ -1372,6 +1390,7 @@ spec: required: - resource type: object + x-kubernetes-map-type: atomic secretKeyRef: properties: key: @@ -1383,6 +1402,7 @@ spec: required: - key type: object + x-kubernetes-map-type: atomic type: object required: - name @@ -1398,6 +1418,7 @@ spec: optional: type: boolean type: object + x-kubernetes-map-type: atomic prefix: type: string secretRef: @@ -1407,6 +1428,7 @@ spec: optional: type: boolean type: object + x-kubernetes-map-type: atomic type: object type: array image: @@ -1947,6 +1969,7 @@ spec: required: - key type: object + x-kubernetes-map-type: atomic fieldRef: properties: apiVersion: @@ -1956,6 +1979,7 @@ spec: required: - fieldPath type: object + x-kubernetes-map-type: atomic resourceFieldRef: properties: containerName: @@ -1971,6 +1995,7 @@ spec: required: - resource type: object + x-kubernetes-map-type: atomic secretKeyRef: properties: key: @@ -1982,6 +2007,7 @@ spec: required: - key type: object + x-kubernetes-map-type: atomic type: object required: - name @@ -1997,6 +2023,7 @@ spec: optional: type: boolean type: object + x-kubernetes-map-type: atomic prefix: type: string secretRef: @@ -2006,6 +2033,7 @@ spec: optional: type: boolean type: object + x-kubernetes-map-type: atomic type: object type: array image: @@ -2520,6 +2548,7 @@ spec: name: type: string type: object + x-kubernetes-map-type: atomic type: array initContainers: items: @@ -2552,6 +2581,7 @@ spec: required: - key type: object + x-kubernetes-map-type: atomic fieldRef: properties: apiVersion: @@ -2561,6 +2591,7 @@ spec: required: - fieldPath type: object + x-kubernetes-map-type: atomic resourceFieldRef: properties: containerName: @@ -2576,6 +2607,7 @@ spec: required: - resource type: object + x-kubernetes-map-type: atomic secretKeyRef: properties: key: @@ -2587,6 +2619,7 @@ spec: required: - key type: object + x-kubernetes-map-type: atomic type: object required: - name @@ -2602,6 +2635,7 @@ spec: optional: type: boolean type: object + x-kubernetes-map-type: atomic prefix: type: string secretRef: @@ -2611,6 +2645,7 @@ spec: optional: type: boolean type: object + x-kubernetes-map-type: atomic type: object type: array image: @@ -3259,6 +3294,7 @@ spec: type: string type: object type: object + x-kubernetes-map-type: atomic matchLabelKeys: items: type: string @@ -3330,6 +3366,8 @@ spec: - arn - name type: object + ingress: + type: string loadBalancer: properties: arn: @@ -3355,6 +3393,49 @@ spec: - name type: object type: object + albs: + items: + properties: + canaryTargetGroup: + properties: + arn: + type: string + fullName: + type: string + name: + type: string + required: + - arn + - name + type: object + ingress: + type: string + loadBalancer: + properties: + arn: + type: string + fullName: + type: string + name: + type: string + required: + - arn + - name + type: object + stableTargetGroup: + properties: + arn: + type: string + fullName: + type: string + name: + type: string + required: + - arn + - name + type: object + type: object + type: array availableReplicas: format: int32 type: integer From 258efc9a0c4c5d6bdd13339489f2689018652218 Mon Sep 17 00:00:00 2001 From: Tamas Szasz Date: Thu, 7 Sep 2023 16:52:17 +0300 Subject: [PATCH 296/356] fix(argo-cd): Make the PathType configurable when using single ingress resource in AWS (#2251) * Make the PathType configurable when using single ingress resource in AWS Signed-off-by: Tamas * update chart version and doc Signed-off-by: Tamas * Fix reference to value in range Signed-off-by: Tamas --------- Signed-off-by: Tamas Co-authored-by: Tamas --- charts/argo-cd/Chart.yaml | 4 ++-- charts/argo-cd/templates/argocd-server/ingress.yaml | 2 +- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index 18d2d2b48..18c029e2e 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -3,7 +3,7 @@ appVersion: v2.8.2 kubeVersion: ">=1.23.0-0" description: A Helm chart for Argo CD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 5.45.1 +version: 5.45.2 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png sources: @@ -27,4 +27,4 @@ annotations: url: https://argoproj.github.io/argo-helm/pgp_keys.asc artifacthub.io/changes: | - kind: fixed - description: fixed example for configs.styles to be sidebar instead of nav-bar + description: do not hardcode the pathtype of the grpc ingress rule when using a single ingress resource in aws alb diff --git a/charts/argo-cd/templates/argocd-server/ingress.yaml b/charts/argo-cd/templates/argocd-server/ingress.yaml index 98ec1cb12..a142bb666 100644 --- a/charts/argo-cd/templates/argocd-server/ingress.yaml +++ b/charts/argo-cd/templates/argocd-server/ingress.yaml @@ -39,7 +39,7 @@ spec: {{- range $p := $paths }} {{- if and $.Values.server.ingressGrpc.isAWSALB $.Values.server.ingressGrpc.enabled }} - path: {{ $p }} - pathType: Prefix + pathType: {{ $.Values.server.ingressGrpc.pathType }} backend: service: name: {{ template "argo-cd.server.fullname" $ }}-grpc From 3bb85b7d3eb0dfec12f195b5afc06b3bda70b5c3 Mon Sep 17 00:00:00 2001 From: Alexej Disterhoft Date: Fri, 8 Sep 2023 02:08:37 +0200 Subject: [PATCH 297/356] chore(argo-cd): Upgrade Argo CD to v2.8.3 (#2254) Signed-off-by: Alexej Disterhoft --- charts/argo-cd/Chart.yaml | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index 18c029e2e..76534308b 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -1,9 +1,9 @@ apiVersion: v2 -appVersion: v2.8.2 +appVersion: v2.8.3 kubeVersion: ">=1.23.0-0" description: A Helm chart for Argo CD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 5.45.2 +version: 5.45.3 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png sources: @@ -26,5 +26,5 @@ annotations: fingerprint: 2B8F22F57260EFA67BE1C5824B11F800CD9D2252 url: https://argoproj.github.io/argo-helm/pgp_keys.asc artifacthub.io/changes: | - - kind: fixed - description: do not hardcode the pathtype of the grpc ingress rule when using a single ingress resource in aws alb + - kind: changed + description: Upgrade Argo CD to v2.8.3 From 925cd8454ca2c648273e303c06f9f7560ffdc2f1 Mon Sep 17 00:00:00 2001 From: Aikawa Date: Fri, 8 Sep 2023 13:10:55 +0900 Subject: [PATCH 298/356] chore(argo-workflows): Upgrade Argo Workflows to v3.4.11 (#2255) --- charts/argo-workflows/Chart.yaml | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/charts/argo-workflows/Chart.yaml b/charts/argo-workflows/Chart.yaml index 1c60fbb4f..60dd66c88 100644 --- a/charts/argo-workflows/Chart.yaml +++ b/charts/argo-workflows/Chart.yaml @@ -1,9 +1,9 @@ apiVersion: v2 -appVersion: v3.4.10 +appVersion: v3.4.11 name: argo-workflows description: A Helm chart for Argo Workflows type: application -version: 0.33.1 +version: 0.33.2 icon: https://argoproj.github.io/argo-workflows/assets/logo.png home: https://github.com/argoproj/argo-helm sources: @@ -16,5 +16,5 @@ annotations: fingerprint: 2B8F22F57260EFA67BE1C5824B11F800CD9D2252 url: https://argoproj.github.io/argo-helm/pgp_keys.asc artifacthub.io/changes: | - - kind: fixed - description: fixed comment in values.yaml for blobNameFormat field + - kind: changed + description: Upgrade Argo Workflows to v3.4.11 From 95310f995b24226b2532d28d57f2b6de8687738b Mon Sep 17 00:00:00 2001 From: Aikawa Date: Fri, 8 Sep 2023 23:02:25 +0900 Subject: [PATCH 299/356] fix(argo-cd): Restart Repo Server and Application Controller as following the change of Argo CD CM (#2235) * fix(argo-cd): Restart Repo Server and Application Controller as following the change of Argo CD CM Signed-off-by: yu-croco * fix(argo-cd): Aligne condition to argocd-cm Signed-off-by: yu-croco --------- Signed-off-by: yu-croco --- charts/argo-cd/Chart.yaml | 6 +++--- .../argocd-application-controller/statefulset.yaml | 3 +++ charts/argo-cd/templates/argocd-repo-server/deployment.yaml | 3 +++ 3 files changed, 9 insertions(+), 3 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index 76534308b..345a2ae1b 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -3,7 +3,7 @@ appVersion: v2.8.3 kubeVersion: ">=1.23.0-0" description: A Helm chart for Argo CD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 5.45.3 +version: 5.45.4 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png sources: @@ -26,5 +26,5 @@ annotations: fingerprint: 2B8F22F57260EFA67BE1C5824B11F800CD9D2252 url: https://argoproj.github.io/argo-helm/pgp_keys.asc artifacthub.io/changes: | - - kind: changed - description: Upgrade Argo CD to v2.8.3 + - kind: fixed + description: Restart Repo Server and Application Controller as following the change of Argo CD CM diff --git a/charts/argo-cd/templates/argocd-application-controller/statefulset.yaml b/charts/argo-cd/templates/argocd-application-controller/statefulset.yaml index 8faac38da..3583a2b72 100644 --- a/charts/argo-cd/templates/argocd-application-controller/statefulset.yaml +++ b/charts/argo-cd/templates/argocd-application-controller/statefulset.yaml @@ -23,6 +23,9 @@ spec: metadata: annotations: checksum/cmd-params: {{ include (print $.Template.BasePath "/argocd-configs/argocd-cmd-params-cm.yaml") . | sha256sum }} + {{- if (hasKey .Values.server "configEnabled") | ternary .Values.server.configEnabled .Values.configs.cm.create }} + checksum/cm: {{ include (print $.Template.BasePath "/argocd-configs/argocd-cm.yaml") . | sha256sum }} + {{- end }} {{- with (mergeOverwrite (deepCopy .Values.global.podAnnotations) .Values.controller.podAnnotations) }} {{- range $key, $value := . }} {{ $key }}: {{ $value | quote }} diff --git a/charts/argo-cd/templates/argocd-repo-server/deployment.yaml b/charts/argo-cd/templates/argocd-repo-server/deployment.yaml index b9959018e..61fb545a1 100755 --- a/charts/argo-cd/templates/argocd-repo-server/deployment.yaml +++ b/charts/argo-cd/templates/argocd-repo-server/deployment.yaml @@ -30,6 +30,9 @@ spec: {{- if .Values.repoServer.certificateSecret.enabled }} checksum/repo-server-tls: {{ include (print $.Template.BasePath "/argocd-configs/argocd-repo-server-tls-secret.yaml") . | sha256sum }} {{- end }} + {{- if (hasKey .Values.server "configEnabled") | ternary .Values.server.configEnabled .Values.configs.cm.create }} + checksum/cm: {{ include (print $.Template.BasePath "/argocd-configs/argocd-cm.yaml") . | sha256sum }} + {{- end }} {{- with (mergeOverwrite (deepCopy .Values.global.podAnnotations) .Values.repoServer.podAnnotations) }} {{- range $key, $value := . }} {{ $key }}: {{ $value | quote }} From 34663ae9e6528098cc54a4465634154d48b14fce Mon Sep 17 00:00:00 2001 From: Petr Drastil Date: Fri, 8 Sep 2023 16:58:05 +0200 Subject: [PATCH 300/356] docs(argo-cd): Document scheduling parameters for redis-ha (#2253) Signed-off-by: Petr Drastil --- charts/argo-cd/Chart.yaml | 6 +++--- charts/argo-cd/README.md | 10 ++++++++++ charts/argo-cd/values.yaml | 37 +++++++++++++++++++++++++++++++------ 3 files changed, 44 insertions(+), 9 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index 345a2ae1b..39ecaeb6d 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -3,7 +3,7 @@ appVersion: v2.8.3 kubeVersion: ">=1.23.0-0" description: A Helm chart for Argo CD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 5.45.4 +version: 5.45.5 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png sources: @@ -26,5 +26,5 @@ annotations: fingerprint: 2B8F22F57260EFA67BE1C5824B11F800CD9D2252 url: https://argoproj.github.io/argo-helm/pgp_keys.asc artifacthub.io/changes: | - - kind: fixed - description: Restart Repo Server and Application Controller as following the change of Argo CD CM + - kind: added + description: Documented scheduling parameters for redis-ha diff --git a/charts/argo-cd/README.md b/charts/argo-cd/README.md index 125fcf697..49abfcea3 100644 --- a/charts/argo-cd/README.md +++ b/charts/argo-cd/README.md @@ -998,17 +998,27 @@ The main options are listed here: | Key | Type | Default | Description | |-----|------|---------|-------------| +| redis-ha.additionalAffinities | object | `{}` | Additional affinities to add to the Redis server pods. | +| redis-ha.affinity | object | `{}` | Assign custom [affinity] rules to the Redis pods. | | redis-ha.enabled | bool | `false` | Enables the Redis HA subchart and disables the custom Redis single node deployment | | redis-ha.exporter.enabled | bool | `false` | Enable Prometheus redis-exporter sidecar | | redis-ha.exporter.image | string | `"public.ecr.aws/bitnami/redis-exporter"` | Repository to use for the redis-exporter | | redis-ha.exporter.tag | string | `"1.53.0"` | Tag to use for the redis-exporter | +| redis-ha.haproxy.additionalAffinities | object | `{}` | Additional affinities to add to the haproxy pods. | +| redis-ha.haproxy.affinity | object | `{}` | Assign custom [affinity] rules to the haproxy pods. | | redis-ha.haproxy.enabled | bool | `true` | Enabled HAProxy LoadBalancing/Proxy | +| redis-ha.haproxy.hardAntiAffinity | bool | `true` | Whether the haproxy pods should be forced to run on separate nodes. | | redis-ha.haproxy.metrics.enabled | bool | `true` | HAProxy enable prometheus metric scraping | +| redis-ha.haproxy.tolerations | list | `[]` | [Tolerations] for use with node taints for haproxy pods. | +| redis-ha.hardAntiAffinity | bool | `true` | Whether the Redis server pods should be forced to run on separate nodes. | +| redis-ha.image.repository | string | `"redis"` | Redis repository | | redis-ha.image.tag | string | `"7.0.11-alpine"` | Redis tag | | redis-ha.persistentVolume.enabled | bool | `false` | Configures persistence on Redis nodes | | redis-ha.redis.config | object | See [values.yaml] | Any valid redis config options in this section will be applied to each server (see `redis-ha` chart) | | redis-ha.redis.config.save | string | `'""'` | Will save the DB if both the given number of seconds and the given number of write operations against the DB occurred. `""` is disabled | | redis-ha.redis.masterGroupName | string | `"argocd"` | Redis convention for naming the cluster group: must match `^[\\w-\\.]+$` and can be templated | +| redis-ha.tolerations | list | `[]` | [Tolerations] for use with node taints for Redis pods. | +| redis-ha.topologySpreadConstraints | object | `{"enabled":false,"maxSkew":"","topologyKey":"","whenUnsatisfiable":""}` | Assign custom [TopologySpreadConstraints] rules to the Redis pods. | | redis-ha.topologySpreadConstraints.enabled | bool | `false` | Enable Redis HA topology spread constraints | | redis-ha.topologySpreadConstraints.maxSkew | string | `""` (defaults to `1`) | Max skew of pods tolerated | | redis-ha.topologySpreadConstraints.topologyKey | string | `""` (defaults to `topology.kubernetes.io/zone`) | Topology key for spread | diff --git a/charts/argo-cd/values.yaml b/charts/argo-cd/values.yaml index e0a605430..a9ab7ad63 100644 --- a/charts/argo-cd/values.yaml +++ b/charts/argo-cd/values.yaml @@ -1371,12 +1371,17 @@ redis: # -- Prometheus ServiceMonitor annotations annotations: {} -# This key configures Redis-HA subchart and when enabled (redis-ha.enabled=true) -# the custom redis deployment is omitted -# Check the redis-ha chart for more properties +## Redis-HA subchart replaces custom redis deployment when `redis-ha.enabled=true` +# Ref: https://github.com/DandyDeveloper/charts/blob/master/charts/redis-ha/values.yaml redis-ha: # -- Enables the Redis HA subchart and disables the custom Redis single node deployment enabled: false + ## Redis image + image: + # -- Redis repository + repository: redis + # -- Redis tag + tag: 7.0.11-alpine ## Prometheus redis-exporter sidecar exporter: # -- Enable Prometheus redis-exporter sidecar @@ -1388,6 +1393,7 @@ redis-ha: persistentVolume: # -- Configures persistence on Redis nodes enabled: false + ## Redis specific configuration options redis: # -- Redis convention for naming the cluster group: must match `^[\\w-\\.]+$` and can be templated masterGroupName: argocd @@ -1397,16 +1403,35 @@ redis-ha: # -- Will save the DB if both the given number of seconds and the given number of write operations against the DB occurred. `""` is disabled # @default -- `'""'` save: '""' + ## Enables a HA Proxy for better LoadBalancing / Sentinel Master support. Automatically proxies to Redis master. haproxy: # -- Enabled HAProxy LoadBalancing/Proxy enabled: true metrics: # -- HAProxy enable prometheus metric scraping enabled: true - image: - # -- Redis tag - tag: 7.0.11-alpine + # -- Whether the haproxy pods should be forced to run on separate nodes. + hardAntiAffinity: true + # -- Additional affinities to add to the haproxy pods. + additionalAffinities: {} + # -- Assign custom [affinity] rules to the haproxy pods. + affinity: {} + # -- [Tolerations] for use with node taints for haproxy pods. + tolerations: [] + + # -- Whether the Redis server pods should be forced to run on separate nodes. + hardAntiAffinity: true + + # -- Additional affinities to add to the Redis server pods. + additionalAffinities: {} + + # -- Assign custom [affinity] rules to the Redis pods. + affinity: {} + + # -- [Tolerations] for use with node taints for Redis pods. + tolerations: [] + # -- Assign custom [TopologySpreadConstraints] rules to the Redis pods. ## https://kubernetes.io/docs/concepts/workloads/pods/pod-topology-spread-constraints/ topologySpreadConstraints: # -- Enable Redis HA topology spread constraints From eebb8c8d489ea41ce5ba388a14208c8e05cff67a Mon Sep 17 00:00:00 2001 From: Andrew Hamilton Date: Sat, 9 Sep 2023 01:55:47 -0700 Subject: [PATCH 301/356] feat(argo-cd): adds toggle for helm-working-dir (#2249) - Adds a toggle to be able to turn off the helm-working-dir for the repo server deployment. Using a shared helm repo storage directory can cause issues when multiple helm commands are being run in parallel. The repo server also has the ability to rebuild the repos and do updates in the normal flow for checking the status of an application so it won't cause issues if it's disabled. Signed-off-by: Andrew Hamilton --- charts/argo-cd/Chart.yaml | 4 ++-- charts/argo-cd/README.md | 1 + charts/argo-cd/templates/argocd-repo-server/deployment.yaml | 6 ++++++ charts/argo-cd/values.yaml | 3 +++ 4 files changed, 12 insertions(+), 2 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index 39ecaeb6d..fcbd06424 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -3,7 +3,7 @@ appVersion: v2.8.3 kubeVersion: ">=1.23.0-0" description: A Helm chart for Argo CD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 5.45.5 +version: 5.46.0 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png sources: @@ -27,4 +27,4 @@ annotations: url: https://argoproj.github.io/argo-helm/pgp_keys.asc artifacthub.io/changes: | - kind: added - description: Documented scheduling parameters for redis-ha + description: added a toggle for the shared Helm working directory diff --git a/charts/argo-cd/README.md b/charts/argo-cd/README.md index 49abfcea3..5b780b0bd 100644 --- a/charts/argo-cd/README.md +++ b/charts/argo-cd/README.md @@ -655,6 +655,7 @@ NAME: my-release | repoServer.serviceAccount.name | string | `""` | Repo server service account name | | repoServer.tolerations | list | `[]` (defaults to global.tolerations) | [Tolerations] for use with node taints | | repoServer.topologySpreadConstraints | list | `[]` (defaults to global.topologySpreadConstraints) | Assign custom [TopologySpreadConstraints] rules to the repo server | +| repoServer.useEphemeralHelmWorkingDir | bool | `true` | Toggle the usage of a ephemeral Helm working directory | | repoServer.volumeMounts | list | `[]` | Additional volumeMounts to the repo server main container | | repoServer.volumes | list | `[]` | Additional volumes to the repo server pod | diff --git a/charts/argo-cd/templates/argocd-repo-server/deployment.yaml b/charts/argo-cd/templates/argocd-repo-server/deployment.yaml index 61fb545a1..3080c79fd 100755 --- a/charts/argo-cd/templates/argocd-repo-server/deployment.yaml +++ b/charts/argo-cd/templates/argocd-repo-server/deployment.yaml @@ -231,12 +231,14 @@ spec: key: reposerver.enable.git.submodule name: argocd-cmd-params-cm optional: true + {{- if .Values.repoServer.useEphemeralHelmWorkingDir }} - name: HELM_CACHE_HOME value: /helm-working-dir - name: HELM_CONFIG_HOME value: /helm-working-dir - name: HELM_DATA_HOME value: /helm-working-dir + {{- end }} {{- with .Values.repoServer.envFrom }} envFrom: {{- toYaml . | nindent 10 }} @@ -255,8 +257,10 @@ spec: name: gpg-keyring - mountPath: /app/config/reposerver/tls name: argocd-repo-server-tls + {{- if .Values.repoServer.useEphemeralHelmWorkingDir }} - mountPath: /helm-working-dir name: helm-working-dir + {{- end }} - mountPath: /home/argocd/cmp-server/plugins name: plugins - mountPath: /tmp @@ -349,8 +353,10 @@ spec: {{- with .Values.repoServer.volumes }} {{- toYaml . | nindent 6 }} {{- end }} + {{- if .Values.repoServer.useEphemeralHelmWorkingDir }} - name: helm-working-dir emptyDir: {} + {{- end }} - name: plugins emptyDir: {} - name: var-files diff --git a/charts/argo-cd/values.yaml b/charts/argo-cd/values.yaml index a9ab7ad63..22dcfcc63 100644 --- a/charts/argo-cd/values.yaml +++ b/charts/argo-cd/values.yaml @@ -2177,6 +2177,9 @@ repoServer: # - name: cmp-tmp # emptyDir: {} + # -- Toggle the usage of a ephemeral Helm working directory + useEphemeralHelmWorkingDir: true + # -- Annotations to be added to repo server Deployment deploymentAnnotations: {} From 738fe78d2096b6543114b1d94d5dba6157b78adf Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Sat, 9 Sep 2023 18:39:19 +0900 Subject: [PATCH 302/356] chore(deps): bump actions/checkout from 3.6.0 to 4.0.0 (#2258) Bumps [actions/checkout](https://github.com/actions/checkout) from 3.6.0 to 4.0.0. - [Release notes](https://github.com/actions/checkout/releases) - [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md) - [Commits](https://github.com/actions/checkout/compare/f43a0e5ff2bd294095638e18286ca9a3d1956744...3df4ab11eba7bda6032a0b82a6bb43b11571feac) --- updated-dependencies: - dependency-name: actions/checkout dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> --- .github/workflows/lint-and-test.yml | 4 ++-- .github/workflows/publish.yml | 2 +- .github/workflows/scorecard.yml | 2 +- 3 files changed, 4 insertions(+), 4 deletions(-) diff --git a/.github/workflows/lint-and-test.yml b/.github/workflows/lint-and-test.yml index a78bf610a..52e4746b9 100644 --- a/.github/workflows/lint-and-test.yml +++ b/.github/workflows/lint-and-test.yml @@ -13,7 +13,7 @@ jobs: options: --user 1001 steps: - name: Checkout - uses: actions/checkout@f43a0e5ff2bd294095638e18286ca9a3d1956744 # v3.6.0 + uses: actions/checkout@3df4ab11eba7bda6032a0b82a6bb43b11571feac # v4.0.0 - name: Run ah lint working-directory: ./charts run: ah lint @@ -22,7 +22,7 @@ jobs: runs-on: ubuntu-latest steps: - name: Checkout - uses: actions/checkout@f43a0e5ff2bd294095638e18286ca9a3d1956744 # v3.6.0 + uses: actions/checkout@3df4ab11eba7bda6032a0b82a6bb43b11571feac # v4.0.0 with: fetch-depth: 0 diff --git a/.github/workflows/publish.yml b/.github/workflows/publish.yml index 9ad42ed76..0c8f7cbf0 100644 --- a/.github/workflows/publish.yml +++ b/.github/workflows/publish.yml @@ -18,7 +18,7 @@ jobs: runs-on: ubuntu-latest steps: - name: Checkout - uses: actions/checkout@f43a0e5ff2bd294095638e18286ca9a3d1956744 # v3.6.0 + uses: actions/checkout@3df4ab11eba7bda6032a0b82a6bb43b11571feac # v4.0.0 with: fetch-depth: 0 diff --git a/.github/workflows/scorecard.yml b/.github/workflows/scorecard.yml index 3f00b6dd5..86ff1a7ba 100644 --- a/.github/workflows/scorecard.yml +++ b/.github/workflows/scorecard.yml @@ -33,7 +33,7 @@ jobs: steps: - name: "Checkout code" - uses: actions/checkout@f43a0e5ff2bd294095638e18286ca9a3d1956744 # v3.6.0 + uses: actions/checkout@3df4ab11eba7bda6032a0b82a6bb43b11571feac # v4.0.0 with: persist-credentials: false From 366114b3db06170065a80eeb773c010ad7f251d2 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Sat, 9 Sep 2023 18:40:59 +0900 Subject: [PATCH 303/356] chore(deps): bump actions/upload-artifact from 3.1.2 to 3.1.3 (#2259) Bumps [actions/upload-artifact](https://github.com/actions/upload-artifact) from 3.1.2 to 3.1.3. - [Release notes](https://github.com/actions/upload-artifact/releases) - [Commits](https://github.com/actions/upload-artifact/compare/0b7f8abb1508181956e8e162db84b466c27e18ce...a8a3f3ad30e3422c9c7b888a15615d19a852ae32) --- updated-dependencies: - dependency-name: actions/upload-artifact dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Aikawa --- .github/workflows/scorecard.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/scorecard.yml b/.github/workflows/scorecard.yml index 86ff1a7ba..8a924219d 100644 --- a/.github/workflows/scorecard.yml +++ b/.github/workflows/scorecard.yml @@ -60,7 +60,7 @@ jobs: # Upload the results as artifacts (optional). Commenting out will disable uploads of run results in SARIF # format to the repository Actions tab. - name: "Upload artifact" - uses: actions/upload-artifact@0b7f8abb1508181956e8e162db84b466c27e18ce # v3.1.2 + uses: actions/upload-artifact@a8a3f3ad30e3422c9c7b888a15615d19a852ae32 # v3.1.3 with: name: SARIF file path: results.sarif From db76bbed97c6be2248446debdc00e1c75cb6f3f5 Mon Sep 17 00:00:00 2001 From: Anton Gilgur <4970083+agilgur5@users.noreply.github.com> Date: Sat, 9 Sep 2023 21:57:17 -0400 Subject: [PATCH 304/356] docs(argo-workflows): add an HA section (#2183) * feat(argo-workflows): add a sample HA config - a `values-ha.yaml` as an example for how one would set-up HA according to the Argo Workflows docs Signed-off-by: Anton Gilgur * docs(argo-workflows): add an HA section - plus add a test for HA, which the docs link to as an example - link back to [upstream docs](https://argoproj.github.io/argo-workflows/high-availability/) as well - follow the same basic structure as the [Argo CD chart for HA](https://github.com/argoproj/argo-helm/blob/3e35b0c7f7d758d553b17f369cc5940484ef5d89/charts/argo-cd/README.md?plain=1#L17) - as asked in review Signed-off-by: Anton Gilgur --------- Signed-off-by: Anton Gilgur Signed-off-by: Anton Gilgur <4970083+agilgur5@users.noreply.github.com> Co-authored-by: Aikawa --- charts/argo-workflows/Chart.yaml | 6 +++--- charts/argo-workflows/README.md | 5 +++++ charts/argo-workflows/README.md.gotmpl | 5 +++++ charts/argo-workflows/ci/ha-values.yaml | 23 +++++++++++++++++++++++ 4 files changed, 36 insertions(+), 3 deletions(-) create mode 100644 charts/argo-workflows/ci/ha-values.yaml diff --git a/charts/argo-workflows/Chart.yaml b/charts/argo-workflows/Chart.yaml index 60dd66c88..85de8f7e5 100644 --- a/charts/argo-workflows/Chart.yaml +++ b/charts/argo-workflows/Chart.yaml @@ -3,7 +3,7 @@ appVersion: v3.4.11 name: argo-workflows description: A Helm chart for Argo Workflows type: application -version: 0.33.2 +version: 0.33.3 icon: https://argoproj.github.io/argo-workflows/assets/logo.png home: https://github.com/argoproj/argo-helm sources: @@ -16,5 +16,5 @@ annotations: fingerprint: 2B8F22F57260EFA67BE1C5824B11F800CD9D2252 url: https://argoproj.github.io/argo-helm/pgp_keys.asc artifacthub.io/changes: | - - kind: changed - description: Upgrade Argo Workflows to v3.4.11 + - kind: fixed + description: Add HA docs and example diff --git a/charts/argo-workflows/README.md b/charts/argo-workflows/README.md index ef78bc5ba..732baecdd 100644 --- a/charts/argo-workflows/README.md +++ b/charts/argo-workflows/README.md @@ -75,6 +75,11 @@ For full list of changes, please check ArtifactHub [changelog]. ## Usage Notes +### High Availability + +This chart installs the non-HA version of Argo Workflows by default. If you want to run in HA mode, you can use [these example values](ci/ha-values.yaml) as a starting point. +Please see the upstream [Operator Manual's High Availability page](https://argoproj.github.io/argo-workflows/high-availability/) to understand how to scale Argo Workflows in depth. + ### Workflow controller This chart defaults to setting the `controller.instanceID.enabled` to `false` now, which means the deployed controller will act upon any workflow deployed to the cluster. If you would like to limit the behavior and deploy multiple workflow controllers, please use the `controller.instanceID.enabled` attribute along with one of its configuration options to set the `instanceID` of the workflow controller to be properly scoped for your needs. diff --git a/charts/argo-workflows/README.md.gotmpl b/charts/argo-workflows/README.md.gotmpl index 8316e9a0a..60aa62afa 100644 --- a/charts/argo-workflows/README.md.gotmpl +++ b/charts/argo-workflows/README.md.gotmpl @@ -75,6 +75,11 @@ For full list of changes, please check ArtifactHub [changelog]. ## Usage Notes +### High Availability + +This chart installs the non-HA version of Argo Workflows by default. If you want to run in HA mode, you can use [these example values](ci/ha-values.yaml) as a starting point. +Please see the upstream [Operator Manual's High Availability page](https://argoproj.github.io/argo-workflows/high-availability/) to understand how to scale Argo Workflows in depth. + ### Workflow controller This chart defaults to setting the `controller.instanceID.enabled` to `false` now, which means the deployed controller will act upon any workflow deployed to the cluster. If you would like to limit the behavior and deploy multiple workflow controllers, please use the `controller.instanceID.enabled` attribute along with one of its configuration options to set the `instanceID` of the workflow controller to be properly scoped for your needs. diff --git a/charts/argo-workflows/ci/ha-values.yaml b/charts/argo-workflows/ci/ha-values.yaml new file mode 100644 index 000000000..3dfbb572a --- /dev/null +++ b/charts/argo-workflows/ci/ha-values.yaml @@ -0,0 +1,23 @@ +# Sample values for High Availability configuration, following https://argoproj.github.io/argo-workflows/high-availability/ + +controller: + # in v3.0+, a second controller can be ran as a hot-standby: https://argoproj.github.io/argo-workflows/high-availability/#workflow-controller + replicas: 2 # should be strictly greater than PDB minAvailable + # enable PDB with at least one Pod + pdb: + # -- Configure [Pod Disruption Budget] for the controller pods + enabled: true + minAvailable: 1 + +server: + # enable HPA with at least two Pods + autoscaling: + # -- Enable Horizontal Pod Autoscaler ([HPA]) for the Argo Server + enabled: true + # -- Minimum number of replicas for the Argo Server [HPA] + minReplicas: 2 # should be strictly greater than PDB minAvailable + # enable PDB with at least one Pod + pdb: + # -- Configure [Pod Disruption Budget] for the controller pods + enabled: true + minAvailable: 1 From 95f56b534c69b33190f0db106a93e6781a7b6ed4 Mon Sep 17 00:00:00 2001 From: Aikawa Date: Mon, 11 Sep 2023 22:24:21 +0900 Subject: [PATCH 305/356] fix(argo-cd): Migrate leftover of applicationSet.replicaCount to applicationSet.replicas (#2261) Signed-off-by: yu-croco --- charts/argo-cd/Chart.yaml | 6 +++--- charts/argo-cd/templates/_helpers.tpl | 2 +- 2 files changed, 4 insertions(+), 4 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index fcbd06424..291f33dc7 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -3,7 +3,7 @@ appVersion: v2.8.3 kubeVersion: ">=1.23.0-0" description: A Helm chart for Argo CD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 5.46.0 +version: 5.46.1 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png sources: @@ -26,5 +26,5 @@ annotations: fingerprint: 2B8F22F57260EFA67BE1C5824B11F800CD9D2252 url: https://argoproj.github.io/argo-helm/pgp_keys.asc artifacthub.io/changes: | - - kind: added - description: added a toggle for the shared Helm working directory + - kind: fixed + description: Migrate leftover of applicationSet.replicaCount to applicationSet.replicas diff --git a/charts/argo-cd/templates/_helpers.tpl b/charts/argo-cd/templates/_helpers.tpl index 058526862..b5d62a6ab 100644 --- a/charts/argo-cd/templates/_helpers.tpl +++ b/charts/argo-cd/templates/_helpers.tpl @@ -201,7 +201,7 @@ NOTE: Configuration keys must be stored as dict because YAML treats dot as separ {{- $_ := set $presets (printf "%s.log.level" $component) $.Values.global.logging.level -}} {{- end -}} {{- if .Values.applicationSet.enabled -}} -{{- $_ := set $presets "applicationsetcontroller.enable.leader.election" (gt (.Values.applicationSet.replicaCount | int64) 1) -}} +{{- $_ := set $presets "applicationsetcontroller.enable.leader.election" (gt ((.Values.applicationSet.replicas | default .Values.applicationSet.replicaCount) | int64) 1) -}} {{- end -}} {{- toYaml $presets }} {{- end -}} From d51d3c6b692e9729869bb1180bcaa7b18ef1f771 Mon Sep 17 00:00:00 2001 From: Josh Soref <2119212+jsoref@users.noreply.github.com> Date: Mon, 11 Sep 2023 19:32:56 -0400 Subject: [PATCH 306/356] docs(argo-cd): improve changelog (#2262) * clarify 5.19.0 changes * revise wording Signed-off-by: Josh Soref <2119212+jsoref@users.noreply.github.com> --- charts/argo-cd/Chart.yaml | 6 +++--- charts/argo-cd/README.md | 4 ++-- charts/argo-cd/README.md.gotmpl | 4 ++-- 3 files changed, 7 insertions(+), 7 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index 291f33dc7..82e892e26 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -3,7 +3,7 @@ appVersion: v2.8.3 kubeVersion: ">=1.23.0-0" description: A Helm chart for Argo CD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 5.46.1 +version: 5.46.2 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png sources: @@ -26,5 +26,5 @@ annotations: fingerprint: 2B8F22F57260EFA67BE1C5824B11F800CD9D2252 url: https://argoproj.github.io/argo-helm/pgp_keys.asc artifacthub.io/changes: | - - kind: fixed - description: Migrate leftover of applicationSet.replicaCount to applicationSet.replicas + - kind: changed + description: Improve readme migration notes diff --git a/charts/argo-cd/README.md b/charts/argo-cd/README.md index 5b780b0bd..abb6be29e 100644 --- a/charts/argo-cd/README.md +++ b/charts/argo-cd/README.md @@ -106,7 +106,7 @@ For full list of changes please check ArtifactHub [changelog]. Highlighted versions provide information about additional steps that should be performed by user when upgrading to newer version. ### 5.35.0 -This version supports Kubernetes version `>=1.23.0-0`. The current supported version of Kubernetes is v1.24 or later and we align with Amazon EKS calendar, because many of AWS users and conservative approach. +This version supports Kubernetes version `>=1.23.0-0`. The current supported version of Kubernetes is v1.24 or later and we align with the Amazon EKS calendar, because many AWS users follow a conservative approach. Please see more information about EoL: [Amazon EKS EoL][EKS EoL]. @@ -126,7 +126,7 @@ This versions adds `global.affinity` options that are used as a presets. Overrid ### 5.19.0 -This version consolidates config for custom repository TLS certificates and SSH known hosts. If you provide this values please move them into new `configs.ssh` and `configs.tls` sections. +This version consolidates config for custom repository TLS certificates and SSH known hosts. If you provided these values (`configs.knownHosts.*`, `configs.knownHostsAnnotations`, `configs.tlsCerts`, `configs.tlsCertsAnnotations`) please move them into new `configs.ssh` and `configs.tls` sections. You can also use new option `configs.ssh.extraHosts` to configure your SSH keys without maintaing / overwritting keys for public Git repositories. ### 5.13.0 diff --git a/charts/argo-cd/README.md.gotmpl b/charts/argo-cd/README.md.gotmpl index dce6d9224..5dc048b44 100644 --- a/charts/argo-cd/README.md.gotmpl +++ b/charts/argo-cd/README.md.gotmpl @@ -105,7 +105,7 @@ For full list of changes please check ArtifactHub [changelog]. Highlighted versions provide information about additional steps that should be performed by user when upgrading to newer version. ### 5.35.0 -This version supports Kubernetes version `>=1.23.0-0`. The current supported version of Kubernetes is v1.24 or later and we align with Amazon EKS calendar, because many of AWS users and conservative approach. +This version supports Kubernetes version `>=1.23.0-0`. The current supported version of Kubernetes is v1.24 or later and we align with the Amazon EKS calendar, because many AWS users follow a conservative approach. Please see more information about EoL: [Amazon EKS EoL][EKS EoL]. @@ -126,7 +126,7 @@ This versions adds `global.affinity` options that are used as a presets. Overrid ### 5.19.0 -This version consolidates config for custom repository TLS certificates and SSH known hosts. If you provide this values please move them into new `configs.ssh` and `configs.tls` sections. +This version consolidates config for custom repository TLS certificates and SSH known hosts. If you provided these values (`configs.knownHosts.*`, `configs.knownHostsAnnotations`, `configs.tlsCerts`, `configs.tlsCertsAnnotations`) please move them into new `configs.ssh` and `configs.tls` sections. You can also use new option `configs.ssh.extraHosts` to configure your SSH keys without maintaing / overwritting keys for public Git repositories. ### 5.13.0 From c7e05467a4c9217e69405c3b46bc1857dc2382d9 Mon Sep 17 00:00:00 2001 From: Yaroslav Drachenko Date: Tue, 12 Sep 2023 17:37:00 +0300 Subject: [PATCH 307/356] Argo-cd 2.8 + merge upstream 5.46.2 (#21) MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit * feat(argocd-apps): add permitOnlyProjectScopedClusters flag (#2149) Signed-off-by: Fabián Sellés Rosa <1088313+Fsero@users.noreply.github.com> * feat(argo-cd): Allow configuring Dex's init image resources separately (#2161) Allow configuring Dex's init image resources separately Signed-off-by: Angelo Ross * chore(deps): bump helm/kind-action from 1.7.0 to 1.8.0 (#2163) Bumps [helm/kind-action](https://github.com/helm/kind-action) from 1.7.0 to 1.8.0. - [Release notes](https://github.com/helm/kind-action/releases) - [Commits](https://github.com/helm/kind-action/compare/fa81e57adff234b2908110485695db0f181f3c67...dda0770415bac9fc20092cacbc54aa298604d140) --- updated-dependencies: - dependency-name: helm/kind-action dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * chore(deps): bump actions/labeler from 4.2.0 to 4.3.0 (#2164) Bumps [actions/labeler](https://github.com/actions/labeler) from 4.2.0 to 4.3.0. - [Release notes](https://github.com/actions/labeler/releases) - [Commits](https://github.com/actions/labeler/compare/0967ca812e7fdc8f5f71402a1b486d5bd061fe20...ac9175f8a1f3625fd0d4fb234536d26811351594) --- updated-dependencies: - dependency-name: actions/labeler dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Aikawa * chore(deps): bump actions/setup-python from 4.6.1 to 4.7.0 (#2165) Bumps [actions/setup-python](https://github.com/actions/setup-python) from 4.6.1 to 4.7.0. - [Release notes](https://github.com/actions/setup-python/releases) - [Commits](https://github.com/actions/setup-python/compare/bd6b4b6205c4dbad673328db7b31b7fab9e241c0...61a6322f88396a6271a6ee3565807d608ecaddd1) --- updated-dependencies: - dependency-name: actions/setup-python dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Aikawa * fix(argo-cd): Ensure `app.kubernetes.io/version` label is valid (#2148) Signed-off-by: Mathieu Parent * feat(argo-cd): allow configurable hpa metrics (#2166) * allow configurable HPA metrics Signed-off-by: Zach Swanson * update docs Signed-off-by: Zach Swanson * Update chart version and changelog Signed-off-by: Zach Swanson Signed-off-by: Zach Swanson * Fix values/readme reference to repo server Signed-off-by: Zach Swanson --------- Signed-off-by: Zach Swanson Signed-off-by: Zach Swanson Signed-off-by: Zach Swanson <1272954+zswanson@users.noreply.github.com> * feat(argo-cd): make ServiceMonitor deployment conditional on CRD existence (#2154) * made ServiceMonitor deployment conditional on CRD existence Signed-off-by: alex-souslik-hs * remove non ArgoCD changes Signed-off-by: alex-souslik-hs * add newline Signed-off-by: Alex Souslik * Change chage description Signed-off-by: Alex Souslik * Update charts/argo-cd/Chart.yaml Co-authored-by: Marco Kilchhofer Signed-off-by: Alex Souslik --------- Signed-off-by: alex-souslik-hs Signed-off-by: Alex Souslik Co-authored-by: Marco Kilchhofer * feat(argo-cd): Upgrade argocd to v2.7.8 (#2173) Signed-off-by: smcavallo * feat(argo-rollouts): Upgrade Argo Rollouts to v1.5.1 (#2174) * chore(argo-workflows): Upgrade to 3.4.9 (#2175) chore(argo-workflow): Upgrade to 3.4.9 - [ ] update CRD changes Signed-off-by: jmeridth * feat(argocd-apps): syncOptions for applications (#2176) Signed-off-by: Mathieu Parent Co-authored-by: Aikawa * fix(argocd-apps): fix indent of syncOptions (#2181) * chore(github): use table for Emeritus (#2182) - to matches how `argoproj` lists Alumni (https://github.com/argoproj/argoproj/blob/6011d3e17300d4b642a1ab5bdb3551c5f6da9021/MAINTAINERS.md?plain=1#L11) - though it has more details including role and affiliation. could do that here too, but I don't know what all those are, so left those columns out - fortunately everyone's name was listed on their profile, so just copy+paste those! - confirmed that all links work Signed-off-by: Anton Gilgur * fix(argo-rollouts): Use annotation cont metrics (#2184) * fix(argo-rollouts): Use annotation cont metrics Signed-off-by: Artur Mudrykh * fix(argo-rollouts): add changes and bump version Signed-off-by: Artur Mudrykh * fix chart.yaml Signed-off-by: Artur Mudrykh --------- Signed-off-by: Artur Mudrykh Co-authored-by: Artur Mudrykh * chore(argo-cd): Upgrade Argo CD to v2.7.9 (#2186) feat(argo-cd): Upgrade argocd to v2.7.9 Signed-off-by: Venkata Mutyala * feat(argo-workflows): allow setting executor args (#2177) * feat(argo-cd): add labels to notifications secret (#2191) (#2192) Signed-off-by: carlos gonzález * chore(argo-cd): Upgrade Argo CD to v2.7.10 (#2197) Signed-off-by: yu-croco * fix(argo-rollouts): fix helm lint error when extraObjects is defined (#2196) fix(extra-manifests): fix helm lint error when extraObjecrts is defined Signed-off-by: Grégory SANCHEZ Co-authored-by: Jason Meridth * fix(argo-cd): Template configuration keys as a string instead of map (#2205) * fix(argo-rollouts): Add required ingress permission (#2207) * chore(argo-cd): Upgrade Argo CD to v2.7.11 (#2210) Signed-off-by: yu-croco * feat(github): add Helm OCI support (#2209) Signed-off-by: Engin Diri * feat(argo-cd): Upgrade Argo CD to 2.8.0 (#2170) Signed-off-by: Petr Drastil Co-authored-by: Aikawa * fix(argo-rollouts): add CI for enabling extra objects for argo-rollouts (#2198) * fix(argo-rollouts): add CI for enabling extra objects for argo-rollouts Add CI for extra objects Signed-off-by: jmeridth * fix: rename extra objects ci file to have -values suffix Signed-off-by: jmeridth --------- Signed-off-by: jmeridth Co-authored-by: Aikawa * fix(argo-cd): Fix global log level configuration (#2213) fix(argo-cd) - Fix global log level configuration Signed-off-by: Petr Drastil * chore(argo-cd): Change applicationSet replicaCount to replicas (#2214) Signed-off-by: Petr Drastil * fix(argo-cd): add missing permissions to run actions (#2212) Signed-off-by: Mickaël Canévet * fix(argo-workflows): Server only needs `get` Secrets (#2211) - as of https://github.com/argoproj/argo-workflows/commit/aa366db345d794f0d330336d51eb2a88f14ebbe6, the Server no longer needs `list` or `watch` and only uses `get` - this was released as part of [v3.4.0](https://github.com/argoproj/argo-workflows/blob/master/CHANGELOG.md#v340-rc1-2022-08-09), and the current version of the chart uses v3.4.9 (per `Chart.yaml#appVersion`) - `update` is not needed either for SSO secret - manifests RBAC: https://github.com/argoproj/argo-workflows/blob/a68ea0feabc87c09d5e13d12e6f0d1a61adc5b16/manifests/cluster-install/argo-server-rbac/argo-server-clusterole.yaml#L18 - SSO source code only uses [`create`](https://github.com/argoproj/argo-workflows/blob/20d0923611f1df6b7147c3547aeeff6b6bfecf18/server/auth/sso/sso.go#L140) and [`get`](https://github.com/argoproj/argo-workflows/blob/20d0923611f1df6b7147c3547aeeff6b6bfecf18/server/auth/sso/sso.go#L151) - (also some `get`s above that for [`clientID`](https://github.com/argoproj/argo-workflows/blob/20d0923611f1df6b7147c3547aeeff6b6bfecf18/server/auth/sso/sso.go#L127) and [`clientSecret`](https://github.com/argoproj/argo-workflows/blob/20d0923611f1df6b7147c3547aeeff6b6bfecf18/server/auth/sso/sso.go#L106) as well) Signed-off-by: Anton Gilgur Co-authored-by: Aikawa Co-authored-by: Jason Meridth * docs(argo-cd): Rename comment of repositoryCredentials to credentialTemplates (#2219) Rename comment of repositoryCredentials to credentialTemplates Signed-off-by: Ali Reza * feat(argo-rollouts): update servicemonitor.yaml to allow for namespace to be set (#2222) * Update servicemonitor.yaml to allow for namespace to be set Signed-off-by: Nick Kampe * Update README.md Signed-off-by: Nick Kampe * Update values.yaml Signed-off-by: Nick Kampe * Update Chart.yaml Signed-off-by: Nick Kampe * Update Chart.yaml Signed-off-by: Nick Kampe * Alphabetized namespace addition in README Signed-off-by: Nick Kampe --------- Signed-off-by: Nick Kampe * chore(argo-workflows): Upgrade to Argo Workflows v3.4.10 (#2220) * feat(argo-workflows): add imagePullSecret for workflow sa (#2226) Signed-off-by: Fuochi * chore(argo-workflows): update comment for azure artifact repository blobNameFormat (#2229) * chore(argo-cd): Upgrade Argo CD to v2.8.1 (#2230) Signed-off-by: yu-croco * chore(argo-cd): Upgrade Argo CD to v2.8.2 (#2231) Signed-off-by: yu-croco * fix(argo-cd): Fix applicationSet HA examples in README.md (#2232) Signed-off-by: Joonas Venäläinen * chore(deps): bump actions/checkout from 3.5.3 to 3.6.0 (#2234) Bumps [actions/checkout](https://github.com/actions/checkout) from 3.5.3 to 3.6.0. - [Release notes](https://github.com/actions/checkout/releases) - [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md) - [Commits](https://github.com/actions/checkout/compare/c85c95e3d7251135ab7dc9ce3241c5835cc595a9...f43a0e5ff2bd294095638e18286ca9a3d1956744) --- updated-dependencies: - dependency-name: actions/checkout dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * chore(argo-cd): Upgrade redis-exporter to 1.53.0 (#2236) Signed-off-by: Petr Drastil Co-authored-by: Aikawa * chore(argo-cd): Remove support for legacy cert-manager APIs (#2238) * chore(argo-cd): Remove support for legacy cert-manager APIs Signed-off-by: Petr Drastil * Bump minor version Signed-off-by: Petr Drastil --------- Signed-off-by: Petr Drastil * chore(argo-cd): Remove support for autoscaling/v1 (#2237) Signed-off-by: Petr Drastil * chore(argo-events): Upgrade argo-events to 1.8.1 (#2247) https://github.com/argoproj/argo-events/releases/tag/v1.8.1 Signed-off-by: jmeridth * fix(argo-cd): Update values.yaml - update custom css styles side bar example (#2245) * Update values.yaml - update custom css styles side barexample .nav-bar is no longer the css class name Signed-off-by: JesseBot * Update Chart.yaml - update patch version for values.yaml comment update Signed-off-by: JesseBot * Update Chart.yaml - update change log Signed-off-by: JesseBot --------- Signed-off-by: JesseBot * chore(argo-rollouts): Upgrade Argo Rollouts to v1.6.0 (#2252) * chore(argo-rollouts): Upgrade Argo Rollouts to v1.6.0 Signed-off-by: Gustav Kofoed Clausen * chore(argo-rollouts): Update CRDs to matching version Signed-off-by: Gustav Kofoed Clausen --------- Signed-off-by: Gustav Kofoed Clausen Co-authored-by: Gustav Kofoed Clausen * fix(argo-cd): Make the PathType configurable when using single ingress resource in AWS (#2251) * Make the PathType configurable when using single ingress resource in AWS Signed-off-by: Tamas * update chart version and doc Signed-off-by: Tamas * Fix reference to value in range Signed-off-by: Tamas --------- Signed-off-by: Tamas Co-authored-by: Tamas * chore(argo-cd): Upgrade Argo CD to v2.8.3 (#2254) Signed-off-by: Alexej Disterhoft * chore(argo-workflows): Upgrade Argo Workflows to v3.4.11 (#2255) * fix(argo-cd): Restart Repo Server and Application Controller as following the change of Argo CD CM (#2235) * fix(argo-cd): Restart Repo Server and Application Controller as following the change of Argo CD CM Signed-off-by: yu-croco * fix(argo-cd): Aligne condition to argocd-cm Signed-off-by: yu-croco --------- Signed-off-by: yu-croco * docs(argo-cd): Document scheduling parameters for redis-ha (#2253) Signed-off-by: Petr Drastil * feat(argo-cd): adds toggle for helm-working-dir (#2249) - Adds a toggle to be able to turn off the helm-working-dir for the repo server deployment. Using a shared helm repo storage directory can cause issues when multiple helm commands are being run in parallel. The repo server also has the ability to rebuild the repos and do updates in the normal flow for checking the status of an application so it won't cause issues if it's disabled. Signed-off-by: Andrew Hamilton * chore(deps): bump actions/checkout from 3.6.0 to 4.0.0 (#2258) Bumps [actions/checkout](https://github.com/actions/checkout) from 3.6.0 to 4.0.0. - [Release notes](https://github.com/actions/checkout/releases) - [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md) - [Commits](https://github.com/actions/checkout/compare/f43a0e5ff2bd294095638e18286ca9a3d1956744...3df4ab11eba7bda6032a0b82a6bb43b11571feac) --- updated-dependencies: - dependency-name: actions/checkout dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * chore(deps): bump actions/upload-artifact from 3.1.2 to 3.1.3 (#2259) Bumps [actions/upload-artifact](https://github.com/actions/upload-artifact) from 3.1.2 to 3.1.3. - [Release notes](https://github.com/actions/upload-artifact/releases) - [Commits](https://github.com/actions/upload-artifact/compare/0b7f8abb1508181956e8e162db84b466c27e18ce...a8a3f3ad30e3422c9c7b888a15615d19a852ae32) --- updated-dependencies: - dependency-name: actions/upload-artifact dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Aikawa * docs(argo-workflows): add an HA section (#2183) * feat(argo-workflows): add a sample HA config - a `values-ha.yaml` as an example for how one would set-up HA according to the Argo Workflows docs Signed-off-by: Anton Gilgur * docs(argo-workflows): add an HA section - plus add a test for HA, which the docs link to as an example - link back to [upstream docs](https://argoproj.github.io/argo-workflows/high-availability/) as well - follow the same basic structure as the [Argo CD chart for HA](https://github.com/argoproj/argo-helm/blob/3e35b0c7f7d758d553b17f369cc5940484ef5d89/charts/argo-cd/README.md?plain=1#L17) - as asked in review Signed-off-by: Anton Gilgur --------- Signed-off-by: Anton Gilgur Signed-off-by: Anton Gilgur <4970083+agilgur5@users.noreply.github.com> Co-authored-by: Aikawa * fix(argo-cd): Migrate leftover of applicationSet.replicaCount to applicationSet.replicas (#2261) Signed-off-by: yu-croco * docs(argo-cd): improve changelog (#2262) * clarify 5.19.0 changes * revise wording Signed-off-by: Josh Soref <2119212+jsoref@users.noreply.github.com> --------- Signed-off-by: Fabián Sellés Rosa <1088313+Fsero@users.noreply.github.com> Signed-off-by: Angelo Ross Signed-off-by: dependabot[bot] Signed-off-by: Mathieu Parent Signed-off-by: Zach Swanson Signed-off-by: Zach Swanson Signed-off-by: Zach Swanson <1272954+zswanson@users.noreply.github.com> Signed-off-by: alex-souslik-hs Signed-off-by: Alex Souslik Signed-off-by: smcavallo Signed-off-by: jmeridth Signed-off-by: Anton Gilgur Signed-off-by: Artur Mudrykh Signed-off-by: Venkata Mutyala Signed-off-by: carlos gonzález Signed-off-by: yu-croco Signed-off-by: Grégory SANCHEZ Signed-off-by: Engin Diri Signed-off-by: Petr Drastil Signed-off-by: Mickaël Canévet Signed-off-by: Ali Reza Signed-off-by: Nick Kampe Signed-off-by: Fuochi Signed-off-by: Joonas Venäläinen Signed-off-by: JesseBot Signed-off-by: Gustav Kofoed Clausen Signed-off-by: Tamas Signed-off-by: Alexej Disterhoft Signed-off-by: Andrew Hamilton Signed-off-by: Anton Gilgur <4970083+agilgur5@users.noreply.github.com> Signed-off-by: Josh Soref <2119212+jsoref@users.noreply.github.com> Co-authored-by: Fabián Sellés Rosa <1088313+Fsero@users.noreply.github.com> Co-authored-by: Angelo Ross Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Aikawa Co-authored-by: Mathieu Parent Co-authored-by: Zach Swanson <1272954+zswanson@users.noreply.github.com> Co-authored-by: Alex Souslik Co-authored-by: Marco Kilchhofer Co-authored-by: smcavallo Co-authored-by: Takuma Kume Co-authored-by: Jason Meridth Co-authored-by: Anton Gilgur <4970083+agilgur5@users.noreply.github.com> Co-authored-by: Artur Co-authored-by: Artur Mudrykh Co-authored-by: Venkata Mutyala Co-authored-by: Andy Cobaugh Co-authored-by: carlos gonzález Co-authored-by: Grégory SANCHEZ Co-authored-by: Petr Drastil Co-authored-by: Engin Diri Co-authored-by: Mickaël Canévet Co-authored-by: Ali Reza Co-authored-by: Nick Kampe Co-authored-by: Fuochi Co-authored-by: Jeongwon Song <46633758+jsong336@users.noreply.github.com> Co-authored-by: Joonas Venäläinen <38143731+joonvena@users.noreply.github.com> Co-authored-by: JesseBot Co-authored-by: Gustav Kofoed Clausen Co-authored-by: Gustav Kofoed Clausen Co-authored-by: Tamas Szasz Co-authored-by: Tamas Co-authored-by: Alexej Disterhoft Co-authored-by: Andrew Hamilton Co-authored-by: Josh Soref <2119212+jsoref@users.noreply.github.com> --- .github/workflows/lint-and-test.yml | 8 +- .github/workflows/pr-sizing.yml | 2 +- .github/workflows/publish.yml | 5 +- .github/workflows/scorecard.yml | 4 +- EMERITUS.md | 14 +- charts/argo-cd/Chart.yaml | 8 +- charts/argo-cd/README.md | 37 +- charts/argo-cd/README.md.gotmpl | 8 +- charts/argo-cd/templates/NOTES.txt | 15 +- charts/argo-cd/templates/_common.tpl | 9 +- charts/argo-cd/templates/_helpers.tpl | 37 +- charts/argo-cd/templates/_versions.tpl | 32 - .../servicemonitor.yaml | 2 +- .../statefulset.yaml | 15 + .../argocd-applicationset/certificate.yaml | 2 +- .../argocd-applicationset/deployment.yaml | 75 +- .../argocd-applicationset/servicemonitor.yaml | 2 +- .../argocd-notifications-secret.yaml | 3 + .../argocd-notifications/servicemonitor.yaml | 2 +- .../argocd-repo-server/deployment.yaml | 21 + .../templates/argocd-repo-server/hpa.yaml | 32 +- .../argocd-repo-server/servicemonitor.yaml | 2 +- .../templates/argocd-server/certificate.yaml | 2 +- .../templates/argocd-server/clusterrole.yaml | 12 + .../templates/argocd-server/deployment.yaml | 12 + .../argo-cd/templates/argocd-server/hpa.yaml | 32 +- .../templates/argocd-server/ingress.yaml | 2 +- .../argocd-server/servicemonitor.yaml | 2 +- .../templates/crds/crd-application.yaml | 168 +- .../templates/crds/crd-applicationset.yaml | 4542 ++++++++++++----- charts/argo-cd/templates/dex/deployment.yaml | 2 +- .../argo-cd/templates/dex/servicemonitor.yaml | 2 +- .../templates/redis/servicemonitor.yaml | 2 +- charts/argo-cd/values.yaml | 76 +- charts/argo-events/Chart.yaml | 8 +- charts/argo-rollouts/Chart.yaml | 8 +- charts/argo-rollouts/README.md | 2 + .../ci/enable-extra-objects-values.yaml | 14 + .../templates/controller/clusterrole.yaml | 1 + .../templates/controller/metrics-service.yaml | 5 +- .../templates/controller/role.yaml | 1 + .../templates/controller/servicemonitor.yaml | 2 +- .../templates/crds/analysis-run-crd.yaml | 63 +- .../templates/crds/analysis-template-crd.yaml | 63 +- .../crds/cluster-analysis-template-crd.yaml | 63 +- .../templates/crds/experiment-crd.yaml | 34 +- .../templates/crds/rollout-crd.yaml | 88 +- .../templates/extra-manifests.yaml | 2 +- charts/argo-rollouts/values.yaml | 4 + charts/argo-workflows/Chart.yaml | 8 +- charts/argo-workflows/README.md | 7 + charts/argo-workflows/README.md.gotmpl | 5 + charts/argo-workflows/ci/ha-values.yaml | 23 + .../workflow-controller-config-map.yaml | 5 +- .../templates/controller/workflow-sa.yaml | 4 + .../server/server-cluster-roles.yaml | 3 - charts/argo-workflows/values.yaml | 6 +- charts/argocd-apps/Chart.yaml | 6 +- .../argocd-apps/ci/applications-values.yaml | 2 + charts/argocd-apps/templates/projects.yaml | 3 + charts/argocd-apps/values.yaml | 3 + 61 files changed, 4144 insertions(+), 1478 deletions(-) create mode 100644 charts/argo-rollouts/ci/enable-extra-objects-values.yaml create mode 100644 charts/argo-workflows/ci/ha-values.yaml diff --git a/.github/workflows/lint-and-test.yml b/.github/workflows/lint-and-test.yml index 9b9a18701..f717c3229 100644 --- a/.github/workflows/lint-and-test.yml +++ b/.github/workflows/lint-and-test.yml @@ -13,7 +13,7 @@ jobs: options: --user 1001 steps: - name: Checkout - uses: actions/checkout@c85c95e3d7251135ab7dc9ce3241c5835cc595a9 # v3.5.3 + uses: actions/checkout@3df4ab11eba7bda6032a0b82a6bb43b11571feac # v4.0.0 - name: Run ah lint working-directory: ./charts run: ah lint @@ -22,7 +22,7 @@ jobs: runs-on: ubuntu-latest steps: - name: Checkout - uses: actions/checkout@c85c95e3d7251135ab7dc9ce3241c5835cc595a9 # v3.5.3 + uses: actions/checkout@3df4ab11eba7bda6032a0b82a6bb43b11571feac # v4.0.0 with: fetch-depth: 0 @@ -32,7 +32,7 @@ jobs: version: v3.10.1 # Also update in publish.yaml - name: Set up python - uses: actions/setup-python@bd6b4b6205c4dbad673328db7b31b7fab9e241c0 # v4.6.1 + uses: actions/setup-python@61a6322f88396a6271a6ee3565807d608ecaddd1 # v4.7.0 with: python-version: 3.9 @@ -70,7 +70,7 @@ jobs: fi - name: Create kind cluster - uses: helm/kind-action@fa81e57adff234b2908110485695db0f181f3c67 # v1.7.0 + uses: helm/kind-action@dda0770415bac9fc20092cacbc54aa298604d140 # v1.8.0 if: steps.list-changed.outputs.changed == 'true' with: config: .github/configs/kind-config.yaml diff --git a/.github/workflows/pr-sizing.yml b/.github/workflows/pr-sizing.yml index 18a87c50e..d22ac7503 100644 --- a/.github/workflows/pr-sizing.yml +++ b/.github/workflows/pr-sizing.yml @@ -16,7 +16,7 @@ jobs: triage: runs-on: ubuntu-latest steps: - - uses: actions/labeler@0967ca812e7fdc8f5f71402a1b486d5bd061fe20 # v4.2.0 + - uses: actions/labeler@ac9175f8a1f3625fd0d4fb234536d26811351594 # v4.3.0 with: configuration-path: ".github/configs/labeler.yaml" repo-token: "${{ secrets.GITHUB_TOKEN }}" diff --git a/.github/workflows/publish.yml b/.github/workflows/publish.yml index 847214174..ca354e863 100644 --- a/.github/workflows/publish.yml +++ b/.github/workflows/publish.yml @@ -4,6 +4,8 @@ on: push: branches: - argo-cd + paths: + - "charts/**" permissions: contents: read @@ -12,10 +14,11 @@ jobs: publish: permissions: contents: write # for helm/chart-releaser-action to push chart release and create a release + packages: write # to push OCI chart package to GitHub Registry runs-on: ubuntu-latest steps: - name: Checkout - uses: actions/checkout@c85c95e3d7251135ab7dc9ce3241c5835cc595a9 # v3.5.3 + uses: actions/checkout@3df4ab11eba7bda6032a0b82a6bb43b11571feac # v4.0.0 with: fetch-depth: 0 diff --git a/.github/workflows/scorecard.yml b/.github/workflows/scorecard.yml index 066d3c57e..8a924219d 100644 --- a/.github/workflows/scorecard.yml +++ b/.github/workflows/scorecard.yml @@ -33,7 +33,7 @@ jobs: steps: - name: "Checkout code" - uses: actions/checkout@c85c95e3d7251135ab7dc9ce3241c5835cc595a9 # v3.5.3 + uses: actions/checkout@3df4ab11eba7bda6032a0b82a6bb43b11571feac # v4.0.0 with: persist-credentials: false @@ -60,7 +60,7 @@ jobs: # Upload the results as artifacts (optional). Commenting out will disable uploads of run results in SARIF # format to the repository Actions tab. - name: "Upload artifact" - uses: actions/upload-artifact@0b7f8abb1508181956e8e162db84b466c27e18ce # v3.1.2 + uses: actions/upload-artifact@a8a3f3ad30e3422c9c7b888a15615d19a852ae32 # v3.1.3 with: name: SARIF file path: results.sarif diff --git a/EMERITUS.md b/EMERITUS.md index 2c2996902..c0ff96740 100644 --- a/EMERITUS.md +++ b/EMERITUS.md @@ -4,9 +4,11 @@ These are the people who have been approvers in the past, and have since retired We thank them for their service to the project. -* @oliverbaehler -* @stefansedich -* @paguos -* @yann-soubeyrand -* @davidkarlsen -* @jbehling +| Emeritus | GitHub ID | +| -------- | --------- | +| Oliver Bähler | [oliverbaehler](https://github.com/oliverbaehler) | +| Stefan Sedich | [stefansedich](https://github.com/stefansedich) | +| Pablo Osinaga | [paguos](https://github.com/paguos) | +| Yann Soubeyrand | [yann-soubeyrand](https://github.com/yann-soubeyrand) | +| David J. M. Karlsen | [davidkarlsen](https://github.com/davidkarlsen) | +| John Behling | [jbehling](https://github.com/jbehling) | diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index 49ccc8d13..b7b943018 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -1,9 +1,9 @@ apiVersion: v2 -appVersion: v2.7.0-cap-CR-19754-deletion-fix +appVersion: v2.8.1-cap-CR-20116-rollout-sync-sha kubeVersion: ">=1.23.0-0" description: A Helm chart for Argo CD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 5.38.1-2-cap-CR-19754 +version: 5.46.2-1-cap-CR-20116 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png sources: @@ -27,4 +27,6 @@ annotations: url: https://argoproj.github.io/argo-helm/pgp_keys.asc artifacthub.io/changes: | - kind: changed - description: Update ArgoCD version to v2.7.0-cap-CR-19754-deletion-fix + description: Update to upstream 5.46.2 + - kind: changed + description: Update ArgoCD version to v2.8.1-cap-CR-20116-rollout-sync-sha diff --git a/charts/argo-cd/README.md b/charts/argo-cd/README.md index 0cb7571dc..982ee13da 100644 --- a/charts/argo-cd/README.md +++ b/charts/argo-cd/README.md @@ -42,7 +42,7 @@ repoServer: minReplicas: 2 applicationSet: - replicaCount: 2 + replicas: 2 ``` ### HA mode without autoscaling @@ -61,7 +61,7 @@ repoServer: replicas: 2 applicationSet: - replicaCount: 2 + replicas: 2 ``` ### Synchronizing Changes from Original Repository @@ -106,7 +106,7 @@ For full list of changes please check ArtifactHub [changelog]. Highlighted versions provide information about additional steps that should be performed by user when upgrading to newer version. ### 5.35.0 -This version supports Kubernetes version `>=1.23.0-0`. The current supported version of Kubernetes is v1.24 or later and we align with Amazon EKS calendar, because many of AWS users and conservative approach. +This version supports Kubernetes version `>=1.23.0-0`. The current supported version of Kubernetes is v1.24 or later and we align with the Amazon EKS calendar, because many AWS users follow a conservative approach. Please see more information about EoL: [Amazon EKS EoL][EKS EoL]. @@ -126,7 +126,7 @@ This versions adds `global.affinity` options that are used as a presets. Overrid ### 5.19.0 -This version consolidates config for custom repository TLS certificates and SSH known hosts. If you provide this values please move them into new `configs.ssh` and `configs.tls` sections. +This version consolidates config for custom repository TLS certificates and SSH known hosts. If you provided these values (`configs.knownHosts.*`, `configs.knownHostsAnnotations`, `configs.tlsCerts`, `configs.tlsCertsAnnotations`) please move them into new `configs.ssh` and `configs.tls` sections. You can also use new option `configs.ssh.extraHosts` to configure your SSH keys without maintaing / overwritting keys for public Git repositories. ### 5.13.0 @@ -383,8 +383,6 @@ NAME: my-release | Key | Type | Default | Description | |-----|------|---------|-------------| -| apiVersionOverrides.autoscaling | string | `""` | String to override apiVersion of autoscaling rendered by this helm chart | -| apiVersionOverrides.certmanager | string | `""` | String to override apiVersion of cert-manager resources rendered by this helm chart | | apiVersionOverrides.cloudgoogle | string | `""` | String to override apiVersion of GKE resources rendered by this helm chart | | crds.additionalLabels | object | `{}` | Addtional labels to be added to all CRDs | | crds.annotations | object | `{}` | Annotations to be added to all CRDs | @@ -461,7 +459,7 @@ NAME: my-release | configs.params."reposerver.parallelism.limit" | int | `0` | Limit on number of concurrent manifests generate requests. Any value less the 1 means no limit. | | configs.params."server.basehref" | string | `"/"` | Value for base href in index.html. Used if Argo CD is running behind reverse proxy under subpath different from / | | configs.params."server.disable.auth" | bool | `false` | Disable Argo CD RBAC for user authentication | -| configs.params."server.enable.gzip" | bool | `false` | Enable GZIP compression | +| configs.params."server.enable.gzip" | bool | `true` | Enable GZIP compression | | configs.params."server.insecure" | bool | `false` | Run server without TLS | | configs.params."server.rootpath" | string | `""` | Used if Argo CD is running behind reverse proxy under subpath different from / | | configs.params."server.staticassets" | string | `"/shared/app"` | Directory path that contains additional static assets | @@ -573,9 +571,10 @@ NAME: my-release | Key | Type | Default | Description | |-----|------|---------|-------------| | repoServer.affinity | object | `{}` (defaults to global.affinity preset) | Assign custom [affinity] rules to the deployment | -| repoServer.autoscaling.behavior | object | `{}` | Configures the scaling behavior of the target in both Up and Down directions. This is only available on HPA apiVersion `autoscaling/v2beta2` and newer | +| repoServer.autoscaling.behavior | object | `{}` | Configures the scaling behavior of the target in both Up and Down directions. | | repoServer.autoscaling.enabled | bool | `false` | Enable Horizontal Pod Autoscaler ([HPA]) for the repo server | | repoServer.autoscaling.maxReplicas | int | `5` | Maximum number of replicas for the repo server [HPA] | +| repoServer.autoscaling.metrics | list | `[]` | Configures custom HPA metrics for the Argo CD repo server Ref: https://kubernetes.io/docs/tasks/run-application/horizontal-pod-autoscale/ | | repoServer.autoscaling.minReplicas | int | `1` | Minimum number of replicas for the repo server [HPA] | | repoServer.autoscaling.targetCPUUtilizationPercentage | int | `50` | Average CPU utilization percentage for the repo server [HPA] | | repoServer.autoscaling.targetMemoryUtilizationPercentage | int | `50` | Average memory utilization percentage for the repo server [HPA] | @@ -656,6 +655,7 @@ NAME: my-release | repoServer.serviceAccount.name | string | `""` | Repo server service account name | | repoServer.tolerations | list | `[]` (defaults to global.tolerations) | [Tolerations] for use with node taints | | repoServer.topologySpreadConstraints | list | `[]` (defaults to global.topologySpreadConstraints) | Assign custom [TopologySpreadConstraints] rules to the repo server | +| repoServer.useEphemeralHelmWorkingDir | bool | `true` | Toggle the usage of a ephemeral Helm working directory | | repoServer.volumeMounts | list | `[]` | Additional volumeMounts to the repo server main container | | repoServer.volumes | list | `[]` | Additional volumes to the repo server pod | @@ -670,9 +670,10 @@ NAME: my-release | server.GKEmanagedCertificate.domains | list | `["argocd.example.com"]` | Domains for the Google Managed Certificate | | server.GKEmanagedCertificate.enabled | bool | `false` | Enable ManagedCertificate custom resource for Google Kubernetes Engine. | | server.affinity | object | `{}` (defaults to global.affinity preset) | Assign custom [affinity] rules to the deployment | -| server.autoscaling.behavior | object | `{}` | Configures the scaling behavior of the target in both Up and Down directions. This is only available on HPA apiVersion `autoscaling/v2beta2` and newer | +| server.autoscaling.behavior | object | `{}` | Configures the scaling behavior of the target in both Up and Down directions. | | server.autoscaling.enabled | bool | `false` | Enable Horizontal Pod Autoscaler ([HPA]) for the Argo CD server | | server.autoscaling.maxReplicas | int | `5` | Maximum number of replicas for the Argo CD server [HPA] | +| server.autoscaling.metrics | list | `[]` | Configures custom HPA metrics for the Argo CD server Ref: https://kubernetes.io/docs/tasks/run-application/horizontal-pod-autoscale/ | | server.autoscaling.minReplicas | int | `1` | Minimum number of replicas for the Argo CD server [HPA] | | server.autoscaling.targetCPUUtilizationPercentage | int | `50` | Average CPU utilization percentage for the Argo CD server [HPA] | | server.autoscaling.targetMemoryUtilizationPercentage | int | `50` | Average memory utilization percentage for the Argo CD server [HPA] | @@ -864,6 +865,7 @@ server: | dex.initContainers | list | `[]` | Init containers to add to the dex pod | | dex.initImage.imagePullPolicy | string | `""` (defaults to global.image.imagePullPolicy) | Argo CD init image imagePullPolicy | | dex.initImage.repository | string | `""` (defaults to global.image.repository) | Argo CD init image repository | +| dex.initImage.resources | object | `{}` (defaults to dex.resources) | Argo CD init image resources | | dex.initImage.tag | string | `""` (defaults to global.image.tag) | Argo CD init image tag | | dex.livenessProbe.enabled | bool | `false` | Enable Kubernetes liveness probe for Dex >= 2.28.0 | | dex.livenessProbe.failureThreshold | int | `3` | Minimum consecutive failures for the [probe] to be considered failed after having succeeded | @@ -939,7 +941,7 @@ server: | redis.exporter.env | list | `[]` | Environment variables to pass to the Redis exporter | | redis.exporter.image.imagePullPolicy | string | `""` (defaults to global.image.imagePullPolicy) | Image pull policy for the redis-exporter | | redis.exporter.image.repository | string | `"public.ecr.aws/bitnami/redis-exporter"` | Repository to use for the redis-exporter | -| redis.exporter.image.tag | string | `"1.45.0"` | Tag to use for the redis-exporter | +| redis.exporter.image.tag | string | `"1.53.0"` | Tag to use for the redis-exporter | | redis.exporter.resources | object | `{}` | Resource limits and requests for redis-exporter sidecar | | redis.extraArgs | list | `[]` | Additional command line arguments to pass to redis-server | | redis.extraContainers | list | `[]` | Additional containers to be added to the redis pod | @@ -997,17 +999,27 @@ The main options are listed here: | Key | Type | Default | Description | |-----|------|---------|-------------| +| redis-ha.additionalAffinities | object | `{}` | Additional affinities to add to the Redis server pods. | +| redis-ha.affinity | object | `{}` | Assign custom [affinity] rules to the Redis pods. | | redis-ha.enabled | bool | `false` | Enables the Redis HA subchart and disables the custom Redis single node deployment | | redis-ha.exporter.enabled | bool | `false` | Enable Prometheus redis-exporter sidecar | | redis-ha.exporter.image | string | `"public.ecr.aws/bitnami/redis-exporter"` | Repository to use for the redis-exporter | -| redis-ha.exporter.tag | string | `"1.45.0"` | Tag to use for the redis-exporter | +| redis-ha.exporter.tag | string | `"1.53.0"` | Tag to use for the redis-exporter | +| redis-ha.haproxy.additionalAffinities | object | `{}` | Additional affinities to add to the haproxy pods. | +| redis-ha.haproxy.affinity | object | `{}` | Assign custom [affinity] rules to the haproxy pods. | | redis-ha.haproxy.enabled | bool | `true` | Enabled HAProxy LoadBalancing/Proxy | +| redis-ha.haproxy.hardAntiAffinity | bool | `true` | Whether the haproxy pods should be forced to run on separate nodes. | | redis-ha.haproxy.metrics.enabled | bool | `true` | HAProxy enable prometheus metric scraping | +| redis-ha.haproxy.tolerations | list | `[]` | [Tolerations] for use with node taints for haproxy pods. | +| redis-ha.hardAntiAffinity | bool | `true` | Whether the Redis server pods should be forced to run on separate nodes. | +| redis-ha.image.repository | string | `"redis"` | Redis repository | | redis-ha.image.tag | string | `"7.0.11-alpine"` | Redis tag | | redis-ha.persistentVolume.enabled | bool | `false` | Configures persistence on Redis nodes | | redis-ha.redis.config | object | See [values.yaml] | Any valid redis config options in this section will be applied to each server (see `redis-ha` chart) | | redis-ha.redis.config.save | string | `'""'` | Will save the DB if both the given number of seconds and the given number of write operations against the DB occurred. `""` is disabled | | redis-ha.redis.masterGroupName | string | `"argocd"` | Redis convention for naming the cluster group: must match `^[\\w-\\.]+$` and can be templated | +| redis-ha.tolerations | list | `[]` | [Tolerations] for use with node taints for Redis pods. | +| redis-ha.topologySpreadConstraints | object | `{"enabled":false,"maxSkew":"","topologyKey":"","whenUnsatisfiable":""}` | Assign custom [TopologySpreadConstraints] rules to the Redis pods. | | redis-ha.topologySpreadConstraints.enabled | bool | `false` | Enable Redis HA topology spread constraints | | redis-ha.topologySpreadConstraints.maxSkew | string | `""` (defaults to `1`) | Max skew of pods tolerated | | redis-ha.topologySpreadConstraints.topologyKey | string | `""` (defaults to `topology.kubernetes.io/zone`) | Topology key for spread | @@ -1110,7 +1122,7 @@ If you want to use an existing Redis (eg. a managed service from a cloud provide | applicationSet.readinessProbe.periodSeconds | int | `10` | How often (in seconds) to perform the [probe] | | applicationSet.readinessProbe.successThreshold | int | `1` | Minimum consecutive successes for the [probe] to be considered successful after having failed | | applicationSet.readinessProbe.timeoutSeconds | int | `1` | Number of seconds after which the [probe] times out | -| applicationSet.replicaCount | int | `1` | The number of ApplicationSet controller pods to run | +| applicationSet.replicas | int | `1` | The number of ApplicationSet controller pods to run | | applicationSet.resources | object | `{}` | Resource limits and requests for the ApplicationSet controller pods. | | applicationSet.service.annotations | object | `{}` | ApplicationSet service annotations | | applicationSet.service.labels | object | `{}` | ApplicationSet service labels | @@ -1192,6 +1204,7 @@ If you want to use an existing Redis (eg. a managed service from a cloud provide | notifications.secret.annotations | object | `{}` | key:value pairs of annotations to be added to the secret | | notifications.secret.create | bool | `true` | Whether helm chart creates notifications controller secret | | notifications.secret.items | object | `{}` | Generic key:value pairs to be inserted into the secret | +| notifications.secret.labels | object | `{}` | key:value pairs of labels to be added to the secret | | notifications.serviceAccount.annotations | object | `{}` | Annotations applied to created service account | | notifications.serviceAccount.automountServiceAccountToken | bool | `true` | Automount API credentials for the Service Account | | notifications.serviceAccount.create | bool | `true` | Create notifications controller service account | diff --git a/charts/argo-cd/README.md.gotmpl b/charts/argo-cd/README.md.gotmpl index f1dea7f2d..5dc048b44 100644 --- a/charts/argo-cd/README.md.gotmpl +++ b/charts/argo-cd/README.md.gotmpl @@ -41,7 +41,7 @@ repoServer: minReplicas: 2 applicationSet: - replicaCount: 2 + replicas: 2 ``` ### HA mode without autoscaling @@ -60,7 +60,7 @@ repoServer: replicas: 2 applicationSet: - replicaCount: 2 + replicas: 2 ``` ### Synchronizing Changes from Original Repository @@ -105,7 +105,7 @@ For full list of changes please check ArtifactHub [changelog]. Highlighted versions provide information about additional steps that should be performed by user when upgrading to newer version. ### 5.35.0 -This version supports Kubernetes version `>=1.23.0-0`. The current supported version of Kubernetes is v1.24 or later and we align with Amazon EKS calendar, because many of AWS users and conservative approach. +This version supports Kubernetes version `>=1.23.0-0`. The current supported version of Kubernetes is v1.24 or later and we align with the Amazon EKS calendar, because many AWS users follow a conservative approach. Please see more information about EoL: [Amazon EKS EoL][EKS EoL]. @@ -126,7 +126,7 @@ This versions adds `global.affinity` options that are used as a presets. Overrid ### 5.19.0 -This version consolidates config for custom repository TLS certificates and SSH known hosts. If you provide this values please move them into new `configs.ssh` and `configs.tls` sections. +This version consolidates config for custom repository TLS certificates and SSH known hosts. If you provided these values (`configs.knownHosts.*`, `configs.knownHostsAnnotations`, `configs.tlsCerts`, `configs.tlsCertsAnnotations`) please move them into new `configs.ssh` and `configs.tls` sections. You can also use new option `configs.ssh.extraHosts` to configure your SSH keys without maintaing / overwritting keys for public Git repositories. ### 5.13.0 diff --git a/charts/argo-cd/templates/NOTES.txt b/charts/argo-cd/templates/NOTES.txt index 5f9617766..1b6267969 100644 --- a/charts/argo-cd/templates/NOTES.txt +++ b/charts/argo-cd/templates/NOTES.txt @@ -52,8 +52,6 @@ DEPRECATED option configs.gpgKeys - Use config.gpg.keys {{- if .Values.configs.gpgKeysAnnotations }} DEPRECATED option configs.gpgKeysAnnotations - Use config.gpg.annotations {{- end }} -<<<<<<< HEAD -======= {{- if hasKey (.Values.controller.clusterAdminAccess | default dict) "enabled" }} DEPRECATED option .controller.clusterAdminAccess.enabled - Use createClusterRoles {{- end }} @@ -75,6 +73,9 @@ DEPRECATED option configs.tlsCertsAnnotations - Use configs.tls.annotations {{- if hasKey .Values.configs "tlsCerts" }} DEPRECATED option configs.tlsCerts.data - Use configs.tls.certificates {{- end }} +{{- if .Values.applicationSet.replicaCount }} +DEPRECATED option applicationSet.replicaCount - Use applicationSet.replicas +{{- end }} {{- if .Values.applicationSet.logFormat }} DEPRECATED option applicationSet.logFormat - Use configs.params.applicationsetcontroller.log.format {{- end }} @@ -87,7 +88,6 @@ DEPRECATED option applicationSet.args.policy - Use configs.params.applicationset {{- if .Values.applicationSet.args.dryRun }} DEPRECATED option applicationSet.args.dryRun - Use configs.params.applicationsetcontroller.dryRun {{- end }} ->>>>>>> argo-cd-5.27.1 {{- if .Values.controller.service }} REMOVED option controller.service - Use controller.metrics {{- end }} @@ -100,8 +100,6 @@ REMOVED option applicationSet.args.debug - Use applicationSet.logLevel: debug {{- if .Values.applicationSet.args.enableLeaderElection }} REMOVED option applicationSet.args.enableLeaderElection - Value determined based on replicas {{- end }} -<<<<<<< HEAD -======= {{- if .Values.controller.containerPort }} REMOVED option controller.containerPort - Use controller.containerPorts {{- end }} @@ -123,7 +121,12 @@ REMOVED option redis.containerPort - Use redis.containerPorts {{- if .Values.redis.metrics.containerPort }} REMOVED option redis.metrics.containerPort - Use redis.containerPorts {{- end }} ->>>>>>> argo-cd-5.27.1 +{{- if .Values.apiVersionOverrides.autoscaling }} +REMOVED option apiVersionOverrides.autoscaling - API autoscaling/v2 is GA from 1.23 +{{- end }} +{{- if .Values.apiVersionOverrides.certmanager }} +REMOVED option apiVersionOverrides.certmanager - API v1 is only possible option after K8s 1.22 +{{- end }} In order to access the server UI you have the following options: diff --git a/charts/argo-cd/templates/_common.tpl b/charts/argo-cd/templates/_common.tpl index f8c84c9c2..4173876c6 100644 --- a/charts/argo-cd/templates/_common.tpl +++ b/charts/argo-cd/templates/_common.tpl @@ -38,6 +38,13 @@ Create Argo CD app version {{- default .Chart.AppVersion .Values.global.image.tag }} {{- end -}} +{{/* +Return valid version label +*/}} +{{- define "argo-cd.versionLabelValue" -}} +{{ regexReplaceAll "[^-A-Za-z0-9_.]" (include "argo-cd.defaultTag" .) "-" | trunc 63 | trimAll "-" | trimAll "_" | trimAll "." | quote }} +{{- end -}} + {{/* Common labels */}} @@ -46,7 +53,7 @@ helm.sh/chart: {{ include "argo-cd.chart" .context }} {{ include "argo-cd.selectorLabels" (dict "context" .context "component" .component "name" .name) }} app.kubernetes.io/managed-by: {{ .context.Release.Service }} app.kubernetes.io/part-of: argocd -app.kubernetes.io/version: {{ include "argo-cd.defaultTag" .context }} +app.kubernetes.io/version: {{ include "argo-cd.versionLabelValue" .context }} {{- with .context.Values.global.additionalLabels }} {{ toYaml . }} {{- end }} diff --git a/charts/argo-cd/templates/_helpers.tpl b/charts/argo-cd/templates/_helpers.tpl index 2786d6ede..b5d62a6ab 100644 --- a/charts/argo-cd/templates/_helpers.tpl +++ b/charts/argo-cd/templates/_helpers.tpl @@ -162,9 +162,11 @@ Create the name of the notifications service account to use Argo Configuration Preset Values (Incluenced by Values configuration) */}} {{- define "argo-cd.config.cm.presets" -}} +{{- $presets := dict -}} {{- if .Values.configs.styles -}} -ui.cssurl: "./custom/custom.styles.css" +{{- $_ := set $presets "ui.cssurl" "./custom/custom.styles.css" -}} {{- end -}} +{{- toYaml $presets }} {{- end -}} {{/* @@ -183,24 +185,25 @@ Merge Argo Configuration with Preset Configuration {{/* Argo Params Default Configuration Presets +NOTE: Configuration keys must be stored as dict because YAML treats dot as separator */}} {{- define "argo-cd.config.params.presets" -}} -repo.server: "{{ include "argo-cd.repoServer.fullname" . }}:{{ .Values.repoServer.service.port }}" -server.repo.server.strict.tls: {{ .Values.repoServer.certificateSecret.enabled | toString }} -{{- with include "argo-cd.redis.server" . }} -redis.server: {{ . | quote }} -{{- end }} -{{- if .Values.dex.enabled }} -server.dex.server: {{ include "argo-cd.dex.server" . | quote }} -server.dex.server.strict.tls: {{ .Values.dex.certificateSecret.enabled | toString }} -{{- end }} -{{- range $component := tuple "applicationsetcontroller" "controller" "server" "reposerver" }} -{{ $component }}.log.format: {{ $.Values.global.logging.format | quote }} -{{ $component }}.log.level: {{ $.Values.global.logging.level | quote }} -{{- end }} -{{- if .Values.applicationSet.enabled }} -applicationsetcontroller.enable.leader.election: {{ gt (.Values.applicationSet.replicaCount | int64) 1 }} -{{- end }} +{{- $presets := dict -}} +{{- $_ := set $presets "repo.server" (printf "%s:%s" (include "argo-cd.repoServer.fullname" .) (.Values.repoServer.service.port | toString)) -}} +{{- $_ := set $presets "server.repo.server.strict.tls" (.Values.repoServer.certificateSecret.enabled | toString ) -}} +{{- $_ := set $presets "redis.server" (include "argo-cd.redis.server" .) -}} +{{- if .Values.dex.enabled -}} +{{- $_ := set $presets "server.dex.server" (include "argo-cd.dex.server" .) -}} +{{- $_ := set $presets "server.dex.server.strict.tls" .Values.dex.certificateSecret.enabled -}} +{{- end -}} +{{- range $component := tuple "applicationsetcontroller" "controller" "server" "reposerver" -}} +{{- $_ := set $presets (printf "%s.log.format" $component) $.Values.global.logging.format -}} +{{- $_ := set $presets (printf "%s.log.level" $component) $.Values.global.logging.level -}} +{{- end -}} +{{- if .Values.applicationSet.enabled -}} +{{- $_ := set $presets "applicationsetcontroller.enable.leader.election" (gt ((.Values.applicationSet.replicas | default .Values.applicationSet.replicaCount) | int64) 1) -}} +{{- end -}} +{{- toYaml $presets }} {{- end -}} {{/* diff --git a/charts/argo-cd/templates/_versions.tpl b/charts/argo-cd/templates/_versions.tpl index 8240c4b09..5d65fcd6d 100644 --- a/charts/argo-cd/templates/_versions.tpl +++ b/charts/argo-cd/templates/_versions.tpl @@ -6,38 +6,6 @@ Return the target Kubernetes version {{- default .Capabilities.KubeVersion.Version .Values.kubeVersionOverride }} {{- end }} -{{/* -Return the appropriate apiVersion for autoscaling -*/}} -{{- define "argo-cd.apiVersion.autoscaling" -}} -{{- if .Values.apiVersionOverrides.autoscaling -}} -{{- print .Values.apiVersionOverrides.autoscaling -}} -{{- else if semverCompare "<1.23-0" (include "argo-cd.kubeVersion" .) -}} -{{- print "autoscaling/v2beta1" -}} -{{- else -}} -{{- print "autoscaling/v2" -}} -{{- end -}} -{{- end -}} - -{{/* -Return the appropriate apiVersion for cert-manager -*/}} -{{- define "argo-cd.apiVersion.cert-manager" -}} -{{- if .Values.apiVersionOverrides.certmanager -}} -{{- print .Values.apiVersionOverrides.certmanager -}} -{{- else if .Capabilities.APIVersions.Has "cert-manager.io/v1" -}} -{{- print "cert-manager.io/v1" -}} -{{- else if .Capabilities.APIVersions.Has "cert-manager.io/v1beta1" -}} -{{- print "cert-manager.io/v1beta1" -}} -{{- else if .Capabilities.APIVersions.Has "cert-manager.io/v1alpha3" -}} -{{- print "cert-manager.io/v1alpha3" -}} -{{- else if .Capabilities.APIVersions.Has "cert-manager.io/v1alpha2" -}} -{{- print "cert-manager.io/v1alpha2" -}} -{{- else -}} -{{- print "certmanager.k8s.io/v1alpha1" -}} -{{- end -}} -{{- end -}} - {{/* Return the appropriate apiVersion for GKE resources */}} diff --git a/charts/argo-cd/templates/argocd-application-controller/servicemonitor.yaml b/charts/argo-cd/templates/argocd-application-controller/servicemonitor.yaml index 10ba77678..3ce0c10da 100644 --- a/charts/argo-cd/templates/argocd-application-controller/servicemonitor.yaml +++ b/charts/argo-cd/templates/argocd-application-controller/servicemonitor.yaml @@ -1,4 +1,4 @@ -{{- if and .Values.controller.metrics.enabled .Values.controller.metrics.serviceMonitor.enabled }} +{{- if and (.Capabilities.APIVersions.Has "monitoring.coreos.com/v1") .Values.controller.metrics.enabled .Values.controller.metrics.serviceMonitor.enabled }} apiVersion: monitoring.coreos.com/v1 kind: ServiceMonitor metadata: diff --git a/charts/argo-cd/templates/argocd-application-controller/statefulset.yaml b/charts/argo-cd/templates/argocd-application-controller/statefulset.yaml index b671e245a..3583a2b72 100644 --- a/charts/argo-cd/templates/argocd-application-controller/statefulset.yaml +++ b/charts/argo-cd/templates/argocd-application-controller/statefulset.yaml @@ -23,6 +23,9 @@ spec: metadata: annotations: checksum/cmd-params: {{ include (print $.Template.BasePath "/argocd-configs/argocd-cmd-params-cm.yaml") . | sha256sum }} + {{- if (hasKey .Values.server "configEnabled") | ternary .Values.server.configEnabled .Values.configs.cm.create }} + checksum/cm: {{ include (print $.Template.BasePath "/argocd-configs/argocd-cm.yaml") . | sha256sum }} + {{- end }} {{- with (mergeOverwrite (deepCopy .Values.global.podAnnotations) .Values.controller.podAnnotations) }} {{- range $key, $value := . }} {{ $key }}: {{ $value | quote }} @@ -236,6 +239,18 @@ spec: name: argocd-cmd-params-cm key: application.namespaces optional: true + - name: ARGOCD_CONTROLLER_SHARDING_ALGORITHM + valueFrom: + configMapKeyRef: + name: argocd-cmd-params-cm + key: controller.sharding.algorithm + optional: true + - name: ARGOCD_APPLICATION_CONTROLLER_KUBECTL_PARALLELISM_LIMIT + valueFrom: + configMapKeyRef: + name: argocd-cmd-params-cm + key: controller.kubectl.parallelism.limit + optional: true {{- with .Values.controller.envFrom }} envFrom: {{- toYaml . | nindent 10 }} diff --git a/charts/argo-cd/templates/argocd-applicationset/certificate.yaml b/charts/argo-cd/templates/argocd-applicationset/certificate.yaml index f3b7d5d15..76e63eb31 100644 --- a/charts/argo-cd/templates/argocd-applicationset/certificate.yaml +++ b/charts/argo-cd/templates/argocd-applicationset/certificate.yaml @@ -1,5 +1,5 @@ {{- if .Values.applicationSet.certificate.enabled -}} -apiVersion: {{ include "argo-cd.apiVersion.cert-manager" . }} +apiVersion: cert-manager.io/v1 kind: Certificate metadata: {{- with (mergeOverwrite (deepCopy .Values.global.certificateAnnotations) .Values.applicationSet.certificate.annotations) }} diff --git a/charts/argo-cd/templates/argocd-applicationset/deployment.yaml b/charts/argo-cd/templates/argocd-applicationset/deployment.yaml index c62227cfb..d30dc9248 100644 --- a/charts/argo-cd/templates/argocd-applicationset/deployment.yaml +++ b/charts/argo-cd/templates/argocd-applicationset/deployment.yaml @@ -17,7 +17,7 @@ spec: strategy: {{- trim . | nindent 4 }} {{- end }} - replicas: {{ .Values.applicationSet.replicaCount }} + replicas: {{ .Values.applicationSet.replicas | default .Values.applicationSet.replicaCount }} revisionHistoryLimit: {{ .Values.global.revisionHistoryLimit }} selector: matchLabels: @@ -93,12 +93,6 @@ spec: key: applicationsetcontroller.enable.leader.election name: argocd-cmd-params-cm optional: true - - name: ARGOCD_APPLICATIONSET_CONTROLLER_NAMESPACE - valueFrom: - configMapKeyRef: - key: applicationsetcontroller.namespace - name: argocd-cmd-params-cm - optional: true - name: ARGOCD_APPLICATIONSET_CONTROLLER_REPO_SERVER valueFrom: configMapKeyRef: @@ -111,6 +105,12 @@ spec: key: applicationsetcontroller.policy name: argocd-cmd-params-cm optional: true + - name: ARGOCD_APPLICATIONSET_CONTROLLER_ENABLE_POLICY_OVERRIDE + valueFrom: + configMapKeyRef: + key: applicationsetcontroller.enable.policy.override + name: argocd-cmd-params-cm + optional: true - name: ARGOCD_APPLICATIONSET_CONTROLLER_DEBUG valueFrom: configMapKeyRef: @@ -147,6 +147,54 @@ spec: key: applicationsetcontroller.enable.progressive.syncs name: argocd-cmd-params-cm optional: true + - name: ARGOCD_APPLICATIONSET_CONTROLLER_ENABLE_NEW_GIT_FILE_GLOBBING + valueFrom: + configMapKeyRef: + key: applicationsetcontroller.enable.new.git.file.globbing + name: argocd-cmd-params-cm + optional: true + - name: ARGOCD_APPLICATIONSET_CONTROLLER_REPO_SERVER_PLAINTEXT + valueFrom: + configMapKeyRef: + name: argocd-cmd-params-cm + key: applicationsetcontroller.repo.server.plaintext + optional: true + - name: ARGOCD_APPLICATIONSET_CONTROLLER_REPO_SERVER_STRICT_TLS + valueFrom: + configMapKeyRef: + name: argocd-cmd-params-cm + key: applicationsetcontroller.repo.server.strict.tls + optional: true + - name: ARGOCD_APPLICATIONSET_CONTROLLER_REPO_SERVER_TIMEOUT_SECONDS + valueFrom: + configMapKeyRef: + name: argocd-cmd-params-cm + key: applicationsetcontroller.repo.server.timeout.seconds + optional: true + - name: ARGOCD_APPLICATIONSET_CONTROLLER_CONCURRENT_RECONCILIATIONS + valueFrom: + configMapKeyRef: + name: argocd-cmd-params-cm + key: applicationsetcontroller.concurrent.reconciliations.max + optional: true + - name: ARGOCD_APPLICATIONSET_CONTROLLER_NAMESPACES + valueFrom: + configMapKeyRef: + key: applicationsetcontroller.namespaces + name: argocd-cmd-params-cm + optional: true + - name: ARGOCD_APPLICATIONSET_CONTROLLER_SCM_ROOT_CA_PATH + valueFrom: + configMapKeyRef: + key: applicationsetcontroller.scm.root.ca.path + name: argocd-cmd-params-cm + optional: true + - name: ARGOCD_APPLICATIONSET_CONTROLLER_ALLOWED_SCM_PROVIDERS + valueFrom: + configMapKeyRef: + name: argocd-cmd-params-cm + key: applicationsetcontroller.allowed.scm.providers + optional: true {{- with .Values.applicationSet.extraEnvFrom }} envFrom: {{- toYaml . | nindent 12 }} @@ -199,6 +247,8 @@ spec: name: gpg-keys - mountPath: /app/config/gpg/keys name: gpg-keyring + - mountPath: /app/config/reposerver/tls + name: argocd-repo-server-tls - mountPath: /tmp name: tmp {{- with .Values.applicationSet.extraContainers }} @@ -248,6 +298,17 @@ spec: emptyDir: {} - name: tmp emptyDir: {} + - name: argocd-repo-server-tls + secret: + secretName: argocd-repo-server-tls + optional: true + items: + - key: tls.crt + path: tls.crt + - key: tls.key + path: tls.key + - key: ca.crt + path: ca.crt {{- with .Values.applicationSet.dnsConfig }} dnsConfig: {{- toYaml . | nindent 8 }} diff --git a/charts/argo-cd/templates/argocd-applicationset/servicemonitor.yaml b/charts/argo-cd/templates/argocd-applicationset/servicemonitor.yaml index bb814a254..b3554675a 100644 --- a/charts/argo-cd/templates/argocd-applicationset/servicemonitor.yaml +++ b/charts/argo-cd/templates/argocd-applicationset/servicemonitor.yaml @@ -1,5 +1,5 @@ {{- if .Values.applicationSet.enabled }} -{{- if and .Values.applicationSet.metrics.enabled .Values.applicationSet.metrics.serviceMonitor.enabled }} +{{- if and (.Capabilities.APIVersions.Has "monitoring.coreos.com/v1") .Values.applicationSet.metrics.enabled .Values.applicationSet.metrics.serviceMonitor.enabled }} apiVersion: monitoring.coreos.com/v1 kind: ServiceMonitor metadata: diff --git a/charts/argo-cd/templates/argocd-configs/argocd-notifications-secret.yaml b/charts/argo-cd/templates/argocd-configs/argocd-notifications-secret.yaml index cde4d555b..75027ed5a 100644 --- a/charts/argo-cd/templates/argocd-configs/argocd-notifications-secret.yaml +++ b/charts/argo-cd/templates/argocd-configs/argocd-notifications-secret.yaml @@ -6,6 +6,9 @@ metadata: namespace: {{ .Release.Namespace | quote }} labels: {{- include "argo-cd.labels" (dict "context" . "component" .Values.notifications.name "name" .Values.notifications.name) | nindent 4 }} + {{- with .Values.notifications.secret.labels }} + {{- toYaml . | nindent 4 }} + {{- end }} {{- with .Values.notifications.secret.annotations }} annotations: {{- range $key, $value := . }} diff --git a/charts/argo-cd/templates/argocd-notifications/servicemonitor.yaml b/charts/argo-cd/templates/argocd-notifications/servicemonitor.yaml index de3cc5a35..18849886b 100644 --- a/charts/argo-cd/templates/argocd-notifications/servicemonitor.yaml +++ b/charts/argo-cd/templates/argocd-notifications/servicemonitor.yaml @@ -1,4 +1,4 @@ -{{- if and .Values.notifications.enabled .Values.notifications.metrics.enabled .Values.notifications.metrics.serviceMonitor.enabled }} +{{- if and (.Capabilities.APIVersions.Has "monitoring.coreos.com/v1") .Values.notifications.enabled .Values.notifications.metrics.enabled .Values.notifications.metrics.serviceMonitor.enabled }} apiVersion: monitoring.coreos.com/v1 kind: ServiceMonitor metadata: diff --git a/charts/argo-cd/templates/argocd-repo-server/deployment.yaml b/charts/argo-cd/templates/argocd-repo-server/deployment.yaml index f438c8b57..3080c79fd 100755 --- a/charts/argo-cd/templates/argocd-repo-server/deployment.yaml +++ b/charts/argo-cd/templates/argocd-repo-server/deployment.yaml @@ -30,6 +30,9 @@ spec: {{- if .Values.repoServer.certificateSecret.enabled }} checksum/repo-server-tls: {{ include (print $.Template.BasePath "/argocd-configs/argocd-repo-server-tls-secret.yaml") . | sha256sum }} {{- end }} + {{- if (hasKey .Values.server "configEnabled") | ternary .Values.server.configEnabled .Values.configs.cm.create }} + checksum/cm: {{ include (print $.Template.BasePath "/argocd-configs/argocd-cm.yaml") . | sha256sum }} + {{- end }} {{- with (mergeOverwrite (deepCopy .Values.global.podAnnotations) .Values.repoServer.podAnnotations) }} {{- range $key, $value := . }} {{ $key }}: {{ $value | quote }} @@ -108,6 +111,18 @@ spec: name: argocd-cmd-params-cm key: reposerver.parallelism.limit optional: true + - name: ARGOCD_REPO_SERVER_LISTEN_ADDRESS + valueFrom: + configMapKeyRef: + name: argocd-cmd-params-cm + key: reposerver.listen.address + optional: true + - name: ARGOCD_REPO_SERVER_LISTEN_METRICS_ADDRESS + valueFrom: + configMapKeyRef: + name: argocd-cmd-params-cm + key: reposerver.metrics.listen.address + optional: true - name: ARGOCD_REPO_SERVER_DISABLE_TLS valueFrom: configMapKeyRef: @@ -216,12 +231,14 @@ spec: key: reposerver.enable.git.submodule name: argocd-cmd-params-cm optional: true + {{- if .Values.repoServer.useEphemeralHelmWorkingDir }} - name: HELM_CACHE_HOME value: /helm-working-dir - name: HELM_CONFIG_HOME value: /helm-working-dir - name: HELM_DATA_HOME value: /helm-working-dir + {{- end }} {{- with .Values.repoServer.envFrom }} envFrom: {{- toYaml . | nindent 10 }} @@ -240,8 +257,10 @@ spec: name: gpg-keyring - mountPath: /app/config/reposerver/tls name: argocd-repo-server-tls + {{- if .Values.repoServer.useEphemeralHelmWorkingDir }} - mountPath: /helm-working-dir name: helm-working-dir + {{- end }} - mountPath: /home/argocd/cmp-server/plugins name: plugins - mountPath: /tmp @@ -334,8 +353,10 @@ spec: {{- with .Values.repoServer.volumes }} {{- toYaml . | nindent 6 }} {{- end }} + {{- if .Values.repoServer.useEphemeralHelmWorkingDir }} - name: helm-working-dir emptyDir: {} + {{- end }} - name: plugins emptyDir: {} - name: var-files diff --git a/charts/argo-cd/templates/argocd-repo-server/hpa.yaml b/charts/argo-cd/templates/argocd-repo-server/hpa.yaml index 2cba83248..ce6ed371d 100644 --- a/charts/argo-cd/templates/argocd-repo-server/hpa.yaml +++ b/charts/argo-cd/templates/argocd-repo-server/hpa.yaml @@ -1,42 +1,38 @@ {{- if .Values.repoServer.autoscaling.enabled }} -apiVersion: {{ include "argo-cd.apiVersion.autoscaling" . }} +apiVersion: autoscaling/v2 kind: HorizontalPodAutoscaler metadata: - labels: - {{- include "argo-cd.labels" (dict "context" . "component" .Values.repoServer.name "name" (printf "%s-hpa" .Values.repoServer.name)) | nindent 4 }} - name: {{ template "argo-cd.repoServer.fullname" . }}-hpa + name: {{ include "argo-cd.repoServer.fullname" . }} namespace: {{ .Release.Namespace | quote }} + labels: + {{- include "argo-cd.labels" (dict "context" . "component" .Values.repoServer.name "name" .Values.repoServer.name) | nindent 4 }} spec: scaleTargetRef: apiVersion: apps/v1 kind: Deployment - name: {{ template "argo-cd.repoServer.fullname" . }} + name: {{ include "argo-cd.repoServer.fullname" . }} minReplicas: {{ .Values.repoServer.autoscaling.minReplicas }} maxReplicas: {{ .Values.repoServer.autoscaling.maxReplicas }} metrics: - {{- with .Values.repoServer.autoscaling.targetMemoryUtilizationPercentage }} + {{- with .Values.repoServer.autoscaling.metrics }} + {{- toYaml . | nindent 4 }} + {{- else }} + {{- with .Values.repoServer.autoscaling.targetMemoryUtilizationPercentage }} - type: Resource resource: name: memory - {{- if eq (include "argo-cd.apiVersion.autoscaling" $) "autoscaling/v2beta1" }} - targetAverageUtilization: {{ . }} - {{- else }} target: - averageUtilization: {{ . }} type: Utilization - {{- end }} - {{- end }} - {{- with .Values.repoServer.autoscaling.targetCPUUtilizationPercentage }} + averageUtilization: {{ . }} + {{- end }} + {{- with .Values.repoServer.autoscaling.targetCPUUtilizationPercentage }} - type: Resource resource: name: cpu - {{- if eq (include "argo-cd.apiVersion.autoscaling" $) "autoscaling/v2beta1" }} - targetAverageUtilization: {{ . }} - {{- else }} target: - averageUtilization: {{ . }} type: Utilization - {{- end }} + averageUtilization: {{ . }} + {{- end }} {{- end }} {{- with .Values.repoServer.autoscaling.behavior }} behavior: diff --git a/charts/argo-cd/templates/argocd-repo-server/servicemonitor.yaml b/charts/argo-cd/templates/argocd-repo-server/servicemonitor.yaml index aec96461c..c41520b72 100644 --- a/charts/argo-cd/templates/argocd-repo-server/servicemonitor.yaml +++ b/charts/argo-cd/templates/argocd-repo-server/servicemonitor.yaml @@ -1,4 +1,4 @@ -{{- if and .Values.repoServer.metrics.enabled .Values.repoServer.metrics.serviceMonitor.enabled }} +{{- if and (.Capabilities.APIVersions.Has "monitoring.coreos.com/v1") .Values.repoServer.metrics.enabled .Values.repoServer.metrics.serviceMonitor.enabled }} apiVersion: monitoring.coreos.com/v1 kind: ServiceMonitor metadata: diff --git a/charts/argo-cd/templates/argocd-server/certificate.yaml b/charts/argo-cd/templates/argocd-server/certificate.yaml index 716c38ea1..74066ef8f 100644 --- a/charts/argo-cd/templates/argocd-server/certificate.yaml +++ b/charts/argo-cd/templates/argocd-server/certificate.yaml @@ -1,5 +1,5 @@ {{- if .Values.server.certificate.enabled -}} -apiVersion: {{ include "argo-cd.apiVersion.cert-manager" . }} +apiVersion: cert-manager.io/v1 kind: Certificate metadata: {{- with (mergeOverwrite (deepCopy .Values.global.certificateAnnotations) .Values.server.certificate.annotations) }} diff --git a/charts/argo-cd/templates/argocd-server/clusterrole.yaml b/charts/argo-cd/templates/argocd-server/clusterrole.yaml index 0f26d4707..3d2c44b55 100644 --- a/charts/argo-cd/templates/argocd-server/clusterrole.yaml +++ b/charts/argo-cd/templates/argocd-server/clusterrole.yaml @@ -45,4 +45,16 @@ rules: - list - update - watch + - apiGroups: + - batch + resources: + - jobs + verbs: + - create + - apiGroups: + - argoproj.io + resources: + - workflows + verbs: + - create {{- end }} diff --git a/charts/argo-cd/templates/argocd-server/deployment.yaml b/charts/argo-cd/templates/argocd-server/deployment.yaml index cc9289812..e3f322cb2 100755 --- a/charts/argo-cd/templates/argocd-server/deployment.yaml +++ b/charts/argo-cd/templates/argocd-server/deployment.yaml @@ -263,6 +263,18 @@ spec: name: argocd-cmd-params-cm key: server.http.cookie.maxnumber optional: true + - name: ARGOCD_SERVER_LISTEN_ADDRESS + valueFrom: + configMapKeyRef: + name: argocd-cmd-params-cm + key: server.listen.address + optional: true + - name: ARGOCD_SERVER_METRICS_LISTEN_ADDRESS + valueFrom: + configMapKeyRef: + name: argocd-cmd-params-cm + key: server.metrics.listen.address + optional: true - name: ARGOCD_SERVER_OTLP_ADDRESS valueFrom: configMapKeyRef: diff --git a/charts/argo-cd/templates/argocd-server/hpa.yaml b/charts/argo-cd/templates/argocd-server/hpa.yaml index cbc17c319..a509e5694 100644 --- a/charts/argo-cd/templates/argocd-server/hpa.yaml +++ b/charts/argo-cd/templates/argocd-server/hpa.yaml @@ -1,42 +1,38 @@ {{- if .Values.server.autoscaling.enabled }} -apiVersion: {{ include "argo-cd.apiVersion.autoscaling" . }} +apiVersion: autoscaling/v2 kind: HorizontalPodAutoscaler metadata: - labels: - {{- include "argo-cd.labels" (dict "context" . "component" .Values.server.name "name" (printf "%s-hpa" .Values.server.name)) | nindent 4 }} - name: {{ template "argo-cd.server.fullname" . }}-hpa + name: {{ include "argo-cd.server.fullname" . }} namespace: {{ .Release.Namespace | quote }} + labels: + {{- include "argo-cd.labels" (dict "context" . "component" .Values.server.name "name" .Values.server.name) | nindent 4 }} spec: scaleTargetRef: apiVersion: apps/v1 kind: Deployment - name: {{ template "argo-cd.server.fullname" . }} + name: {{ include "argo-cd.server.fullname" . }} minReplicas: {{ .Values.server.autoscaling.minReplicas }} maxReplicas: {{ .Values.server.autoscaling.maxReplicas }} metrics: - {{- with .Values.server.autoscaling.targetMemoryUtilizationPercentage }} + {{- with .Values.server.autoscaling.metrics }} + {{- toYaml . | nindent 4 }} + {{- else }} + {{- with .Values.server.autoscaling.targetMemoryUtilizationPercentage }} - type: Resource resource: name: memory - {{- if eq (include "argo-cd.apiVersion.autoscaling" $) "autoscaling/v2beta1" }} - targetAverageUtilization: {{ . }} - {{- else }} target: - averageUtilization: {{ . }} type: Utilization - {{- end }} - {{- end }} - {{- with .Values.server.autoscaling.targetCPUUtilizationPercentage }} + averageUtilization: {{ . }} + {{- end }} + {{- with .Values.server.autoscaling.targetCPUUtilizationPercentage }} - type: Resource resource: name: cpu - {{- if eq (include "argo-cd.apiVersion.autoscaling" $) "autoscaling/v2beta1" }} - targetAverageUtilization: {{ . }} - {{- else }} target: - averageUtilization: {{ . }} type: Utilization - {{- end }} + averageUtilization: {{ . }} + {{- end }} {{- end }} {{- with .Values.server.autoscaling.behavior }} behavior: diff --git a/charts/argo-cd/templates/argocd-server/ingress.yaml b/charts/argo-cd/templates/argocd-server/ingress.yaml index 98ec1cb12..a142bb666 100644 --- a/charts/argo-cd/templates/argocd-server/ingress.yaml +++ b/charts/argo-cd/templates/argocd-server/ingress.yaml @@ -39,7 +39,7 @@ spec: {{- range $p := $paths }} {{- if and $.Values.server.ingressGrpc.isAWSALB $.Values.server.ingressGrpc.enabled }} - path: {{ $p }} - pathType: Prefix + pathType: {{ $.Values.server.ingressGrpc.pathType }} backend: service: name: {{ template "argo-cd.server.fullname" $ }}-grpc diff --git a/charts/argo-cd/templates/argocd-server/servicemonitor.yaml b/charts/argo-cd/templates/argocd-server/servicemonitor.yaml index 65d102e3b..f876a1a18 100644 --- a/charts/argo-cd/templates/argocd-server/servicemonitor.yaml +++ b/charts/argo-cd/templates/argocd-server/servicemonitor.yaml @@ -1,4 +1,4 @@ -{{- if and .Values.server.metrics.enabled .Values.server.metrics.serviceMonitor.enabled }} +{{- if and (.Capabilities.APIVersions.Has "monitoring.coreos.com/v1") .Values.server.metrics.enabled .Values.server.metrics.serviceMonitor.enabled }} apiVersion: monitoring.coreos.com/v1 kind: ServiceMonitor metadata: diff --git a/charts/argo-cd/templates/crds/crd-application.yaml b/charts/argo-cd/templates/crds/crd-application.yaml index cbb480e65..b4d13a15e 100644 --- a/charts/argo-cd/templates/crds/crd-application.yaml +++ b/charts/argo-cd/templates/crds/crd-application.yaml @@ -297,8 +297,15 @@ spec: type: array values: description: Values specifies Helm values to be passed - to helm template, typically defined as a block + to helm template, typically defined as a block. ValuesObject + takes precedence over Values, so use one or the other. type: string + valuesObject: + description: ValuesObject specifies Helm values to be + passed to helm template, defined as a map. This takes + precedence over Values. + type: object + x-kubernetes-preserve-unknown-fields: true version: description: Version is the Helm version to use for templating ("3") @@ -586,8 +593,15 @@ spec: type: array values: description: Values specifies Helm values to be passed - to helm template, typically defined as a block + to helm template, typically defined as a block. ValuesObject + takes precedence over Values, so use one or the other. type: string + valuesObject: + description: ValuesObject specifies Helm values to be + passed to helm template, defined as a map. This takes + precedence over Values. + type: object + x-kubernetes-preserve-unknown-fields: true version: description: Version is the Helm version to use for templating ("3") @@ -992,8 +1006,15 @@ spec: type: array values: description: Values specifies Helm values to be passed to - helm template, typically defined as a block + helm template, typically defined as a block. ValuesObject + takes precedence over Values, so use one or the other. type: string + valuesObject: + description: ValuesObject specifies Helm values to be passed + to helm template, defined as a map. This takes precedence + over Values. + type: object + x-kubernetes-preserve-unknown-fields: true version: description: Version is the Helm version to use for templating ("3") @@ -1272,8 +1293,15 @@ spec: type: array values: description: Values specifies Helm values to be passed to - helm template, typically defined as a block + helm template, typically defined as a block. ValuesObject + takes precedence over Values, so use one or the other. type: string + valuesObject: + description: ValuesObject specifies Helm values to be passed + to helm template, defined as a map. This takes precedence + over Values. + type: object + x-kubernetes-preserve-unknown-fields: true version: description: Version is the Helm version to use for templating ("3") @@ -1438,7 +1466,7 @@ spec: as part of automated sync (default: false)' type: boolean selfHeal: - description: 'SelfHeal specifes whether to revert resources + description: 'SelfHeal specifies whether to revert resources back to their desired state upon modification in the cluster (default: false)' type: boolean @@ -1502,7 +1530,7 @@ spec: conditions items: description: ApplicationCondition contains details about an application - condition, which is usally an error or warning + condition, which is usually an error or warning properties: lastTransitionTime: description: LastTransitionTime is the time the condition was @@ -1521,6 +1549,10 @@ spec: - type type: object type: array + controllerNamespace: + description: ControllerNamespace indicates the namespace in which + the application controller is located + type: string health: description: Health contains information about the application's current health status @@ -1700,8 +1732,15 @@ spec: type: array values: description: Values specifies Helm values to be passed - to helm template, typically defined as a block + to helm template, typically defined as a block. ValuesObject + takes precedence over Values, so use one or the other. type: string + valuesObject: + description: ValuesObject specifies Helm values to be + passed to helm template, defined as a map. This takes + precedence over Values. + type: object + x-kubernetes-preserve-unknown-fields: true version: description: Version is the Helm version to use for templating ("3") @@ -1993,8 +2032,16 @@ spec: type: array values: description: Values specifies Helm values to be passed - to helm template, typically defined as a block + to helm template, typically defined as a block. + ValuesObject takes precedence over Values, so use + one or the other. type: string + valuesObject: + description: ValuesObject specifies Helm values to + be passed to helm template, defined as a map. This + takes precedence over Values. + type: object + x-kubernetes-preserve-unknown-fields: true version: description: Version is the Helm version to use for templating ("3") @@ -2431,8 +2478,15 @@ spec: values: description: Values specifies Helm values to be passed to helm template, typically defined as - a block + a block. ValuesObject takes precedence over + Values, so use one or the other. type: string + valuesObject: + description: ValuesObject specifies Helm values + to be passed to helm template, defined as a + map. This takes precedence over Values. + type: object + x-kubernetes-preserve-unknown-fields: true version: description: Version is the Helm version to use for templating ("3") @@ -2740,8 +2794,15 @@ spec: values: description: Values specifies Helm values to be passed to helm template, typically defined - as a block + as a block. ValuesObject takes precedence + over Values, so use one or the other. type: string + valuesObject: + description: ValuesObject specifies Helm values + to be passed to helm template, defined as + a map. This takes precedence over Values. + type: object + x-kubernetes-preserve-unknown-fields: true version: description: Version is the Helm version to use for templating ("3") @@ -2951,6 +3012,19 @@ spec: syncResult: description: SyncResult is the result of a Sync operation properties: + managedNamespaceMetadata: + description: ManagedNamespaceMetadata contains the current + sync state of managed namespace metadata + properties: + annotations: + additionalProperties: + type: string + type: object + labels: + additionalProperties: + type: string + type: object + type: object resources: description: Resources contains a list of sync result items for each individual resource in a sync operation @@ -3153,8 +3227,16 @@ spec: type: array values: description: Values specifies Helm values to be passed - to helm template, typically defined as a block + to helm template, typically defined as a block. + ValuesObject takes precedence over Values, so use + one or the other. type: string + valuesObject: + description: ValuesObject specifies Helm values to + be passed to helm template, defined as a map. This + takes precedence over Values. + type: object + x-kubernetes-preserve-unknown-fields: true version: description: Version is the Helm version to use for templating ("3") @@ -3457,8 +3539,15 @@ spec: values: description: Values specifies Helm values to be passed to helm template, typically defined as - a block + a block. ValuesObject takes precedence over Values, + so use one or the other. type: string + valuesObject: + description: ValuesObject specifies Helm values + to be passed to helm template, defined as a map. + This takes precedence over Values. + type: object + x-kubernetes-preserve-unknown-fields: true version: description: Version is the Helm version to use for templating ("3") @@ -3728,6 +3817,42 @@ spec: and must be set to the Kubernetes control plane API type: string type: object + ignoreDifferences: + description: IgnoreDifferences is a reference to the application's + ignored differences used for comparison + items: + description: ResourceIgnoreDifferences contains resource + filter and list of json paths which should be ignored + during comparison with live state. + properties: + group: + type: string + jqPathExpressions: + items: + type: string + type: array + jsonPointers: + items: + type: string + type: array + kind: + type: string + managedFieldsManagers: + description: ManagedFieldsManagers is a list of trusted + managers. Fields mutated by those managers will take + precedence over the desired state defined in the SCM + and won't be displayed in diffs + items: + type: string + type: array + name: + type: string + namespace: + type: string + required: + - kind + type: object + type: array source: description: Source is a reference to the application's source used for comparison @@ -3866,8 +3991,16 @@ spec: type: array values: description: Values specifies Helm values to be passed - to helm template, typically defined as a block + to helm template, typically defined as a block. + ValuesObject takes precedence over Values, so use + one or the other. type: string + valuesObject: + description: ValuesObject specifies Helm values to + be passed to helm template, defined as a map. This + takes precedence over Values. + type: object + x-kubernetes-preserve-unknown-fields: true version: description: Version is the Helm version to use for templating ("3") @@ -4170,8 +4303,15 @@ spec: values: description: Values specifies Helm values to be passed to helm template, typically defined as - a block + a block. ValuesObject takes precedence over Values, + so use one or the other. type: string + valuesObject: + description: ValuesObject specifies Helm values + to be passed to helm template, defined as a map. + This takes precedence over Values. + type: object + x-kubernetes-preserve-unknown-fields: true version: description: Version is the Helm version to use for templating ("3") diff --git a/charts/argo-cd/templates/crds/crd-applicationset.yaml b/charts/argo-cd/templates/crds/crd-applicationset.yaml index b05f50f8a..71d437632 100644 --- a/charts/argo-cd/templates/crds/crd-applicationset.yaml +++ b/charts/argo-cd/templates/crds/crd-applicationset.yaml @@ -40,6 +40,8 @@ spec: type: object spec: properties: + applyNestedSelectors: + type: boolean generators: items: properties: @@ -235,6 +237,9 @@ spec: type: array values: type: string + valuesObject: + type: object + x-kubernetes-preserve-unknown-fields: true version: type: string type: object @@ -418,6 +423,9 @@ spec: type: array values: type: string + valuesObject: + type: object + x-kubernetes-preserve-unknown-fields: true version: type: string type: object @@ -760,6 +768,9 @@ spec: type: array values: type: string + valuesObject: + type: object + x-kubernetes-preserve-unknown-fields: true version: type: string type: object @@ -943,6 +954,9 @@ spec: type: array values: type: string + valuesObject: + type: object + x-kubernetes-preserve-unknown-fields: true version: type: string type: object @@ -1289,6 +1303,9 @@ spec: type: array values: type: string + valuesObject: + type: object + x-kubernetes-preserve-unknown-fields: true version: type: string type: object @@ -1472,6 +1489,9 @@ spec: type: array values: type: string + valuesObject: + type: object + x-kubernetes-preserve-unknown-fields: true version: type: string type: object @@ -1622,6 +1642,10 @@ spec: - metadata - spec type: object + values: + additionalProperties: + type: string + type: object required: - repoURL - revision @@ -1794,6 +1818,9 @@ spec: type: array values: type: string + valuesObject: + type: object + x-kubernetes-preserve-unknown-fields: true version: type: string type: object @@ -1977,6 +2004,9 @@ spec: type: array values: type: string + valuesObject: + type: object + x-kubernetes-preserve-unknown-fields: true version: type: string type: object @@ -2327,6 +2357,9 @@ spec: type: array values: type: string + valuesObject: + type: object + x-kubernetes-preserve-unknown-fields: true version: type: string type: object @@ -2510,6 +2543,9 @@ spec: type: array values: type: string + valuesObject: + type: object + x-kubernetes-preserve-unknown-fields: true version: type: string type: object @@ -2852,6 +2888,9 @@ spec: type: array values: type: string + valuesObject: + type: object + x-kubernetes-preserve-unknown-fields: true version: type: string type: object @@ -3035,6 +3074,9 @@ spec: type: array values: type: string + valuesObject: + type: object + x-kubernetes-preserve-unknown-fields: true version: type: string type: object @@ -3381,6 +3423,9 @@ spec: type: array values: type: string + valuesObject: + type: object + x-kubernetes-preserve-unknown-fields: true version: type: string type: object @@ -3564,6 +3609,9 @@ spec: type: array values: type: string + valuesObject: + type: object + x-kubernetes-preserve-unknown-fields: true version: type: string type: object @@ -3714,6 +3762,10 @@ spec: - metadata - spec type: object + values: + additionalProperties: + type: string + type: object required: - repoURL - revision @@ -3886,6 +3938,9 @@ spec: type: array values: type: string + valuesObject: + type: object + x-kubernetes-preserve-unknown-fields: true version: type: string type: object @@ -4069,6 +4124,9 @@ spec: type: array values: type: string + valuesObject: + type: object + x-kubernetes-preserve-unknown-fields: true version: type: string type: object @@ -4226,123 +4284,21 @@ spec: x-kubernetes-preserve-unknown-fields: true merge: x-kubernetes-preserve-unknown-fields: true - pullRequest: + plugin: properties: - bitbucketServer: - properties: - api: - type: string - basicAuth: - properties: - passwordRef: - properties: - key: - type: string - secretName: - type: string - required: - - key - - secretName - type: object - username: - type: string - required: - - passwordRef - - username - type: object - project: - type: string - repo: - type: string - required: - - api - - project - - repo - type: object - filters: - items: - properties: - branchMatch: - type: string - type: object - type: array - gitea: - properties: - api: - type: string - insecure: - type: boolean - owner: - type: string - repo: - type: string - tokenRef: - properties: - key: - type: string - secretName: - type: string - required: - - key - - secretName - type: object - required: - - api - - owner - - repo - type: object - github: + configMapRef: properties: - api: - type: string - appSecretName: - type: string - labels: - items: - type: string - type: array - owner: - type: string - repo: + name: type: string - tokenRef: - properties: - key: - type: string - secretName: - type: string - required: - - key - - secretName - type: object required: - - owner - - repo + - name type: object - gitlab: + input: properties: - api: - type: string - labels: - items: - type: string - type: array - project: - type: string - pullRequestState: - type: string - tokenRef: - properties: - key: - type: string - secretName: - type: string - required: - - key - - secretName + parameters: + additionalProperties: + x-kubernetes-preserve-unknown-fields: true type: object - required: - - project type: object requeueAfterSeconds: format: int64 @@ -4507,6 +4463,9 @@ spec: type: array values: type: string + valuesObject: + type: object + x-kubernetes-preserve-unknown-fields: true version: type: string type: object @@ -4522,16 +4481,10 @@ spec: additionalProperties: type: string type: object - components: - items: - type: string - type: array forceCommonAnnotations: type: boolean forceCommonLabels: type: boolean - forceNamespace: - type: boolean images: items: type: string @@ -4690,6 +4643,9 @@ spec: type: array values: type: string + valuesObject: + type: object + x-kubernetes-preserve-unknown-fields: true version: type: string type: object @@ -4705,16 +4661,10 @@ spec: additionalProperties: type: string type: object - components: - items: - type: string - type: array forceCommonAnnotations: type: boolean forceCommonLabels: type: boolean - forceNamespace: - type: boolean images: items: type: string @@ -4840,12 +4790,30 @@ spec: - metadata - spec type: object + values: + additionalProperties: + type: string + type: object + required: + - configMapRef type: object - scmProvider: + pullRequest: properties: - azureDevOps: + azuredevops: properties: - accessTokenRef: + api: + type: string + labels: + items: + type: string + type: array + organization: + type: string + project: + type: string + repo: + type: string + tokenRef: properties: key: type: string @@ -4855,46 +4823,58 @@ spec: - key - secretName type: object - allBranches: - type: boolean - api: - type: string - organization: - type: string - teamProject: - type: string required: - - accessTokenRef - organization - - teamProject + - project + - repo type: object bitbucket: properties: - allBranches: - type: boolean - appPasswordRef: + api: + type: string + basicAuth: properties: - key: - type: string - secretName: + passwordRef: + properties: + key: + type: string + secretName: + type: string + required: + - key + - secretName + type: object + username: type: string required: - - key - - secretName + - passwordRef + - username + type: object + bearerToken: + properties: + tokenRef: + properties: + key: + type: string + secretName: + type: string + required: + - key + - secretName + type: object + required: + - tokenRef type: object owner: type: string - user: + repo: type: string required: - - appPasswordRef - owner - - user + - repo type: object bitbucketServer: properties: - allBranches: - type: boolean api: type: string basicAuth: @@ -4917,41 +4897,32 @@ spec: type: object project: type: string + repo: + type: string required: - api - project + - repo type: object - cloneProtocol: - type: string filters: items: properties: branchMatch: type: string - labelMatch: - type: string - pathsDoNotExist: - items: - type: string - type: array - pathsExist: - items: - type: string - type: array - repositoryMatch: + targetBranchMatch: type: string type: object type: array gitea: properties: - allBranches: - type: boolean api: type: string insecure: type: boolean owner: type: string + repo: + type: string tokenRef: properties: key: @@ -4965,17 +4936,22 @@ spec: required: - api - owner + - repo type: object github: properties: - allBranches: - type: boolean api: type: string appSecretName: type: string - organization: - type: string + labels: + items: + type: string + type: array + owner: + type: string + repo: + type: string tokenRef: properties: key: @@ -4987,18 +4963,23 @@ spec: - secretName type: object required: - - organization + - owner + - repo type: object gitlab: properties: - allBranches: - type: boolean api: type: string - group: - type: string - includeSubgroups: + insecure: type: boolean + labels: + items: + type: string + type: array + project: + type: string + pullRequestState: + type: string tokenRef: properties: key: @@ -5010,7 +4991,7 @@ spec: - secretName type: object required: - - group + - project type: object requeueAfterSeconds: format: int64 @@ -5175,6 +5156,9 @@ spec: type: array values: type: string + valuesObject: + type: object + x-kubernetes-preserve-unknown-fields: true version: type: string type: object @@ -5358,6 +5342,9 @@ spec: type: array values: type: string + valuesObject: + type: object + x-kubernetes-preserve-unknown-fields: true version: type: string type: object @@ -5509,561 +5496,199 @@ spec: - spec type: object type: object - selector: + scmProvider: properties: - matchExpressions: - items: - properties: - key: - type: string - operator: - type: string - values: - items: - type: string - type: array - required: - - key - - operator - type: object - type: array - matchLabels: - additionalProperties: - type: string - type: object - type: object - type: object - type: array - template: - properties: - metadata: - properties: - annotations: - additionalProperties: - type: string - type: object - finalizers: - items: - type: string - type: array - labels: - additionalProperties: - type: string - type: object - name: - type: string - namespace: - type: string - type: object - spec: - properties: - destination: - properties: - name: - type: string - namespace: - type: string - server: - type: string - type: object - ignoreDifferences: - items: + awsCodeCommit: properties: - group: + allBranches: + type: boolean + region: type: string - jqPathExpressions: - items: - type: string - type: array - jsonPointers: - items: - type: string - type: array - kind: + role: type: string - managedFieldsManagers: + tagFilters: items: - type: string + properties: + key: + type: string + value: + type: string + required: + - key + type: object type: array - name: + type: object + azureDevOps: + properties: + accessTokenRef: + properties: + key: + type: string + secretName: + type: string + required: + - key + - secretName + type: object + allBranches: + type: boolean + api: type: string - namespace: + organization: + type: string + teamProject: type: string required: - - kind + - accessTokenRef + - organization + - teamProject type: object - type: array - info: - items: + bitbucket: properties: - name: + allBranches: + type: boolean + appPasswordRef: + properties: + key: + type: string + secretName: + type: string + required: + - key + - secretName + type: object + owner: type: string - value: + user: type: string required: - - name - - value + - appPasswordRef + - owner + - user type: object - type: array - project: - type: string - revisionHistoryLimit: - format: int64 - type: integer - source: - properties: - chart: - type: string - directory: - properties: - exclude: - type: string - include: - type: string - jsonnet: - properties: - extVars: - items: - properties: - code: - type: boolean - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - libs: - items: - type: string - type: array - tlas: - items: - properties: - code: - type: boolean - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - type: object - recurse: - type: boolean - type: object - helm: - properties: - fileParameters: - items: - properties: - name: - type: string - path: - type: string - type: object - type: array - ignoreMissingValueFiles: - type: boolean - parameters: - items: + bitbucketServer: + properties: + allBranches: + type: boolean + api: + type: string + basicAuth: + properties: + passwordRef: properties: - forceString: - type: boolean - name: + key: type: string - value: + secretName: type: string + required: + - key + - secretName type: object - type: array - passCredentials: - type: boolean - releaseName: - type: string - skipCrds: - type: boolean - valueFiles: - items: + username: type: string - type: array - values: + required: + - passwordRef + - username + type: object + project: + type: string + required: + - api + - project + type: object + cloneProtocol: + type: string + filters: + items: + properties: + branchMatch: type: string - version: + labelMatch: type: string - type: object - kustomize: - properties: - commonAnnotations: - additionalProperties: - type: string - type: object - commonAnnotationsEnvsubst: - type: boolean - commonLabels: - additionalProperties: - type: string - type: object - components: + pathsDoNotExist: items: type: string type: array - forceCommonAnnotations: - type: boolean - forceCommonLabels: - type: boolean - forceNamespace: - type: boolean - images: + pathsExist: items: type: string type: array - namePrefix: - type: string - nameSuffix: - type: string - namespace: - type: string - replicas: - items: - properties: - count: - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - name: - type: string - required: - - count - - name - type: object - type: array - version: - type: string - type: object - path: - type: string - plugin: - properties: - env: - items: - properties: - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - name: + repositoryMatch: type: string - parameters: - items: - properties: - array: - items: - type: string - type: array - map: - additionalProperties: - type: string - type: object - name: - type: string - string: - type: string - type: object - type: array type: object - ref: - type: string - repoURL: - type: string - targetRevision: - type: string - required: - - repoURL - type: object - sources: - items: + type: array + gitea: properties: - chart: + allBranches: + type: boolean + api: type: string - directory: + insecure: + type: boolean + owner: + type: string + tokenRef: properties: - exclude: + key: type: string - include: + secretName: type: string - jsonnet: - properties: - extVars: - items: - properties: - code: - type: boolean - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - libs: - items: - type: string - type: array - tlas: - items: - properties: - code: - type: boolean - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - type: object - recurse: - type: boolean + required: + - key + - secretName type: object - helm: + required: + - api + - owner + type: object + github: + properties: + allBranches: + type: boolean + api: + type: string + appSecretName: + type: string + organization: + type: string + tokenRef: properties: - fileParameters: - items: - properties: - name: - type: string - path: - type: string - type: object - type: array - ignoreMissingValueFiles: - type: boolean - parameters: - items: - properties: - forceString: - type: boolean - name: - type: string - value: - type: string - type: object - type: array - passCredentials: - type: boolean - releaseName: - type: string - skipCrds: - type: boolean - valueFiles: - items: - type: string - type: array - values: + key: type: string - version: + secretName: type: string + required: + - key + - secretName type: object - kustomize: + required: + - organization + type: object + gitlab: + properties: + allBranches: + type: boolean + api: + type: string + group: + type: string + includeSubgroups: + type: boolean + insecure: + type: boolean + tokenRef: properties: - commonAnnotations: - additionalProperties: - type: string - type: object - commonAnnotationsEnvsubst: - type: boolean - commonLabels: - additionalProperties: - type: string - type: object - components: - items: - type: string - type: array - forceCommonAnnotations: - type: boolean - forceCommonLabels: - type: boolean - forceNamespace: - type: boolean - images: - items: - type: string - type: array - namePrefix: - type: string - nameSuffix: - type: string - namespace: - type: string - replicas: - items: - properties: - count: - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - name: - type: string - required: - - count - - name - type: object - type: array - version: + key: type: string - type: object - path: - type: string - plugin: - properties: - env: - items: - properties: - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - name: + secretName: type: string - parameters: - items: - properties: - array: - items: - type: string - type: array - map: - additionalProperties: - type: string - type: object - name: - type: string - string: - type: string - type: object - type: array + required: + - key + - secretName type: object - ref: - type: string - repoURL: - type: string - targetRevision: - type: string required: - - repoURL - type: object - type: array - syncPolicy: - properties: - automated: - properties: - allowEmpty: - type: boolean - prune: - type: boolean - selfHeal: - type: boolean - type: object - managedNamespaceMetadata: - properties: - annotations: - additionalProperties: - type: string - type: object - labels: - additionalProperties: - type: string - type: object - type: object - retry: - properties: - backoff: - properties: - duration: - type: string - factor: - format: int64 - type: integer - maxDuration: - type: string - type: object - limit: - format: int64 - type: integer - type: object - syncOptions: - items: - type: string - type: array - type: object - required: - - destination - - project - type: object - required: - - metadata - - spec - type: object - required: - - generators - type: object - merge: - properties: - generators: - items: - properties: - clusterDecisionResource: - properties: - configMapRef: - type: string - labelSelector: - properties: - matchExpressions: - items: - properties: - key: - type: string - operator: - type: string - values: - items: - type: string - type: array - required: - - key - - operator - type: object - type: array - matchLabels: - additionalProperties: - type: string - type: object + - group type: object - name: - type: string requeueAfterSeconds: format: int64 type: integer @@ -6227,6 +5852,9 @@ spec: type: array values: type: string + valuesObject: + type: object + x-kubernetes-preserve-unknown-fields: true version: type: string type: object @@ -6410,6 +6038,9 @@ spec: type: array values: type: string + valuesObject: + type: object + x-kubernetes-preserve-unknown-fields: true version: type: string type: object @@ -6564,117 +6195,1720 @@ spec: additionalProperties: type: string type: object - required: - - configMapRef type: object - clusters: + selector: properties: - selector: + matchExpressions: + items: + properties: + key: + type: string + operator: + type: string + values: + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + type: object + type: object + type: object + type: array + template: + properties: + metadata: + properties: + annotations: + additionalProperties: + type: string + type: object + finalizers: + items: + type: string + type: array + labels: + additionalProperties: + type: string + type: object + name: + type: string + namespace: + type: string + type: object + spec: + properties: + destination: + properties: + name: + type: string + namespace: + type: string + server: + type: string + type: object + ignoreDifferences: + items: properties: - matchExpressions: + group: + type: string + jqPathExpressions: items: - properties: - key: - type: string - operator: - type: string - values: - items: - type: string - type: array - required: - - key - - operator - type: object + type: string type: array - matchLabels: - additionalProperties: + jsonPointers: + items: type: string - type: object - type: object - template: + type: array + kind: + type: string + managedFieldsManagers: + items: + type: string + type: array + name: + type: string + namespace: + type: string + required: + - kind + type: object + type: array + info: + items: properties: - metadata: - properties: - annotations: - additionalProperties: - type: string + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + project: + type: string + revisionHistoryLimit: + format: int64 + type: integer + source: + properties: + chart: + type: string + directory: + properties: + exclude: + type: string + include: + type: string + jsonnet: + properties: + extVars: + items: + properties: + code: + type: boolean + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + libs: + items: + type: string + type: array + tlas: + items: + properties: + code: + type: boolean + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + type: object + recurse: + type: boolean + type: object + helm: + properties: + fileParameters: + items: + properties: + name: + type: string + path: + type: string type: object - finalizers: - items: - type: string - type: array - labels: - additionalProperties: - type: string + type: array + ignoreMissingValueFiles: + type: boolean + parameters: + items: + properties: + forceString: + type: boolean + name: + type: string + value: + type: string type: object - name: + type: array + passCredentials: + type: boolean + releaseName: + type: string + skipCrds: + type: boolean + valueFiles: + items: type: string - namespace: + type: array + values: + type: string + valuesObject: + type: object + x-kubernetes-preserve-unknown-fields: true + version: + type: string + type: object + kustomize: + properties: + commonAnnotations: + additionalProperties: type: string - type: object - spec: - properties: - destination: + type: object + commonAnnotationsEnvsubst: + type: boolean + commonLabels: + additionalProperties: + type: string + type: object + components: + items: + type: string + type: array + forceCommonAnnotations: + type: boolean + forceCommonLabels: + type: boolean + forceNamespace: + type: boolean + images: + items: + type: string + type: array + namePrefix: + type: string + nameSuffix: + type: string + namespace: + type: string + replicas: + items: properties: + count: + anyOf: + - type: integer + - type: string + x-kubernetes-int-or-string: true name: type: string - namespace: + required: + - count + - name + type: object + type: array + version: + type: string + type: object + path: + type: string + plugin: + properties: + env: + items: + properties: + name: type: string - server: + value: type: string + required: + - name + - value type: object - ignoreDifferences: - items: - properties: - group: - type: string - jqPathExpressions: - items: - type: string - type: array - jsonPointers: - items: - type: string - type: array - kind: - type: string - managedFieldsManagers: - items: - type: string - type: array - name: - type: string - namespace: - type: string - required: - - kind - type: object - type: array - info: - items: - properties: - name: + type: array + name: + type: string + parameters: + items: + properties: + array: + items: type: string - value: + type: array + map: + additionalProperties: type: string - required: - - name - - value - type: object - type: array - project: - type: string - revisionHistoryLimit: - format: int64 - type: integer - source: - properties: - chart: + type: object + name: type: string - directory: - properties: - exclude: + string: + type: string + type: object + type: array + type: object + ref: + type: string + repoURL: + type: string + targetRevision: + type: string + required: + - repoURL + type: object + sources: + items: + properties: + chart: + type: string + directory: + properties: + exclude: + type: string + include: + type: string + jsonnet: + properties: + extVars: + items: + properties: + code: + type: boolean + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + libs: + items: + type: string + type: array + tlas: + items: + properties: + code: + type: boolean + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + type: object + recurse: + type: boolean + type: object + helm: + properties: + fileParameters: + items: + properties: + name: + type: string + path: + type: string + type: object + type: array + ignoreMissingValueFiles: + type: boolean + parameters: + items: + properties: + forceString: + type: boolean + name: + type: string + value: + type: string + type: object + type: array + passCredentials: + type: boolean + releaseName: + type: string + skipCrds: + type: boolean + valueFiles: + items: + type: string + type: array + values: + type: string + valuesObject: + type: object + x-kubernetes-preserve-unknown-fields: true + version: + type: string + type: object + kustomize: + properties: + commonAnnotations: + additionalProperties: + type: string + type: object + commonAnnotationsEnvsubst: + type: boolean + commonLabels: + additionalProperties: + type: string + type: object + components: + items: + type: string + type: array + forceCommonAnnotations: + type: boolean + forceCommonLabels: + type: boolean + forceNamespace: + type: boolean + images: + items: + type: string + type: array + namePrefix: + type: string + nameSuffix: + type: string + namespace: + type: string + replicas: + items: + properties: + count: + anyOf: + - type: integer + - type: string + x-kubernetes-int-or-string: true + name: + type: string + required: + - count + - name + type: object + type: array + version: + type: string + type: object + path: + type: string + plugin: + properties: + env: + items: + properties: + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + name: + type: string + parameters: + items: + properties: + array: + items: + type: string + type: array + map: + additionalProperties: + type: string + type: object + name: + type: string + string: + type: string + type: object + type: array + type: object + ref: + type: string + repoURL: + type: string + targetRevision: + type: string + required: + - repoURL + type: object + type: array + syncPolicy: + properties: + automated: + properties: + allowEmpty: + type: boolean + prune: + type: boolean + selfHeal: + type: boolean + type: object + managedNamespaceMetadata: + properties: + annotations: + additionalProperties: + type: string + type: object + labels: + additionalProperties: + type: string + type: object + type: object + retry: + properties: + backoff: + properties: + duration: + type: string + factor: + format: int64 + type: integer + maxDuration: + type: string + type: object + limit: + format: int64 + type: integer + type: object + syncOptions: + items: + type: string + type: array + type: object + required: + - destination + - project + type: object + required: + - metadata + - spec + type: object + required: + - generators + type: object + merge: + properties: + generators: + items: + properties: + clusterDecisionResource: + properties: + configMapRef: + type: string + labelSelector: + properties: + matchExpressions: + items: + properties: + key: + type: string + operator: + type: string + values: + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + type: object + type: object + name: + type: string + requeueAfterSeconds: + format: int64 + type: integer + template: + properties: + metadata: + properties: + annotations: + additionalProperties: + type: string + type: object + finalizers: + items: + type: string + type: array + labels: + additionalProperties: + type: string + type: object + name: + type: string + namespace: + type: string + type: object + spec: + properties: + destination: + properties: + name: + type: string + namespace: + type: string + server: + type: string + type: object + ignoreDifferences: + items: + properties: + group: + type: string + jqPathExpressions: + items: + type: string + type: array + jsonPointers: + items: + type: string + type: array + kind: + type: string + managedFieldsManagers: + items: + type: string + type: array + name: + type: string + namespace: + type: string + required: + - kind + type: object + type: array + info: + items: + properties: + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + project: + type: string + revisionHistoryLimit: + format: int64 + type: integer + source: + properties: + chart: + type: string + directory: + properties: + exclude: + type: string + include: + type: string + jsonnet: + properties: + extVars: + items: + properties: + code: + type: boolean + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + libs: + items: + type: string + type: array + tlas: + items: + properties: + code: + type: boolean + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + type: object + recurse: + type: boolean + type: object + helm: + properties: + fileParameters: + items: + properties: + name: + type: string + path: + type: string + type: object + type: array + ignoreMissingValueFiles: + type: boolean + parameters: + items: + properties: + forceString: + type: boolean + name: + type: string + value: + type: string + type: object + type: array + passCredentials: + type: boolean + releaseName: + type: string + skipCrds: + type: boolean + valueFiles: + items: + type: string + type: array + values: + type: string + valuesObject: + type: object + x-kubernetes-preserve-unknown-fields: true + version: + type: string + type: object + kustomize: + properties: + commonAnnotations: + additionalProperties: + type: string + type: object + commonAnnotationsEnvsubst: + type: boolean + commonLabels: + additionalProperties: + type: string + type: object + components: + items: + type: string + type: array + forceCommonAnnotations: + type: boolean + forceCommonLabels: + type: boolean + forceNamespace: + type: boolean + images: + items: + type: string + type: array + namePrefix: + type: string + nameSuffix: + type: string + namespace: + type: string + replicas: + items: + properties: + count: + anyOf: + - type: integer + - type: string + x-kubernetes-int-or-string: true + name: + type: string + required: + - count + - name + type: object + type: array + version: + type: string + type: object + path: + type: string + plugin: + properties: + env: + items: + properties: + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + name: + type: string + parameters: + items: + properties: + array: + items: + type: string + type: array + map: + additionalProperties: + type: string + type: object + name: + type: string + string: + type: string + type: object + type: array + type: object + ref: + type: string + repoURL: + type: string + targetRevision: + type: string + required: + - repoURL + type: object + sources: + items: + properties: + chart: + type: string + directory: + properties: + exclude: + type: string + include: + type: string + jsonnet: + properties: + extVars: + items: + properties: + code: + type: boolean + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + libs: + items: + type: string + type: array + tlas: + items: + properties: + code: + type: boolean + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + type: object + recurse: + type: boolean + type: object + helm: + properties: + fileParameters: + items: + properties: + name: + type: string + path: + type: string + type: object + type: array + ignoreMissingValueFiles: + type: boolean + parameters: + items: + properties: + forceString: + type: boolean + name: + type: string + value: + type: string + type: object + type: array + passCredentials: + type: boolean + releaseName: + type: string + skipCrds: + type: boolean + valueFiles: + items: + type: string + type: array + values: + type: string + valuesObject: + type: object + x-kubernetes-preserve-unknown-fields: true + version: + type: string + type: object + kustomize: + properties: + commonAnnotations: + additionalProperties: + type: string + type: object + commonAnnotationsEnvsubst: + type: boolean + commonLabels: + additionalProperties: + type: string + type: object + components: + items: + type: string + type: array + forceCommonAnnotations: + type: boolean + forceCommonLabels: + type: boolean + forceNamespace: + type: boolean + images: + items: + type: string + type: array + namePrefix: + type: string + nameSuffix: + type: string + namespace: + type: string + replicas: + items: + properties: + count: + anyOf: + - type: integer + - type: string + x-kubernetes-int-or-string: true + name: + type: string + required: + - count + - name + type: object + type: array + version: + type: string + type: object + path: + type: string + plugin: + properties: + env: + items: + properties: + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + name: + type: string + parameters: + items: + properties: + array: + items: + type: string + type: array + map: + additionalProperties: + type: string + type: object + name: + type: string + string: + type: string + type: object + type: array + type: object + ref: + type: string + repoURL: + type: string + targetRevision: + type: string + required: + - repoURL + type: object + type: array + syncPolicy: + properties: + automated: + properties: + allowEmpty: + type: boolean + prune: + type: boolean + selfHeal: + type: boolean + type: object + managedNamespaceMetadata: + properties: + annotations: + additionalProperties: + type: string + type: object + labels: + additionalProperties: + type: string + type: object + type: object + retry: + properties: + backoff: + properties: + duration: + type: string + factor: + format: int64 + type: integer + maxDuration: + type: string + type: object + limit: + format: int64 + type: integer + type: object + syncOptions: + items: + type: string + type: array + type: object + required: + - destination + - project + type: object + required: + - metadata + - spec + type: object + values: + additionalProperties: + type: string + type: object + required: + - configMapRef + type: object + clusters: + properties: + selector: + properties: + matchExpressions: + items: + properties: + key: + type: string + operator: + type: string + values: + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + type: object + type: object + template: + properties: + metadata: + properties: + annotations: + additionalProperties: + type: string + type: object + finalizers: + items: + type: string + type: array + labels: + additionalProperties: + type: string + type: object + name: + type: string + namespace: + type: string + type: object + spec: + properties: + destination: + properties: + name: + type: string + namespace: + type: string + server: + type: string + type: object + ignoreDifferences: + items: + properties: + group: + type: string + jqPathExpressions: + items: + type: string + type: array + jsonPointers: + items: + type: string + type: array + kind: + type: string + managedFieldsManagers: + items: + type: string + type: array + name: + type: string + namespace: + type: string + required: + - kind + type: object + type: array + info: + items: + properties: + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + project: + type: string + revisionHistoryLimit: + format: int64 + type: integer + source: + properties: + chart: + type: string + directory: + properties: + exclude: + type: string + include: + type: string + jsonnet: + properties: + extVars: + items: + properties: + code: + type: boolean + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + libs: + items: + type: string + type: array + tlas: + items: + properties: + code: + type: boolean + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + type: object + recurse: + type: boolean + type: object + helm: + properties: + fileParameters: + items: + properties: + name: + type: string + path: + type: string + type: object + type: array + ignoreMissingValueFiles: + type: boolean + parameters: + items: + properties: + forceString: + type: boolean + name: + type: string + value: + type: string + type: object + type: array + passCredentials: + type: boolean + releaseName: + type: string + skipCrds: + type: boolean + valueFiles: + items: + type: string + type: array + values: + type: string + valuesObject: + type: object + x-kubernetes-preserve-unknown-fields: true + version: + type: string + type: object + kustomize: + properties: + commonAnnotations: + additionalProperties: + type: string + type: object + commonAnnotationsEnvsubst: + type: boolean + commonLabels: + additionalProperties: + type: string + type: object + components: + items: + type: string + type: array + forceCommonAnnotations: + type: boolean + forceCommonLabels: + type: boolean + forceNamespace: + type: boolean + images: + items: + type: string + type: array + namePrefix: + type: string + nameSuffix: + type: string + namespace: + type: string + replicas: + items: + properties: + count: + anyOf: + - type: integer + - type: string + x-kubernetes-int-or-string: true + name: + type: string + required: + - count + - name + type: object + type: array + version: + type: string + type: object + path: + type: string + plugin: + properties: + env: + items: + properties: + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + name: + type: string + parameters: + items: + properties: + array: + items: + type: string + type: array + map: + additionalProperties: + type: string + type: object + name: + type: string + string: + type: string + type: object + type: array + type: object + ref: + type: string + repoURL: + type: string + targetRevision: + type: string + required: + - repoURL + type: object + sources: + items: + properties: + chart: + type: string + directory: + properties: + exclude: + type: string + include: + type: string + jsonnet: + properties: + extVars: + items: + properties: + code: + type: boolean + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + libs: + items: + type: string + type: array + tlas: + items: + properties: + code: + type: boolean + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + type: object + recurse: + type: boolean + type: object + helm: + properties: + fileParameters: + items: + properties: + name: + type: string + path: + type: string + type: object + type: array + ignoreMissingValueFiles: + type: boolean + parameters: + items: + properties: + forceString: + type: boolean + name: + type: string + value: + type: string + type: object + type: array + passCredentials: + type: boolean + releaseName: + type: string + skipCrds: + type: boolean + valueFiles: + items: + type: string + type: array + values: + type: string + valuesObject: + type: object + x-kubernetes-preserve-unknown-fields: true + version: + type: string + type: object + kustomize: + properties: + commonAnnotations: + additionalProperties: + type: string + type: object + commonAnnotationsEnvsubst: + type: boolean + commonLabels: + additionalProperties: + type: string + type: object + components: + items: + type: string + type: array + forceCommonAnnotations: + type: boolean + forceCommonLabels: + type: boolean + forceNamespace: + type: boolean + images: + items: + type: string + type: array + namePrefix: + type: string + nameSuffix: + type: string + namespace: + type: string + replicas: + items: + properties: + count: + anyOf: + - type: integer + - type: string + x-kubernetes-int-or-string: true + name: + type: string + required: + - count + - name + type: object + type: array + version: + type: string + type: object + path: + type: string + plugin: + properties: + env: + items: + properties: + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + name: + type: string + parameters: + items: + properties: + array: + items: + type: string + type: array + map: + additionalProperties: + type: string + type: object + name: + type: string + string: + type: string + type: object + type: array + type: object + ref: + type: string + repoURL: + type: string + targetRevision: + type: string + required: + - repoURL + type: object + type: array + syncPolicy: + properties: + automated: + properties: + allowEmpty: + type: boolean + prune: + type: boolean + selfHeal: + type: boolean + type: object + managedNamespaceMetadata: + properties: + annotations: + additionalProperties: + type: string + type: object + labels: + additionalProperties: + type: string + type: object + type: object + retry: + properties: + backoff: + properties: + duration: + type: string + factor: + format: int64 + type: integer + maxDuration: + type: string + type: object + limit: + format: int64 + type: integer + type: object + syncOptions: + items: + type: string + type: array + type: object + required: + - destination + - project + type: object + required: + - metadata + - spec + type: object + values: + additionalProperties: + type: string + type: object + type: object + git: + properties: + directories: + items: + properties: + exclude: + type: boolean + path: + type: string + required: + - path + type: object + type: array + files: + items: + properties: + path: + type: string + required: + - path + type: object + type: array + pathParamPrefix: + type: string + repoURL: + type: string + requeueAfterSeconds: + format: int64 + type: integer + revision: + type: string + template: + properties: + metadata: + properties: + annotations: + additionalProperties: + type: string + type: object + finalizers: + items: + type: string + type: array + labels: + additionalProperties: + type: string + type: object + name: + type: string + namespace: + type: string + type: object + spec: + properties: + destination: + properties: + name: + type: string + namespace: + type: string + server: + type: string + type: object + ignoreDifferences: + items: + properties: + group: + type: string + jqPathExpressions: + items: + type: string + type: array + jsonPointers: + items: + type: string + type: array + kind: + type: string + managedFieldsManagers: + items: + type: string + type: array + name: + type: string + namespace: + type: string + required: + - kind + type: object + type: array + info: + items: + properties: + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + project: + type: string + revisionHistoryLimit: + format: int64 + type: integer + source: + properties: + chart: + type: string + directory: + properties: + exclude: type: string include: type: string @@ -6752,6 +7986,9 @@ spec: type: array values: type: string + valuesObject: + type: object + x-kubernetes-preserve-unknown-fields: true version: type: string type: object @@ -6935,6 +8172,9 @@ spec: type: array values: type: string + valuesObject: + type: object + x-kubernetes-preserve-unknown-fields: true version: type: string type: object @@ -7089,37 +8329,17 @@ spec: additionalProperties: type: string type: object + required: + - repoURL + - revision type: object - git: + list: properties: - directories: - items: - properties: - exclude: - type: boolean - path: - type: string - required: - - path - type: object - type: array - files: + elements: items: - properties: - path: - type: string - required: - - path - type: object + x-kubernetes-preserve-unknown-fields: true type: array - pathParamPrefix: - type: string - repoURL: - type: string - requeueAfterSeconds: - format: int64 - type: integer - revision: + elementsYaml: type: string template: properties: @@ -7281,6 +8501,9 @@ spec: type: array values: type: string + valuesObject: + type: object + x-kubernetes-preserve-unknown-fields: true version: type: string type: object @@ -7464,6 +8687,9 @@ spec: type: array values: type: string + valuesObject: + type: object + x-kubernetes-preserve-unknown-fields: true version: type: string type: object @@ -7615,17 +8841,31 @@ spec: - spec type: object required: - - repoURL - - revision + - elements type: object - list: + matrix: + x-kubernetes-preserve-unknown-fields: true + merge: + x-kubernetes-preserve-unknown-fields: true + plugin: properties: - elements: - items: - x-kubernetes-preserve-unknown-fields: true - type: array - elementsYaml: - type: string + configMapRef: + properties: + name: + type: string + required: + - name + type: object + input: + properties: + parameters: + additionalProperties: + x-kubernetes-preserve-unknown-fields: true + type: object + type: object + requeueAfterSeconds: + format: int64 + type: integer template: properties: metadata: @@ -7786,6 +9026,9 @@ spec: type: array values: type: string + valuesObject: + type: object + x-kubernetes-preserve-unknown-fields: true version: type: string type: object @@ -7801,16 +9044,10 @@ spec: additionalProperties: type: string type: object - components: - items: - type: string - type: array forceCommonAnnotations: type: boolean forceCommonLabels: type: boolean - forceNamespace: - type: boolean images: items: type: string @@ -7969,6 +9206,9 @@ spec: type: array values: type: string + valuesObject: + type: object + x-kubernetes-preserve-unknown-fields: true version: type: string type: object @@ -7984,16 +9224,10 @@ spec: additionalProperties: type: string type: object - components: - items: - type: string - type: array forceCommonAnnotations: type: boolean forceCommonLabels: type: boolean - forceNamespace: - type: boolean images: items: type: string @@ -8112,22 +9346,96 @@ spec: type: array type: object required: - - destination - - project + - destination + - project + type: object + required: + - metadata + - spec + type: object + values: + additionalProperties: + type: string + type: object + required: + - configMapRef + type: object + pullRequest: + properties: + azuredevops: + properties: + api: + type: string + labels: + items: + type: string + type: array + organization: + type: string + project: + type: string + repo: + type: string + tokenRef: + properties: + key: + type: string + secretName: + type: string + required: + - key + - secretName + type: object + required: + - organization + - project + - repo + type: object + bitbucket: + properties: + api: + type: string + basicAuth: + properties: + passwordRef: + properties: + key: + type: string + secretName: + type: string + required: + - key + - secretName + type: object + username: + type: string + required: + - passwordRef + - username + type: object + bearerToken: + properties: + tokenRef: + properties: + key: + type: string + secretName: + type: string + required: + - key + - secretName + type: object + required: + - tokenRef type: object + owner: + type: string + repo: + type: string required: - - metadata - - spec + - owner + - repo type: object - required: - - elements - type: object - matrix: - x-kubernetes-preserve-unknown-fields: true - merge: - x-kubernetes-preserve-unknown-fields: true - pullRequest: - properties: bitbucketServer: properties: api: @@ -8164,6 +9472,8 @@ spec: properties: branchMatch: type: string + targetBranchMatch: + type: string type: object type: array gitea: @@ -8223,6 +9533,8 @@ spec: properties: api: type: string + insecure: + type: boolean labels: items: type: string @@ -8407,6 +9719,9 @@ spec: type: array values: type: string + valuesObject: + type: object + x-kubernetes-preserve-unknown-fields: true version: type: string type: object @@ -8590,6 +9905,9 @@ spec: type: array values: type: string + valuesObject: + type: object + x-kubernetes-preserve-unknown-fields: true version: type: string type: object @@ -8743,6 +10061,26 @@ spec: type: object scmProvider: properties: + awsCodeCommit: + properties: + allBranches: + type: boolean + region: + type: string + role: + type: string + tagFilters: + items: + properties: + key: + type: string + value: + type: string + required: + - key + type: object + type: array + type: object azureDevOps: properties: accessTokenRef: @@ -8899,6 +10237,8 @@ spec: type: string includeSubgroups: type: boolean + insecure: + type: boolean tokenRef: properties: key: @@ -8962,482 +10302,1014 @@ spec: type: array kind: type: string - managedFieldsManagers: - items: - type: string - type: array - name: + managedFieldsManagers: + items: + type: string + type: array + name: + type: string + namespace: + type: string + required: + - kind + type: object + type: array + info: + items: + properties: + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + project: + type: string + revisionHistoryLimit: + format: int64 + type: integer + source: + properties: + chart: + type: string + directory: + properties: + exclude: + type: string + include: + type: string + jsonnet: + properties: + extVars: + items: + properties: + code: + type: boolean + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + libs: + items: + type: string + type: array + tlas: + items: + properties: + code: + type: boolean + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + type: object + recurse: + type: boolean + type: object + helm: + properties: + fileParameters: + items: + properties: + name: + type: string + path: + type: string + type: object + type: array + ignoreMissingValueFiles: + type: boolean + parameters: + items: + properties: + forceString: + type: boolean + name: + type: string + value: + type: string + type: object + type: array + passCredentials: + type: boolean + releaseName: + type: string + skipCrds: + type: boolean + valueFiles: + items: + type: string + type: array + values: + type: string + valuesObject: + type: object + x-kubernetes-preserve-unknown-fields: true + version: + type: string + type: object + kustomize: + properties: + commonAnnotations: + additionalProperties: + type: string + type: object + commonAnnotationsEnvsubst: + type: boolean + commonLabels: + additionalProperties: + type: string + type: object + components: + items: + type: string + type: array + forceCommonAnnotations: + type: boolean + forceCommonLabels: + type: boolean + forceNamespace: + type: boolean + images: + items: + type: string + type: array + namePrefix: + type: string + nameSuffix: + type: string + namespace: + type: string + replicas: + items: + properties: + count: + anyOf: + - type: integer + - type: string + x-kubernetes-int-or-string: true + name: + type: string + required: + - count + - name + type: object + type: array + version: + type: string + type: object + path: + type: string + plugin: + properties: + env: + items: + properties: + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + name: + type: string + parameters: + items: + properties: + array: + items: + type: string + type: array + map: + additionalProperties: + type: string + type: object + name: + type: string + string: + type: string + type: object + type: array + type: object + ref: + type: string + repoURL: + type: string + targetRevision: + type: string + required: + - repoURL + type: object + sources: + items: + properties: + chart: + type: string + directory: + properties: + exclude: + type: string + include: + type: string + jsonnet: + properties: + extVars: + items: + properties: + code: + type: boolean + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + libs: + items: + type: string + type: array + tlas: + items: + properties: + code: + type: boolean + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + type: object + recurse: + type: boolean + type: object + helm: + properties: + fileParameters: + items: + properties: + name: + type: string + path: + type: string + type: object + type: array + ignoreMissingValueFiles: + type: boolean + parameters: + items: + properties: + forceString: + type: boolean + name: + type: string + value: + type: string + type: object + type: array + passCredentials: + type: boolean + releaseName: + type: string + skipCrds: + type: boolean + valueFiles: + items: + type: string + type: array + values: + type: string + valuesObject: + type: object + x-kubernetes-preserve-unknown-fields: true + version: + type: string + type: object + kustomize: + properties: + commonAnnotations: + additionalProperties: + type: string + type: object + commonAnnotationsEnvsubst: + type: boolean + commonLabels: + additionalProperties: + type: string + type: object + components: + items: + type: string + type: array + forceCommonAnnotations: + type: boolean + forceCommonLabels: + type: boolean + forceNamespace: + type: boolean + images: + items: + type: string + type: array + namePrefix: + type: string + nameSuffix: + type: string + namespace: + type: string + replicas: + items: + properties: + count: + anyOf: + - type: integer + - type: string + x-kubernetes-int-or-string: true + name: + type: string + required: + - count + - name + type: object + type: array + version: + type: string + type: object + path: type: string - namespace: + plugin: + properties: + env: + items: + properties: + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + name: + type: string + parameters: + items: + properties: + array: + items: + type: string + type: array + map: + additionalProperties: + type: string + type: object + name: + type: string + string: + type: string + type: object + type: array + type: object + ref: type: string - required: - - kind - type: object - type: array - info: - items: - properties: - name: + repoURL: type: string - value: + targetRevision: type: string required: - - name - - value + - repoURL type: object type: array - project: - type: string - revisionHistoryLimit: - format: int64 - type: integer - source: + syncPolicy: properties: - chart: - type: string - directory: - properties: - exclude: - type: string - include: - type: string - jsonnet: - properties: - extVars: - items: - properties: - code: - type: boolean - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - libs: - items: - type: string - type: array - tlas: - items: - properties: - code: - type: boolean - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - type: object - recurse: - type: boolean - type: object - helm: + automated: properties: - fileParameters: - items: - properties: - name: - type: string - path: - type: string - type: object - type: array - ignoreMissingValueFiles: + allowEmpty: type: boolean - parameters: - items: - properties: - forceString: - type: boolean - name: - type: string - value: - type: string - type: object - type: array - passCredentials: + prune: type: boolean - releaseName: - type: string - skipCrds: + selfHeal: type: boolean - valueFiles: - items: - type: string - type: array - values: - type: string - version: - type: string type: object - kustomize: + managedNamespaceMetadata: properties: - commonAnnotations: + annotations: additionalProperties: type: string type: object - commonAnnotationsEnvsubst: - type: boolean - commonLabels: + labels: additionalProperties: type: string type: object - components: - items: - type: string - type: array - forceCommonAnnotations: - type: boolean - forceCommonLabels: - type: boolean - forceNamespace: + type: object + retry: + properties: + backoff: + properties: + duration: + type: string + factor: + format: int64 + type: integer + maxDuration: + type: string + type: object + limit: + format: int64 + type: integer + type: object + syncOptions: + items: + type: string + type: array + type: object + required: + - destination + - project + type: object + required: + - metadata + - spec + type: object + values: + additionalProperties: + type: string + type: object + type: object + selector: + properties: + matchExpressions: + items: + properties: + key: + type: string + operator: + type: string + values: + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + type: object + type: object + type: object + type: array + mergeKeys: + items: + type: string + type: array + template: + properties: + metadata: + properties: + annotations: + additionalProperties: + type: string + type: object + finalizers: + items: + type: string + type: array + labels: + additionalProperties: + type: string + type: object + name: + type: string + namespace: + type: string + type: object + spec: + properties: + destination: + properties: + name: + type: string + namespace: + type: string + server: + type: string + type: object + ignoreDifferences: + items: + properties: + group: + type: string + jqPathExpressions: + items: + type: string + type: array + jsonPointers: + items: + type: string + type: array + kind: + type: string + managedFieldsManagers: + items: + type: string + type: array + name: + type: string + namespace: + type: string + required: + - kind + type: object + type: array + info: + items: + properties: + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + project: + type: string + revisionHistoryLimit: + format: int64 + type: integer + source: + properties: + chart: + type: string + directory: + properties: + exclude: + type: string + include: + type: string + jsonnet: + properties: + extVars: + items: + properties: + code: type: boolean - images: - items: - type: string - type: array - namePrefix: - type: string - nameSuffix: - type: string - namespace: + name: type: string - replicas: - items: - properties: - count: - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - name: - type: string - required: - - count - - name - type: object - type: array - version: + value: type: string - type: object - path: - type: string - plugin: - properties: - env: - items: - properties: - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array + required: + - name + - value + type: object + type: array + libs: + items: + type: string + type: array + tlas: + items: + properties: + code: + type: boolean name: type: string - parameters: - items: - properties: - array: - items: - type: string - type: array - map: - additionalProperties: - type: string - type: object - name: - type: string - string: - type: string - type: object - type: array + value: + type: string + required: + - name + - value type: object - ref: + type: array + type: object + recurse: + type: boolean + type: object + helm: + properties: + fileParameters: + items: + properties: + name: type: string - repoURL: + path: type: string - targetRevision: + type: object + type: array + ignoreMissingValueFiles: + type: boolean + parameters: + items: + properties: + forceString: + type: boolean + name: + type: string + value: + type: string + type: object + type: array + passCredentials: + type: boolean + releaseName: + type: string + skipCrds: + type: boolean + valueFiles: + items: + type: string + type: array + values: + type: string + valuesObject: + type: object + x-kubernetes-preserve-unknown-fields: true + version: + type: string + type: object + kustomize: + properties: + commonAnnotations: + additionalProperties: + type: string + type: object + commonAnnotationsEnvsubst: + type: boolean + commonLabels: + additionalProperties: + type: string + type: object + components: + items: + type: string + type: array + forceCommonAnnotations: + type: boolean + forceCommonLabels: + type: boolean + forceNamespace: + type: boolean + images: + items: + type: string + type: array + namePrefix: + type: string + nameSuffix: + type: string + namespace: + type: string + replicas: + items: + properties: + count: + anyOf: + - type: integer + - type: string + x-kubernetes-int-or-string: true + name: type: string required: - - repoURL + - count + - name type: object - sources: - items: - properties: - chart: + type: array + version: + type: string + type: object + path: + type: string + plugin: + properties: + env: + items: + properties: + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + name: + type: string + parameters: + items: + properties: + array: + items: type: string - directory: - properties: - exclude: - type: string - include: - type: string - jsonnet: - properties: - extVars: - items: - properties: - code: - type: boolean - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - libs: - items: - type: string - type: array - tlas: - items: - properties: - code: - type: boolean - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - type: object - recurse: - type: boolean - type: object - helm: - properties: - fileParameters: - items: - properties: - name: - type: string - path: - type: string - type: object - type: array - ignoreMissingValueFiles: - type: boolean - parameters: - items: - properties: - forceString: - type: boolean - name: - type: string - value: - type: string - type: object - type: array - passCredentials: - type: boolean - releaseName: - type: string - skipCrds: + type: array + map: + additionalProperties: + type: string + type: object + name: + type: string + string: + type: string + type: object + type: array + type: object + ref: + type: string + repoURL: + type: string + targetRevision: + type: string + required: + - repoURL + type: object + sources: + items: + properties: + chart: + type: string + directory: + properties: + exclude: + type: string + include: + type: string + jsonnet: + properties: + extVars: + items: + properties: + code: type: boolean - valueFiles: - items: - type: string - type: array - values: + name: type: string - version: + value: type: string + required: + - name + - value type: object - kustomize: + type: array + libs: + items: + type: string + type: array + tlas: + items: properties: - commonAnnotations: - additionalProperties: - type: string - type: object - commonAnnotationsEnvsubst: - type: boolean - commonLabels: - additionalProperties: - type: string - type: object - components: - items: - type: string - type: array - forceCommonAnnotations: - type: boolean - forceCommonLabels: - type: boolean - forceNamespace: + code: type: boolean - images: - items: - type: string - type: array - namePrefix: - type: string - nameSuffix: - type: string - namespace: + name: type: string - replicas: - items: - properties: - count: - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - name: - type: string - required: - - count - - name - type: object - type: array - version: + value: type: string + required: + - name + - value type: object + type: array + type: object + recurse: + type: boolean + type: object + helm: + properties: + fileParameters: + items: + properties: + name: + type: string path: type: string - plugin: - properties: - env: - items: - properties: - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - name: - type: string - parameters: - items: - properties: - array: - items: - type: string - type: array - map: - additionalProperties: - type: string - type: object - name: - type: string - string: - type: string - type: object - type: array - type: object - ref: + type: object + type: array + ignoreMissingValueFiles: + type: boolean + parameters: + items: + properties: + forceString: + type: boolean + name: type: string - repoURL: + value: type: string - targetRevision: + type: object + type: array + passCredentials: + type: boolean + releaseName: + type: string + skipCrds: + type: boolean + valueFiles: + items: + type: string + type: array + values: + type: string + valuesObject: + type: object + x-kubernetes-preserve-unknown-fields: true + version: + type: string + type: object + kustomize: + properties: + commonAnnotations: + additionalProperties: + type: string + type: object + commonAnnotationsEnvsubst: + type: boolean + commonLabels: + additionalProperties: + type: string + type: object + components: + items: + type: string + type: array + forceCommonAnnotations: + type: boolean + forceCommonLabels: + type: boolean + forceNamespace: + type: boolean + images: + items: + type: string + type: array + namePrefix: + type: string + nameSuffix: + type: string + namespace: + type: string + replicas: + items: + properties: + count: + anyOf: + - type: integer + - type: string + x-kubernetes-int-or-string: true + name: type: string required: - - repoURL + - count + - name type: object type: array - syncPolicy: - properties: - automated: - properties: - allowEmpty: - type: boolean - prune: - type: boolean - selfHeal: - type: boolean - type: object - managedNamespaceMetadata: - properties: - annotations: - additionalProperties: - type: string - type: object - labels: - additionalProperties: - type: string - type: object - type: object - retry: - properties: - backoff: - properties: - duration: - type: string - factor: - format: int64 - type: integer - maxDuration: - type: string - type: object - limit: - format: int64 - type: integer - type: object - syncOptions: - items: + version: + type: string + type: object + path: + type: string + plugin: + properties: + env: + items: + properties: + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + name: + type: string + parameters: + items: + properties: + array: + items: + type: string + type: array + map: + additionalProperties: + type: string + type: object + name: type: string - type: array - type: object - required: - - destination - - project + string: + type: string + type: object + type: array type: object + ref: + type: string + repoURL: + type: string + targetRevision: + type: string required: - - metadata - - spec + - repoURL type: object - type: object - selector: - properties: - matchExpressions: - items: + type: array + syncPolicy: + properties: + automated: properties: - key: - type: string - operator: - type: string - values: - items: + allowEmpty: + type: boolean + prune: + type: boolean + selfHeal: + type: boolean + type: object + managedNamespaceMetadata: + properties: + annotations: + additionalProperties: type: string - type: array - required: - - key - - operator + type: object + labels: + additionalProperties: + type: string + type: object type: object - type: array - matchLabels: - additionalProperties: - type: string - type: object - type: object - type: object - type: array - mergeKeys: - items: - type: string - type: array + retry: + properties: + backoff: + properties: + duration: + type: string + factor: + format: int64 + type: integer + maxDuration: + type: string + type: object + limit: + format: int64 + type: integer + type: object + syncOptions: + items: + type: string + type: array + type: object + required: + - destination + - project + type: object + required: + - metadata + - spec + type: object + required: + - generators + - mergeKeys + type: object + plugin: + properties: + configMapRef: + properties: + name: + type: string + required: + - name + type: object + input: + properties: + parameters: + additionalProperties: + x-kubernetes-preserve-unknown-fields: true + type: object + type: object + requeueAfterSeconds: + format: int64 + type: integer template: properties: metadata: @@ -9598,6 +11470,9 @@ spec: type: array values: type: string + valuesObject: + type: object + x-kubernetes-preserve-unknown-fields: true version: type: string type: object @@ -9613,16 +11488,10 @@ spec: additionalProperties: type: string type: object - components: - items: - type: string - type: array forceCommonAnnotations: type: boolean forceCommonLabels: type: boolean - forceNamespace: - type: boolean images: items: type: string @@ -9781,6 +11650,9 @@ spec: type: array values: type: string + valuesObject: + type: object + x-kubernetes-preserve-unknown-fields: true version: type: string type: object @@ -9796,16 +11668,10 @@ spec: additionalProperties: type: string type: object - components: - items: - type: string - type: array forceCommonAnnotations: type: boolean forceCommonLabels: type: boolean - forceNamespace: - type: boolean images: items: type: string @@ -9931,12 +11797,89 @@ spec: - metadata - spec type: object + values: + additionalProperties: + type: string + type: object required: - - generators - - mergeKeys + - configMapRef type: object pullRequest: properties: + azuredevops: + properties: + api: + type: string + labels: + items: + type: string + type: array + organization: + type: string + project: + type: string + repo: + type: string + tokenRef: + properties: + key: + type: string + secretName: + type: string + required: + - key + - secretName + type: object + required: + - organization + - project + - repo + type: object + bitbucket: + properties: + api: + type: string + basicAuth: + properties: + passwordRef: + properties: + key: + type: string + secretName: + type: string + required: + - key + - secretName + type: object + username: + type: string + required: + - passwordRef + - username + type: object + bearerToken: + properties: + tokenRef: + properties: + key: + type: string + secretName: + type: string + required: + - key + - secretName + type: object + required: + - tokenRef + type: object + owner: + type: string + repo: + type: string + required: + - owner + - repo + type: object bitbucketServer: properties: api: @@ -9973,6 +11916,8 @@ spec: properties: branchMatch: type: string + targetBranchMatch: + type: string type: object type: array gitea: @@ -10032,6 +11977,8 @@ spec: properties: api: type: string + insecure: + type: boolean labels: items: type: string @@ -10216,6 +12163,9 @@ spec: type: array values: type: string + valuesObject: + type: object + x-kubernetes-preserve-unknown-fields: true version: type: string type: object @@ -10399,6 +12349,9 @@ spec: type: array values: type: string + valuesObject: + type: object + x-kubernetes-preserve-unknown-fields: true version: type: string type: object @@ -10552,6 +12505,26 @@ spec: type: object scmProvider: properties: + awsCodeCommit: + properties: + allBranches: + type: boolean + region: + type: string + role: + type: string + tagFilters: + items: + properties: + key: + type: string + value: + type: string + required: + - key + type: object + type: array + type: object azureDevOps: properties: accessTokenRef: @@ -10708,6 +12681,8 @@ spec: type: string includeSubgroups: type: boolean + insecure: + type: boolean tokenRef: properties: key: @@ -10884,6 +12859,9 @@ spec: type: array values: type: string + valuesObject: + type: object + x-kubernetes-preserve-unknown-fields: true version: type: string type: object @@ -11067,6 +13045,9 @@ spec: type: array values: type: string + valuesObject: + type: object + x-kubernetes-preserve-unknown-fields: true version: type: string type: object @@ -11217,6 +13198,10 @@ spec: - metadata - spec type: object + values: + additionalProperties: + type: string + type: object type: object selector: properties: @@ -11245,6 +13230,10 @@ spec: type: array goTemplate: type: boolean + goTemplateOptions: + items: + type: string + type: array preservedFields: properties: annotations: @@ -11285,6 +13274,13 @@ spec: type: object syncPolicy: properties: + applicationsSync: + enum: + - create-only + - create-update + - create-delete + - sync + type: string preserveResourcesOnDeletion: type: boolean type: object @@ -11448,6 +13444,9 @@ spec: type: array values: type: string + valuesObject: + type: object + x-kubernetes-preserve-unknown-fields: true version: type: string type: object @@ -11631,6 +13630,9 @@ spec: type: array values: type: string + valuesObject: + type: object + x-kubernetes-preserve-unknown-fields: true version: type: string type: object @@ -11838,4 +13840,4 @@ spec: storage: true subresources: status: {} -{{- end }} \ No newline at end of file +{{- end }} diff --git a/charts/argo-cd/templates/dex/deployment.yaml b/charts/argo-cd/templates/dex/deployment.yaml index ce9741d2b..abca6e142 100755 --- a/charts/argo-cd/templates/dex/deployment.yaml +++ b/charts/argo-cd/templates/dex/deployment.yaml @@ -149,7 +149,7 @@ spec: - mountPath: /tmp name: dexconfig resources: - {{- toYaml .Values.dex.resources | nindent 10 }} + {{- toYaml (default .Values.dex.resources .Values.dex.initImage.resources) | nindent 10 }} {{- with .Values.dex.containerSecurityContext }} securityContext: {{- toYaml . | nindent 10 }} diff --git a/charts/argo-cd/templates/dex/servicemonitor.yaml b/charts/argo-cd/templates/dex/servicemonitor.yaml index 21d12be25..00f2a238d 100644 --- a/charts/argo-cd/templates/dex/servicemonitor.yaml +++ b/charts/argo-cd/templates/dex/servicemonitor.yaml @@ -1,4 +1,4 @@ -{{- if and .Values.dex.metrics.enabled .Values.dex.metrics.serviceMonitor.enabled }} +{{- if and (.Capabilities.APIVersions.Has "monitoring.coreos.com/v1") .Values.dex.metrics.enabled .Values.dex.metrics.serviceMonitor.enabled }} apiVersion: monitoring.coreos.com/v1 kind: ServiceMonitor metadata: diff --git a/charts/argo-cd/templates/redis/servicemonitor.yaml b/charts/argo-cd/templates/redis/servicemonitor.yaml index 46a7e32ca..6f036a804 100644 --- a/charts/argo-cd/templates/redis/servicemonitor.yaml +++ b/charts/argo-cd/templates/redis/servicemonitor.yaml @@ -1,5 +1,5 @@ {{- $redisHa := (index .Values "redis-ha") -}} -{{- if and .Values.redis.enabled (not $redisHa.enabled) .Values.redis.metrics.enabled .Values.redis.metrics.serviceMonitor.enabled -}} +{{- if and (.Capabilities.APIVersions.Has "monitoring.coreos.com/v1") .Values.redis.enabled (not $redisHa.enabled) .Values.redis.metrics.enabled .Values.redis.metrics.serviceMonitor.enabled -}} apiVersion: monitoring.coreos.com/v1 kind: ServiceMonitor metadata: diff --git a/charts/argo-cd/values.yaml b/charts/argo-cd/values.yaml index 31ca78c22..f54e6889f 100644 --- a/charts/argo-cd/values.yaml +++ b/charts/argo-cd/values.yaml @@ -12,12 +12,8 @@ kubeVersionOverride: "" # If you want to template helm charts but cannot access k8s API server # you can set api versions here apiVersionOverrides: - # -- String to override apiVersion of cert-manager resources rendered by this helm chart - certmanager: "" # cert-manager.io/v1 # -- String to override apiVersion of GKE resources rendered by this helm chart cloudgoogle: "" # cloud.google.com/v1 - # -- String to override apiVersion of autoscaling rendered by this helm chart - autoscaling: "" # autoscaling/v2 # -- Create aggregated roles that extend existing cluster roles to interact with argo-cd resources ## Ref: https://kubernetes.io/docs/reference/access-authn-authz/rbac/#aggregated-clusterroles @@ -253,7 +249,7 @@ configs: # -- Disable Argo CD RBAC for user authentication server.disable.auth: false # -- Enable GZIP compression - server.enable.gzip: false + server.enable.gzip: true # -- Set X-Frame-Options header in HTTP responses to value. To disable, set to "". server.x.frame.options: sameorigin @@ -476,7 +472,7 @@ configs: # -- Repositories list to be used by applications ## Creates a secret for each key/value specified below to create repositories - ## Note: the last example in the list would use a repository credential template, configured under "configs.repositoryCredentials". + ## Note: the last example in the list would use a repository credential template, configured under "configs.credentialTemplates". repositories: {} # istio-helm-repo: # url: https://storage.googleapis.com/istio-prerelease/daily-build/master-latest-daily/charts @@ -543,7 +539,7 @@ configs: ## Ref: https://argo-cd.readthedocs.io/en/stable/operator-manual/custom-styles/ styles: "" # styles: | - # .nav-bar { + # .sidebar { # background: linear-gradient(to bottom, #999, #777, #333, #222, #111); # } @@ -951,6 +947,15 @@ dex: # -- Argo CD init image imagePullPolicy # @default -- `""` (defaults to global.image.imagePullPolicy) imagePullPolicy: "" + # -- Argo CD init image resources + # @default -- `{}` (defaults to dex.resources) + resources: {} + # requests: + # cpu: 5m + # memory: 96Mi + # limits: + # cpu: 10m + # memory: 144Mi # -- Environment variables to pass to the Dex server env: [] @@ -1173,7 +1178,7 @@ redis: # -- Repository to use for the redis-exporter repository: public.ecr.aws/bitnami/redis-exporter # -- Tag to use for the redis-exporter - tag: 1.45.0 + tag: 1.53.0 # -- Image pull policy for the redis-exporter # @default -- `""` (defaults to global.image.imagePullPolicy) imagePullPolicy: "" @@ -1366,12 +1371,17 @@ redis: # -- Prometheus ServiceMonitor annotations annotations: {} -# This key configures Redis-HA subchart and when enabled (redis-ha.enabled=true) -# the custom redis deployment is omitted -# Check the redis-ha chart for more properties +## Redis-HA subchart replaces custom redis deployment when `redis-ha.enabled=true` +# Ref: https://github.com/DandyDeveloper/charts/blob/master/charts/redis-ha/values.yaml redis-ha: # -- Enables the Redis HA subchart and disables the custom Redis single node deployment enabled: false + ## Redis image + image: + # -- Redis repository + repository: redis + # -- Redis tag + tag: 7.0.11-alpine ## Prometheus redis-exporter sidecar exporter: # -- Enable Prometheus redis-exporter sidecar @@ -1379,10 +1389,11 @@ redis-ha: # -- Repository to use for the redis-exporter image: public.ecr.aws/bitnami/redis-exporter # -- Tag to use for the redis-exporter - tag: 1.45.0 + tag: 1.53.0 persistentVolume: # -- Configures persistence on Redis nodes enabled: false + ## Redis specific configuration options redis: # -- Redis convention for naming the cluster group: must match `^[\\w-\\.]+$` and can be templated masterGroupName: argocd @@ -1392,16 +1403,35 @@ redis-ha: # -- Will save the DB if both the given number of seconds and the given number of write operations against the DB occurred. `""` is disabled # @default -- `'""'` save: '""' + ## Enables a HA Proxy for better LoadBalancing / Sentinel Master support. Automatically proxies to Redis master. haproxy: # -- Enabled HAProxy LoadBalancing/Proxy enabled: true metrics: # -- HAProxy enable prometheus metric scraping enabled: true - image: - # -- Redis tag - tag: 7.0.11-alpine + # -- Whether the haproxy pods should be forced to run on separate nodes. + hardAntiAffinity: true + # -- Additional affinities to add to the haproxy pods. + additionalAffinities: {} + # -- Assign custom [affinity] rules to the haproxy pods. + affinity: {} + # -- [Tolerations] for use with node taints for haproxy pods. + tolerations: [] + + # -- Whether the Redis server pods should be forced to run on separate nodes. + hardAntiAffinity: true + + # -- Additional affinities to add to the Redis server pods. + additionalAffinities: {} + + # -- Assign custom [affinity] rules to the Redis pods. + affinity: {} + + # -- [Tolerations] for use with node taints for Redis pods. + tolerations: [] + # -- Assign custom [TopologySpreadConstraints] rules to the Redis pods. ## https://kubernetes.io/docs/concepts/workloads/pods/pod-topology-spread-constraints/ topologySpreadConstraints: # -- Enable Redis HA topology spread constraints @@ -1453,7 +1483,6 @@ server: # -- Average memory utilization percentage for the Argo CD server [HPA] targetMemoryUtilizationPercentage: 50 # -- Configures the scaling behavior of the target in both Up and Down directions. - # This is only available on HPA apiVersion `autoscaling/v2beta2` and newer behavior: {} # scaleDown: # stabilizationWindowSeconds: 300 @@ -1467,6 +1496,9 @@ server: # - type: Pods # value: 2 # periodSeconds: 60 + # -- Configures custom HPA metrics for the Argo CD server + # Ref: https://kubernetes.io/docs/tasks/run-application/horizontal-pod-autoscale/ + metrics: [] ## Argo CD server Pod Disruption Budget ## Ref: https://kubernetes.io/docs/tasks/run-application/configure-pdb/ @@ -2020,7 +2052,6 @@ repoServer: # -- Average memory utilization percentage for the repo server [HPA] targetMemoryUtilizationPercentage: 50 # -- Configures the scaling behavior of the target in both Up and Down directions. - # This is only available on HPA apiVersion `autoscaling/v2beta2` and newer behavior: {} # scaleDown: # stabilizationWindowSeconds: 300 @@ -2034,6 +2065,9 @@ repoServer: # - type: Pods # value: 2 # periodSeconds: 60 + # -- Configures custom HPA metrics for the Argo CD repo server + # Ref: https://kubernetes.io/docs/tasks/run-application/horizontal-pod-autoscale/ + metrics: [] ## Repo server Pod Disruption Budget ## Ref: https://kubernetes.io/docs/tasks/run-application/configure-pdb/ @@ -2143,6 +2177,9 @@ repoServer: # - name: cmp-tmp # emptyDir: {} + # -- Toggle the usage of a ephemeral Helm working directory + useEphemeralHelmWorkingDir: true + # -- Annotations to be added to repo server Deployment deploymentAnnotations: {} @@ -2358,7 +2395,7 @@ applicationSet: name: applicationset-controller # -- The number of ApplicationSet controller pods to run - replicaCount: 1 + replicas: 1 ## ApplicationSet controller Pod Disruption Budget ## Ref: https://kubernetes.io/docs/tasks/run-application/configure-pdb/ @@ -2780,6 +2817,9 @@ notifications: # -- key:value pairs of annotations to be added to the secret annotations: {} + # -- key:value pairs of labels to be added to the secret + labels: {} + # -- Generic key:value pairs to be inserted into the secret ## Can be used for templates, notification services etc. Some examples given below. ## For more information: https://argocd-notifications.readthedocs.io/en/stable/services/overview/ diff --git a/charts/argo-events/Chart.yaml b/charts/argo-events/Chart.yaml index bfb82ea11..b9f441fe8 100644 --- a/charts/argo-events/Chart.yaml +++ b/charts/argo-events/Chart.yaml @@ -1,8 +1,8 @@ apiVersion: v2 -appVersion: v1.8.0 +appVersion: v1.8.1 description: A Helm chart for Argo Events, the event-driven workflow automation framework name: argo-events -version: 2.4.0 +version: 2.4.1 home: https://github.com/argoproj/argo-helm icon: https://avatars.githubusercontent.com/u/30269780?s=200&v=4 keywords: @@ -19,6 +19,4 @@ annotations: url: https://argoproj.github.io/argo-helm/pgp_keys.asc artifacthub.io/changes: | - kind: changed - description: Upgrade Argo Events to v1.8.0 - - kind: added - description: Add managed namespace configuration + description: Upgrade Argo Events to v1.8.1 diff --git a/charts/argo-rollouts/Chart.yaml b/charts/argo-rollouts/Chart.yaml index 671754697..457f76a09 100644 --- a/charts/argo-rollouts/Chart.yaml +++ b/charts/argo-rollouts/Chart.yaml @@ -1,8 +1,8 @@ apiVersion: v2 -appVersion: v1.5.0 +appVersion: v1.6.0 description: A Helm chart for Argo Rollouts name: argo-rollouts -version: 2.31.0 +version: 2.32.0 home: https://github.com/argoproj/argo-helm icon: https://argoproj.github.io/argo-rollouts/assets/logo.png keywords: @@ -18,5 +18,5 @@ annotations: fingerprint: 2B8F22F57260EFA67BE1C5824B11F800CD9D2252 url: https://argoproj.github.io/argo-helm/pgp_keys.asc artifacthub.io/changes: | - - kind: added - description: Support Traffic Router Plugins + - kind: changed + description: Upgrade Argo Rollouts to v1.6.0 diff --git a/charts/argo-rollouts/README.md b/charts/argo-rollouts/README.md index 5add40c3e..b91989988 100644 --- a/charts/argo-rollouts/README.md +++ b/charts/argo-rollouts/README.md @@ -91,12 +91,14 @@ For full list of changes please check ArtifactHub [changelog]. | controller.livenessProbe | object | See [values.yaml] | Configure liveness [probe] for the controller | | controller.metricProviderPlugins | object | `{}` | Configures 3rd party metric providers for controller | | controller.metrics.enabled | bool | `false` | Deploy metrics service | +| controller.metrics.service.annotations | object | `{}` | Service annotations | | controller.metrics.service.port | int | `8090` | Metrics service port | | controller.metrics.service.portName | string | `"metrics"` | Metrics service port name | | controller.metrics.serviceMonitor.additionalAnnotations | object | `{}` | Annotations to be added to the ServiceMonitor | | controller.metrics.serviceMonitor.additionalLabels | object | `{}` | Labels to be added to the ServiceMonitor | | controller.metrics.serviceMonitor.enabled | bool | `false` | Enable a prometheus ServiceMonitor | | controller.metrics.serviceMonitor.metricRelabelings | list | `[]` | MetricRelabelConfigs to apply to samples before ingestion | +| controller.metrics.serviceMonitor.namespace | string | `""` | Namespace to be used for the ServiceMonitor | | controller.metrics.serviceMonitor.relabelings | list | `[]` | RelabelConfigs to apply to samples before scraping | | controller.nodeSelector | object | `{}` | [Node selector] | | controller.pdb.annotations | object | `{}` | Annotations to be added to controller [Pod Disruption Budget] | diff --git a/charts/argo-rollouts/ci/enable-extra-objects-values.yaml b/charts/argo-rollouts/ci/enable-extra-objects-values.yaml new file mode 100644 index 000000000..8d18ecd30 --- /dev/null +++ b/charts/argo-rollouts/ci/enable-extra-objects-values.yaml @@ -0,0 +1,14 @@ +# Test with extraObjects enabled +# Do not deploy the CRDs as they are already present from the previous test +installCRDs: false + +extraObjects: + - apiVersion: v1 + kind: Secret + metadata: + name: datadog + type: Opaque + data: + address: aHR0cHM6Ly9hcGkuZGF0YWRvZ2hxLmNvbQo= # https://api.datadoghq.com + api-key: dGVzdC1hcGkta2V5Cg== # test-api-key + app-key: dGVzdC1hcHAta2V5Cg== # test-app-key diff --git a/charts/argo-rollouts/templates/controller/clusterrole.yaml b/charts/argo-rollouts/templates/controller/clusterrole.yaml index 964daed3d..ab0f7ee15 100644 --- a/charts/argo-rollouts/templates/controller/clusterrole.yaml +++ b/charts/argo-rollouts/templates/controller/clusterrole.yaml @@ -135,6 +135,7 @@ rules: - get - list - watch + - update - patch # job access needed for analysis template job metrics - apiGroups: diff --git a/charts/argo-rollouts/templates/controller/metrics-service.yaml b/charts/argo-rollouts/templates/controller/metrics-service.yaml index e04d326a8..671a08374 100644 --- a/charts/argo-rollouts/templates/controller/metrics-service.yaml +++ b/charts/argo-rollouts/templates/controller/metrics-service.yaml @@ -7,8 +7,11 @@ metadata: labels: app.kubernetes.io/component: {{ .Values.controller.component }} {{- include "argo-rollouts.labels" . | nindent 4 }} - {{- with .Values.serviceAnnotations }} annotations: + {{- with .Values.serviceAnnotations }} + {{- toYaml . | nindent 4 }} + {{- end }} + {{- with .Values.controller.metrics.service.annotations }} {{- toYaml . | nindent 4 }} {{- end }} spec: diff --git a/charts/argo-rollouts/templates/controller/role.yaml b/charts/argo-rollouts/templates/controller/role.yaml index e3b80672b..eb69db628 100644 --- a/charts/argo-rollouts/templates/controller/role.yaml +++ b/charts/argo-rollouts/templates/controller/role.yaml @@ -136,6 +136,7 @@ rules: - get - list - watch + - update - patch # job access needed for analysis template job metrics - apiGroups: diff --git a/charts/argo-rollouts/templates/controller/servicemonitor.yaml b/charts/argo-rollouts/templates/controller/servicemonitor.yaml index 62713764e..d7ab901e3 100644 --- a/charts/argo-rollouts/templates/controller/servicemonitor.yaml +++ b/charts/argo-rollouts/templates/controller/servicemonitor.yaml @@ -3,7 +3,7 @@ apiVersion: monitoring.coreos.com/v1 kind: ServiceMonitor metadata: name: {{ include "argo-rollouts.fullname" . }} - namespace: {{ .Release.Namespace | quote }} + namespace: {{ default .Release.Namespace .Values.controller.metrics.serviceMonitor.namespace | quote }} labels: app.kubernetes.io/component: {{ .Values.controller.component }} {{- include "argo-rollouts.labels" . | nindent 4 }} diff --git a/charts/argo-rollouts/templates/crds/analysis-run-crd.yaml b/charts/argo-rollouts/templates/crds/analysis-run-crd.yaml index bc2e61dbc..7324e908c 100644 --- a/charts/argo-rollouts/templates/crds/analysis-run-crd.yaml +++ b/charts/argo-rollouts/templates/crds/analysis-run-crd.yaml @@ -3,7 +3,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.7.0 + controller-gen.kubebuilder.io/version: v0.12.1 {{- if .Values.keepCRDs }} "helm.sh/resource-policy": keep {{- end }} @@ -310,6 +310,7 @@ spec: type: string type: object type: object + x-kubernetes-map-type: atomic suspend: type: boolean template: @@ -372,6 +373,7 @@ spec: type: object type: array type: object + x-kubernetes-map-type: atomic weight: format: int32 type: integer @@ -418,10 +420,12 @@ spec: type: object type: array type: object + x-kubernetes-map-type: atomic type: array required: - nodeSelectorTerms type: object + x-kubernetes-map-type: atomic type: object podAffinity: properties: @@ -453,6 +457,7 @@ spec: type: string type: object type: object + x-kubernetes-map-type: atomic namespaceSelector: properties: matchExpressions: @@ -476,6 +481,7 @@ spec: type: string type: object type: object + x-kubernetes-map-type: atomic namespaces: items: type: string @@ -519,6 +525,7 @@ spec: type: string type: object type: object + x-kubernetes-map-type: atomic namespaceSelector: properties: matchExpressions: @@ -542,6 +549,7 @@ spec: type: string type: object type: object + x-kubernetes-map-type: atomic namespaces: items: type: string @@ -583,6 +591,7 @@ spec: type: string type: object type: object + x-kubernetes-map-type: atomic namespaceSelector: properties: matchExpressions: @@ -606,6 +615,7 @@ spec: type: string type: object type: object + x-kubernetes-map-type: atomic namespaces: items: type: string @@ -649,6 +659,7 @@ spec: type: string type: object type: object + x-kubernetes-map-type: atomic namespaceSelector: properties: matchExpressions: @@ -672,6 +683,7 @@ spec: type: string type: object type: object + x-kubernetes-map-type: atomic namespaces: items: type: string @@ -717,6 +729,7 @@ spec: required: - key type: object + x-kubernetes-map-type: atomic fieldRef: properties: apiVersion: @@ -726,6 +739,7 @@ spec: required: - fieldPath type: object + x-kubernetes-map-type: atomic resourceFieldRef: properties: containerName: @@ -741,6 +755,7 @@ spec: required: - resource type: object + x-kubernetes-map-type: atomic secretKeyRef: properties: key: @@ -752,6 +767,7 @@ spec: required: - key type: object + x-kubernetes-map-type: atomic type: object required: - name @@ -767,6 +783,7 @@ spec: optional: type: boolean type: object + x-kubernetes-map-type: atomic prefix: type: string secretRef: @@ -776,6 +793,7 @@ spec: optional: type: boolean type: object + x-kubernetes-map-type: atomic type: object type: array image: @@ -1316,6 +1334,7 @@ spec: required: - key type: object + x-kubernetes-map-type: atomic fieldRef: properties: apiVersion: @@ -1325,6 +1344,7 @@ spec: required: - fieldPath type: object + x-kubernetes-map-type: atomic resourceFieldRef: properties: containerName: @@ -1340,6 +1360,7 @@ spec: required: - resource type: object + x-kubernetes-map-type: atomic secretKeyRef: properties: key: @@ -1351,6 +1372,7 @@ spec: required: - key type: object + x-kubernetes-map-type: atomic type: object required: - name @@ -1366,6 +1388,7 @@ spec: optional: type: boolean type: object + x-kubernetes-map-type: atomic prefix: type: string secretRef: @@ -1375,6 +1398,7 @@ spec: optional: type: boolean type: object + x-kubernetes-map-type: atomic type: object type: array image: @@ -1889,6 +1913,7 @@ spec: name: type: string type: object + x-kubernetes-map-type: atomic type: array initContainers: items: @@ -1921,6 +1946,7 @@ spec: required: - key type: object + x-kubernetes-map-type: atomic fieldRef: properties: apiVersion: @@ -1930,6 +1956,7 @@ spec: required: - fieldPath type: object + x-kubernetes-map-type: atomic resourceFieldRef: properties: containerName: @@ -1945,6 +1972,7 @@ spec: required: - resource type: object + x-kubernetes-map-type: atomic secretKeyRef: properties: key: @@ -1956,6 +1984,7 @@ spec: required: - key type: object + x-kubernetes-map-type: atomic type: object required: - name @@ -1971,6 +2000,7 @@ spec: optional: type: boolean type: object + x-kubernetes-map-type: atomic prefix: type: string secretRef: @@ -1980,6 +2010,7 @@ spec: optional: type: boolean type: object + x-kubernetes-map-type: atomic type: object type: array image: @@ -2628,6 +2659,7 @@ spec: type: string type: object type: object + x-kubernetes-map-type: atomic matchLabelKeys: items: type: string @@ -2775,8 +2807,37 @@ spec: properties: address: type: string + authentication: + properties: + sigv4: + properties: + profile: + type: string + region: + type: string + roleArn: + type: string + type: object + type: object + headers: + items: + properties: + key: + type: string + value: + type: string + required: + - key + - value + type: object + type: array + insecure: + type: boolean query: type: string + timeout: + format: int64 + type: integer type: object skywalking: properties: diff --git a/charts/argo-rollouts/templates/crds/analysis-template-crd.yaml b/charts/argo-rollouts/templates/crds/analysis-template-crd.yaml index 2c73c5c96..934790970 100644 --- a/charts/argo-rollouts/templates/crds/analysis-template-crd.yaml +++ b/charts/argo-rollouts/templates/crds/analysis-template-crd.yaml @@ -3,7 +3,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.7.0 + controller-gen.kubebuilder.io/version: v0.12.1 {{- if .Values.keepCRDs }} "helm.sh/resource-policy": keep {{- end }} @@ -306,6 +306,7 @@ spec: type: string type: object type: object + x-kubernetes-map-type: atomic suspend: type: boolean template: @@ -368,6 +369,7 @@ spec: type: object type: array type: object + x-kubernetes-map-type: atomic weight: format: int32 type: integer @@ -414,10 +416,12 @@ spec: type: object type: array type: object + x-kubernetes-map-type: atomic type: array required: - nodeSelectorTerms type: object + x-kubernetes-map-type: atomic type: object podAffinity: properties: @@ -449,6 +453,7 @@ spec: type: string type: object type: object + x-kubernetes-map-type: atomic namespaceSelector: properties: matchExpressions: @@ -472,6 +477,7 @@ spec: type: string type: object type: object + x-kubernetes-map-type: atomic namespaces: items: type: string @@ -515,6 +521,7 @@ spec: type: string type: object type: object + x-kubernetes-map-type: atomic namespaceSelector: properties: matchExpressions: @@ -538,6 +545,7 @@ spec: type: string type: object type: object + x-kubernetes-map-type: atomic namespaces: items: type: string @@ -579,6 +587,7 @@ spec: type: string type: object type: object + x-kubernetes-map-type: atomic namespaceSelector: properties: matchExpressions: @@ -602,6 +611,7 @@ spec: type: string type: object type: object + x-kubernetes-map-type: atomic namespaces: items: type: string @@ -645,6 +655,7 @@ spec: type: string type: object type: object + x-kubernetes-map-type: atomic namespaceSelector: properties: matchExpressions: @@ -668,6 +679,7 @@ spec: type: string type: object type: object + x-kubernetes-map-type: atomic namespaces: items: type: string @@ -713,6 +725,7 @@ spec: required: - key type: object + x-kubernetes-map-type: atomic fieldRef: properties: apiVersion: @@ -722,6 +735,7 @@ spec: required: - fieldPath type: object + x-kubernetes-map-type: atomic resourceFieldRef: properties: containerName: @@ -737,6 +751,7 @@ spec: required: - resource type: object + x-kubernetes-map-type: atomic secretKeyRef: properties: key: @@ -748,6 +763,7 @@ spec: required: - key type: object + x-kubernetes-map-type: atomic type: object required: - name @@ -763,6 +779,7 @@ spec: optional: type: boolean type: object + x-kubernetes-map-type: atomic prefix: type: string secretRef: @@ -772,6 +789,7 @@ spec: optional: type: boolean type: object + x-kubernetes-map-type: atomic type: object type: array image: @@ -1312,6 +1330,7 @@ spec: required: - key type: object + x-kubernetes-map-type: atomic fieldRef: properties: apiVersion: @@ -1321,6 +1340,7 @@ spec: required: - fieldPath type: object + x-kubernetes-map-type: atomic resourceFieldRef: properties: containerName: @@ -1336,6 +1356,7 @@ spec: required: - resource type: object + x-kubernetes-map-type: atomic secretKeyRef: properties: key: @@ -1347,6 +1368,7 @@ spec: required: - key type: object + x-kubernetes-map-type: atomic type: object required: - name @@ -1362,6 +1384,7 @@ spec: optional: type: boolean type: object + x-kubernetes-map-type: atomic prefix: type: string secretRef: @@ -1371,6 +1394,7 @@ spec: optional: type: boolean type: object + x-kubernetes-map-type: atomic type: object type: array image: @@ -1885,6 +1909,7 @@ spec: name: type: string type: object + x-kubernetes-map-type: atomic type: array initContainers: items: @@ -1917,6 +1942,7 @@ spec: required: - key type: object + x-kubernetes-map-type: atomic fieldRef: properties: apiVersion: @@ -1926,6 +1952,7 @@ spec: required: - fieldPath type: object + x-kubernetes-map-type: atomic resourceFieldRef: properties: containerName: @@ -1941,6 +1968,7 @@ spec: required: - resource type: object + x-kubernetes-map-type: atomic secretKeyRef: properties: key: @@ -1952,6 +1980,7 @@ spec: required: - key type: object + x-kubernetes-map-type: atomic type: object required: - name @@ -1967,6 +1996,7 @@ spec: optional: type: boolean type: object + x-kubernetes-map-type: atomic prefix: type: string secretRef: @@ -1976,6 +2006,7 @@ spec: optional: type: boolean type: object + x-kubernetes-map-type: atomic type: object type: array image: @@ -2624,6 +2655,7 @@ spec: type: string type: object type: object + x-kubernetes-map-type: atomic matchLabelKeys: items: type: string @@ -2771,8 +2803,37 @@ spec: properties: address: type: string + authentication: + properties: + sigv4: + properties: + profile: + type: string + region: + type: string + roleArn: + type: string + type: object + type: object + headers: + items: + properties: + key: + type: string + value: + type: string + required: + - key + - value + type: object + type: array + insecure: + type: boolean query: type: string + timeout: + format: int64 + type: integer type: object skywalking: properties: diff --git a/charts/argo-rollouts/templates/crds/cluster-analysis-template-crd.yaml b/charts/argo-rollouts/templates/crds/cluster-analysis-template-crd.yaml index 612608de4..669773748 100644 --- a/charts/argo-rollouts/templates/crds/cluster-analysis-template-crd.yaml +++ b/charts/argo-rollouts/templates/crds/cluster-analysis-template-crd.yaml @@ -3,7 +3,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.7.0 + controller-gen.kubebuilder.io/version: v0.12.1 {{- if .Values.keepCRDs }} "helm.sh/resource-policy": keep {{- end }} @@ -306,6 +306,7 @@ spec: type: string type: object type: object + x-kubernetes-map-type: atomic suspend: type: boolean template: @@ -368,6 +369,7 @@ spec: type: object type: array type: object + x-kubernetes-map-type: atomic weight: format: int32 type: integer @@ -414,10 +416,12 @@ spec: type: object type: array type: object + x-kubernetes-map-type: atomic type: array required: - nodeSelectorTerms type: object + x-kubernetes-map-type: atomic type: object podAffinity: properties: @@ -449,6 +453,7 @@ spec: type: string type: object type: object + x-kubernetes-map-type: atomic namespaceSelector: properties: matchExpressions: @@ -472,6 +477,7 @@ spec: type: string type: object type: object + x-kubernetes-map-type: atomic namespaces: items: type: string @@ -515,6 +521,7 @@ spec: type: string type: object type: object + x-kubernetes-map-type: atomic namespaceSelector: properties: matchExpressions: @@ -538,6 +545,7 @@ spec: type: string type: object type: object + x-kubernetes-map-type: atomic namespaces: items: type: string @@ -579,6 +587,7 @@ spec: type: string type: object type: object + x-kubernetes-map-type: atomic namespaceSelector: properties: matchExpressions: @@ -602,6 +611,7 @@ spec: type: string type: object type: object + x-kubernetes-map-type: atomic namespaces: items: type: string @@ -645,6 +655,7 @@ spec: type: string type: object type: object + x-kubernetes-map-type: atomic namespaceSelector: properties: matchExpressions: @@ -668,6 +679,7 @@ spec: type: string type: object type: object + x-kubernetes-map-type: atomic namespaces: items: type: string @@ -713,6 +725,7 @@ spec: required: - key type: object + x-kubernetes-map-type: atomic fieldRef: properties: apiVersion: @@ -722,6 +735,7 @@ spec: required: - fieldPath type: object + x-kubernetes-map-type: atomic resourceFieldRef: properties: containerName: @@ -737,6 +751,7 @@ spec: required: - resource type: object + x-kubernetes-map-type: atomic secretKeyRef: properties: key: @@ -748,6 +763,7 @@ spec: required: - key type: object + x-kubernetes-map-type: atomic type: object required: - name @@ -763,6 +779,7 @@ spec: optional: type: boolean type: object + x-kubernetes-map-type: atomic prefix: type: string secretRef: @@ -772,6 +789,7 @@ spec: optional: type: boolean type: object + x-kubernetes-map-type: atomic type: object type: array image: @@ -1312,6 +1330,7 @@ spec: required: - key type: object + x-kubernetes-map-type: atomic fieldRef: properties: apiVersion: @@ -1321,6 +1340,7 @@ spec: required: - fieldPath type: object + x-kubernetes-map-type: atomic resourceFieldRef: properties: containerName: @@ -1336,6 +1356,7 @@ spec: required: - resource type: object + x-kubernetes-map-type: atomic secretKeyRef: properties: key: @@ -1347,6 +1368,7 @@ spec: required: - key type: object + x-kubernetes-map-type: atomic type: object required: - name @@ -1362,6 +1384,7 @@ spec: optional: type: boolean type: object + x-kubernetes-map-type: atomic prefix: type: string secretRef: @@ -1371,6 +1394,7 @@ spec: optional: type: boolean type: object + x-kubernetes-map-type: atomic type: object type: array image: @@ -1885,6 +1909,7 @@ spec: name: type: string type: object + x-kubernetes-map-type: atomic type: array initContainers: items: @@ -1917,6 +1942,7 @@ spec: required: - key type: object + x-kubernetes-map-type: atomic fieldRef: properties: apiVersion: @@ -1926,6 +1952,7 @@ spec: required: - fieldPath type: object + x-kubernetes-map-type: atomic resourceFieldRef: properties: containerName: @@ -1941,6 +1968,7 @@ spec: required: - resource type: object + x-kubernetes-map-type: atomic secretKeyRef: properties: key: @@ -1952,6 +1980,7 @@ spec: required: - key type: object + x-kubernetes-map-type: atomic type: object required: - name @@ -1967,6 +1996,7 @@ spec: optional: type: boolean type: object + x-kubernetes-map-type: atomic prefix: type: string secretRef: @@ -1976,6 +2006,7 @@ spec: optional: type: boolean type: object + x-kubernetes-map-type: atomic type: object type: array image: @@ -2624,6 +2655,7 @@ spec: type: string type: object type: object + x-kubernetes-map-type: atomic matchLabelKeys: items: type: string @@ -2771,8 +2803,37 @@ spec: properties: address: type: string + authentication: + properties: + sigv4: + properties: + profile: + type: string + region: + type: string + roleArn: + type: string + type: object + type: object + headers: + items: + properties: + key: + type: string + value: + type: string + required: + - key + - value + type: object + type: array + insecure: + type: boolean query: type: string + timeout: + format: int64 + type: integer type: object skywalking: properties: diff --git a/charts/argo-rollouts/templates/crds/experiment-crd.yaml b/charts/argo-rollouts/templates/crds/experiment-crd.yaml index acf989351..2f60d415b 100644 --- a/charts/argo-rollouts/templates/crds/experiment-crd.yaml +++ b/charts/argo-rollouts/templates/crds/experiment-crd.yaml @@ -3,7 +3,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.7.0 + controller-gen.kubebuilder.io/version: v0.12.1 {{- if .Values.keepCRDs }} "helm.sh/resource-policy": keep {{- end }} @@ -158,6 +158,7 @@ spec: type: string type: object type: object + x-kubernetes-map-type: atomic service: properties: name: @@ -223,6 +224,7 @@ spec: type: object type: array type: object + x-kubernetes-map-type: atomic weight: format: int32 type: integer @@ -269,10 +271,12 @@ spec: type: object type: array type: object + x-kubernetes-map-type: atomic type: array required: - nodeSelectorTerms type: object + x-kubernetes-map-type: atomic type: object podAffinity: properties: @@ -304,6 +308,7 @@ spec: type: string type: object type: object + x-kubernetes-map-type: atomic namespaceSelector: properties: matchExpressions: @@ -327,6 +332,7 @@ spec: type: string type: object type: object + x-kubernetes-map-type: atomic namespaces: items: type: string @@ -370,6 +376,7 @@ spec: type: string type: object type: object + x-kubernetes-map-type: atomic namespaceSelector: properties: matchExpressions: @@ -393,6 +400,7 @@ spec: type: string type: object type: object + x-kubernetes-map-type: atomic namespaces: items: type: string @@ -434,6 +442,7 @@ spec: type: string type: object type: object + x-kubernetes-map-type: atomic namespaceSelector: properties: matchExpressions: @@ -457,6 +466,7 @@ spec: type: string type: object type: object + x-kubernetes-map-type: atomic namespaces: items: type: string @@ -500,6 +510,7 @@ spec: type: string type: object type: object + x-kubernetes-map-type: atomic namespaceSelector: properties: matchExpressions: @@ -523,6 +534,7 @@ spec: type: string type: object type: object + x-kubernetes-map-type: atomic namespaces: items: type: string @@ -568,6 +580,7 @@ spec: required: - key type: object + x-kubernetes-map-type: atomic fieldRef: properties: apiVersion: @@ -577,6 +590,7 @@ spec: required: - fieldPath type: object + x-kubernetes-map-type: atomic resourceFieldRef: properties: containerName: @@ -592,6 +606,7 @@ spec: required: - resource type: object + x-kubernetes-map-type: atomic secretKeyRef: properties: key: @@ -603,6 +618,7 @@ spec: required: - key type: object + x-kubernetes-map-type: atomic type: object required: - name @@ -618,6 +634,7 @@ spec: optional: type: boolean type: object + x-kubernetes-map-type: atomic prefix: type: string secretRef: @@ -627,6 +644,7 @@ spec: optional: type: boolean type: object + x-kubernetes-map-type: atomic type: object type: array image: @@ -1167,6 +1185,7 @@ spec: required: - key type: object + x-kubernetes-map-type: atomic fieldRef: properties: apiVersion: @@ -1176,6 +1195,7 @@ spec: required: - fieldPath type: object + x-kubernetes-map-type: atomic resourceFieldRef: properties: containerName: @@ -1191,6 +1211,7 @@ spec: required: - resource type: object + x-kubernetes-map-type: atomic secretKeyRef: properties: key: @@ -1202,6 +1223,7 @@ spec: required: - key type: object + x-kubernetes-map-type: atomic type: object required: - name @@ -1217,6 +1239,7 @@ spec: optional: type: boolean type: object + x-kubernetes-map-type: atomic prefix: type: string secretRef: @@ -1226,6 +1249,7 @@ spec: optional: type: boolean type: object + x-kubernetes-map-type: atomic type: object type: array image: @@ -1740,6 +1764,7 @@ spec: name: type: string type: object + x-kubernetes-map-type: atomic type: array initContainers: items: @@ -1772,6 +1797,7 @@ spec: required: - key type: object + x-kubernetes-map-type: atomic fieldRef: properties: apiVersion: @@ -1781,6 +1807,7 @@ spec: required: - fieldPath type: object + x-kubernetes-map-type: atomic resourceFieldRef: properties: containerName: @@ -1796,6 +1823,7 @@ spec: required: - resource type: object + x-kubernetes-map-type: atomic secretKeyRef: properties: key: @@ -1807,6 +1835,7 @@ spec: required: - key type: object + x-kubernetes-map-type: atomic type: object required: - name @@ -1822,6 +1851,7 @@ spec: optional: type: boolean type: object + x-kubernetes-map-type: atomic prefix: type: string secretRef: @@ -1831,6 +1861,7 @@ spec: optional: type: boolean type: object + x-kubernetes-map-type: atomic type: object type: array image: @@ -2479,6 +2510,7 @@ spec: type: string type: object type: object + x-kubernetes-map-type: atomic matchLabelKeys: items: type: string diff --git a/charts/argo-rollouts/templates/crds/rollout-crd.yaml b/charts/argo-rollouts/templates/crds/rollout-crd.yaml index 0fafbab35..7faf37904 100644 --- a/charts/argo-rollouts/templates/crds/rollout-crd.yaml +++ b/charts/argo-rollouts/templates/crds/rollout-crd.yaml @@ -3,7 +3,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.7.0 + controller-gen.kubebuilder.io/version: v0.12.1 {{- if .Values.keepCRDs }} "helm.sh/resource-policy": keep {{- end }} @@ -118,6 +118,7 @@ spec: type: string type: object type: object + x-kubernetes-map-type: atomic strategy: properties: blueGreen: @@ -624,6 +625,7 @@ spec: type: string type: object type: object + x-kubernetes-map-type: atomic service: properties: name: @@ -742,6 +744,10 @@ spec: type: string ingress: type: string + ingresses: + items: + type: string + type: array rootService: type: string servicePort: @@ -759,7 +765,6 @@ spec: - enabled type: object required: - - ingress - servicePort type: object ambassador: @@ -1003,6 +1008,7 @@ spec: type: object type: array type: object + x-kubernetes-map-type: atomic weight: format: int32 type: integer @@ -1049,10 +1055,12 @@ spec: type: object type: array type: object + x-kubernetes-map-type: atomic type: array required: - nodeSelectorTerms type: object + x-kubernetes-map-type: atomic type: object podAffinity: properties: @@ -1084,6 +1092,7 @@ spec: type: string type: object type: object + x-kubernetes-map-type: atomic namespaceSelector: properties: matchExpressions: @@ -1107,6 +1116,7 @@ spec: type: string type: object type: object + x-kubernetes-map-type: atomic namespaces: items: type: string @@ -1150,6 +1160,7 @@ spec: type: string type: object type: object + x-kubernetes-map-type: atomic namespaceSelector: properties: matchExpressions: @@ -1173,6 +1184,7 @@ spec: type: string type: object type: object + x-kubernetes-map-type: atomic namespaces: items: type: string @@ -1214,6 +1226,7 @@ spec: type: string type: object type: object + x-kubernetes-map-type: atomic namespaceSelector: properties: matchExpressions: @@ -1237,6 +1250,7 @@ spec: type: string type: object type: object + x-kubernetes-map-type: atomic namespaces: items: type: string @@ -1280,6 +1294,7 @@ spec: type: string type: object type: object + x-kubernetes-map-type: atomic namespaceSelector: properties: matchExpressions: @@ -1303,6 +1318,7 @@ spec: type: string type: object type: object + x-kubernetes-map-type: atomic namespaces: items: type: string @@ -1348,6 +1364,7 @@ spec: required: - key type: object + x-kubernetes-map-type: atomic fieldRef: properties: apiVersion: @@ -1357,6 +1374,7 @@ spec: required: - fieldPath type: object + x-kubernetes-map-type: atomic resourceFieldRef: properties: containerName: @@ -1372,6 +1390,7 @@ spec: required: - resource type: object + x-kubernetes-map-type: atomic secretKeyRef: properties: key: @@ -1383,6 +1402,7 @@ spec: required: - key type: object + x-kubernetes-map-type: atomic type: object required: - name @@ -1398,6 +1418,7 @@ spec: optional: type: boolean type: object + x-kubernetes-map-type: atomic prefix: type: string secretRef: @@ -1407,6 +1428,7 @@ spec: optional: type: boolean type: object + x-kubernetes-map-type: atomic type: object type: array image: @@ -1947,6 +1969,7 @@ spec: required: - key type: object + x-kubernetes-map-type: atomic fieldRef: properties: apiVersion: @@ -1956,6 +1979,7 @@ spec: required: - fieldPath type: object + x-kubernetes-map-type: atomic resourceFieldRef: properties: containerName: @@ -1971,6 +1995,7 @@ spec: required: - resource type: object + x-kubernetes-map-type: atomic secretKeyRef: properties: key: @@ -1982,6 +2007,7 @@ spec: required: - key type: object + x-kubernetes-map-type: atomic type: object required: - name @@ -1997,6 +2023,7 @@ spec: optional: type: boolean type: object + x-kubernetes-map-type: atomic prefix: type: string secretRef: @@ -2006,6 +2033,7 @@ spec: optional: type: boolean type: object + x-kubernetes-map-type: atomic type: object type: array image: @@ -2520,6 +2548,7 @@ spec: name: type: string type: object + x-kubernetes-map-type: atomic type: array initContainers: items: @@ -2552,6 +2581,7 @@ spec: required: - key type: object + x-kubernetes-map-type: atomic fieldRef: properties: apiVersion: @@ -2561,6 +2591,7 @@ spec: required: - fieldPath type: object + x-kubernetes-map-type: atomic resourceFieldRef: properties: containerName: @@ -2576,6 +2607,7 @@ spec: required: - resource type: object + x-kubernetes-map-type: atomic secretKeyRef: properties: key: @@ -2587,6 +2619,7 @@ spec: required: - key type: object + x-kubernetes-map-type: atomic type: object required: - name @@ -2602,6 +2635,7 @@ spec: optional: type: boolean type: object + x-kubernetes-map-type: atomic prefix: type: string secretRef: @@ -2611,6 +2645,7 @@ spec: optional: type: boolean type: object + x-kubernetes-map-type: atomic type: object type: array image: @@ -3259,6 +3294,7 @@ spec: type: string type: object type: object + x-kubernetes-map-type: atomic matchLabelKeys: items: type: string @@ -3328,9 +3364,10 @@ spec: type: string required: - arn - - fullName - name type: object + ingress: + type: string loadBalancer: properties: arn: @@ -3341,7 +3378,6 @@ spec: type: string required: - arn - - fullName - name type: object stableTargetGroup: @@ -3354,10 +3390,52 @@ spec: type: string required: - arn - - fullName - name type: object type: object + albs: + items: + properties: + canaryTargetGroup: + properties: + arn: + type: string + fullName: + type: string + name: + type: string + required: + - arn + - name + type: object + ingress: + type: string + loadBalancer: + properties: + arn: + type: string + fullName: + type: string + name: + type: string + required: + - arn + - name + type: object + stableTargetGroup: + properties: + arn: + type: string + fullName: + type: string + name: + type: string + required: + - arn + - name + type: object + type: object + type: array availableReplicas: format: int32 type: integer diff --git a/charts/argo-rollouts/templates/extra-manifests.yaml b/charts/argo-rollouts/templates/extra-manifests.yaml index f17b1a93b..fc9a76b88 100644 --- a/charts/argo-rollouts/templates/extra-manifests.yaml +++ b/charts/argo-rollouts/templates/extra-manifests.yaml @@ -1,6 +1,6 @@ {{ range .Values.extraObjects }} --- -{{- if typeIs "string" . }} +{{ if typeIs "string" . }} {{- tpl . $ }} {{- else }} {{- tpl (toYaml .) $ }} diff --git a/charts/argo-rollouts/values.yaml b/charts/argo-rollouts/values.yaml index b81ee53a9..b711ee37d 100644 --- a/charts/argo-rollouts/values.yaml +++ b/charts/argo-rollouts/values.yaml @@ -127,9 +127,13 @@ controller: portName: metrics # -- Metrics service port port: 8090 + # -- Service annotations + annotations: {} serviceMonitor: # -- Enable a prometheus ServiceMonitor enabled: false + # -- Namespace to be used for the ServiceMonitor + namespace: "" # -- Labels to be added to the ServiceMonitor additionalLabels: {} # -- Annotations to be added to the ServiceMonitor diff --git a/charts/argo-workflows/Chart.yaml b/charts/argo-workflows/Chart.yaml index ade0d8b5d..85de8f7e5 100644 --- a/charts/argo-workflows/Chart.yaml +++ b/charts/argo-workflows/Chart.yaml @@ -1,9 +1,9 @@ apiVersion: v2 -appVersion: v3.4.8 +appVersion: v3.4.11 name: argo-workflows description: A Helm chart for Argo Workflows type: application -version: 0.31.0 +version: 0.33.3 icon: https://argoproj.github.io/argo-workflows/assets/logo.png home: https://github.com/argoproj/argo-helm sources: @@ -16,5 +16,5 @@ annotations: fingerprint: 2B8F22F57260EFA67BE1C5824B11F800CD9D2252 url: https://argoproj.github.io/argo-helm/pgp_keys.asc artifacthub.io/changes: | - - kind: added - description: Add support for artifactRepositoryRef + - kind: fixed + description: Add HA docs and example diff --git a/charts/argo-workflows/README.md b/charts/argo-workflows/README.md index b445df25a..732baecdd 100644 --- a/charts/argo-workflows/README.md +++ b/charts/argo-workflows/README.md @@ -75,6 +75,11 @@ For full list of changes, please check ArtifactHub [changelog]. ## Usage Notes +### High Availability + +This chart installs the non-HA version of Argo Workflows by default. If you want to run in HA mode, you can use [these example values](ci/ha-values.yaml) as a starting point. +Please see the upstream [Operator Manual's High Availability page](https://argoproj.github.io/argo-workflows/high-availability/) to understand how to scale Argo Workflows in depth. + ### Workflow controller This chart defaults to setting the `controller.instanceID.enabled` to `false` now, which means the deployed controller will act upon any workflow deployed to the cluster. If you would like to limit the behavior and deploy multiple workflow controllers, please use the `controller.instanceID.enabled` attribute along with one of its configuration options to set the `instanceID` of the workflow controller to be properly scoped for your needs. @@ -127,6 +132,7 @@ Fields to note: | workflow.serviceAccount.create | bool | `false` | Specifies whether a service account should be created | | workflow.serviceAccount.labels | object | `{}` | Labels applied to created service account | | workflow.serviceAccount.name | string | `"argo-workflow"` | Service account which is used to run workflows | +| workflow.serviceAccount.pullSecrets | list | `[]` | Secrets with credentials to pull images from a private registry. Same format as `.Values.images.pullSecrets` | ### Workflow Controller @@ -230,6 +236,7 @@ Fields to note: | Key | Type | Default | Description | |-----|------|---------|-------------| +| executor.args | list | `[]` | Passes arguments to the executor processes | | executor.env | list | `[]` | Adds environment variables for the executor. | | executor.image.pullPolicy | string | `""` | Image PullPolicy to use for the Workflow Executors. Defaults to `.Values.images.pullPolicy`. | | executor.image.registry | string | `"quay.io"` | Registry to use for the Workflow Executors | diff --git a/charts/argo-workflows/README.md.gotmpl b/charts/argo-workflows/README.md.gotmpl index 8316e9a0a..60aa62afa 100644 --- a/charts/argo-workflows/README.md.gotmpl +++ b/charts/argo-workflows/README.md.gotmpl @@ -75,6 +75,11 @@ For full list of changes, please check ArtifactHub [changelog]. ## Usage Notes +### High Availability + +This chart installs the non-HA version of Argo Workflows by default. If you want to run in HA mode, you can use [these example values](ci/ha-values.yaml) as a starting point. +Please see the upstream [Operator Manual's High Availability page](https://argoproj.github.io/argo-workflows/high-availability/) to understand how to scale Argo Workflows in depth. + ### Workflow controller This chart defaults to setting the `controller.instanceID.enabled` to `false` now, which means the deployed controller will act upon any workflow deployed to the cluster. If you would like to limit the behavior and deploy multiple workflow controllers, please use the `controller.instanceID.enabled` attribute along with one of its configuration options to set the `instanceID` of the workflow controller to be properly scoped for your needs. diff --git a/charts/argo-workflows/ci/ha-values.yaml b/charts/argo-workflows/ci/ha-values.yaml new file mode 100644 index 000000000..3dfbb572a --- /dev/null +++ b/charts/argo-workflows/ci/ha-values.yaml @@ -0,0 +1,23 @@ +# Sample values for High Availability configuration, following https://argoproj.github.io/argo-workflows/high-availability/ + +controller: + # in v3.0+, a second controller can be ran as a hot-standby: https://argoproj.github.io/argo-workflows/high-availability/#workflow-controller + replicas: 2 # should be strictly greater than PDB minAvailable + # enable PDB with at least one Pod + pdb: + # -- Configure [Pod Disruption Budget] for the controller pods + enabled: true + minAvailable: 1 + +server: + # enable HPA with at least two Pods + autoscaling: + # -- Enable Horizontal Pod Autoscaler ([HPA]) for the Argo Server + enabled: true + # -- Minimum number of replicas for the Argo Server [HPA] + minReplicas: 2 # should be strictly greater than PDB minAvailable + # enable PDB with at least one Pod + pdb: + # -- Configure [Pod Disruption Budget] for the controller pods + enabled: true + minAvailable: 1 diff --git a/charts/argo-workflows/templates/controller/workflow-controller-config-map.yaml b/charts/argo-workflows/templates/controller/workflow-controller-config-map.yaml index 54a7be60d..a7c2cf2be 100644 --- a/charts/argo-workflows/templates/controller/workflow-controller-config-map.yaml +++ b/charts/argo-workflows/templates/controller/workflow-controller-config-map.yaml @@ -42,12 +42,15 @@ data: securityContext: {{- toYaml . | nindent 8 }} {{- end }} {{- end }} - {{- if or .Values.executor.resources .Values.executor.env .Values.executor.securityContext}} + {{- if or .Values.executor.resources .Values.executor.env .Values.executor.args .Values.executor.securityContext}} executor: imagePullPolicy: {{ default (.Values.images.pullPolicy) .Values.executor.image.pullPolicy }} {{- with .Values.executor.resources }} resources: {{- toYaml . | nindent 8 }} {{- end }} + {{- with .Values.executor.args }} + args: {{- toYaml . | nindent 8 }} + {{- end }} {{- with .Values.executor.env }} env: {{- toYaml . | nindent 8 }} {{- end }} diff --git a/charts/argo-workflows/templates/controller/workflow-sa.yaml b/charts/argo-workflows/templates/controller/workflow-sa.yaml index 8928b32e8..273487c48 100644 --- a/charts/argo-workflows/templates/controller/workflow-sa.yaml +++ b/charts/argo-workflows/templates/controller/workflow-sa.yaml @@ -17,5 +17,9 @@ metadata: annotations: {{- toYaml . | nindent 4 }} {{- end }} + {{- with $.Values.workflow.serviceAccount.pullSecrets }} +imagePullSecrets: + {{- toYaml . | nindent 2 }} + {{- end }} {{- end }} {{- end }} diff --git a/charts/argo-workflows/templates/server/server-cluster-roles.yaml b/charts/argo-workflows/templates/server/server-cluster-roles.yaml index 4afc1eb62..190fccece 100644 --- a/charts/argo-workflows/templates/server/server-cluster-roles.yaml +++ b/charts/argo-workflows/templates/server/server-cluster-roles.yaml @@ -49,7 +49,6 @@ rules: - sso verbs: - get - - update - apiGroups: - "" resources: @@ -73,8 +72,6 @@ rules: - secrets verbs: - get - - list - - watch {{- if and .Values.server.sso.enabled .Values.server.sso.rbac.enabled }} {{- with .Values.server.sso.rbac.secretWhitelist }} resourceNames: {{- toYaml . | nindent 4 }} diff --git a/charts/argo-workflows/values.yaml b/charts/argo-workflows/values.yaml index cd992c100..d6d224646 100644 --- a/charts/argo-workflows/values.yaml +++ b/charts/argo-workflows/values.yaml @@ -54,6 +54,8 @@ workflow: annotations: {} # -- Service account which is used to run workflows name: "argo-workflow" + # -- Secrets with credentials to pull images from a private registry. Same format as `.Values.images.pullSecrets` + pullSecrets: [] rbac: # -- Adds Role and RoleBinding for the above specified service account to be able to run workflows. # A Role and Rolebinding pair is also created for each namespace in controller.workflowNamespaces (see below) @@ -382,6 +384,8 @@ executor: pullPolicy: "" # -- Resource limits and requests for the Workflow Executors resources: {} + # -- Passes arguments to the executor processes + args: [] # -- Adds environment variables for the executor. env: [] # -- sets security context for the executor container @@ -748,7 +752,7 @@ artifactRepository: azure: {} # endpoint: https://mystorageaccountname.blob.core.windows.net # container: my-container-name - # blob: path/in/container + # blobNameFormat: path/in/container ## accountKeySecret is a secret selector. ## It references the k8s secret named 'my-azure-storage-credentials'. ## This secret is expected to have have the key 'account-access-key', diff --git a/charts/argocd-apps/Chart.yaml b/charts/argocd-apps/Chart.yaml index fc733b22f..5494db993 100644 --- a/charts/argocd-apps/Chart.yaml +++ b/charts/argocd-apps/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v2 name: argocd-apps description: A Helm chart for managing additional Argo CD Applications and Projects type: application -version: 1.2.0 +version: 1.4.1 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png keywords: @@ -17,5 +17,5 @@ annotations: fingerprint: 2B8F22F57260EFA67BE1C5824B11F800CD9D2252 url: https://argoproj.github.io/argo-helm/pgp_keys.asc artifacthub.io/changes: | - - kind: added - description: Rollout strategy for ApplicationSet + - kind: fixed + description: syncOptions for applications diff --git a/charts/argocd-apps/ci/applications-values.yaml b/charts/argocd-apps/ci/applications-values.yaml index 9d8b21bfb..28a627ff0 100644 --- a/charts/argocd-apps/ci/applications-values.yaml +++ b/charts/argocd-apps/ci/applications-values.yaml @@ -20,6 +20,8 @@ applications: automated: prune: false selfHeal: false + syncOptions: + - ApplyOutOfSyncOnly=true revisionHistoryLimit: null ignoreDifferences: - group: apps diff --git a/charts/argocd-apps/templates/projects.yaml b/charts/argocd-apps/templates/projects.yaml index f747d1b61..f4c273e8a 100644 --- a/charts/argocd-apps/templates/projects.yaml +++ b/charts/argocd-apps/templates/projects.yaml @@ -22,6 +22,9 @@ metadata: {{- toYaml . | nindent 4 }} {{- end }} spec: + {{- with .permitOnlyProjectScopedClusters }} + permitOnlyProjectScopedClusters: {{ . }} + {{- end }} description: {{ .description }} {{- with .sourceRepos }} sourceRepos: diff --git a/charts/argocd-apps/values.yaml b/charts/argocd-apps/values.yaml index 500849df7..a79963692 100644 --- a/charts/argocd-apps/values.yaml +++ b/charts/argocd-apps/values.yaml @@ -30,6 +30,8 @@ applications: [] # automated: # prune: false # selfHeal: false +# syncOptions: +# - CreateNamespace=true # revisionHistoryLimit: null # ignoreDifferences: # - group: apps @@ -48,6 +50,7 @@ projects: [] # namespace: argocd # additionalLabels: {} # additionalAnnotations: {} +# permitOnlyProjectScopedClusters: false # finalizers: # - resources-finalizer.argocd.argoproj.io # description: Example Project From bf1e4f2dde154a91e97c325748ca7e3681988cc9 Mon Sep 17 00:00:00 2001 From: Josh Soref <2119212+jsoref@users.noreply.github.com> Date: Wed, 13 Sep 2023 09:48:41 -0400 Subject: [PATCH 308/356] fix(github): Fix changelog spelling of versions (#2263) Signed-off-by: Josh Soref <2119212+jsoref@users.noreply.github.com> Co-authored-by: Aikawa --- CONTRIBUTING.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/CONTRIBUTING.md b/CONTRIBUTING.md index 1f7745b5f..d67ddefc5 100644 --- a/CONTRIBUTING.md +++ b/CONTRIBUTING.md @@ -64,7 +64,7 @@ Each release for each chart must be immutable. Any change to a chart (even just ### Chart Versioning -Currently we require a chart version bump for every change to a chart, including updating information for older verions. This may change in the future. +Currently we require a chart version bump for every change to a chart, including updating information for older versions. This may change in the future. ### Artifact Hub Annotations From 44ddf5986426379f120f111a91a69db95c2c4498 Mon Sep 17 00:00:00 2001 From: Aikawa Date: Thu, 14 Sep 2023 13:33:34 +0900 Subject: [PATCH 309/356] chore(argo-cd): Upgrade Argo CD to v2.8.4 (#2268) --- charts/argo-cd/Chart.yaml | 6 +++--- charts/argo-cd/templates/argocd-server/clusterrole.yaml | 2 ++ 2 files changed, 5 insertions(+), 3 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index 82e892e26..b56bf88fe 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -1,9 +1,9 @@ apiVersion: v2 -appVersion: v2.8.3 +appVersion: v2.8.4 kubeVersion: ">=1.23.0-0" description: A Helm chart for Argo CD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 5.46.2 +version: 5.46.3 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png sources: @@ -27,4 +27,4 @@ annotations: url: https://argoproj.github.io/argo-helm/pgp_keys.asc artifacthub.io/changes: | - kind: changed - description: Improve readme migration notes + description: Upgrade Argo CD to v2.8.4 diff --git a/charts/argo-cd/templates/argocd-server/clusterrole.yaml b/charts/argo-cd/templates/argocd-server/clusterrole.yaml index 3d2c44b55..838016fa0 100644 --- a/charts/argo-cd/templates/argocd-server/clusterrole.yaml +++ b/charts/argo-cd/templates/argocd-server/clusterrole.yaml @@ -48,6 +48,7 @@ rules: - apiGroups: - batch resources: + {{/* supports triggering jobs from UI */}} - jobs verbs: - create @@ -56,5 +57,6 @@ rules: resources: - workflows verbs: + {{/* supports triggering workflows from UI */}} - create {{- end }} From 736b82433918304b086aaa4401f84f366eecd8b9 Mon Sep 17 00:00:00 2001 From: Aikawa Date: Fri, 15 Sep 2023 19:47:59 +0900 Subject: [PATCH 310/356] fix(argo-cd): Align redis-ha's affinity type to upstream due to warnings (#2270) Signed-off-by: yu-croco --- charts/argo-cd/Chart.yaml | 6 +++--- charts/argo-cd/README.md | 4 ++-- charts/argo-cd/values.yaml | 4 ++-- 3 files changed, 7 insertions(+), 7 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index b56bf88fe..49d2233c9 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -3,7 +3,7 @@ appVersion: v2.8.4 kubeVersion: ">=1.23.0-0" description: A Helm chart for Argo CD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 5.46.3 +version: 5.46.4 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png sources: @@ -26,5 +26,5 @@ annotations: fingerprint: 2B8F22F57260EFA67BE1C5824B11F800CD9D2252 url: https://argoproj.github.io/argo-helm/pgp_keys.asc artifacthub.io/changes: | - - kind: changed - description: Upgrade Argo CD to v2.8.4 + - kind: fixed + description: Align redis-ha's affinity type to upstream due to warnings diff --git a/charts/argo-cd/README.md b/charts/argo-cd/README.md index abb6be29e..bb51d130b 100644 --- a/charts/argo-cd/README.md +++ b/charts/argo-cd/README.md @@ -1000,13 +1000,13 @@ The main options are listed here: | Key | Type | Default | Description | |-----|------|---------|-------------| | redis-ha.additionalAffinities | object | `{}` | Additional affinities to add to the Redis server pods. | -| redis-ha.affinity | object | `{}` | Assign custom [affinity] rules to the Redis pods. | +| redis-ha.affinity | string | `""` | Assign custom [affinity] rules to the Redis pods. | | redis-ha.enabled | bool | `false` | Enables the Redis HA subchart and disables the custom Redis single node deployment | | redis-ha.exporter.enabled | bool | `false` | Enable Prometheus redis-exporter sidecar | | redis-ha.exporter.image | string | `"public.ecr.aws/bitnami/redis-exporter"` | Repository to use for the redis-exporter | | redis-ha.exporter.tag | string | `"1.53.0"` | Tag to use for the redis-exporter | | redis-ha.haproxy.additionalAffinities | object | `{}` | Additional affinities to add to the haproxy pods. | -| redis-ha.haproxy.affinity | object | `{}` | Assign custom [affinity] rules to the haproxy pods. | +| redis-ha.haproxy.affinity | string | `""` | Assign custom [affinity] rules to the haproxy pods. | | redis-ha.haproxy.enabled | bool | `true` | Enabled HAProxy LoadBalancing/Proxy | | redis-ha.haproxy.hardAntiAffinity | bool | `true` | Whether the haproxy pods should be forced to run on separate nodes. | | redis-ha.haproxy.metrics.enabled | bool | `true` | HAProxy enable prometheus metric scraping | diff --git a/charts/argo-cd/values.yaml b/charts/argo-cd/values.yaml index 22dcfcc63..fb078ac65 100644 --- a/charts/argo-cd/values.yaml +++ b/charts/argo-cd/values.yaml @@ -1415,7 +1415,7 @@ redis-ha: # -- Additional affinities to add to the haproxy pods. additionalAffinities: {} # -- Assign custom [affinity] rules to the haproxy pods. - affinity: {} + affinity: | # -- [Tolerations] for use with node taints for haproxy pods. tolerations: [] @@ -1426,7 +1426,7 @@ redis-ha: additionalAffinities: {} # -- Assign custom [affinity] rules to the Redis pods. - affinity: {} + affinity: | # -- [Tolerations] for use with node taints for Redis pods. tolerations: [] From 8d00bec86ebb64f2bbd428e3aaaf535e708ed5e8 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Sat, 16 Sep 2023 07:15:00 -0500 Subject: [PATCH 311/356] chore(deps): bump docker/login-action from 2.2.0 to 3.0.0 (#2271) --- .github/workflows/publish.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/publish.yml b/.github/workflows/publish.yml index 0c8f7cbf0..07319d36c 100644 --- a/.github/workflows/publish.yml +++ b/.github/workflows/publish.yml @@ -65,7 +65,7 @@ jobs: CR_TOKEN: "${{ secrets.GITHUB_TOKEN }}" - name: Login to GHCR - uses: docker/login-action@465a07811f14bebb1938fbed4728c6a1ff8901fc # v2.2.0 + uses: docker/login-action@343f7c4344506bcbf9b4de18042ae17996df046d # v3.0.0 with: registry: ghcr.io username: ${{ github.actor }} From 5626d0536f6f3e43273d2efa3b98641e29dcb4aa Mon Sep 17 00:00:00 2001 From: Mats Willemsen <60099717+ma-ts@users.noreply.github.com> Date: Mon, 18 Sep 2023 15:21:36 +0200 Subject: [PATCH 312/356] fix(argo-cd): make ServiceMonitor annotations in ArgoCD server conditional (#2273) * fix: add argocd servicemonitor annotations conditionally Signed-off-by: Mats Willemsen * chore(argo-cd): add changelog Signed-off-by: Mats Willemsen --------- Signed-off-by: Mats Willemsen --- charts/argo-cd/Chart.yaml | 4 ++-- charts/argo-cd/templates/argocd-server/servicemonitor.yaml | 6 +++--- 2 files changed, 5 insertions(+), 5 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index 49d2233c9..9b423e8f0 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -3,7 +3,7 @@ appVersion: v2.8.4 kubeVersion: ">=1.23.0-0" description: A Helm chart for Argo CD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 5.46.4 +version: 5.46.5 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png sources: @@ -27,4 +27,4 @@ annotations: url: https://argoproj.github.io/argo-helm/pgp_keys.asc artifacthub.io/changes: | - kind: fixed - description: Align redis-ha's affinity type to upstream due to warnings + description: fixed issue with argocd-server servicemonitor annotation attribute being added even when no annotations where defined diff --git a/charts/argo-cd/templates/argocd-server/servicemonitor.yaml b/charts/argo-cd/templates/argocd-server/servicemonitor.yaml index f876a1a18..d036a8e17 100644 --- a/charts/argo-cd/templates/argocd-server/servicemonitor.yaml +++ b/charts/argo-cd/templates/argocd-server/servicemonitor.yaml @@ -12,10 +12,10 @@ metadata: {{- with .Values.server.metrics.serviceMonitor.additionalLabels }} {{- toYaml . | nindent 4 }} {{- end }} + {{- with .Values.server.metrics.serviceMonitor.annotations }} annotations: - {{- range $key, $value := .Values.server.metrics.serviceMonitor.annotations }} - {{ $key }}: {{ $value | quote }} - {{- end }} + {{- toYaml . | nindent 4 }} + {{- end }} spec: endpoints: - port: {{ .Values.server.metrics.service.portName }} From 7a17fc2dc9688ce4db918079c13c83d8bd84c3d4 Mon Sep 17 00:00:00 2001 From: sibucan Date: Tue, 19 Sep 2023 05:01:42 -0400 Subject: [PATCH 313/356] fix(argo-cd): Add checksum for CMP ConfigMap in repo-server Pod annotations (#2275) Add checksum for CMP ConfigMap in repo-server This helm chart defines the plugins as ConfigMaps -- according to the docs, when the CM is modified, the repo-server Pod must be restarted to have the sidecars pick up the latest changes: https://argo-cd.readthedocs.io/en/stable/operator-manual/config-management-plugins/#debugging-a-cmp The changes in this helm chart allow for a checksum to be calculated from the ConfigMap and added as a Pod annotation so whenever the CM values are modified, the Pod is restarted automatically. Signed-off-by: sibucan --- charts/argo-cd/Chart.yaml | 4 ++-- charts/argo-cd/templates/argocd-repo-server/deployment.yaml | 3 +++ 2 files changed, 5 insertions(+), 2 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index 9b423e8f0..20d4f52a4 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -3,7 +3,7 @@ appVersion: v2.8.4 kubeVersion: ">=1.23.0-0" description: A Helm chart for Argo CD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 5.46.5 +version: 5.46.6 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png sources: @@ -27,4 +27,4 @@ annotations: url: https://argoproj.github.io/argo-helm/pgp_keys.asc artifacthub.io/changes: | - kind: fixed - description: fixed issue with argocd-server servicemonitor annotation attribute being added even when no annotations where defined + description: fixed repo-server deployment not restarting when a cmp configmap is modified diff --git a/charts/argo-cd/templates/argocd-repo-server/deployment.yaml b/charts/argo-cd/templates/argocd-repo-server/deployment.yaml index 3080c79fd..ea54e79d3 100755 --- a/charts/argo-cd/templates/argocd-repo-server/deployment.yaml +++ b/charts/argo-cd/templates/argocd-repo-server/deployment.yaml @@ -33,6 +33,9 @@ spec: {{- if (hasKey .Values.server "configEnabled") | ternary .Values.server.configEnabled .Values.configs.cm.create }} checksum/cm: {{ include (print $.Template.BasePath "/argocd-configs/argocd-cm.yaml") . | sha256sum }} {{- end }} + {{- if .Values.configs.cmp.create }} + checksum/cmp-cm: {{ include (print $.Template.BasePath "/argocd-configs/argocd-cmp-cm.yaml") . | sha256sum }} + {{- end }} {{- with (mergeOverwrite (deepCopy .Values.global.podAnnotations) .Values.repoServer.podAnnotations) }} {{- range $key, $value := . }} {{ $key }}: {{ $value | quote }} From 2a5bbf5cefdf8546bbf612ecf59c898996492142 Mon Sep 17 00:00:00 2001 From: Pieter <110168856+Pionerd@users.noreply.github.com> Date: Fri, 22 Sep 2023 17:39:58 +0200 Subject: [PATCH 314/356] fix(argo-cd): Redis to 7.0.13 to fix CVE-2022-48174 (#2279) * Redis to 7.0.13 Signed-off-by: Pieter van der Giessen * changelog Signed-off-by: Pieter van der Giessen --------- Signed-off-by: Pieter van der Giessen --- charts/argo-cd/Chart.yaml | 6 +++--- charts/argo-cd/README.md | 4 ++-- charts/argo-cd/values.yaml | 4 ++-- 3 files changed, 7 insertions(+), 7 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index 20d4f52a4..1bfed795c 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -3,7 +3,7 @@ appVersion: v2.8.4 kubeVersion: ">=1.23.0-0" description: A Helm chart for Argo CD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 5.46.6 +version: 5.46.7 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png sources: @@ -26,5 +26,5 @@ annotations: fingerprint: 2B8F22F57260EFA67BE1C5824B11F800CD9D2252 url: https://argoproj.github.io/argo-helm/pgp_keys.asc artifacthub.io/changes: | - - kind: fixed - description: fixed repo-server deployment not restarting when a cmp configmap is modified + - kind: security + description: updated redis dependency to 7.0.13-alpine to fix CVE-2022-48174 diff --git a/charts/argo-cd/README.md b/charts/argo-cd/README.md index bb51d130b..166619712 100644 --- a/charts/argo-cd/README.md +++ b/charts/argo-cd/README.md @@ -947,7 +947,7 @@ server: | redis.extraContainers | list | `[]` | Additional containers to be added to the redis pod | | redis.image.imagePullPolicy | string | `""` (defaults to global.image.imagePullPolicy) | Redis image pull policy | | redis.image.repository | string | `"public.ecr.aws/docker/library/redis"` | Redis repository | -| redis.image.tag | string | `"7.0.11-alpine"` | Redis tag | +| redis.image.tag | string | `"7.0.13-alpine"` | Redis tag | | redis.imagePullSecrets | list | `[]` (defaults to global.imagePullSecrets) | Secrets with credentials to pull images from a private registry | | redis.initContainers | list | `[]` | Init containers to add to the redis pod | | redis.metrics.enabled | bool | `false` | Deploy metrics service | @@ -1013,7 +1013,7 @@ The main options are listed here: | redis-ha.haproxy.tolerations | list | `[]` | [Tolerations] for use with node taints for haproxy pods. | | redis-ha.hardAntiAffinity | bool | `true` | Whether the Redis server pods should be forced to run on separate nodes. | | redis-ha.image.repository | string | `"redis"` | Redis repository | -| redis-ha.image.tag | string | `"7.0.11-alpine"` | Redis tag | +| redis-ha.image.tag | string | `"7.0.13-alpine"` | Redis tag | | redis-ha.persistentVolume.enabled | bool | `false` | Configures persistence on Redis nodes | | redis-ha.redis.config | object | See [values.yaml] | Any valid redis config options in this section will be applied to each server (see `redis-ha` chart) | | redis-ha.redis.config.save | string | `'""'` | Will save the DB if both the given number of seconds and the given number of write operations against the DB occurred. `""` is disabled | diff --git a/charts/argo-cd/values.yaml b/charts/argo-cd/values.yaml index fb078ac65..fed4e97c4 100644 --- a/charts/argo-cd/values.yaml +++ b/charts/argo-cd/values.yaml @@ -1162,7 +1162,7 @@ redis: # -- Redis repository repository: public.ecr.aws/docker/library/redis # -- Redis tag - tag: 7.0.11-alpine + tag: 7.0.13-alpine # -- Redis image pull policy # @default -- `""` (defaults to global.image.imagePullPolicy) imagePullPolicy: "" @@ -1381,7 +1381,7 @@ redis-ha: # -- Redis repository repository: redis # -- Redis tag - tag: 7.0.11-alpine + tag: 7.0.13-alpine ## Prometheus redis-exporter sidecar exporter: # -- Enable Prometheus redis-exporter sidecar From 03c1be1c6d92eae55a77b4d691dcdb470f8c68c9 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Sat, 23 Sep 2023 20:45:16 +0900 Subject: [PATCH 315/356] chore(deps): bump actions/checkout from 4.0.0 to 4.1.0 (#2280) Bumps [actions/checkout](https://github.com/actions/checkout) from 4.0.0 to 4.1.0. - [Release notes](https://github.com/actions/checkout/releases) - [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md) - [Commits](https://github.com/actions/checkout/compare/3df4ab11eba7bda6032a0b82a6bb43b11571feac...8ade135a41bc03ea155e62e844d188df1ea18608) --- updated-dependencies: - dependency-name: actions/checkout dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> --- .github/workflows/lint-and-test.yml | 4 ++-- .github/workflows/publish.yml | 2 +- .github/workflows/scorecard.yml | 2 +- 3 files changed, 4 insertions(+), 4 deletions(-) diff --git a/.github/workflows/lint-and-test.yml b/.github/workflows/lint-and-test.yml index 52e4746b9..719651eda 100644 --- a/.github/workflows/lint-and-test.yml +++ b/.github/workflows/lint-and-test.yml @@ -13,7 +13,7 @@ jobs: options: --user 1001 steps: - name: Checkout - uses: actions/checkout@3df4ab11eba7bda6032a0b82a6bb43b11571feac # v4.0.0 + uses: actions/checkout@8ade135a41bc03ea155e62e844d188df1ea18608 # v4.1.0 - name: Run ah lint working-directory: ./charts run: ah lint @@ -22,7 +22,7 @@ jobs: runs-on: ubuntu-latest steps: - name: Checkout - uses: actions/checkout@3df4ab11eba7bda6032a0b82a6bb43b11571feac # v4.0.0 + uses: actions/checkout@8ade135a41bc03ea155e62e844d188df1ea18608 # v4.1.0 with: fetch-depth: 0 diff --git a/.github/workflows/publish.yml b/.github/workflows/publish.yml index 07319d36c..99f0698d0 100644 --- a/.github/workflows/publish.yml +++ b/.github/workflows/publish.yml @@ -18,7 +18,7 @@ jobs: runs-on: ubuntu-latest steps: - name: Checkout - uses: actions/checkout@3df4ab11eba7bda6032a0b82a6bb43b11571feac # v4.0.0 + uses: actions/checkout@8ade135a41bc03ea155e62e844d188df1ea18608 # v4.1.0 with: fetch-depth: 0 diff --git a/.github/workflows/scorecard.yml b/.github/workflows/scorecard.yml index 8a924219d..a02eda747 100644 --- a/.github/workflows/scorecard.yml +++ b/.github/workflows/scorecard.yml @@ -33,7 +33,7 @@ jobs: steps: - name: "Checkout code" - uses: actions/checkout@3df4ab11eba7bda6032a0b82a6bb43b11571feac # v4.0.0 + uses: actions/checkout@8ade135a41bc03ea155e62e844d188df1ea18608 # v4.1.0 with: persist-credentials: false From c12047fedaedbbc872602ee884abd422afc8da79 Mon Sep 17 00:00:00 2001 From: Yaroslav Drachenko Date: Tue, 26 Sep 2023 13:16:19 +0300 Subject: [PATCH 316/356] update argo-cd to v2.8.1-cap-CR-player-and-vuln-fix (#22) --- charts/argo-cd/Chart.yaml | 8 +++----- 1 file changed, 3 insertions(+), 5 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index b7b943018..9bb1c64af 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -1,9 +1,9 @@ apiVersion: v2 -appVersion: v2.8.1-cap-CR-20116-rollout-sync-sha +appVersion: v2.8.1-cap-CR-player-and-vuln-fix kubeVersion: ">=1.23.0-0" description: A Helm chart for Argo CD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 5.46.2-1-cap-CR-20116 +version: 5.46.2-2-cap-CR-player-and-vuln-fix home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png sources: @@ -27,6 +27,4 @@ annotations: url: https://argoproj.github.io/argo-helm/pgp_keys.asc artifacthub.io/changes: | - kind: changed - description: Update to upstream 5.46.2 - - kind: changed - description: Update ArgoCD version to v2.8.1-cap-CR-20116-rollout-sync-sha + description: Update ArgoCD version to v2.8.1-cap-CR-player-and-vuln-fix From 82081bce8ca4491a2a03e08dc04eec4f72c635cc Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Sat, 30 Sep 2023 22:53:47 -0500 Subject: [PATCH 317/356] chore(deps): bump amannn/action-semantic-pull-request from 5.2.0 to 5.3.0 (#2284) --- .github/workflows/pr-title.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/pr-title.yml b/.github/workflows/pr-title.yml index 2d45de124..be77f1aef 100644 --- a/.github/workflows/pr-title.yml +++ b/.github/workflows/pr-title.yml @@ -19,7 +19,7 @@ jobs: name: Validate PR title runs-on: ubuntu-latest steps: - - uses: amannn/action-semantic-pull-request@c3cd5d1ea3580753008872425915e343e351ab54 # v5.2.0 + - uses: amannn/action-semantic-pull-request@47b15d52c5c30e94a17ec87eb8dd51ff5221fed9 # v5.3.0 env: GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} with: From 3776b30e2a2bf1be80bbd28cdc01e561742dc590 Mon Sep 17 00:00:00 2001 From: pashakostohrys Date: Wed, 4 Oct 2023 13:29:50 +0300 Subject: [PATCH 318/356] feat: update argocd to v2.8.1-cap-CR-not-setup-kustomize-ns version --- charts/argo-cd/Chart.yaml | 6 +++--- charts/argo-cd/values.yaml | 3 +++ 2 files changed, 6 insertions(+), 3 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index 9bb1c64af..f3a562ba4 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -1,9 +1,9 @@ apiVersion: v2 -appVersion: v2.8.1-cap-CR-player-and-vuln-fix +appVersion: v2.8.1-cap-CR-not-setup-kustomize-ns kubeVersion: ">=1.23.0-0" description: A Helm chart for Argo CD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 5.46.2-2-cap-CR-player-and-vuln-fix +version: 5.46.2-3-cap-CR-not-setup-kustomize-ns home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png sources: @@ -27,4 +27,4 @@ annotations: url: https://argoproj.github.io/argo-helm/pgp_keys.asc artifacthub.io/changes: | - kind: changed - description: Update ArgoCD version to v2.8.1-cap-CR-player-and-vuln-fix + description: Update ArgoCD version to v2.8.1-cap-CR-not-setup-kustomize-ns diff --git a/charts/argo-cd/values.yaml b/charts/argo-cd/values.yaml index f54e6889f..50a4ee6e4 100644 --- a/charts/argo-cd/values.yaml +++ b/charts/argo-cd/values.yaml @@ -172,6 +172,9 @@ configs: ## Ref: https://argo-cd.readthedocs.io/en/latest/operator-manual/rbac/#exec-resource exec.enabled: false + # -- Enable set namespace during kustomize build + kustomize.setNamespace.enabled: false + # -- Enable local admin user ## Ref: https://argo-cd.readthedocs.io/en/latest/faq/#how-to-disable-admin-user admin.enabled: true From 74766d4b400c090ac22e0beb60d3a75da2a0c2d9 Mon Sep 17 00:00:00 2001 From: pashakostohrys Date: Wed, 4 Oct 2023 13:34:58 +0300 Subject: [PATCH 319/356] add kustomize.setNamespace.enabled param in readme --- charts/argo-cd/README.md | 1 + 1 file changed, 1 insertion(+) diff --git a/charts/argo-cd/README.md b/charts/argo-cd/README.md index 982ee13da..3e3e4c385 100644 --- a/charts/argo-cd/README.md +++ b/charts/argo-cd/README.md @@ -436,6 +436,7 @@ NAME: my-release | configs.cm."admin.enabled" | bool | `true` | Enable local admin user | | configs.cm."application.instanceLabelKey" | string | Defaults to app.kubernetes.io/instance | The name of tracking label used by Argo CD for resource pruning | | configs.cm."exec.enabled" | bool | `false` | Enable exec feature in Argo UI | +| configs.cm."kustomize.setNamespace.enabled" | bool | `true` | Enable set namespace during kustomize build | | configs.cm."server.rbac.log.enforce.enable" | bool | `false` | Enable logs RBAC enforcement | | configs.cm."timeout.hard.reconciliation" | string | `"0s"` | Timeout to refresh application data as well as target manifests cache | | configs.cm."timeout.reconciliation" | string | `"180s"` | Timeout to discover if a new manifests version got published to the repository | From 61b50b1adc7068b3b89c87afd7b85b2e8dfa909f Mon Sep 17 00:00:00 2001 From: pashakostohrys Date: Wed, 4 Oct 2023 13:37:02 +0300 Subject: [PATCH 320/356] add kustomize.setNamespace.enabled param in readme --- charts/argo-cd/README.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/charts/argo-cd/README.md b/charts/argo-cd/README.md index 3e3e4c385..7c35ff9d8 100644 --- a/charts/argo-cd/README.md +++ b/charts/argo-cd/README.md @@ -436,7 +436,7 @@ NAME: my-release | configs.cm."admin.enabled" | bool | `true` | Enable local admin user | | configs.cm."application.instanceLabelKey" | string | Defaults to app.kubernetes.io/instance | The name of tracking label used by Argo CD for resource pruning | | configs.cm."exec.enabled" | bool | `false` | Enable exec feature in Argo UI | -| configs.cm."kustomize.setNamespace.enabled" | bool | `true` | Enable set namespace during kustomize build | +| configs.cm."kustomize.setNamespace.enabled" | bool | `false` | Enable set namespace during kustomize build | | configs.cm."server.rbac.log.enforce.enable" | bool | `false` | Enable logs RBAC enforcement | | configs.cm."timeout.hard.reconciliation" | string | `"0s"` | Timeout to refresh application data as well as target manifests cache | | configs.cm."timeout.reconciliation" | string | `"180s"` | Timeout to discover if a new manifests version got published to the repository | From e9f6b1a8b48c499b8124df1b7d1db33dad979974 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Sat, 7 Oct 2023 07:19:01 -0500 Subject: [PATCH 321/356] chore(deps): bump ossf/scorecard-action from 2.2.0 to 2.3.0 (#2290) --- .github/workflows/scorecard.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/scorecard.yml b/.github/workflows/scorecard.yml index a02eda747..b1dc3b042 100644 --- a/.github/workflows/scorecard.yml +++ b/.github/workflows/scorecard.yml @@ -38,7 +38,7 @@ jobs: persist-credentials: false - name: "Run analysis" - uses: ossf/scorecard-action@08b4669551908b1024bb425080c797723083c031 # v2.2.0 + uses: ossf/scorecard-action@483ef80eb98fb506c348f7d62e28055e49fe2398 # v2.3.0 with: results_file: results.sarif results_format: sarif From 37069f92c953a7e1da2e281d4fdab9b368b737da Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Sat, 7 Oct 2023 07:37:13 -0500 Subject: [PATCH 322/356] chore(deps): bump actions/setup-python from 4.7.0 to 4.7.1 (#2289) --- .github/workflows/lint-and-test.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/lint-and-test.yml b/.github/workflows/lint-and-test.yml index 719651eda..9ac90a30d 100644 --- a/.github/workflows/lint-and-test.yml +++ b/.github/workflows/lint-and-test.yml @@ -32,7 +32,7 @@ jobs: version: v3.10.1 # Also update in publish.yaml - name: Set up python - uses: actions/setup-python@61a6322f88396a6271a6ee3565807d608ecaddd1 # v4.7.0 + uses: actions/setup-python@65d7f2d534ac1bc67fcd62888c5f4f3d2cb2b236 # v4.7.1 with: python-version: 3.9 From 052454f23392d957e8374aaffc5005baba211bd5 Mon Sep 17 00:00:00 2001 From: "Marco Maurer (-Kilchhofer)" Date: Thu, 12 Oct 2023 11:50:51 +0200 Subject: [PATCH 323/356] fix(argo-cd): Sync redis / redis-ha readOnlyRootFilesystem from upstream (#2294) Signed-off-by: Marco Maurer --- charts/argo-cd/Chart.yaml | 6 +++--- charts/argo-cd/README.md | 2 ++ charts/argo-cd/values.yaml | 10 ++++++++++ 3 files changed, 15 insertions(+), 3 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index 1bfed795c..5f4379441 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -3,7 +3,7 @@ appVersion: v2.8.4 kubeVersion: ">=1.23.0-0" description: A Helm chart for Argo CD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 5.46.7 +version: 5.46.8 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png sources: @@ -26,5 +26,5 @@ annotations: fingerprint: 2B8F22F57260EFA67BE1C5824B11F800CD9D2252 url: https://argoproj.github.io/argo-helm/pgp_keys.asc artifacthub.io/changes: | - - kind: security - description: updated redis dependency to 7.0.13-alpine to fix CVE-2022-48174 + - kind: fixed + description: Sync redis / redis-ha readOnlyRootFilesystem=true option from upstream. This was part of Argo CD 2.8.0. diff --git a/charts/argo-cd/README.md b/charts/argo-cd/README.md index 166619712..b2101038f 100644 --- a/charts/argo-cd/README.md +++ b/charts/argo-cd/README.md @@ -1001,12 +1001,14 @@ The main options are listed here: |-----|------|---------|-------------| | redis-ha.additionalAffinities | object | `{}` | Additional affinities to add to the Redis server pods. | | redis-ha.affinity | string | `""` | Assign custom [affinity] rules to the Redis pods. | +| redis-ha.containerSecurityContext | object | See [values.yaml] | Redis HA statefulset container-level security context | | redis-ha.enabled | bool | `false` | Enables the Redis HA subchart and disables the custom Redis single node deployment | | redis-ha.exporter.enabled | bool | `false` | Enable Prometheus redis-exporter sidecar | | redis-ha.exporter.image | string | `"public.ecr.aws/bitnami/redis-exporter"` | Repository to use for the redis-exporter | | redis-ha.exporter.tag | string | `"1.53.0"` | Tag to use for the redis-exporter | | redis-ha.haproxy.additionalAffinities | object | `{}` | Additional affinities to add to the haproxy pods. | | redis-ha.haproxy.affinity | string | `""` | Assign custom [affinity] rules to the haproxy pods. | +| redis-ha.haproxy.containerSecurityContext | object | See [values.yaml] | HAProxy container-level security context | | redis-ha.haproxy.enabled | bool | `true` | Enabled HAProxy LoadBalancing/Proxy | | redis-ha.haproxy.hardAntiAffinity | bool | `true` | Whether the haproxy pods should be forced to run on separate nodes. | | redis-ha.haproxy.metrics.enabled | bool | `true` | HAProxy enable prometheus metric scraping | diff --git a/charts/argo-cd/values.yaml b/charts/argo-cd/values.yaml index fed4e97c4..b029dfaab 100644 --- a/charts/argo-cd/values.yaml +++ b/charts/argo-cd/values.yaml @@ -1279,6 +1279,7 @@ redis: # -- Redis container-level security context # @default -- See [values.yaml] containerSecurityContext: + readOnlyRootFilesystem: true allowPrivilegeEscalation: false capabilities: drop: @@ -1416,8 +1417,13 @@ redis-ha: additionalAffinities: {} # -- Assign custom [affinity] rules to the haproxy pods. affinity: | + # -- [Tolerations] for use with node taints for haproxy pods. tolerations: [] + # -- HAProxy container-level security context + # @default -- See [values.yaml] + containerSecurityContext: + readOnlyRootFilesystem: true # -- Whether the Redis server pods should be forced to run on separate nodes. hardAntiAffinity: true @@ -1445,6 +1451,10 @@ redis-ha: # -- Enforcement policy, hard or soft # @default -- `""` (defaults to `ScheduleAnyway`) whenUnsatisfiable: "" + # -- Redis HA statefulset container-level security context + # @default -- See [values.yaml] + containerSecurityContext: + readOnlyRootFilesystem: true # External Redis parameters externalRedis: From 2730dc24c7ad69b98d3206705a5ebf5cb34dd96b Mon Sep 17 00:00:00 2001 From: Aikawa Date: Thu, 12 Oct 2023 23:14:41 +0900 Subject: [PATCH 324/356] feat(argo-workflows): Configure declarative server auth mode (#2291) --- charts/argo-workflows/Chart.yaml | 6 +++--- charts/argo-workflows/README.md | 5 +++-- .../templates/server/server-deployment.yaml | 3 +++ charts/argo-workflows/values.yaml | 16 +++++++--------- 4 files changed, 16 insertions(+), 14 deletions(-) diff --git a/charts/argo-workflows/Chart.yaml b/charts/argo-workflows/Chart.yaml index 85de8f7e5..3b1a60bd8 100644 --- a/charts/argo-workflows/Chart.yaml +++ b/charts/argo-workflows/Chart.yaml @@ -3,7 +3,7 @@ appVersion: v3.4.11 name: argo-workflows description: A Helm chart for Argo Workflows type: application -version: 0.33.3 +version: 0.34.0 icon: https://argoproj.github.io/argo-workflows/assets/logo.png home: https://github.com/argoproj/argo-helm sources: @@ -16,5 +16,5 @@ annotations: fingerprint: 2B8F22F57260EFA67BE1C5824B11F800CD9D2252 url: https://argoproj.github.io/argo-helm/pgp_keys.asc artifacthub.io/changes: | - - kind: fixed - description: Add HA docs and example + - kind: changed + description: Configure declarative server auth mode. diff --git a/charts/argo-workflows/README.md b/charts/argo-workflows/README.md index 732baecdd..d5485a589 100644 --- a/charts/argo-workflows/README.md +++ b/charts/argo-workflows/README.md @@ -256,6 +256,7 @@ Fields to note: | server.GKEmanagedCertificate.domains | list | `["argoworkflows.example.com"]` | Domains for the Google Managed Certificate | | server.GKEmanagedCertificate.enabled | bool | `false` | Enable ManagedCertificate custom resource for Google Kubernetes Engine. | | server.affinity | object | `{}` | Assign custom [affinity] rules | +| server.authMode | string | `""` | Auth Mode is available from `server` , `client` or `sso`. If you chose `sso` , please configure `.Values.server.sso` as well. | | server.autoscaling.behavior | object | `{}` | Configures the scaling behavior of the target in both Up and Down directions. This is only available on HPA apiVersion `autoscaling/v2beta2` and newer | | server.autoscaling.enabled | bool | `false` | Enable Horizontal Pod Autoscaler ([HPA]) for the Argo Server | | server.autoscaling.maxReplicas | int | `5` | Maximum number of replicas for the Argo Server [HPA] | @@ -267,7 +268,7 @@ Fields to note: | server.clusterWorkflowTemplates.enabled | bool | `true` | Create a ClusterRole and CRB for the server to access ClusterWorkflowTemplates. | | server.deploymentAnnotations | object | `{}` | optional map of annotations to be applied to the ui Deployment | | server.enabled | bool | `true` | Deploy the Argo Server | -| server.extraArgs | list | `[]` | Extra arguments to provide to the Argo server binary, such as for disabling authentication. | +| server.extraArgs | list | `[]` | Extra arguments to provide to the Argo server binary. | | server.extraContainers | list | `[]` | Extra containers to be added to the server deployment | | server.extraEnv | list | `[]` | Extra environment variables to provide to the argo-server container | | server.extraInitContainers | list | `[]` | Enables init containers to be added to the server deployment | @@ -315,7 +316,7 @@ Fields to note: | server.sso.clientSecret.key | string | `"client-secret"` | Key of a secret to retrieve the app OIDC client secret | | server.sso.clientSecret.name | string | `"argo-server-sso"` | Name of a secret to retrieve the app OIDC client secret | | server.sso.customGroupClaimName | string | `""` | Override claim name for OIDC groups | -| server.sso.enabled | bool | `false` | Create SSO configuration | +| server.sso.enabled | bool | `false` | Create SSO configuration. If you set `true` , please also set `.Values.server.authMode` as `sso`. | | server.sso.insecureSkipVerify | bool | `false` | Skip TLS verification for the HTTP client | | server.sso.issuer | string | `"https://accounts.google.com"` | The root URL of the OIDC identity provider | | server.sso.issuerAlias | string | `""` | Alternate root URLs that can be included for some OIDC providers | diff --git a/charts/argo-workflows/templates/server/server-deployment.yaml b/charts/argo-workflows/templates/server/server-deployment.yaml index b2e509677..cea885da7 100644 --- a/charts/argo-workflows/templates/server/server-deployment.yaml +++ b/charts/argo-workflows/templates/server/server-deployment.yaml @@ -52,6 +52,9 @@ spec: {{- with .Values.server.extraArgs }} {{- toYaml . | nindent 10 }} {{- end }} + {{- if .Values.server.authMode }} + - "--auth-mode={{ .Values.server.authMode }}" + {{- end }} - "--secure={{ .Values.server.secure }}" {{- if .Values.singleNamespace }} - "--namespaced" diff --git a/charts/argo-workflows/values.yaml b/charts/argo-workflows/values.yaml index d6d224646..1d1e60b85 100644 --- a/charts/argo-workflows/values.yaml +++ b/charts/argo-workflows/values.yaml @@ -522,14 +522,13 @@ server: # - name: FOO # value: "bar" - # -- Extra arguments to provide to the Argo server binary, such as for disabling authentication. + # -- Auth Mode is available from `server` , `client` or `sso`. If you chose `sso` , please configure `.Values.server.sso` as well. + ## Ref: https://argoproj.github.io/argo-workflows/argo-server-auth-mode/ + authMode: "" + + # -- Extra arguments to provide to the Argo server binary. + ## Ref: https://argoproj.github.io/argo-workflows/argo-server/#options extraArgs: [] - # If you want to disable authentication for purposes such as: - # - local dev-mode without authentication - # - gateway authentication through some other service such as KeyCloak - # uncomment the lines below and comment out the default empty list `extraArgs: []` above: - # extraArgs: - # - --auth-mode=server logging: # -- Set the logging level (one of: `debug`, `info`, `warn`, `error`) @@ -631,8 +630,7 @@ server: # SSO configuration when SSO is specified as a server auth mode. sso: - # -- Create SSO configuration - ## SSO is activated by adding --auth-mode=sso to the server command line. + # -- Create SSO configuration. If you set `true` , please also set `.Values.server.authMode` as `sso`. enabled: false # -- The root URL of the OIDC identity provider issuer: https://accounts.google.com From df9ee892b50b930e9ddd541b15298d7a59c80a4e Mon Sep 17 00:00:00 2001 From: Jason Meridth Date: Fri, 13 Oct 2023 16:59:02 -0500 Subject: [PATCH 325/356] chore(argo-workflows): Upgrade argo-workflows to 3.5.0 (#2228) Diff based on the rc1 branch currently here [3.4.10...3.5.0](https://github.com/argoproj/argo-workflows/compare/v3.4.10...v3.5.0) Signed-off-by: jmeridth --- charts/argo-workflows/Chart.yaml | 6 +++--- .../crds/argoproj.io_workflowtaskresults.yaml | 13 +++++++++++++ 2 files changed, 16 insertions(+), 3 deletions(-) diff --git a/charts/argo-workflows/Chart.yaml b/charts/argo-workflows/Chart.yaml index 3b1a60bd8..79c898f5a 100644 --- a/charts/argo-workflows/Chart.yaml +++ b/charts/argo-workflows/Chart.yaml @@ -1,9 +1,9 @@ apiVersion: v2 -appVersion: v3.4.11 +appVersion: v3.5.0 name: argo-workflows description: A Helm chart for Argo Workflows type: application -version: 0.34.0 +version: 0.35.0 icon: https://argoproj.github.io/argo-workflows/assets/logo.png home: https://github.com/argoproj/argo-helm sources: @@ -17,4 +17,4 @@ annotations: url: https://argoproj.github.io/argo-helm/pgp_keys.asc artifacthub.io/changes: | - kind: changed - description: Configure declarative server auth mode. + description: Upgrade to Argo Workflows v3.4.10 diff --git a/charts/argo-workflows/templates/crds/argoproj.io_workflowtaskresults.yaml b/charts/argo-workflows/templates/crds/argoproj.io_workflowtaskresults.yaml index e9bb93f69..861f1df8f 100644 --- a/charts/argo-workflows/templates/crds/argoproj.io_workflowtaskresults.yaml +++ b/charts/argo-workflows/templates/crds/argoproj.io_workflowtaskresults.yaml @@ -441,6 +441,8 @@ spec: type: object securityToken: type: string + useSDKCreds: + type: boolean required: - key type: object @@ -470,6 +472,17 @@ spec: type: object bucket: type: string + caSecret: + properties: + key: + type: string + name: + type: string + optional: + type: boolean + required: + - key + type: object createBucketIfNotPresent: properties: objectLocking: From 8c72bed7796333c6f50277b58987721f5f6d818b Mon Sep 17 00:00:00 2001 From: Koen van Zuijlen <8818390+kvanzuijlen@users.noreply.github.com> Date: Tue, 17 Oct 2023 17:40:33 +0200 Subject: [PATCH 326/356] feat(argo-workflows): Added commonLabels (#2300) --- charts/argo-workflows/Chart.yaml | 6 +++--- charts/argo-workflows/README.md | 1 + charts/argo-workflows/templates/_helpers.tpl | 3 +++ charts/argo-workflows/values.yaml | 3 +++ 4 files changed, 10 insertions(+), 3 deletions(-) diff --git a/charts/argo-workflows/Chart.yaml b/charts/argo-workflows/Chart.yaml index 79c898f5a..babc96c56 100644 --- a/charts/argo-workflows/Chart.yaml +++ b/charts/argo-workflows/Chart.yaml @@ -3,7 +3,7 @@ appVersion: v3.5.0 name: argo-workflows description: A Helm chart for Argo Workflows type: application -version: 0.35.0 +version: 0.36.0 icon: https://argoproj.github.io/argo-workflows/assets/logo.png home: https://github.com/argoproj/argo-helm sources: @@ -16,5 +16,5 @@ annotations: fingerprint: 2B8F22F57260EFA67BE1C5824B11F800CD9D2252 url: https://argoproj.github.io/argo-helm/pgp_keys.asc artifacthub.io/changes: | - - kind: changed - description: Upgrade to Argo Workflows v3.4.10 + - kind: added + description: added support for commonLabels diff --git a/charts/argo-workflows/README.md b/charts/argo-workflows/README.md index d5485a589..31582fc4d 100644 --- a/charts/argo-workflows/README.md +++ b/charts/argo-workflows/README.md @@ -108,6 +108,7 @@ Fields to note: |-----|------|---------|-------------| | apiVersionOverrides.autoscaling | string | `""` | String to override apiVersion of autoscaling rendered by this helm chart | | apiVersionOverrides.cloudgoogle | string | `""` | String to override apiVersion of GKE resources rendered by this helm chart | +| commonLabels | object | `{}` | Labels to set on all resources | | crds.annotations | object | `{}` | Annotations to be added to all CRDs | | crds.install | bool | `true` | Install and upgrade CRDs | | crds.keep | bool | `true` | Keep CRDs on chart uninstall | diff --git a/charts/argo-workflows/templates/_helpers.tpl b/charts/argo-workflows/templates/_helpers.tpl index f81e6fc45..0713264fb 100644 --- a/charts/argo-workflows/templates/_helpers.tpl +++ b/charts/argo-workflows/templates/_helpers.tpl @@ -79,6 +79,9 @@ helm.sh/chart: {{ include "argo-workflows.chart" .context }} {{ include "argo-workflows.selectorLabels" (dict "context" .context "component" .component "name" .name) }} app.kubernetes.io/managed-by: {{ .context.Release.Service }} app.kubernetes.io/part-of: argo-workflows +{{- with .context.Values.commonLabels }} +{{ toYaml .}} +{{- end }} {{- end }} {{/* diff --git a/charts/argo-workflows/values.yaml b/charts/argo-workflows/values.yaml index 1d1e60b85..8d98b37ea 100644 --- a/charts/argo-workflows/values.yaml +++ b/charts/argo-workflows/values.yaml @@ -26,6 +26,9 @@ nameOverride: # -- String to fully override "argo-workflows.fullname" template fullnameOverride: +# -- Labels to set on all resources +commonLabels: {} + # -- Override the Kubernetes version, which is used to evaluate certain manifests kubeVersionOverride: "" From 575ee244b23fa96b9dc3f118fb97f5a6c5f76863 Mon Sep 17 00:00:00 2001 From: Jonathan Raymond Date: Tue, 17 Oct 2023 17:53:16 -0600 Subject: [PATCH 327/356] fix(argo-workflows): add all crds to aggregate-roles template (#2301) fix: add all crds to aggregate-roles Signed-off-by: Jonathan Raymond --- charts/argo-workflows/Chart.yaml | 6 +++--- .../controller/workflow-aggregate-roles.yaml | 18 ++++++++++++++++++ 2 files changed, 21 insertions(+), 3 deletions(-) diff --git a/charts/argo-workflows/Chart.yaml b/charts/argo-workflows/Chart.yaml index babc96c56..c90d54460 100644 --- a/charts/argo-workflows/Chart.yaml +++ b/charts/argo-workflows/Chart.yaml @@ -3,7 +3,7 @@ appVersion: v3.5.0 name: argo-workflows description: A Helm chart for Argo Workflows type: application -version: 0.36.0 +version: 0.36.1 icon: https://argoproj.github.io/argo-workflows/assets/logo.png home: https://github.com/argoproj/argo-helm sources: @@ -16,5 +16,5 @@ annotations: fingerprint: 2B8F22F57260EFA67BE1C5824B11F800CD9D2252 url: https://argoproj.github.io/argo-helm/pgp_keys.asc artifacthub.io/changes: | - - kind: added - description: added support for commonLabels + - kind: fixed + description: added all crds to aggregate-roles diff --git a/charts/argo-workflows/templates/controller/workflow-aggregate-roles.yaml b/charts/argo-workflows/templates/controller/workflow-aggregate-roles.yaml index 977bb86be..ca2ae93e3 100644 --- a/charts/argo-workflows/templates/controller/workflow-aggregate-roles.yaml +++ b/charts/argo-workflows/templates/controller/workflow-aggregate-roles.yaml @@ -20,6 +20,12 @@ rules: - cronworkflows/finalizers - clusterworkflowtemplates - clusterworkflowtemplates/finalizers + - workflowtasksets + - workflowtasksets/finalizers + - workflowtaskresults + - workflowtaskresults/finalizers + - workflowartifactgctasks + - workflowartifactgctasks/finalizers verbs: - get - list @@ -46,6 +52,12 @@ rules: - cronworkflows/finalizers - clusterworkflowtemplates - clusterworkflowtemplates/finalizers + - workflowtasksets + - workflowtasksets/finalizers + - workflowtaskresults + - workflowtaskresults/finalizers + - workflowartifactgctasks + - workflowartifactgctasks/finalizers verbs: - create - delete @@ -79,6 +91,12 @@ rules: - cronworkflows/finalizers - clusterworkflowtemplates - clusterworkflowtemplates/finalizers + - workflowtasksets + - workflowtasksets/finalizers + - workflowtaskresults + - workflowtaskresults/finalizers + - workflowartifactgctasks + - workflowartifactgctasks/finalizers verbs: - create - delete From 579b91fde33ef8e469817a3507853d8fb8058632 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Sat, 21 Oct 2023 07:48:41 -0500 Subject: [PATCH 328/356] chore(deps): bump actions/checkout from 4.1.0 to 4.1.1 (#2304) --- .github/workflows/lint-and-test.yml | 4 ++-- .github/workflows/publish.yml | 2 +- .github/workflows/scorecard.yml | 2 +- 3 files changed, 4 insertions(+), 4 deletions(-) diff --git a/.github/workflows/lint-and-test.yml b/.github/workflows/lint-and-test.yml index 9ac90a30d..bd97afe96 100644 --- a/.github/workflows/lint-and-test.yml +++ b/.github/workflows/lint-and-test.yml @@ -13,7 +13,7 @@ jobs: options: --user 1001 steps: - name: Checkout - uses: actions/checkout@8ade135a41bc03ea155e62e844d188df1ea18608 # v4.1.0 + uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1 - name: Run ah lint working-directory: ./charts run: ah lint @@ -22,7 +22,7 @@ jobs: runs-on: ubuntu-latest steps: - name: Checkout - uses: actions/checkout@8ade135a41bc03ea155e62e844d188df1ea18608 # v4.1.0 + uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1 with: fetch-depth: 0 diff --git a/.github/workflows/publish.yml b/.github/workflows/publish.yml index 99f0698d0..9d3a170fb 100644 --- a/.github/workflows/publish.yml +++ b/.github/workflows/publish.yml @@ -18,7 +18,7 @@ jobs: runs-on: ubuntu-latest steps: - name: Checkout - uses: actions/checkout@8ade135a41bc03ea155e62e844d188df1ea18608 # v4.1.0 + uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1 with: fetch-depth: 0 diff --git a/.github/workflows/scorecard.yml b/.github/workflows/scorecard.yml index b1dc3b042..64dd515ae 100644 --- a/.github/workflows/scorecard.yml +++ b/.github/workflows/scorecard.yml @@ -33,7 +33,7 @@ jobs: steps: - name: "Checkout code" - uses: actions/checkout@8ade135a41bc03ea155e62e844d188df1ea18608 # v4.1.0 + uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1 with: persist-credentials: false From 14e2e32bedf186c088da0804c262298ca771bc2f Mon Sep 17 00:00:00 2001 From: Aikawa Date: Tue, 24 Oct 2023 19:06:28 +0900 Subject: [PATCH 329/356] chore(argo-workflows): Add sample of PostgreSQL ssl entries in values.yaml (#2307) Signed-off-by: yu-croco --- charts/argo-workflows/Chart.yaml | 6 +++--- charts/argo-workflows/values.yaml | 4 ++++ 2 files changed, 7 insertions(+), 3 deletions(-) diff --git a/charts/argo-workflows/Chart.yaml b/charts/argo-workflows/Chart.yaml index c90d54460..4b42b7a5c 100644 --- a/charts/argo-workflows/Chart.yaml +++ b/charts/argo-workflows/Chart.yaml @@ -3,7 +3,7 @@ appVersion: v3.5.0 name: argo-workflows description: A Helm chart for Argo Workflows type: application -version: 0.36.1 +version: 0.36.2 icon: https://argoproj.github.io/argo-workflows/assets/logo.png home: https://github.com/argoproj/argo-helm sources: @@ -16,5 +16,5 @@ annotations: fingerprint: 2B8F22F57260EFA67BE1C5824B11F800CD9D2252 url: https://argoproj.github.io/argo-helm/pgp_keys.asc artifacthub.io/changes: | - - kind: fixed - description: added all crds to aggregate-roles + - kind: added + description: Add sample of PostgreSQL ssl entries in values.yaml diff --git a/charts/argo-workflows/values.yaml b/charts/argo-workflows/values.yaml index 8d98b37ea..84cd8aef1 100644 --- a/charts/argo-workflows/values.yaml +++ b/charts/argo-workflows/values.yaml @@ -161,6 +161,10 @@ controller: # passwordSecret: # name: argo-postgres-config # key: password + # ssl: true + # # sslMode must be one of: disable, require, verify-ca, verify-full + # # you can find more information about those ssl options here: https://godoc.org/github.com/lib/pq + # sslMode: require # -- Default values that will apply to all Workflows from this controller, unless overridden on the Workflow-level. # Only valid for 2.7+ From a67424d0c43cf0231d77fb1e086fba0a686094f7 Mon Sep 17 00:00:00 2001 From: Ujin <592652+evgeniy-khatko@users.noreply.github.com> Date: Tue, 24 Oct 2023 08:34:49 -0400 Subject: [PATCH 330/356] feat(argo-workflows): Updated supported workers parameters (#2297) * feat(argo-workflows): Updated supported workers parameters Change ------ Based on argo-workflows [scaling documents](https://argoproj.github.io/argo-workflows/scaling/) it's possible to set following workers values: `--workflow-workers`, `--workflow-ttl-workers`, `--pod-cleanup-workers` and statring 3.5 `--cron-workflow-workers`. This change allows chart consumers to take advatage of _all_ these parameters. Testing ------- ``` helm upgrade argowf charts/argo-workflows -n argo --values charts/argo-workflows/values.yaml --create-namespace --debug | grep -A70 "Source: argo-workflows/templates/controller/workflow-controller-deployment.yaml" | grep workers helm upgrade argowf charts/argo-workflows -n argo --values charts/argo-workflows/values.yaml --create-namespace --debug | grep -A70 "Source: argo-workflows/templates/controller/workflow-controller-deployment.yaml" | grep -A1 workers - "--workflow-workers" - "10" helm upgrade argowf charts/argo-workflows -n argo --values charts/argo-workflows/values.yaml --create-namespace --debug | grep -A70 "Source: argo-workflows/templates/controller/workflow-controller-deployment.yaml" | grep -A1 workers - "--workflow-workers" - "10" - "--workflow-ttl-workers" - "20" helm upgrade argowf charts/argo-workflows -n argo --values charts/argo-workflows/values.yaml --create-namespace --debug | grep -A70 "Source: argo-workflows/templates/controller/workflow-controller-deployment.yaml" | grep -A1 workers - "--workflow-workers" - "10" - "--workflow-ttl-workers" - "20" - "--pod-cleanup-workers" - "30" helm upgrade argowf charts/argo-workflows -n argo --values charts/argo-workflows/values.yaml --create-namespace --debug | grep -A70 "Source: argo-workflows/templates/controller/workflow-controller-deployment.yaml" | grep -A1 workers - "--workflow-workers" - "10" - "--workflow-ttl-workers" - "20" - "--pod-cleanup-workers" - "30" - "--cron-workflow-workers" - "40" ``` Signed-off-by: Evgeny Khatko Signed-off-by: Evgeny Khatko * Addressing PR feedback. Signed-off-by: Evgeny Khatko * newline Signed-off-by: Tim Collins <45351296+tico24@users.noreply.github.com> * Update Chart.yaml Signed-off-by: Tim Collins <45351296+tico24@users.noreply.github.com> * Update Chart.yaml Signed-off-by: Tim Collins <45351296+tico24@users.noreply.github.com> --------- Signed-off-by: Evgeny Khatko Signed-off-by: Evgeny Khatko Signed-off-by: Tim Collins <45351296+tico24@users.noreply.github.com> Co-authored-by: Evgeny Khatko Co-authored-by: Tim Collins <45351296+tico24@users.noreply.github.com> --- charts/argo-workflows/Chart.yaml | 6 +++--- charts/argo-workflows/README.md | 3 +++ .../controller/workflow-controller-deployment.yaml | 12 ++++++++++++ charts/argo-workflows/values.yaml | 7 +++++++ 4 files changed, 25 insertions(+), 3 deletions(-) diff --git a/charts/argo-workflows/Chart.yaml b/charts/argo-workflows/Chart.yaml index 4b42b7a5c..44d16babd 100644 --- a/charts/argo-workflows/Chart.yaml +++ b/charts/argo-workflows/Chart.yaml @@ -3,7 +3,7 @@ appVersion: v3.5.0 name: argo-workflows description: A Helm chart for Argo Workflows type: application -version: 0.36.2 +version: 0.37.0 icon: https://argoproj.github.io/argo-workflows/assets/logo.png home: https://github.com/argoproj/argo-helm sources: @@ -16,5 +16,5 @@ annotations: fingerprint: 2B8F22F57260EFA67BE1C5824B11F800CD9D2252 url: https://argoproj.github.io/argo-helm/pgp_keys.asc artifacthub.io/changes: | - - kind: added - description: Add sample of PostgreSQL ssl entries in values.yaml + - kind: changed + description: Updated supported scaling parameters based on https://argoproj.github.io/argo-workflows/scaling/ diff --git a/charts/argo-workflows/README.md b/charts/argo-workflows/README.md index 31582fc4d..038111696 100644 --- a/charts/argo-workflows/README.md +++ b/charts/argo-workflows/README.md @@ -142,6 +142,7 @@ Fields to note: | controller.affinity | object | `{}` | Assign custom [affinity] rules | | controller.clusterWorkflowTemplates.enabled | bool | `true` | Create a ClusterRole and CRB for the controller to access ClusterWorkflowTemplates. | | controller.columns | list | `[]` | Configure Argo Server to show custom [columns] | +| controller.cronWorkflowWorkers | string | `nil` | Number of cron workflow workers Only valid for 3.5+ | | controller.deploymentAnnotations | object | `{}` | deploymentAnnotations is an optional map of annotations to be applied to the controller Deployment | | controller.extraArgs | list | `[]` | Extra arguments to be added to the controller | | controller.extraContainers | list | `[]` | Extra containers to be added to the controller deployment | @@ -182,6 +183,7 @@ Fields to note: | controller.pdb.enabled | bool | `false` | Configure [Pod Disruption Budget] for the controller pods | | controller.persistence | object | `{}` | enable persistence using postgres | | controller.podAnnotations | object | `{}` | podAnnotations is an optional map of annotations to be applied to the controller Pods | +| controller.podCleanupWorkers | string | `nil` | Number of pod cleanup workers | | controller.podGCDeleteDelayDuration | string | `5s` (Argo Workflows default) | The duration in seconds before the pods in the GC queue get deleted. A zero value indicates that the pods will be deleted immediately. | | controller.podGCGracePeriodSeconds | string | `30` seconds (Kubernetes default) | Specifies the duration in seconds before a terminating pod is forcefully killed. A zero value indicates that the pod will be forcefully terminated immediately. | | controller.podLabels | object | `{}` | Optional labels to add to the controller pods | @@ -221,6 +223,7 @@ Fields to note: | controller.workflowDefaults | object | `{}` | Default values that will apply to all Workflows from this controller, unless overridden on the Workflow-level. Only valid for 2.7+ | | controller.workflowNamespaces | list | `["default"]` | Specify all namespaces where this workflow controller instance will manage workflows. This controls where the service account and RBAC resources will be created. Only valid when singleNamespace is false. | | controller.workflowRestrictions | object | `{}` | Restricts the Workflows that the controller will process. Only valid for 2.9+ | +| controller.workflowTTLWorkers | string | `nil` | Number of workflow TTL workers | | controller.workflowWorkers | string | `nil` | Number of workflow workers | ### Workflow Main Container diff --git a/charts/argo-workflows/templates/controller/workflow-controller-deployment.yaml b/charts/argo-workflows/templates/controller/workflow-controller-deployment.yaml index c391bee80..132d7f8ce 100644 --- a/charts/argo-workflows/templates/controller/workflow-controller-deployment.yaml +++ b/charts/argo-workflows/templates/controller/workflow-controller-deployment.yaml @@ -60,6 +60,18 @@ spec: - "--workflow-workers" - {{ . | quote }} {{- end }} + {{- with .Values.controller.workflowTTLWorkers }} + - "--workflow-ttl-workers" + - {{ . | quote }} + {{- end }} + {{- with .Values.controller.podCleanupWorkers }} + - "--pod-cleanup-workers" + - {{ . | quote }} + {{- end }} + {{- with .Values.controller.cronWorkflowWorkers }} + - "--cron-workflow-workers" + - {{ . | quote }} + {{- end }} {{- with .Values.controller.extraArgs }} {{- toYaml . | nindent 10 }} {{- end }} diff --git a/charts/argo-workflows/values.yaml b/charts/argo-workflows/values.yaml index 84cd8aef1..cae5f749e 100644 --- a/charts/argo-workflows/values.yaml +++ b/charts/argo-workflows/values.yaml @@ -180,6 +180,13 @@ controller: # -- Number of workflow workers workflowWorkers: # 32 + # -- Number of workflow TTL workers + workflowTTLWorkers: # 4 + # -- Number of pod cleanup workers + podCleanupWorkers: # 4 + # -- Number of cron workflow workers + # Only valid for 3.5+ + cronWorkflowWorkers: # 8 # -- Restricts the Workflows that the controller will process. # Only valid for 2.9+ workflowRestrictions: {} From 804af65b38dd1c4a27a3df5fb478d18c126a6e24 Mon Sep 17 00:00:00 2001 From: Jason Meridth Date: Tue, 24 Oct 2023 07:39:37 -0500 Subject: [PATCH 331/356] fix(argo-rollouts): controller replicas count comparison (#2309) --- charts/argo-rollouts/Chart.yaml | 6 +++--- charts/argo-rollouts/templates/controller/deployment.yaml | 2 +- 2 files changed, 4 insertions(+), 4 deletions(-) diff --git a/charts/argo-rollouts/Chart.yaml b/charts/argo-rollouts/Chart.yaml index 457f76a09..ddc6582b7 100644 --- a/charts/argo-rollouts/Chart.yaml +++ b/charts/argo-rollouts/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v2 appVersion: v1.6.0 description: A Helm chart for Argo Rollouts name: argo-rollouts -version: 2.32.0 +version: 2.32.1 home: https://github.com/argoproj/argo-helm icon: https://argoproj.github.io/argo-rollouts/assets/logo.png keywords: @@ -18,5 +18,5 @@ annotations: fingerprint: 2B8F22F57260EFA67BE1C5824B11F800CD9D2252 url: https://argoproj.github.io/argo-helm/pgp_keys.asc artifacthub.io/changes: | - - kind: changed - description: Upgrade Argo Rollouts to v1.6.0 + - kind: fixed + description: Use integer instead of float for controller replicas diff --git a/charts/argo-rollouts/templates/controller/deployment.yaml b/charts/argo-rollouts/templates/controller/deployment.yaml index 966491c85..23dc14cbc 100644 --- a/charts/argo-rollouts/templates/controller/deployment.yaml +++ b/charts/argo-rollouts/templates/controller/deployment.yaml @@ -48,7 +48,7 @@ spec: {{- if not .Values.clusterInstall }} - --namespaced {{- end }} - {{- if gt .Values.controller.replicas 1.0 }} + {{- if gt (int .Values.controller.replicas) 1 }} - --leader-elect {{- end }} {{- with .Values.controller.extraArgs }} From a41b70b59cf2ff7e9495969e041d853c8e06ba0d Mon Sep 17 00:00:00 2001 From: gussan <83329336+toyamagu-2021@users.noreply.github.com> Date: Fri, 27 Oct 2023 18:43:52 +0900 Subject: [PATCH 332/356] feat(argo-cd): add terminationGracePeriodSeconds (#2310) Signed-off-by: toyamagu-2021 --- charts/argo-cd/Chart.yaml | 6 +++--- charts/argo-cd/README.md | 7 +++++++ .../statefulset.yaml | 3 +++ .../argocd-applicationset/deployment.yaml | 3 +++ .../argocd-notifications/deployment.yaml | 3 +++ .../argocd-repo-server/deployment.yaml | 3 +++ .../templates/argocd-server/deployment.yaml | 3 +++ charts/argo-cd/templates/dex/deployment.yaml | 3 +++ .../argo-cd/templates/redis/deployment.yaml | 3 +++ charts/argo-cd/values.yaml | 21 +++++++++++++++++++ 10 files changed, 52 insertions(+), 3 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index 5f4379441..7302ce5e1 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -3,7 +3,7 @@ appVersion: v2.8.4 kubeVersion: ">=1.23.0-0" description: A Helm chart for Argo CD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 5.46.8 +version: 5.47.0 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png sources: @@ -26,5 +26,5 @@ annotations: fingerprint: 2B8F22F57260EFA67BE1C5824B11F800CD9D2252 url: https://argoproj.github.io/argo-helm/pgp_keys.asc artifacthub.io/changes: | - - kind: fixed - description: Sync redis / redis-ha readOnlyRootFilesystem=true option from upstream. This was part of Argo CD 2.8.0. + - kind: added + description: add terminationGracePeriodSeconds diff --git a/charts/argo-cd/README.md b/charts/argo-cd/README.md index b2101038f..d870dbdc6 100644 --- a/charts/argo-cd/README.md +++ b/charts/argo-cd/README.md @@ -561,6 +561,7 @@ NAME: my-release | controller.serviceAccount.labels | object | `{}` | Labels applied to created service account | | controller.serviceAccount.name | string | `"argocd-application-controller"` | Service account name | | controller.statefulsetAnnotations | object | `{}` | Annotations for the application controller StatefulSet | +| controller.terminationGracePeriodSeconds | int | `30` | terminationGracePeriodSeconds for container lifecycle hook | | controller.tolerations | list | `[]` (defaults to global.tolerations) | [Tolerations] for use with node taints | | controller.topologySpreadConstraints | list | `[]` (defaults to global.topologySpreadConstraints) | Assign custom [TopologySpreadConstraints] rules to the application controller | | controller.volumeMounts | list | `[]` | Additional volumeMounts to the application controller main container | @@ -653,6 +654,7 @@ NAME: my-release | repoServer.serviceAccount.create | bool | `true` | Create repo server service account | | repoServer.serviceAccount.labels | object | `{}` | Labels applied to created service account | | repoServer.serviceAccount.name | string | `""` | Repo server service account name | +| repoServer.terminationGracePeriodSeconds | int | `30` | terminationGracePeriodSeconds for container lifecycle hook | | repoServer.tolerations | list | `[]` (defaults to global.tolerations) | [Tolerations] for use with node taints | | repoServer.topologySpreadConstraints | list | `[]` (defaults to global.topologySpreadConstraints) | Assign custom [TopologySpreadConstraints] rules to the repo server | | repoServer.useEphemeralHelmWorkingDir | bool | `true` | Toggle the usage of a ephemeral Helm working directory | @@ -807,6 +809,7 @@ NAME: my-release | server.serviceAccount.create | bool | `true` | Create server service account | | server.serviceAccount.labels | object | `{}` | Labels applied to created service account | | server.serviceAccount.name | string | `"argocd-server"` | Server service account name | +| server.terminationGracePeriodSeconds | int | `30` | terminationGracePeriodSeconds for container lifecycle hook | | server.tolerations | list | `[]` (defaults to global.tolerations) | [Tolerations] for use with node taints | | server.topologySpreadConstraints | list | `[]` (defaults to global.topologySpreadConstraints) | Assign custom [TopologySpreadConstraints] rules to the Argo CD server | | server.volumeMounts | list | `[]` | Additional volumeMounts to the server main container | @@ -915,6 +918,7 @@ server: | dex.servicePortHttp | int | `5556` | Service port for HTTP access | | dex.servicePortHttpName | string | `"http"` | Service port name for HTTP access | | dex.servicePortMetrics | int | `5558` | Service port for metrics access | +| dex.terminationGracePeriodSeconds | int | `30` | terminationGracePeriodSeconds for container lifecycle hook | | dex.tolerations | list | `[]` (defaults to global.tolerations) | [Tolerations] for use with node taints | | dex.topologySpreadConstraints | list | `[]` (defaults to global.topologySpreadConstraints) | Assign custom [TopologySpreadConstraints] rules to dex | | dex.volumeMounts | list | `[]` | Additional volumeMounts to the dex main container | @@ -986,6 +990,7 @@ server: | redis.serviceAccount.create | bool | `false` | Create a service account for the redis pod | | redis.serviceAccount.name | string | `""` | Service account name for redis pod | | redis.servicePort | int | `6379` | Redis service port | +| redis.terminationGracePeriodSeconds | int | `30` | terminationGracePeriodSeconds for container lifecycle hook | | redis.tolerations | list | `[]` (defaults to global.tolerations) | [Tolerations] for use with node taints | | redis.topologySpreadConstraints | list | `[]` (defaults to global.topologySpreadConstraints) | Assign custom [TopologySpreadConstraints] rules to redis | | redis.volumeMounts | list | `[]` | Additional volumeMounts to the redis container | @@ -1136,6 +1141,7 @@ If you want to use an existing Redis (eg. a managed service from a cloud provide | applicationSet.serviceAccount.create | bool | `true` | Create ApplicationSet controller service account | | applicationSet.serviceAccount.labels | object | `{}` | Labels applied to created service account | | applicationSet.serviceAccount.name | string | `"argocd-applicationset-controller"` | ApplicationSet controller service account name | +| applicationSet.terminationGracePeriodSeconds | int | `30` | terminationGracePeriodSeconds for container lifecycle hook | | applicationSet.tolerations | list | `[]` (defaults to global.tolerations) | [Tolerations] for use with node taints | | applicationSet.topologySpreadConstraints | list | `[]` (defaults to global.topologySpreadConstraints) | Assign custom [TopologySpreadConstraints] rules to the ApplicationSet controller | | applicationSet.webhook.ingress.annotations | object | `{}` | Additional ingress annotations | @@ -1214,6 +1220,7 @@ If you want to use an existing Redis (eg. a managed service from a cloud provide | notifications.serviceAccount.name | string | `"argocd-notifications-controller"` | Notification controller service account name | | notifications.subscriptions | list | `[]` | Contains centrally managed global application subscriptions | | notifications.templates | object | `{}` | The notification template is used to generate the notification content | +| notifications.terminationGracePeriodSeconds | int | `30` | terminationGracePeriodSeconds for container lifecycle hook | | notifications.tolerations | list | `[]` (defaults to global.tolerations) | [Tolerations] for use with node taints | | notifications.topologySpreadConstraints | list | `[]` (defaults to global.topologySpreadConstraints) | Assign custom [TopologySpreadConstraints] rules to the application controller | | notifications.triggers | object | `{}` | The trigger defines the condition when the notification should be sent | diff --git a/charts/argo-cd/templates/argocd-application-controller/statefulset.yaml b/charts/argo-cd/templates/argocd-application-controller/statefulset.yaml index 3583a2b72..31bce2993 100644 --- a/charts/argo-cd/templates/argocd-application-controller/statefulset.yaml +++ b/charts/argo-cd/templates/argocd-application-controller/statefulset.yaml @@ -52,6 +52,9 @@ spec: {{- with .Values.controller.priorityClassName | default .Values.global.priorityClassName }} priorityClassName: {{ . }} {{- end }} + {{- if .Values.controller.terminationGracePeriodSeconds }} + terminationGracePeriodSeconds: {{ .Values.controller.terminationGracePeriodSeconds }} + {{- end }} serviceAccountName: {{ include "argo-cd.controllerServiceAccountName" . }} containers: - args: diff --git a/charts/argo-cd/templates/argocd-applicationset/deployment.yaml b/charts/argo-cd/templates/argocd-applicationset/deployment.yaml index d8fb8cbc4..ed161d538 100644 --- a/charts/argo-cd/templates/argocd-applicationset/deployment.yaml +++ b/charts/argo-cd/templates/argocd-applicationset/deployment.yaml @@ -52,6 +52,9 @@ spec: {{- with .Values.applicationSet.priorityClassName | default .Values.global.priorityClassName }} priorityClassName: {{ . }} {{- end }} + {{- if .Values.applicationSet.terminationGracePeriodSeconds }} + terminationGracePeriodSeconds: {{ .Values.applicationSet.terminationGracePeriodSeconds }} + {{- end }} serviceAccountName: {{ include "argo-cd.applicationSetServiceAccountName" . }} containers: - name: {{ .Values.applicationSet.name }} diff --git a/charts/argo-cd/templates/argocd-notifications/deployment.yaml b/charts/argo-cd/templates/argocd-notifications/deployment.yaml index d2eca77f4..633e19432 100644 --- a/charts/argo-cd/templates/argocd-notifications/deployment.yaml +++ b/charts/argo-cd/templates/argocd-notifications/deployment.yaml @@ -51,6 +51,9 @@ spec: {{- with .Values.notifications.priorityClassName | default .Values.global.priorityClassName }} priorityClassName: {{ . }} {{- end }} + {{- if .Values.notifications.terminationGracePeriodSeconds }} + terminationGracePeriodSeconds: {{ .Values.notifications.terminationGracePeriodSeconds }} + {{- end }} serviceAccountName: {{ include "argo-cd.notificationsServiceAccountName" . }} containers: - name: {{ .Values.notifications.name }} diff --git a/charts/argo-cd/templates/argocd-repo-server/deployment.yaml b/charts/argo-cd/templates/argocd-repo-server/deployment.yaml index ea54e79d3..515984d7a 100755 --- a/charts/argo-cd/templates/argocd-repo-server/deployment.yaml +++ b/charts/argo-cd/templates/argocd-repo-server/deployment.yaml @@ -62,6 +62,9 @@ spec: {{- with .Values.repoServer.priorityClassName | default .Values.global.priorityClassName }} priorityClassName: {{ . }} {{- end }} + {{- if .Values.repoServer.terminationGracePeriodSeconds }} + terminationGracePeriodSeconds: {{ .Values.repoServer.terminationGracePeriodSeconds }} + {{- end }} serviceAccountName: {{ include "argo-cd.repoServerServiceAccountName" . }} containers: - name: {{ .Values.repoServer.name }} diff --git a/charts/argo-cd/templates/argocd-server/deployment.yaml b/charts/argo-cd/templates/argocd-server/deployment.yaml index e3f322cb2..983121a98 100755 --- a/charts/argo-cd/templates/argocd-server/deployment.yaml +++ b/charts/argo-cd/templates/argocd-server/deployment.yaml @@ -53,6 +53,9 @@ spec: {{- with .Values.server.priorityClassName | default .Values.global.priorityClassName }} priorityClassName: {{ . }} {{- end }} + {{- if .Values.server.terminationGracePeriodSeconds }} + terminationGracePeriodSeconds: {{ .Values.server.terminationGracePeriodSeconds }} + {{- end }} serviceAccountName: {{ include "argo-cd.serverServiceAccountName" . }} containers: - name: {{ .Values.server.name }} diff --git a/charts/argo-cd/templates/dex/deployment.yaml b/charts/argo-cd/templates/dex/deployment.yaml index abca6e142..9f782c8d6 100755 --- a/charts/argo-cd/templates/dex/deployment.yaml +++ b/charts/argo-cd/templates/dex/deployment.yaml @@ -55,6 +55,9 @@ spec: {{- with .Values.dex.priorityClassName | default .Values.global.priorityClassName }} priorityClassName: {{ . }} {{- end }} + {{- if .Values.dex.terminationGracePeriodSeconds }} + terminationGracePeriodSeconds: {{ .Values.dex.terminationGracePeriodSeconds }} + {{- end }} serviceAccountName: {{ template "argo-cd.dexServiceAccountName" . }} containers: - name: {{ .Values.dex.name }} diff --git a/charts/argo-cd/templates/redis/deployment.yaml b/charts/argo-cd/templates/redis/deployment.yaml index 419e5f316..3f272d027 100755 --- a/charts/argo-cd/templates/redis/deployment.yaml +++ b/charts/argo-cd/templates/redis/deployment.yaml @@ -48,6 +48,9 @@ spec: {{- with .Values.redis.priorityClassName | default .Values.global.priorityClassName }} priorityClassName: {{ . }} {{- end }} + {{- if .Values.redis.terminationGracePeriodSeconds }} + terminationGracePeriodSeconds: {{ .Values.redis.terminationGracePeriodSeconds }} + {{- end }} serviceAccountName: {{ include "argo-cd.redisServiceAccountName" . }} containers: - name: {{ .Values.redis.name }} diff --git a/charts/argo-cd/values.yaml b/charts/argo-cd/values.yaml index b029dfaab..0352ef2e8 100644 --- a/charts/argo-cd/values.yaml +++ b/charts/argo-cd/values.yaml @@ -731,6 +731,9 @@ controller: # -- Number of seconds after which the [probe] times out timeoutSeconds: 1 + # -- terminationGracePeriodSeconds for container lifecycle hook + terminationGracePeriodSeconds: 30 + # -- Priority class for the application controller pods # @default -- `""` (defaults to global.priorityClassName) priorityClassName: "" @@ -1074,6 +1077,9 @@ dex: # -- Number of seconds after which the [probe] times out timeoutSeconds: 1 + # -- terminationGracePeriodSeconds for container lifecycle hook + terminationGracePeriodSeconds: 30 + serviceAccount: # -- Create dex service account create: true @@ -1313,6 +1319,9 @@ redis: # topologyKey: topology.kubernetes.io/zone # whenUnsatisfiable: DoNotSchedule + # -- terminationGracePeriodSeconds for container lifecycle hook + terminationGracePeriodSeconds: 30 + serviceAccount: # -- Create a service account for the redis pod create: false @@ -1718,6 +1727,9 @@ server: # -- Number of seconds after which the [probe] times out timeoutSeconds: 1 + # -- terminationGracePeriodSeconds for container lifecycle hook + terminationGracePeriodSeconds: 30 + # -- Priority class for the Argo CD server pods # @default -- `""` (defaults to global.priorityClassName) priorityClassName: "" @@ -2261,6 +2273,9 @@ repoServer: # -- Number of seconds after which the [probe] times out timeoutSeconds: 1 + # -- terminationGracePeriodSeconds for container lifecycle hook + terminationGracePeriodSeconds: 30 + # -- [Node selector] # @default -- `{}` (defaults to global.nodeSelector) nodeSelector: {} @@ -2618,6 +2633,9 @@ applicationSet: # -- Minimum consecutive failures for the [probe] to be considered failed after having succeeded failureThreshold: 3 + # -- terminationGracePeriodSeconds for container lifecycle hook + terminationGracePeriodSeconds: 30 + # -- [Node selector] # @default -- `{}` (defaults to global.nodeSelector) nodeSelector: {} @@ -2931,6 +2949,9 @@ notifications: drop: - ALL + # -- terminationGracePeriodSeconds for container lifecycle hook + terminationGracePeriodSeconds: 30 + # -- [Node selector] # @default -- `{}` (defaults to global.nodeSelector) nodeSelector: {} From 9193d8592949969e7d05e24e066b77ada6a50b9e Mon Sep 17 00:00:00 2001 From: Aikawa Date: Sat, 28 Oct 2023 16:28:44 +0900 Subject: [PATCH 333/356] chore(argo-cd): Upgrade Argo CD to v2.8.5 (#2313) --- charts/argo-cd/Chart.yaml | 8 ++++---- .../templates/argocd-notifications/deployment.yaml | 8 +++++++- 2 files changed, 11 insertions(+), 5 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index 7302ce5e1..06de55fb3 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -1,9 +1,9 @@ apiVersion: v2 -appVersion: v2.8.4 +appVersion: v2.8.5 kubeVersion: ">=1.23.0-0" description: A Helm chart for Argo CD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 5.47.0 +version: 5.48.0 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png sources: @@ -26,5 +26,5 @@ annotations: fingerprint: 2B8F22F57260EFA67BE1C5824B11F800CD9D2252 url: https://argoproj.github.io/argo-helm/pgp_keys.asc artifacthub.io/changes: | - - kind: added - description: add terminationGracePeriodSeconds + - kind: changed + description: Upgrade Argo CD to v2.8.5 diff --git a/charts/argo-cd/templates/argocd-notifications/deployment.yaml b/charts/argo-cd/templates/argocd-notifications/deployment.yaml index 633e19432..edee786a4 100644 --- a/charts/argo-cd/templates/argocd-notifications/deployment.yaml +++ b/charts/argo-cd/templates/argocd-notifications/deployment.yaml @@ -78,13 +78,19 @@ spec: configMapKeyRef: key: notificationscontroller.log.level name: argocd-cmd-params-cm - optional: true + optional: true - name: ARGOCD_NOTIFICATIONS_CONTROLLER_LOGFORMAT valueFrom: configMapKeyRef: key: notificationscontroller.log.format name: argocd-cmd-params-cm optional: true + - name: ARGOCD_APPLICATION_NAMESPACES + valueFrom: + configMapKeyRef: + key: application.namespaces + name: argocd-cmd-params-cm + optional: true {{- with .Values.notifications.extraEnvFrom }} envFrom: {{- toYaml . | nindent 12 }} From 25d7b519bc7fc37d2820721cd648f3a3403d0e38 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Sat, 28 Oct 2023 14:21:37 +0200 Subject: [PATCH 334/356] chore(deps): bump ossf/scorecard-action from 2.3.0 to 2.3.1 (#2314) --- .github/workflows/scorecard.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/scorecard.yml b/.github/workflows/scorecard.yml index 64dd515ae..3273e72d6 100644 --- a/.github/workflows/scorecard.yml +++ b/.github/workflows/scorecard.yml @@ -38,7 +38,7 @@ jobs: persist-credentials: false - name: "Run analysis" - uses: ossf/scorecard-action@483ef80eb98fb506c348f7d62e28055e49fe2398 # v2.3.0 + uses: ossf/scorecard-action@0864cf19026789058feabb7e87baa5f140aac736 # v2.3.1 with: results_file: results.sarif results_format: sarif From 0cc17965301b838977c8b1cca2cbf86969c889a0 Mon Sep 17 00:00:00 2001 From: Petr Drastil Date: Mon, 30 Oct 2023 09:51:56 +0100 Subject: [PATCH 335/356] fix(argo-cd): Update Bitbucket SSH key (#2317) Signed-off-by: Petr Drastil --- charts/argo-cd/Chart.yaml | 4 ++-- charts/argo-cd/values.yaml | 2 +- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index 06de55fb3..ac473f030 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -3,7 +3,7 @@ appVersion: v2.8.5 kubeVersion: ">=1.23.0-0" description: A Helm chart for Argo CD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 5.48.0 +version: 5.48.1 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png sources: @@ -27,4 +27,4 @@ annotations: url: https://argoproj.github.io/argo-helm/pgp_keys.asc artifacthub.io/changes: | - kind: changed - description: Upgrade Argo CD to v2.8.5 + description: Update Bitbucket.org SSH key diff --git a/charts/argo-cd/values.yaml b/charts/argo-cd/values.yaml index 0352ef2e8..802e512ca 100644 --- a/charts/argo-cd/values.yaml +++ b/charts/argo-cd/values.yaml @@ -326,7 +326,7 @@ configs: [ssh.github.com]:443 ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABgQCj7ndNxQowgcQnjshcLrqPEiiphnt+VTTvDP6mHBL9j1aNUkY4Ue1gvwnGLVlOhGeYrnZaMgRK6+PKCUXaDbC7qtbW8gIkhL7aGCsOr/C56SJMy/BCZfxd1nWzAOxSDPgVsmerOBYfNqltV9/hWCqBywINIR+5dIg6JTJ72pcEpEjcYgXkE2YEFXV1JHnsKgbLWNlhScqb2UmyRkQyytRLtL+38TGxkxCflmO+5Z8CSSNY7GidjMIZ7Q4zMjA2n1nGrlTDkzwDCsw+wqFPGQA179cnfGWOWRVruj16z6XyvxvjJwbz0wQZ75XK5tKSb7FNyeIEs4TT4jk+S4dhPeAUC5y+bDYirYgM4GC7uEnztnZyaVWQ7B381AK4Qdrwt51ZqExKbQpTUNn+EjqoTwvqNj4kqx5QUCI0ThS/YkOxJCXmPUWZbhjpCg56i+2aB6CmK2JGhn57K5mj0MNdBXA4/WnwH6XoPWJzK5Nyu2zB3nAZp+S5hpQs+p1vN1/wsjk= bitbucket.org ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBPIQmuzMBuKdWeF4+a2sjSSpBK0iqitSQ+5BM9KhpexuGt20JpTVM7u5BDZngncgrqDMbWdxMWWOGtZ9UgbqgZE= bitbucket.org ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIIazEu89wgQZ4bqs3d63QSMzYVa0MuJ2e2gKTKqu+UUO - bitbucket.org ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAQEAubiN81eDcafrgMeLzaFPsw2kNvEcqTKl/VqLat/MaB33pZy0y3rJZtnqwR2qOOvbwKZYKiEO1O6VqNEBxKvJJelCq0dTXWT5pbO2gDXC6h6QDXCaHo6pOHGPUy+YBaGQRGuSusMEASYiWunYN0vCAI8QaXnWMXNMdFP3jHAJH0eDsoiGnLPBlBp4TNm6rYI74nMzgz3B9IikW4WVK+dc8KZJZWYjAuORU3jc1c/NPskD2ASinf8v3xnfXeukU0sJ5N6m5E8VLjObPEO+mN2t/FZTMZLiFqPWc/ALSqnMnnhwrNi2rbfg/rd/IpL8Le3pSBne8+seeFVBoGqzHM9yXw== + bitbucket.org ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABgQDQeJzhupRu0u0cdegZIa8e86EG2qOCsIsD1Xw0xSeiPDlCr7kq97NLmMbpKTX6Esc30NuoqEEHCuc7yWtwp8dI76EEEB1VqY9QJq6vk+aySyboD5QF61I/1WeTwu+deCbgKMGbUijeXhtfbxSxm6JwGrXrhBdofTsbKRUsrN1WoNgUa8uqN1Vx6WAJw1JHPhglEGGHea6QICwJOAr/6mrui/oB7pkaWKHj3z7d1IC4KWLtY47elvjbaTlkN04Kc/5LFEirorGYVbt15kAUlqGM65pk6ZBxtaO3+30LVlORZkxOh+LKL/BvbZ/iRNhItLqNyieoQj/uh/7Iv4uyH/cV/0b4WDSd3DptigWq84lJubb9t/DnZlrJazxyDCulTmKdOR7vs9gMTo+uoIrPSb8ScTtvw65+odKAlBj59dhnVp9zd7QUojOpXlL62Aw56U4oO+FALuevvMjiWeavKhJqlR7i5n9srYcrNV7ttmDw7kf/97P5zauIhxcjX+xHv4M= github.com ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBEmKSENjQEezOmxkZMy7opKgwFB9nkt5YRrYMjNuG5N87uRgg6CLrbo5wAdT/y6v0mKV0U2w0WZ2YB/++Tpockg= github.com ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIOMqqnkVzrm0SdG6UOoqKLsabgH5C9okWi0dh2l9GKJl github.com ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABgQCj7ndNxQowgcQnjshcLrqPEiiphnt+VTTvDP6mHBL9j1aNUkY4Ue1gvwnGLVlOhGeYrnZaMgRK6+PKCUXaDbC7qtbW8gIkhL7aGCsOr/C56SJMy/BCZfxd1nWzAOxSDPgVsmerOBYfNqltV9/hWCqBywINIR+5dIg6JTJ72pcEpEjcYgXkE2YEFXV1JHnsKgbLWNlhScqb2UmyRkQyytRLtL+38TGxkxCflmO+5Z8CSSNY7GidjMIZ7Q4zMjA2n1nGrlTDkzwDCsw+wqFPGQA179cnfGWOWRVruj16z6XyvxvjJwbz0wQZ75XK5tKSb7FNyeIEs4TT4jk+S4dhPeAUC5y+bDYirYgM4GC7uEnztnZyaVWQ7B381AK4Qdrwt51ZqExKbQpTUNn+EjqoTwvqNj4kqx5QUCI0ThS/YkOxJCXmPUWZbhjpCg56i+2aB6CmK2JGhn57K5mj0MNdBXA4/WnwH6XoPWJzK5Nyu2zB3nAZp+S5hpQs+p1vN1/wsjk= From 94c0a0a246771e0d1996de4759d3dba036407b27 Mon Sep 17 00:00:00 2001 From: Ilia Lazebnik Date: Mon, 30 Oct 2023 16:42:32 +0200 Subject: [PATCH 336/356] feat(argo-cd): add notification cluster role (#2315) * Add notification cluster role Signed-off-by: drfaust92 * Add notification cluster role Signed-off-by: drfaust92 * Add notification cluster role Signed-off-by: drfaust92 * Add notification cluster role Signed-off-by: drfaust92 --------- Signed-off-by: drfaust92 --- charts/argo-cd/Chart.yaml | 6 ++--- charts/argo-cd/README.md | 1 + .../argocd-notifications/clusterrole.yaml | 22 +++++++++++++++++++ .../clusterrolebinding.yaml | 16 ++++++++++++++ charts/argo-cd/values.yaml | 6 +++++ 5 files changed, 48 insertions(+), 3 deletions(-) create mode 100644 charts/argo-cd/templates/argocd-notifications/clusterrole.yaml create mode 100644 charts/argo-cd/templates/argocd-notifications/clusterrolebinding.yaml diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index ac473f030..eaa7c2c66 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -3,7 +3,7 @@ appVersion: v2.8.5 kubeVersion: ">=1.23.0-0" description: A Helm chart for Argo CD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 5.48.1 +version: 5.49.0 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png sources: @@ -26,5 +26,5 @@ annotations: fingerprint: 2B8F22F57260EFA67BE1C5824B11F800CD9D2252 url: https://argoproj.github.io/argo-helm/pgp_keys.asc artifacthub.io/changes: | - - kind: changed - description: Update Bitbucket.org SSH key + - kind: added + description: Add notification cluster role support diff --git a/charts/argo-cd/README.md b/charts/argo-cd/README.md index d870dbdc6..e0e250256 100644 --- a/charts/argo-cd/README.md +++ b/charts/argo-cd/README.md @@ -1160,6 +1160,7 @@ If you want to use an existing Redis (eg. a managed service from a cloud provide |-----|------|---------|-------------| | notifications.affinity | object | `{}` (defaults to global.affinity preset) | Assign custom [affinity] rules | | notifications.argocdUrl | string | `nil` | Argo CD dashboard url; used in place of {{.context.argocdUrl}} in templates | +| notifications.clusterRoleRules.rules | list | `[]` | List of custom rules for the notifications controller's ClusterRole resource | | notifications.cm.create | bool | `true` | Whether helm chart creates notifications controller config map | | notifications.containerPorts.metrics | int | `9001` | Metrics container port | | notifications.containerSecurityContext | object | See [values.yaml] | Notification controller container-level security Context | diff --git a/charts/argo-cd/templates/argocd-notifications/clusterrole.yaml b/charts/argo-cd/templates/argocd-notifications/clusterrole.yaml new file mode 100644 index 000000000..1d2e0fd7f --- /dev/null +++ b/charts/argo-cd/templates/argocd-notifications/clusterrole.yaml @@ -0,0 +1,22 @@ +{{- if .Values.createClusterRoles }} +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRole +metadata: + name: {{ include "argo-cd.notifications.fullname" . }} + labels: + {{- include "argo-cd.labels" (dict "context" . "component" .Values.notifications.name "name" .Values.notifications.name) | nindent 4 }} +rules: + {{- with .Values.notifications.clusterRoleRules.rules }} + {{- toYaml . | nindent 2 }} + {{- end }} + - apiGroups: + - "argoproj.io" + resources: + - "applications" + verbs: + - get + - list + - watch + - update + - patch +{{- end }} diff --git a/charts/argo-cd/templates/argocd-notifications/clusterrolebinding.yaml b/charts/argo-cd/templates/argocd-notifications/clusterrolebinding.yaml new file mode 100644 index 000000000..1b47bf123 --- /dev/null +++ b/charts/argo-cd/templates/argocd-notifications/clusterrolebinding.yaml @@ -0,0 +1,16 @@ +{{- if .Values.createClusterRoles }} +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRoleBinding +metadata: + name: {{ include "argo-cd.notifications.fullname" . }} + labels: + {{- include "argo-cd.labels" (dict "context" . "component" .Values.notifications.name "name" .Values.notifications.name) | nindent 4 }} +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: ClusterRole + name: {{ include "argo-cd.notifications.fullname" . }} +subjects: +- kind: ServiceAccount + name: {{ include "argo-cd.notificationsServiceAccountName" . }} + namespace: {{ .Release.Namespace }} +{{- end }} diff --git a/charts/argo-cd/values.yaml b/charts/argo-cd/values.yaml index 802e512ca..4ec932224 100644 --- a/charts/argo-cd/values.yaml +++ b/charts/argo-cd/values.yaml @@ -2997,6 +2997,12 @@ notifications: # -- Whether helm chart creates notifications controller config map create: true + ## Enable this and set the rules: to whatever custom rules you want for the Cluster Role resource. + ## Defaults to off + clusterRoleRules: + # -- List of custom rules for the notifications controller's ClusterRole resource + rules: [] + # -- Contains centrally managed global application subscriptions ## For more information: https://argocd-notifications.readthedocs.io/en/stable/subscriptions/ subscriptions: [] From 4f5c75fbc7513d0359e11208e24df51474493686 Mon Sep 17 00:00:00 2001 From: Jason Meridth Date: Mon, 30 Oct 2023 12:42:39 -0500 Subject: [PATCH 337/356] fix(argo-rollouts): Update AnalysisRun CRD to match upstream (#2320) --- charts/argo-rollouts/Chart.yaml | 4 +- .../templates/crds/analysis-run-crd.yaml | 51 ++++++++++++++++++- 2 files changed, 51 insertions(+), 4 deletions(-) diff --git a/charts/argo-rollouts/Chart.yaml b/charts/argo-rollouts/Chart.yaml index ddc6582b7..6d343fdce 100644 --- a/charts/argo-rollouts/Chart.yaml +++ b/charts/argo-rollouts/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v2 appVersion: v1.6.0 description: A Helm chart for Argo Rollouts name: argo-rollouts -version: 2.32.1 +version: 2.32.2 home: https://github.com/argoproj/argo-helm icon: https://argoproj.github.io/argo-rollouts/assets/logo.png keywords: @@ -19,4 +19,4 @@ annotations: url: https://argoproj.github.io/argo-helm/pgp_keys.asc artifacthub.io/changes: | - kind: fixed - description: Use integer instead of float for controller replicas + description: Update AnalysisRun CRD to match upstream diff --git a/charts/argo-rollouts/templates/crds/analysis-run-crd.yaml b/charts/argo-rollouts/templates/crds/analysis-run-crd.yaml index 7324e908c..1dddfa7dc 100644 --- a/charts/argo-rollouts/templates/crds/analysis-run-crd.yaml +++ b/charts/argo-rollouts/templates/crds/analysis-run-crd.yaml @@ -189,13 +189,22 @@ spec: datadog: properties: apiVersion: + default: v1 + enum: + - v1 + - v2 + type: string + formula: type: string interval: + default: 5m type: string + queries: + additionalProperties: + type: string + type: object query: type: string - required: - - query type: object graphite: properties: @@ -2809,6 +2818,19 @@ spec: type: string authentication: properties: + oauth2: + properties: + clientId: + type: string + clientSecret: + type: string + scopes: + items: + type: string + type: array + tokenUrl: + type: string + type: object sigv4: properties: profile: @@ -2857,6 +2879,31 @@ spec: type: object web: properties: + authentication: + properties: + oauth2: + properties: + clientId: + type: string + clientSecret: + type: string + scopes: + items: + type: string + type: array + tokenUrl: + type: string + type: object + sigv4: + properties: + profile: + type: string + region: + type: string + roleArn: + type: string + type: object + type: object body: type: string headers: From 2eb537dde00f9bc6d250ea349ad85a709565cce0 Mon Sep 17 00:00:00 2001 From: Jason Meridth Date: Tue, 31 Oct 2023 12:21:05 -0500 Subject: [PATCH 338/356] fix(github): update chart testing action due to failure (#2324) Getting failure when running chart testing action pulling v2.0.0 from sigstore Updating action to see if this helps Signed-off-by: jmeridth --- .github/workflows/lint-and-test.yml | 4 ++-- scripts/lint.sh | 2 +- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/.github/workflows/lint-and-test.yml b/.github/workflows/lint-and-test.yml index bd97afe96..b6da136fd 100644 --- a/.github/workflows/lint-and-test.yml +++ b/.github/workflows/lint-and-test.yml @@ -38,10 +38,10 @@ jobs: - name: Setup Chart Linting id: lint - uses: helm/chart-testing-action@e8788873172cb653a90ca2e819d79d65a66d4e76 # v2.4.0 + uses: helm/chart-testing-action@b43128a8b25298e1e7b043b78ea6613844e079b1 # v2.6.0 with: # Note: Also update in scripts/lint.sh - version: v3.7.1 + version: v3.10.0 - name: List changed charts id: list-changed diff --git a/scripts/lint.sh b/scripts/lint.sh index b44a6cee4..6061adb5f 100755 --- a/scripts/lint.sh +++ b/scripts/lint.sh @@ -9,7 +9,7 @@ echo -e "\n-- Linting all Helm Charts --\n" docker run \ -v "$SRCROOT:/workdir" \ --entrypoint /bin/sh \ - quay.io/helmpack/chart-testing:v3.7.1 \ + quay.io/helmpack/chart-testing:v3.10.0 \ -c cd /workdir \ ct lint \ --config .github/configs/ct-lint.yaml \ From 733d84a42398cc1a1a6dea8bf75b2a7a2bf3101f Mon Sep 17 00:00:00 2001 From: Tim Collins <45351296+tico24@users.noreply.github.com> Date: Tue, 31 Oct 2023 17:48:55 +0000 Subject: [PATCH 339/356] chore(argo-cd): Upgrade Argo CD to v2.8.6 (#2323) * chore(argo-cd): Upgrade Argo CD to v2.8.6 Signed-off-by: Tim Collins * fix: drop unrecognized helm timeout Signed-off-by: jmeridth --------- Signed-off-by: Tim Collins Signed-off-by: Jason Meridth Signed-off-by: jmeridth Co-authored-by: Jason Meridth --- .github/configs/ct-lint.yaml | 1 - charts/argo-cd/Chart.yaml | 8 ++++---- 2 files changed, 4 insertions(+), 5 deletions(-) diff --git a/.github/configs/ct-lint.yaml b/.github/configs/ct-lint.yaml index 1e66067aa..99cb8b3ce 100644 --- a/.github/configs/ct-lint.yaml +++ b/.github/configs/ct-lint.yaml @@ -7,7 +7,6 @@ chart-dirs: - charts chart-repos: - dandydeveloper=https://dandydeveloper.github.io/charts/ -helm-extra-args: "--timeout 600s" validate-chart-schema: false validate-maintainers: true validate-yaml: true diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index eaa7c2c66..8114ee707 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -1,9 +1,9 @@ apiVersion: v2 -appVersion: v2.8.5 +appVersion: v2.8.6 kubeVersion: ">=1.23.0-0" description: A Helm chart for Argo CD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 5.49.0 +version: 5.50.0 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png sources: @@ -26,5 +26,5 @@ annotations: fingerprint: 2B8F22F57260EFA67BE1C5824B11F800CD9D2252 url: https://argoproj.github.io/argo-helm/pgp_keys.asc artifacthub.io/changes: | - - kind: added - description: Add notification cluster role support + - kind: changed + description: Upgrade Argo CD to v2.8.6 From 4afebb25f60aeeadb7c4365ab2fc1824185d0aa8 Mon Sep 17 00:00:00 2001 From: Denis Kadyshev Date: Thu, 2 Nov 2023 16:43:50 +0700 Subject: [PATCH 340/356] fix(argo-cd): Create notifications clusterrole and clusterrolebinding when enabled (#2326) * Create clusterrole for nitifications only when notifications enabled Signed-off-by: Denis Kadyshev * Create clusterrolebinding for nitifications only when notifications enbaled Signed-off-by: Denis Kadyshev * Bump version in Chart.yaml Signed-off-by: Denis Kadyshev * Update Chart.yaml Signed-off-by: Denis Kadyshev * Update Chart.yaml Signed-off-by: Denis Kadyshev --------- Signed-off-by: Denis Kadyshev --- charts/argo-cd/Chart.yaml | 6 +++--- .../argo-cd/templates/argocd-notifications/clusterrole.yaml | 2 +- .../templates/argocd-notifications/clusterrolebinding.yaml | 2 +- 3 files changed, 5 insertions(+), 5 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index 8114ee707..d986c987a 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -3,7 +3,7 @@ appVersion: v2.8.6 kubeVersion: ">=1.23.0-0" description: A Helm chart for Argo CD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 5.50.0 +version: 5.50.1 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png sources: @@ -26,5 +26,5 @@ annotations: fingerprint: 2B8F22F57260EFA67BE1C5824B11F800CD9D2252 url: https://argoproj.github.io/argo-helm/pgp_keys.asc artifacthub.io/changes: | - - kind: changed - description: Upgrade Argo CD to v2.8.6 + - kind: fixed + description: Create notifications clusterrole and clusterrolebinding when enabled diff --git a/charts/argo-cd/templates/argocd-notifications/clusterrole.yaml b/charts/argo-cd/templates/argocd-notifications/clusterrole.yaml index 1d2e0fd7f..927d30a05 100644 --- a/charts/argo-cd/templates/argocd-notifications/clusterrole.yaml +++ b/charts/argo-cd/templates/argocd-notifications/clusterrole.yaml @@ -1,4 +1,4 @@ -{{- if .Values.createClusterRoles }} +{{- if and .Values.notifications.enabled .Values.createClusterRoles }} apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRole metadata: diff --git a/charts/argo-cd/templates/argocd-notifications/clusterrolebinding.yaml b/charts/argo-cd/templates/argocd-notifications/clusterrolebinding.yaml index 1b47bf123..3dba71a2f 100644 --- a/charts/argo-cd/templates/argocd-notifications/clusterrolebinding.yaml +++ b/charts/argo-cd/templates/argocd-notifications/clusterrolebinding.yaml @@ -1,4 +1,4 @@ -{{- if .Values.createClusterRoles }} +{{- if and .Values.notifications.enabled .Values.createClusterRoles }} apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRoleBinding metadata: From 78c7162d69fe7cc0ab6e79796b8cb7fac440c259 Mon Sep 17 00:00:00 2001 From: danielm-codefresh Date: Thu, 2 Nov 2023 13:11:25 +0200 Subject: [PATCH 341/356] Upgrade ArgoCD --- charts/argo-cd/Chart.yaml | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index f3a562ba4..20da3b0c8 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -1,9 +1,9 @@ apiVersion: v2 -appVersion: v2.8.1-cap-CR-not-setup-kustomize-ns +appVersion: v2.8.1-cap-CR-20837 kubeVersion: ">=1.23.0-0" description: A Helm chart for Argo CD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 5.46.2-3-cap-CR-not-setup-kustomize-ns +version: 5.46.2-4-cap-CR-20837 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png sources: @@ -27,4 +27,4 @@ annotations: url: https://argoproj.github.io/argo-helm/pgp_keys.asc artifacthub.io/changes: | - kind: changed - description: Update ArgoCD version to v2.8.1-cap-CR-not-setup-kustomize-ns + description: Update ArgoCD version to v2.8.1-cap-CR-20837 From 6c8c4851d145cf31ee1cd311da1979a5e1ca6948 Mon Sep 17 00:00:00 2001 From: Ilia Medvedev Date: Thu, 2 Nov 2023 15:53:24 +0200 Subject: [PATCH 342/356] update helm chart testing action --- .github/workflows/lint-and-test.yml | 4 ++-- scripts/lint.sh | 2 +- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/.github/workflows/lint-and-test.yml b/.github/workflows/lint-and-test.yml index f717c3229..9d5469358 100644 --- a/.github/workflows/lint-and-test.yml +++ b/.github/workflows/lint-and-test.yml @@ -38,10 +38,10 @@ jobs: - name: Setup Chart Linting id: lint - uses: helm/chart-testing-action@e8788873172cb653a90ca2e819d79d65a66d4e76 # v2.4.0 + uses: helm/chart-testing-action@b43128a8b25298e1e7b043b78ea6613844e079b1 # v2.6.0 with: # Note: Also update in scripts/lint.sh - version: v3.7.1 + version: v3.10.0 - name: List changed charts id: list-changed diff --git a/scripts/lint.sh b/scripts/lint.sh index b44a6cee4..6061adb5f 100755 --- a/scripts/lint.sh +++ b/scripts/lint.sh @@ -9,7 +9,7 @@ echo -e "\n-- Linting all Helm Charts --\n" docker run \ -v "$SRCROOT:/workdir" \ --entrypoint /bin/sh \ - quay.io/helmpack/chart-testing:v3.7.1 \ + quay.io/helmpack/chart-testing:v3.10.0 \ -c cd /workdir \ ct lint \ --config .github/configs/ct-lint.yaml \ From 5add6e6a76415a2cb02416839597130b02e04630 Mon Sep 17 00:00:00 2001 From: Ilia Medvedev Date: Thu, 2 Nov 2023 15:58:37 +0200 Subject: [PATCH 343/356] update helm chart testing action --- scripts/lint.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/scripts/lint.sh b/scripts/lint.sh index 6061adb5f..b24234e93 100755 --- a/scripts/lint.sh +++ b/scripts/lint.sh @@ -14,4 +14,4 @@ docker run \ ct lint \ --config .github/configs/ct-lint.yaml \ --lint-conf .github/configs/lintconf.yaml \ - --debug + --debug \ No newline at end of file From af9deb5ed2db56478a9dfbabb820ab9903d79334 Mon Sep 17 00:00:00 2001 From: Ilia Medvedev Date: Thu, 2 Nov 2023 16:00:59 +0200 Subject: [PATCH 344/356] update helm chart testing action --- .github/configs/ct-lint.yaml | 1 - 1 file changed, 1 deletion(-) diff --git a/.github/configs/ct-lint.yaml b/.github/configs/ct-lint.yaml index 9af3431d5..8aeefe89c 100644 --- a/.github/configs/ct-lint.yaml +++ b/.github/configs/ct-lint.yaml @@ -6,7 +6,6 @@ charts: - charts/argo-cd chart-repos: - dandydeveloper=https://dandydeveloper.github.io/charts/ -helm-extra-args: "--timeout 600s" validate-chart-schema: false validate-maintainers: true validate-yaml: true From 82e2bf4e3c3211e23c90cedfbc0f59040bb2d85a Mon Sep 17 00:00:00 2001 From: Ilia Medvedev Date: Wed, 15 Nov 2023 20:21:14 +0200 Subject: [PATCH 345/356] update templates and values --- charts/argo-rollouts/Chart.yaml | 5 ----- 1 file changed, 5 deletions(-) diff --git a/charts/argo-rollouts/Chart.yaml b/charts/argo-rollouts/Chart.yaml index 1e917ca4b..6d343fdce 100644 --- a/charts/argo-rollouts/Chart.yaml +++ b/charts/argo-rollouts/Chart.yaml @@ -18,10 +18,5 @@ annotations: fingerprint: 2B8F22F57260EFA67BE1C5824B11F800CD9D2252 url: https://argoproj.github.io/argo-helm/pgp_keys.asc artifacthub.io/changes: | -<<<<<<< HEAD - - kind: changed - description: Upgrade Argo Rollouts to v1.6.0 -======= - kind: fixed description: Update AnalysisRun CRD to match upstream ->>>>>>> argo-cd-5.50.1 From e7cb3267161dc420c9e915ed218dc2212b583bcd Mon Sep 17 00:00:00 2001 From: Ilia Medvedev Date: Wed, 15 Nov 2023 22:26:40 +0200 Subject: [PATCH 346/356] switch redis repo --- charts/argo-cd/values.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/charts/argo-cd/values.yaml b/charts/argo-cd/values.yaml index 05da696ba..df20106e4 100644 --- a/charts/argo-cd/values.yaml +++ b/charts/argo-cd/values.yaml @@ -1169,7 +1169,7 @@ redis: ## Redis image image: # -- Redis repository - repository: quay.io/codefresh/redis + repository: public.ecr.aws/docker/library/redis # -- Redis tag tag: 7.0.13-alpine # -- Redis image pull policy From 0b0940e6a2417c624fead4166e9e9f60f9a1c0f1 Mon Sep 17 00:00:00 2001 From: Ilia Medvedev Date: Wed, 15 Nov 2023 22:27:51 +0200 Subject: [PATCH 347/356] switch redis repo --- charts/argo-cd/README.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/charts/argo-cd/README.md b/charts/argo-cd/README.md index fd4d61e17..406356606 100644 --- a/charts/argo-cd/README.md +++ b/charts/argo-cd/README.md @@ -951,7 +951,7 @@ server: | redis.extraArgs | list | `[]` | Additional command line arguments to pass to redis-server | | redis.extraContainers | list | `[]` | Additional containers to be added to the redis pod | | redis.image.imagePullPolicy | string | `""` (defaults to global.image.imagePullPolicy) | Redis image pull policy | -| redis.image.repository | string | `"quay.io/codefresh/redis"` | Redis repository | +| redis.image.repository | string | `"public.ecr.aws/docker/library/redis"` | Redis repository | | redis.image.tag | string | `"7.0.13-alpine"` | Redis tag | | redis.imagePullSecrets | list | `[]` (defaults to global.imagePullSecrets) | Secrets with credentials to pull images from a private registry | | redis.initContainers | list | `[]` | Init containers to add to the redis pod | From 8925cc87bca38eea3c1ccd9c31486a12426e50e2 Mon Sep 17 00:00:00 2001 From: Ilia Medvedev Date: Wed, 15 Nov 2023 23:10:15 +0200 Subject: [PATCH 348/356] fix other charts issues --- .../templates/controller/workflow-controller-config-map.yaml | 3 --- .../argo-workflows/templates/server/server-cluster-roles.yaml | 2 -- 2 files changed, 5 deletions(-) diff --git a/charts/argo-workflows/templates/controller/workflow-controller-config-map.yaml b/charts/argo-workflows/templates/controller/workflow-controller-config-map.yaml index a7c2cf2be..d4728a30f 100644 --- a/charts/argo-workflows/templates/controller/workflow-controller-config-map.yaml +++ b/charts/argo-workflows/templates/controller/workflow-controller-config-map.yaml @@ -177,8 +177,6 @@ data: {{- with .Values.controller.retentionPolicy }} retentionPolicy: {{- toYaml . | nindent 6 }} {{- end }} -<<<<<<< HEAD -======= {{- with .Values.emissary.images }} images: {{- toYaml . | nindent 6 }} {{- end }} @@ -193,4 +191,3 @@ data: {{- with .Values.controller.podGCDeleteDelayDuration }} podGCDeleteDelayDuration: {{ . }} {{- end }} ->>>>>>> argo-cd-5.27.1 diff --git a/charts/argo-workflows/templates/server/server-cluster-roles.yaml b/charts/argo-workflows/templates/server/server-cluster-roles.yaml index 190fccece..56d4dcaaa 100644 --- a/charts/argo-workflows/templates/server/server-cluster-roles.yaml +++ b/charts/argo-workflows/templates/server/server-cluster-roles.yaml @@ -31,8 +31,6 @@ rules: - list - watch - delete -<<<<<<< HEAD -======= - apiGroups: - "" resources: From f44327fdaf528f793c53a4bfb8c086252e03a4fb Mon Sep 17 00:00:00 2001 From: Yaroslav Drachenko Date: Tue, 28 Nov 2023 18:36:41 +0200 Subject: [PATCH 349/356] CR-21441 -- add event reporter as argocd component (#31) * almost final statefulset * final statefulset * add metrics * add role * add rolebinding * add serviceaccount.yaml * add servicemonitor.yaml + update values * add prometheusrule.yaml * add networkpolicy.yaml * add pdb * add cluster roles * change version + add change * fix indents * fix doc * update docs * disable event reporter by default * disable old reporter by value * add missing docs * update chart * update docs * remove hardcoded defaults + add correct template for argocd-cm * use production version of argo-cd * update default amount of reporter replicas * fix values and docs * fix metrics service --- charts/argo-cd/Chart.yaml | 10 +- charts/argo-cd/README.md | 73 +++++ charts/argo-cd/templates/_helpers.tpl | 17 ++ .../templates/argocd-configs/argocd-cm.yaml | 4 + .../templates/event-reporter/clusterrole.yaml | 26 ++ .../event-reporter/clusterrolebinding.yaml | 19 ++ .../templates/event-reporter/metrics.yaml | 34 +++ .../event-reporter/networkpolicy.yaml | 20 ++ .../argo-cd/templates/event-reporter/pdb.yaml | 27 ++ .../event-reporter/prometheusrule.yaml | 24 ++ .../templates/event-reporter/role.yaml | 44 +++ .../templates/event-reporter/rolebinding.yaml | 17 ++ .../event-reporter/serviceaccount.yaml | 19 ++ .../event-reporter/servicemonitor.yaml | 47 +++ .../templates/event-reporter/statefulset.yaml | 275 +++++++++++++++++ charts/argo-cd/values.yaml | 279 ++++++++++++++++++ 16 files changed, 932 insertions(+), 3 deletions(-) create mode 100644 charts/argo-cd/templates/event-reporter/clusterrole.yaml create mode 100644 charts/argo-cd/templates/event-reporter/clusterrolebinding.yaml create mode 100644 charts/argo-cd/templates/event-reporter/metrics.yaml create mode 100644 charts/argo-cd/templates/event-reporter/networkpolicy.yaml create mode 100644 charts/argo-cd/templates/event-reporter/pdb.yaml create mode 100644 charts/argo-cd/templates/event-reporter/prometheusrule.yaml create mode 100644 charts/argo-cd/templates/event-reporter/role.yaml create mode 100644 charts/argo-cd/templates/event-reporter/rolebinding.yaml create mode 100644 charts/argo-cd/templates/event-reporter/serviceaccount.yaml create mode 100644 charts/argo-cd/templates/event-reporter/servicemonitor.yaml create mode 100644 charts/argo-cd/templates/event-reporter/statefulset.yaml diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index 7ec6e0114..db605e05a 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -1,9 +1,9 @@ apiVersion: v2 -appVersion: v2.8.1-cap-CR-20837 +appVersion: v2.8.1-cap-CR-21281-new-reporter kubeVersion: ">=1.23.0-0" description: A Helm chart for Argo CD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 5.50.1-0-cap-CR-20837 +version: 5.50.1-1-cap-CR-21429 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png sources: @@ -26,5 +26,9 @@ annotations: fingerprint: 2B8F22F57260EFA67BE1C5824B11F800CD9D2252 url: https://argoproj.github.io/argo-helm/pgp_keys.asc artifacthub.io/changes: | + - kind: added + description: Add event reporter as a separate component - kind: changed - description: Update ArgoCD version to v2.8.1-cap-CR-20837 + description: Update ArgoCD version to v2.8.1-cap-CR-21281-new-reporter + - kind: changed + description: Add ability to switch between reporters diff --git a/charts/argo-cd/README.md b/charts/argo-cd/README.md index 406356606..e1d141ce3 100644 --- a/charts/argo-cd/README.md +++ b/charts/argo-cd/README.md @@ -390,6 +390,79 @@ NAME: my-release | crds.keep | bool | `true` | Keep CRDs on chart uninstall | | createAggregateRoles | bool | `false` | Create aggregated roles that extend existing cluster roles to interact with argo-cd resources | | createClusterRoles | bool | `true` | Create cluster roles for cluster-wide installation. | +| eventReporter.affinity | object | `{}` (defaults to global.affinity preset) | Assign custom [affinity] rules to the deployment | +| eventReporter.clusterRoleRules.enabled | bool | `false` | Enable custom rules for the event reporter's ClusterRole resource | +| eventReporter.clusterRoleRules.rules | list | `[]` | List of custom rules for the event reporter's ClusterRole resource | +| eventReporter.containerPorts.health | int | `8088` | | +| eventReporter.containerPorts.metrics | int | `8087` | Metrics container port | +| eventReporter.containerSecurityContext | object | See [values.yaml] | Event reporter container-level security context | +| eventReporter.dnsConfig | object | `{}` | [DNS configuration] | +| eventReporter.dnsPolicy | string | `"ClusterFirst"` | Alternative DNS policy for event reporter pods | +| eventReporter.enabled | bool | `false` | | +| eventReporter.env | list | `[]` | Environment variables to pass to event reporter | +| eventReporter.envFrom | list | `[]` (See [values.yaml]) | envFrom to pass to event reporter | +| eventReporter.extraArgs | list | `[]` | Additional command line arguments to pass to event reporter | +| eventReporter.extraContainers | list | `[]` | Additional containers to be added to the event reporter pod | +| eventReporter.hostNetwork | bool | `false` | Host Network for event reporter pods | +| eventReporter.image.imagePullPolicy | string | `""` (defaults to global.image.imagePullPolicy) | Image pull policy for the event reporter | +| eventReporter.image.repository | string | `""` (defaults to global.image.repository) | Repository to use for the event reporter | +| eventReporter.image.tag | string | `""` (defaults to global.image.tag) | Tag to use for the event reporter | +| eventReporter.imagePullSecrets | list | `[]` (defaults to global.imagePullSecrets) | Secrets with credentials to pull images from a private registry | +| eventReporter.initContainers | list | `[]` | Init containers to add to the event reporter pod | +| eventReporter.metrics.applicationLabels.enabled | bool | `false` | Enables additional labels in argocd_app_labels metric | +| eventReporter.metrics.applicationLabels.labels | list | `[]` | Additional labels | +| eventReporter.metrics.enabled | bool | `false` | Deploy metrics service | +| eventReporter.metrics.rules.additionalLabels | object | `{}` | PrometheusRule labels | +| eventReporter.metrics.rules.annotations | object | `{}` | PrometheusRule annotations | +| eventReporter.metrics.rules.enabled | bool | `false` | Deploy a PrometheusRule for the event reporter | +| eventReporter.metrics.rules.namespace | string | `""` | PrometheusRule namespace | +| eventReporter.metrics.rules.selector | object | `{}` | PrometheusRule selector | +| eventReporter.metrics.rules.spec | list | `[]` | PrometheusRule.Spec for the event reporter | +| eventReporter.metrics.service.annotations | object | `{}` | Metrics service annotations | +| eventReporter.metrics.service.clusterIP | string | `""` | Metrics service clusterIP. `None` makes a "headless service" (no virtual IP) | +| eventReporter.metrics.service.labels | object | `{}` | Metrics service labels | +| eventReporter.metrics.service.portName | string | `"http-metrics"` | Metrics service port name | +| eventReporter.metrics.service.servicePort | int | `8087` | Metrics service port | +| eventReporter.metrics.service.type | string | `"ClusterIP"` | Metrics service type | +| eventReporter.metrics.serviceMonitor.additionalLabels | object | `{}` | Prometheus ServiceMonitor labels | +| eventReporter.metrics.serviceMonitor.annotations | object | `{}` | Prometheus ServiceMonitor annotations | +| eventReporter.metrics.serviceMonitor.enabled | bool | `false` | Enable a prometheus ServiceMonitor | +| eventReporter.metrics.serviceMonitor.interval | string | `"30s"` | Prometheus ServiceMonitor interval | +| eventReporter.metrics.serviceMonitor.metricRelabelings | list | `[]` | Prometheus [MetricRelabelConfigs] to apply to samples before ingestion | +| eventReporter.metrics.serviceMonitor.namespace | string | `""` | Prometheus ServiceMonitor namespace | +| eventReporter.metrics.serviceMonitor.relabelings | list | `[]` | Prometheus [RelabelConfigs] to apply to samples before scraping | +| eventReporter.metrics.serviceMonitor.scheme | string | `""` | Prometheus ServiceMonitor scheme | +| eventReporter.metrics.serviceMonitor.selector | object | `{}` | Prometheus ServiceMonitor selector | +| eventReporter.metrics.serviceMonitor.tlsConfig | object | `{}` | Prometheus ServiceMonitor tlsConfig | +| eventReporter.name | string | `"event-reporter"` | | +| eventReporter.nodeSelector | object | `{}` (defaults to global.nodeSelector) | [Node selector] | +| eventReporter.pdb.annotations | object | `{}` | Annotations to be added to event reporter pdb | +| eventReporter.pdb.enabled | bool | `false` | Deploy a [PodDisruptionBudget] for the event reporter | +| eventReporter.pdb.labels | object | `{}` | Labels to be added to event reporter pdb | +| eventReporter.pdb.maxUnavailable | string | `""` | Number of pods that are unavailable after eviction as number or percentage (eg.: 50%). | +| eventReporter.pdb.minAvailable | string | `""` (defaults to 0 if not specified) | Number of pods that are available after eviction as number or percentage (eg.: 50%) | +| eventReporter.podAnnotations | object | `{}` | Annotations to be added to event reporter pods | +| eventReporter.podLabels | object | `{}` | Labels to be added to event reporter pods | +| eventReporter.priorityClassName | string | `""` (defaults to global.priorityClassName) | Priority class for the event reporter pods | +| eventReporter.readinessProbe.failureThreshold | int | `3` | Minimum consecutive failures for the [probe] to be considered failed after having succeeded | +| eventReporter.readinessProbe.initialDelaySeconds | int | `10` | Number of seconds after the container has started before [probe] is initiated | +| eventReporter.readinessProbe.periodSeconds | int | `10` | How often (in seconds) to perform the [probe] | +| eventReporter.readinessProbe.successThreshold | int | `1` | Minimum consecutive successes for the [probe] to be considered successful after having failed | +| eventReporter.readinessProbe.timeoutSeconds | int | `1` | Number of seconds after which the [probe] times out | +| eventReporter.replicas | int | `3` | | +| eventReporter.resources | object | `{}` | Resource limits and requests for the event reporter pods | +| eventReporter.serviceAccount.annotations | object | `{}` | Annotations applied to created service account | +| eventReporter.serviceAccount.automountServiceAccountToken | bool | `true` | Automount API credentials for the Service Account | +| eventReporter.serviceAccount.create | bool | `true` | Create a service account for the event reporter | +| eventReporter.serviceAccount.labels | object | `{}` | Labels applied to created service account | +| eventReporter.serviceAccount.name | string | `"event-reporter"` | Service account name | +| eventReporter.statefulsetAnnotations | object | `{}` | Annotations for the event reporter StatefulSet | +| eventReporter.terminationGracePeriodSeconds | int | `30` | terminationGracePeriodSeconds for container lifecycle hook | +| eventReporter.tolerations | list | `[]` (defaults to global.tolerations) | [Tolerations] for use with node taints | +| eventReporter.topologySpreadConstraints | list | `[]` (defaults to global.topologySpreadConstraints) | Assign custom [TopologySpreadConstraints] rules to the event reporter | +| eventReporter.version | string | `"v1"` | | +| eventReporter.volumeMounts | list | `[]` | Additional volumeMounts to the event reporter main container | +| eventReporter.volumes | list | `[]` | Additional volumes to the event reporter pod | | extraObjects | list | `[]` | Array of extra K8s manifests to deploy | | fullnameOverride | string | `""` | String to fully override `"argo-cd.fullname"` | | kubeVersionOverride | string | `""` | Override the Kubernetes version, which is used to evaluate certain manifests | diff --git a/charts/argo-cd/templates/_helpers.tpl b/charts/argo-cd/templates/_helpers.tpl index b5d62a6ab..e347f7f1f 100644 --- a/charts/argo-cd/templates/_helpers.tpl +++ b/charts/argo-cd/templates/_helpers.tpl @@ -216,3 +216,20 @@ Merge Argo Params Configuration with Preset Configuration {{ $key }}: {{ toString $value | toYaml }} {{- end }} {{- end -}} + +{{/* +Create event reporter name and version as used by the chart label. +*/}} +{{- define "argo-cd.event-reporter.fullname" -}} +{{- printf "%s-%s" (include "argo-cd.fullname" .) .Values.eventReporter.name | trunc 63 | trimSuffix "-" -}} +{{- end -}} +{{/* +Create the name of the Argo CD server service account to use +*/}} +{{- define "argo-cd.eventReporterServiceAccountName" -}} +{{- if .Values.eventReporter.serviceAccount.create -}} + {{ default (include "argo-cd.event-reporter.fullname" .) .Values.eventReporter.serviceAccount.name }} +{{- else -}} + {{ default "default" .Values.eventReporter.serviceAccount.name }} +{{- end -}} +{{- end -}} diff --git a/charts/argo-cd/templates/argocd-configs/argocd-cm.yaml b/charts/argo-cd/templates/argocd-configs/argocd-cm.yaml index 829a67769..d1e3ad7a1 100644 --- a/charts/argo-cd/templates/argocd-configs/argocd-cm.yaml +++ b/charts/argo-cd/templates/argocd-configs/argocd-cm.yaml @@ -14,4 +14,8 @@ metadata: {{- end }} data: {{- include "argo-cd.config.cm" . | trim | nindent 2 }} + + {{- if and .Values.eventReporter.enabled .Values.eventReporter.version }} + codefresh.reporterVersion: {{ .Values.eventReporter.version | quote }} + {{- end }} {{- end }} diff --git a/charts/argo-cd/templates/event-reporter/clusterrole.yaml b/charts/argo-cd/templates/event-reporter/clusterrole.yaml new file mode 100644 index 000000000..7cfa13636 --- /dev/null +++ b/charts/argo-cd/templates/event-reporter/clusterrole.yaml @@ -0,0 +1,26 @@ +{{- if .Values.eventReporter.enabled }} +{{- $config := .Values.eventReporter.clusterAdminAccess | default dict -}} +{{- if hasKey $config "enabled" | ternary $config.enabled .Values.createClusterRoles }} +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRole +metadata: + name: {{ include "argo-cd.event-reporter.fullname" . }} + labels: + {{- include "argo-cd.labels" (dict "context" . "component" .Values.eventReporter.name "name" .Values.eventReporter.name) | nindent 4 }} +rules: + {{- if .Values.eventReporter.clusterRoleRules.enabled }} + {{- toYaml .Values.eventReporter.clusterRoleRules.rules | nindent 2 }} + {{- else }} + - apiGroups: + - '*' + resources: + - '*' + verbs: + - '*' + - nonResourceURLs: + - '*' + verbs: + - '*' + {{- end }} +{{- end }} +{{- end }} diff --git a/charts/argo-cd/templates/event-reporter/clusterrolebinding.yaml b/charts/argo-cd/templates/event-reporter/clusterrolebinding.yaml new file mode 100644 index 000000000..27a413dec --- /dev/null +++ b/charts/argo-cd/templates/event-reporter/clusterrolebinding.yaml @@ -0,0 +1,19 @@ +{{- if .Values.eventReporter.enabled }} +{{- $config := .Values.eventReporter.clusterAdminAccess | default dict -}} +{{- if hasKey $config "enabled" | ternary $config.enabled .Values.createClusterRoles }} +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRoleBinding +metadata: + name: {{ include "argo-cd.event-reporter.fullname" . }} + labels: + {{- include "argo-cd.labels" (dict "context" . "component" .Values.eventReporter.name "name" .Values.eventReporter.name) | nindent 4 }} +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: ClusterRole + name: {{ include "argo-cd.event-reporter.fullname" . }} +subjects: +- kind: ServiceAccount + name: {{ include "argo-cd.eventReporterServiceAccountName" . }} + namespace: {{ .Release.Namespace }} +{{- end }} +{{- end }} diff --git a/charts/argo-cd/templates/event-reporter/metrics.yaml b/charts/argo-cd/templates/event-reporter/metrics.yaml new file mode 100644 index 000000000..b18cd29d9 --- /dev/null +++ b/charts/argo-cd/templates/event-reporter/metrics.yaml @@ -0,0 +1,34 @@ +{{- if and .Values.eventReporter.enabled .Values.eventReporter.metrics.enabled }} +apiVersion: v1 +kind: Service +metadata: + name: {{ include "argo-cd.event-reporter.fullname" . }}-metrics + namespace: {{ .Release.Namespace | quote }} + labels: + {{- include "argo-cd.labels" (dict "context" . "component" .Values.eventReporter.name "name" (printf "%s-metrics" .Values.eventReporter.name)) | nindent 4 }} + {{- with .Values.eventReporter.metrics.service.labels }} + {{- toYaml . | nindent 4 }} + {{- end }} + {{- if or .Values.eventReporter.metrics.service.annotations .Values.global.addPrometheusAnnotations }} + annotations: + {{- if .Values.global.addPrometheusAnnotations }} + prometheus.io/port: {{ .Values.eventReporter.metrics.service.servicePort | quote }} + prometheus.io/scrape: "true" + {{- end }} + {{- range $key, $value := .Values.eventReporter.metrics.service.annotations }} + {{ $key }}: {{ $value | quote }} + {{- end }} + {{- end }} +spec: + type: {{ .Values.eventReporter.metrics.service.type }} + {{- if and .Values.eventReporter.metrics.service.clusterIP (eq .Values.eventReporter.metrics.service.type "ClusterIP") }} + clusterIP: {{ .Values.eventReporter.metrics.service.clusterIP }} + {{- end }} + ports: + - name: {{ .Values.eventReporter.metrics.service.portName }} + protocol: TCP + port: {{ .Values.eventReporter.metrics.service.servicePort }} + targetPort: metrics + selector: + {{- include "argo-cd.selectorLabels" (dict "context" . "name" .Values.eventReporter.name) | nindent 4 }} +{{- end }} diff --git a/charts/argo-cd/templates/event-reporter/networkpolicy.yaml b/charts/argo-cd/templates/event-reporter/networkpolicy.yaml new file mode 100644 index 000000000..5ea632900 --- /dev/null +++ b/charts/argo-cd/templates/event-reporter/networkpolicy.yaml @@ -0,0 +1,20 @@ +{{- if and .Values.eventReporter.enabled .Values.global.networkPolicy.create }} +apiVersion: networking.k8s.io/v1 +kind: NetworkPolicy +metadata: + labels: + {{- include "argo-cd.labels" (dict "context" . "component" .Values.eventReporter.name "name" .Values.eventReporter.name) | nindent 4 }} + name: {{ template "argo-cd.event-reporter.fullname" . }} + namespace: {{ .Release.Namespace | quote }} +spec: + ingress: + - from: + - namespaceSelector: {} + ports: + - port: metrics + podSelector: + matchLabels: + {{- include "argo-cd.selectorLabels" (dict "context" . "name" .Values.eventReporter.name) | nindent 6 }} + policyTypes: + - Ingress +{{- end }} diff --git a/charts/argo-cd/templates/event-reporter/pdb.yaml b/charts/argo-cd/templates/event-reporter/pdb.yaml new file mode 100644 index 000000000..9cc50321a --- /dev/null +++ b/charts/argo-cd/templates/event-reporter/pdb.yaml @@ -0,0 +1,27 @@ +{{- if and .Values.eventReporter.enabled .Values.eventReporter.pdb.enabled }} +apiVersion: policy/v1 +kind: PodDisruptionBudget +metadata: + name: {{ include "argo-cd.event-reporter.fullname" . }} + namespace: {{ .Release.Namespace | quote }} + labels: + {{- include "argo-cd.labels" (dict "context" . "component" .Values.eventReporter.name "name" .Values.eventReporter.name) | nindent 4 }} + {{- with .Values.eventReporter.pdb.labels }} + {{- toYaml . | nindent 4 }} + {{- end }} + {{- with .Values.eventReporter.pdb.annotations }} + annotations: + {{- range $key, $value := . }} + {{ $key }}: {{ $value | quote }} + {{- end }} + {{- end }} +spec: + {{- with .Values.eventReporter.pdb.maxUnavailable }} + maxUnavailable: {{ . }} + {{- else }} + minAvailable: {{ .Values.eventReporter.pdb.minAvailable | default 0 }} + {{- end }} + selector: + matchLabels: + {{- include "argo-cd.selectorLabels" (dict "context" . "name" .Values.eventReporter.name) | nindent 6 }} +{{- end }} diff --git a/charts/argo-cd/templates/event-reporter/prometheusrule.yaml b/charts/argo-cd/templates/event-reporter/prometheusrule.yaml new file mode 100644 index 000000000..3b3617bc1 --- /dev/null +++ b/charts/argo-cd/templates/event-reporter/prometheusrule.yaml @@ -0,0 +1,24 @@ +{{- if and .Values.eventReporter.enabled .Values.eventReporter.metrics.enabled .Values.eventReporter.metrics.rules.enabled }} +apiVersion: monitoring.coreos.com/v1 +kind: PrometheusRule +metadata: + name: {{ template "argo-cd.event-reporter.fullname" . }} + namespace: {{ default .Release.Namespace .Values.eventReporter.metrics.rules.namespace | quote }} + labels: + {{- include "argo-cd.labels" (dict "context" . "component" .Values.eventReporter.name "name" .Values.eventReporter.name) | nindent 4 }} + {{- if .Values.eventReporter.metrics.rules.selector }} +{{- toYaml .Values.eventReporter.metrics.rules.selector | nindent 4 }} + {{- end }} + {{- if .Values.eventReporter.metrics.rules.additionalLabels }} +{{- toYaml .Values.eventReporter.metrics.rules.additionalLabels | nindent 4 }} + {{- end }} + {{- with .Values.eventReporter.metrics.rules.annotations }} + annotations: + {{- toYaml . | nindent 4 }} + {{- end }} +spec: + groups: + - name: argocd + rules: +{{- toYaml .Values.eventReporter.metrics.rules.spec | nindent 4 }} +{{- end }} diff --git a/charts/argo-cd/templates/event-reporter/role.yaml b/charts/argo-cd/templates/event-reporter/role.yaml new file mode 100644 index 000000000..ee8b87a4d --- /dev/null +++ b/charts/argo-cd/templates/event-reporter/role.yaml @@ -0,0 +1,44 @@ +{{- if .Values.eventReporter.enabled }} +apiVersion: rbac.authorization.k8s.io/v1 +kind: Role +metadata: + name: {{ template "argo-cd.event-reporter.fullname" . }} + namespace: {{ .Release.Namespace | quote }} + labels: + {{- include "argo-cd.labels" (dict "context" . "component" .Values.eventReporter.name "name" .Values.eventReporter.name) | nindent 4 }} +rules: +- apiGroups: + - "" + resources: + - secrets + - configmaps + verbs: + - create + - get + - list + - watch + - update + - patch + - delete +- apiGroups: + - argoproj.io + resources: + - applications + - appprojects + - applicationsets + verbs: + - create + - get + - list + - watch + - update + - delete + - patch +- apiGroups: + - "" + resources: + - events + verbs: + - create + - list +{{- end }} diff --git a/charts/argo-cd/templates/event-reporter/rolebinding.yaml b/charts/argo-cd/templates/event-reporter/rolebinding.yaml new file mode 100644 index 000000000..3e0a5bec6 --- /dev/null +++ b/charts/argo-cd/templates/event-reporter/rolebinding.yaml @@ -0,0 +1,17 @@ +{{- if .Values.eventReporter.enabled }} +apiVersion: rbac.authorization.k8s.io/v1 +kind: RoleBinding +metadata: + name: {{ template "argo-cd.event-reporter.fullname" . }} + namespace: {{ .Release.Namespace | quote }} + labels: + {{- include "argo-cd.labels" (dict "context" . "component" .Values.eventReporter.name "name" .Values.eventReporter.name) | nindent 4 }} +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: Role + name: {{ template "argo-cd.event-reporter.fullname" . }} +subjects: +- kind: ServiceAccount + name: {{ template "argo-cd.eventReporterServiceAccountName" . }} + namespace: {{ .Release.Namespace }} +{{- end }} diff --git a/charts/argo-cd/templates/event-reporter/serviceaccount.yaml b/charts/argo-cd/templates/event-reporter/serviceaccount.yaml new file mode 100644 index 000000000..7f94d89be --- /dev/null +++ b/charts/argo-cd/templates/event-reporter/serviceaccount.yaml @@ -0,0 +1,19 @@ +{{- if and .Values.eventReporter.enabled .Values.eventReporter.serviceAccount.create }} +apiVersion: v1 +kind: ServiceAccount +automountServiceAccountToken: {{ .Values.eventReporter.serviceAccount.automountServiceAccountToken }} +metadata: + name: {{ template "argo-cd.eventReporterServiceAccountName" . }} + namespace: {{ .Release.Namespace | quote }} +{{- if .Values.eventReporter.serviceAccount.annotations }} + annotations: + {{- range $key, $value := .Values.eventReporter.serviceAccount.annotations }} + {{ $key }}: {{ $value | quote }} + {{- end }} +{{- end }} + labels: + {{- include "argo-cd.labels" (dict "context" . "component" .Values.eventReporter.name "name" .Values.eventReporter.name) | nindent 4 }} + {{- range $key, $value := .Values.eventReporter.serviceAccount.labels }} + {{ $key }}: {{ $value | quote }} + {{- end }} +{{- end }} diff --git a/charts/argo-cd/templates/event-reporter/servicemonitor.yaml b/charts/argo-cd/templates/event-reporter/servicemonitor.yaml new file mode 100644 index 000000000..79f7e2e3e --- /dev/null +++ b/charts/argo-cd/templates/event-reporter/servicemonitor.yaml @@ -0,0 +1,47 @@ +{{- if and (.Capabilities.APIVersions.Has "monitoring.coreos.com/v1") .Values.eventReporter.enabled .Values.eventReporter.metrics.enabled .Values.eventReporter.metrics.serviceMonitor.enabled }} +apiVersion: monitoring.coreos.com/v1 +kind: ServiceMonitor +metadata: + name: {{ template "argo-cd.event-reporter.fullname" . }} + namespace: {{ default .Release.Namespace .Values.eventReporter.metrics.serviceMonitor.namespace | quote }} + labels: + {{- include "argo-cd.labels" (dict "context" . "component" .Values.eventReporter.name "name" .Values.eventReporter.name) | nindent 4 }} + {{- with .Values.eventReporter.metrics.serviceMonitor.selector }} + {{- toYaml . | nindent 4 }} + {{- end }} + {{- with .Values.eventReporter.metrics.serviceMonitor.additionalLabels }} + {{- toYaml . | nindent 4 }} + {{- end }} + {{- with .Values.eventReporter.metrics.serviceMonitor.annotations }} + annotations: + {{- toYaml . | nindent 4 }} + {{- end }} +spec: + endpoints: + - port: {{ .Values.eventReporter.metrics.service.portName }} + {{- with .Values.eventReporter.metrics.serviceMonitor.interval }} + interval: {{ . }} + {{- end }} + path: /metrics + {{- with .Values.eventReporter.metrics.serviceMonitor.relabelings }} + relabelings: + {{- toYaml . | nindent 8 }} + {{- end }} + {{- with .Values.eventReporter.metrics.serviceMonitor.metricRelabelings }} + metricRelabelings: + {{- toYaml . | nindent 8 }} + {{- end }} + {{- with .Values.eventReporter.metrics.serviceMonitor.scheme }} + scheme: {{ . }} + {{- end }} + {{- with .Values.eventReporter.metrics.serviceMonitor.tlsConfig }} + tlsConfig: + {{- toYaml . | nindent 8 }} + {{- end }} + namespaceSelector: + matchNames: + - {{ .Release.Namespace }} + selector: + matchLabels: + {{- include "argo-cd.selectorLabels" (dict "context" . "component" .Values.eventReporter.name "name" "metrics") | nindent 6 }} +{{- end }} diff --git a/charts/argo-cd/templates/event-reporter/statefulset.yaml b/charts/argo-cd/templates/event-reporter/statefulset.yaml new file mode 100644 index 000000000..cb8d9f38b --- /dev/null +++ b/charts/argo-cd/templates/event-reporter/statefulset.yaml @@ -0,0 +1,275 @@ +{{- if .Values.eventReporter.enabled }} +apiVersion: apps/v1 +kind: StatefulSet +metadata: + {{- with (mergeOverwrite (deepCopy .Values.global.statefulsetAnnotations) .Values.eventReporter.statefulsetAnnotations) }} + annotations: + {{- range $key, $value := . }} + {{ $key }}: {{ $value | quote }} + {{- end }} + {{- end }} + name: {{ template "argo-cd.event-reporter.fullname" . }} + namespace: {{ .Release.Namespace | quote }} + labels: + {{- include "argo-cd.labels" (dict "context" . "component" .Values.eventReporter.name "name" .Values.eventReporter.name) | nindent 4 }} +spec: + replicas: {{ .Values.eventReporter.replicas }} + # TODO: Remove for breaking release as history limit cannot be patched + revisionHistoryLimit: 5 + serviceName: {{ include "argo-cd.event-reporter.fullname" . }} + selector: + matchLabels: + {{- include "argo-cd.selectorLabels" (dict "context" . "name" .Values.eventReporter.name) | nindent 6 }} + template: + metadata: + annotations: + checksum/cmd-params: {{ include (print $.Template.BasePath "/argocd-configs/argocd-cmd-params-cm.yaml") . | sha256sum }} + {{- if (hasKey .Values.server "configEnabled") | ternary .Values.server.configEnabled .Values.configs.cm.create }} + checksum/cm: {{ include (print $.Template.BasePath "/argocd-configs/argocd-cm.yaml") . | sha256sum }} + {{- end }} + {{- with (mergeOverwrite (deepCopy .Values.global.podAnnotations) .Values.eventReporter.podAnnotations) }} + {{- range $key, $value := . }} + {{ $key }}: {{ $value | quote }} + {{- end }} + {{- end }} + labels: + {{- include "argo-cd.labels" (dict "context" . "component" .Values.eventReporter.name "name" .Values.eventReporter.name) | nindent 8 }} + {{- with (mergeOverwrite (deepCopy .Values.global.podLabels) .Values.eventReporter.podLabels) }} + {{- toYaml . | nindent 8 }} + {{- end }} + spec: + {{- with .Values.eventReporter.imagePullSecrets | default .Values.global.imagePullSecrets }} + imagePullSecrets: + {{- toYaml . | nindent 8 }} + {{- end }} + {{- with .Values.global.hostAliases }} + hostAliases: + {{- toYaml . | nindent 8 }} + {{- end }} + {{- with .Values.global.securityContext }} + securityContext: + {{- toYaml . | nindent 8 }} + {{- end }} + {{- with .Values.eventReporter.priorityClassName | default .Values.global.priorityClassName }} + priorityClassName: {{ . }} + {{- end }} + {{- if .Values.eventReporter.terminationGracePeriodSeconds }} + terminationGracePeriodSeconds: {{ .Values.eventReporter.terminationGracePeriodSeconds }} + {{- end }} + serviceAccountName: {{ include "argo-cd.eventReporterServiceAccountName" . }} + containers: + - args: + - /usr/local/bin/event-reporter-server + - --metrics-port={{ .Values.eventReporter.containerPorts.metrics }} + {{- with .Values.eventReporter.extraArgs }} + {{- toYaml . | nindent 8 }} + {{- end }} + image: {{ default .Values.global.image.repository .Values.eventReporter.image.repository }}:{{ default (include "argo-cd.defaultTag" .) .Values.eventReporter.image.tag }} + imagePullPolicy: {{ default .Values.global.image.imagePullPolicy .Values.eventReporter.image.imagePullPolicy }} + name: {{ .Values.eventReporter.name }} + env: + {{- with (concat .Values.global.env .Values.eventReporter.env) }} + {{- toYaml . | nindent 10 }} + {{- end }} + - name: EVENT_REPORTER_REPLICAS + value: {{ .Values.eventReporter.replicas | quote }} + - name: ARGOCD_TOKEN + valueFrom: + secretKeyRef: + key: token + name: argocd-token + - name: CODEFRESH_URL + valueFrom: + configMapKeyRef: + name: codefresh-cm + key: base-url + optional: true + - name: CODEFRESH_TOKEN + valueFrom: + secretKeyRef: + key: token + name: codefresh-token + # todo: clean up + - name: EVENT_REPORTER_INSECURE + valueFrom: + configMapKeyRef: + name: argocd-cmd-params-cm + key: event-reporter.insecure + optional: true + - name: EVENT_REPORTER_LOGFORMAT + valueFrom: + configMapKeyRef: + name: argocd-cmd-params-cm + key: event-reporter.log.format + optional: true + - name: EVENT_REPORTER_LOG_LEVEL + valueFrom: + configMapKeyRef: + name: argocd-cmd-params-cm + key: event-reporter.log.level + optional: true + - name: EVENT_REPORTER_REPO_SERVER + valueFrom: + configMapKeyRef: + name: argocd-cmd-params-cm + key: repo.server + optional: true + - name: EVENT_REPORTER_REPO_SERVER_TIMEOUT_SECONDS + valueFrom: + configMapKeyRef: + name: argocd-cmd-params-cm + key: event-reporter.repo.server.timeout.seconds + optional: true + - name: EVENT_REPORTER_REPO_SERVER_PLAINTEXT + valueFrom: + configMapKeyRef: + name: argocd-cmd-params-cm + key: event-reporter.repo.server.plaintext + optional: true + - name: REDIS_SERVER + valueFrom: + configMapKeyRef: + name: argocd-cmd-params-cm + key: redis.server + optional: true + - name: REDIS_COMPRESSION + valueFrom: + configMapKeyRef: + name: argocd-cmd-params-cm + key: redis.compression + optional: true + - name: REDISDB + valueFrom: + configMapKeyRef: + name: argocd-cmd-params-cm + key: redis.db + optional: true + - name: REDIS_USERNAME + valueFrom: + secretKeyRef: + name: {{ default (include "argo-cd.redis.fullname" .) .Values.externalRedis.existingSecret }} + key: redis-username + optional: true + - name: REDIS_PASSWORD + valueFrom: + secretKeyRef: + name: {{ default (include "argo-cd.redis.fullname" .) .Values.externalRedis.existingSecret }} + key: redis-password + optional: true + - name: EVENT_REPORTER_SHARDING_ALGORITHM + valueFrom: + configMapKeyRef: + name: argocd-cmd-params-cm + key: event-reporter.sharding.algorithm + optional: true + - name: EVENT_REPORTER_LISTEN_ADDRESS + valueFrom: + configMapKeyRef: + name: argocd-cmd-params-cm + key: event-reporter.listen.address + optional: true + - name: EVENT_REPORTER_METRICS_LISTEN_ADDRESS + valueFrom: + configMapKeyRef: + name: argocd-cmd-params-cm + key: event-reporter.metrics.listen.address + optional: true + {{- with .Values.eventReporter.envFrom }} + envFrom: + {{- toYaml . | nindent 10 }} + {{- end }} + ports: + - name: metrics + containerPort: {{ .Values.eventReporter.containerPorts.metrics }} + protocol: TCP + - name: health + containerPort: {{ .Values.eventReporter.containerPorts.health }} + protocol: TCP + livenessProbe: + httpGet: + path: /healthz?full=true + port: health + initialDelaySeconds: 3 + periodSeconds: 30 + timeoutSeconds: 5 + readinessProbe: + httpGet: + path: /healthz + port: health + initialDelaySeconds: {{ .Values.eventReporter.readinessProbe.initialDelaySeconds }} + periodSeconds: {{ .Values.eventReporter.readinessProbe.periodSeconds }} + timeoutSeconds: {{ .Values.eventReporter.readinessProbe.timeoutSeconds }} + successThreshold: {{ .Values.eventReporter.readinessProbe.successThreshold }} + failureThreshold: {{ .Values.eventReporter.readinessProbe.failureThreshold }} + resources: + {{- toYaml .Values.eventReporter.resources | nindent 10 }} + {{- with .Values.eventReporter.containerSecurityContext }} + securityContext: + {{- toYaml . | nindent 10 }} + {{- end }} + volumeMounts: + {{- with .Values.eventReporter.volumeMounts }} + {{- toYaml . | nindent 8 }} + {{- end }} + - name: argocd-repo-server-tls + mountPath: /app/config/server/tls + - mountPath: /tmp + name: tmp + {{- with .Values.eventReporter.extraContainers }} + {{- tpl (toYaml .) $ | nindent 6 }} + {{- end }} + {{- with .Values.eventReporter.initContainers }} + initContainers: + {{- tpl (toYaml .) $ | nindent 6 }} + {{- end }} + {{- with include "argo-cd.affinity" (dict "context" . "component" .Values.eventReporter) }} + affinity: + {{- trim . | nindent 8 }} + {{- end }} + {{- with .Values.eventReporter.nodeSelector | default .Values.global.nodeSelector }} + nodeSelector: + {{- toYaml . | nindent 8 }} + {{- end }} + {{- with .Values.eventReporter.tolerations | default .Values.global.tolerations }} + tolerations: + {{- toYaml . | nindent 8 }} + {{- end }} + {{- with .Values.eventReporter.topologySpreadConstraints | default .Values.global.topologySpreadConstraints }} + topologySpreadConstraints: + {{- range $constraint := . }} + - {{ toYaml $constraint | nindent 8 | trim }} + {{- if not $constraint.labelSelector }} + labelSelector: + matchLabels: + {{- include "argo-cd.selectorLabels" (dict "context" $ "name" $.Values.eventReporter.name) | nindent 12 }} + {{- end }} + {{- end }} + {{- end }} + volumes: + {{- with .Values.eventReporter.volumes }} + {{- toYaml . | nindent 6 }} + {{- end }} + - emptyDir: { } + name: plugins-home + - emptyDir: { } + name: tmp + - name: argocd-repo-server-tls + secret: + secretName: argocd-repo-server-tls + optional: true + items: + - key: tls.crt + path: tls.crt + - key: tls.key + path: tls.key + - key: ca.crt + path: ca.crt + {{- if .Values.eventReporter.hostNetwork }} + hostNetwork: {{ .Values.eventReporter.hostNetwork }} + {{- end }} + {{- with .Values.eventReporter.dnsConfig }} + dnsConfig: + {{- toYaml . | nindent 8 }} + {{- end }} + dnsPolicy: {{ .Values.eventReporter.dnsPolicy }} +{{- end }} diff --git a/charts/argo-cd/values.yaml b/charts/argo-cd/values.yaml index df20106e4..52ce703d9 100644 --- a/charts/argo-cd/values.yaml +++ b/charts/argo-cd/values.yaml @@ -3277,3 +3277,282 @@ notifications: # For more information: https://argocd-notifications.readthedocs.io/en/stable/triggers/#default-triggers # defaultTriggers: | # - on-sync-status-unknown + +eventReporter: + # Enabled we need to skip argo-cd chart tests for this component + enabled: false + # Version we need to dynamically switch between old and new version + # one will be just hanging and the second one working + # possible values: v1, v2 + version: v1 + name: event-reporter + ## Amount of replicas for event reporting sharding + replicas: 3 + ## Event reporter Pod Disruption Budget + ## Ref: https://kubernetes.io/docs/tasks/run-application/configure-pdb/ + pdb: + # -- Deploy a [PodDisruptionBudget] for the event reporter + enabled: false + # -- Labels to be added to event reporter pdb + labels: {} + # -- Annotations to be added to event reporter pdb + annotations: {} + # -- Number of pods that are available after eviction as number or percentage (eg.: 50%) + # @default -- `""` (defaults to 0 if not specified) + minAvailable: "" + # -- Number of pods that are unavailable after eviction as number or percentage (eg.: 50%). + ## Has higher precedence over `controller.pdb.minAvailable` + maxUnavailable: "" + + ## Event reporter image + image: + # -- Repository to use for the event reporter + # @default -- `""` (defaults to global.image.repository) + repository: "" + # -- Tag to use for the event reporter + # @default -- `""` (defaults to global.image.tag) + tag: "" + # -- Image pull policy for the event reporter + # @default -- `""` (defaults to global.image.imagePullPolicy) + imagePullPolicy: "" + + # -- Secrets with credentials to pull images from a private registry + # @default -- `[]` (defaults to global.imagePullSecrets) + imagePullSecrets: [] + + # -- Additional command line arguments to pass to event reporter + extraArgs: [] + + # -- Environment variables to pass to event reporter + env: [] + + # -- envFrom to pass to event reporter + # @default -- `[]` (See [values.yaml]) + envFrom: [] + # - configMapRef: + # name: config-map-name + # - secretRef: + # name: secret-name + + # -- Additional containers to be added to the event reporter pod + ## Note: Supports use of custom Helm templates + extraContainers: [] + + # -- Init containers to add to the event reporter pod + ## If your target Kubernetes cluster(s) require a custom credential (exec) plugin + ## you could use this (and the same in the server pod) to provide such executable + ## Ref: https://kubernetes.io/docs/reference/access-authn-authz/authentication/#client-go-credential-plugins + ## Note: Supports use of custom Helm templates + initContainers: [] + # - name: download-tools + # image: alpine:3 + # command: [sh, -c] + # args: + # - wget -qO kubelogin.zip https://github.com/Azure/kubelogin/releases/download/v0.0.25/kubelogin-linux-amd64.zip && + # unzip kubelogin.zip && mv bin/linux_amd64/kubelogin /custom-tools/ + # volumeMounts: + # - mountPath: /custom-tools + # name: custom-tools + + # -- Additional volumeMounts to the event reporter main container + volumeMounts: [] + # - mountPath: /usr/local/bin/kubelogin + # name: custom-tools + # subPath: kubelogin + + # -- Additional volumes to the event reporter pod + volumes: [] + # - name: custom-tools + # emptyDir: {} + + # -- Annotations for the event reporter StatefulSet + statefulsetAnnotations: {} + + # -- Annotations to be added to event reporter pods + podAnnotations: {} + + # -- Labels to be added to event reporter pods + podLabels: {} + + # -- Resource limits and requests for the event reporter pods + resources: {} + # limits: + # cpu: 500m + # memory: 512Mi + # requests: + # cpu: 250m + # memory: 256Mi + + # Event reporter container ports + containerPorts: + # -- Metrics container port + metrics: 8087 + health: 8088 + + # -- Host Network for event reporter pods + hostNetwork: false + + # -- [DNS configuration] + dnsConfig: {} + # -- Alternative DNS policy for event reporter pods + dnsPolicy: "ClusterFirst" + + # -- Event reporter container-level security context + # @default -- See [values.yaml] + containerSecurityContext: + runAsNonRoot: true + readOnlyRootFilesystem: true + allowPrivilegeEscalation: false + seccompProfile: + type: RuntimeDefault + capabilities: + drop: + - ALL + + # Readiness probe for event reporter + ## Ref: https://kubernetes.io/docs/tasks/configure-pod-container/configure-liveness-readiness-probes/ + readinessProbe: + # -- Minimum consecutive failures for the [probe] to be considered failed after having succeeded + failureThreshold: 3 + # -- Number of seconds after the container has started before [probe] is initiated + initialDelaySeconds: 10 + # -- How often (in seconds) to perform the [probe] + periodSeconds: 10 + # -- Minimum consecutive successes for the [probe] to be considered successful after having failed + successThreshold: 1 + # -- Number of seconds after which the [probe] times out + timeoutSeconds: 1 + + # -- terminationGracePeriodSeconds for container lifecycle hook + terminationGracePeriodSeconds: 30 + + # -- Priority class for the event reporter pods + # @default -- `""` (defaults to global.priorityClassName) + priorityClassName: "" + + # -- [Node selector] + # @default -- `{}` (defaults to global.nodeSelector) + nodeSelector: {} + + # -- [Tolerations] for use with node taints + # @default -- `[]` (defaults to global.tolerations) + tolerations: [] + + # -- Assign custom [affinity] rules to the deployment + # @default -- `{}` (defaults to global.affinity preset) + affinity: {} + + # -- Assign custom [TopologySpreadConstraints] rules to the event reporter + # @default -- `[]` (defaults to global.topologySpreadConstraints) + ## Ref: https://kubernetes.io/docs/concepts/workloads/pods/pod-topology-spread-constraints/ + ## If labelSelector is left out, it will default to the labelSelector configuration of the deployment + topologySpreadConstraints: [] + # - maxSkew: 1 + # topologyKey: topology.kubernetes.io/zone + # whenUnsatisfiable: DoNotSchedule + + serviceAccount: + # -- Create a service account for the event reporter + create: true + # -- Service account name + name: event-reporter + # -- Annotations applied to created service account + annotations: {} + # -- Labels applied to created service account + labels: {} + # -- Automount API credentials for the Service Account + automountServiceAccountToken: true + + ## Event reporter metrics configuration + metrics: + # -- Deploy metrics service + enabled: false + applicationLabels: + # -- Enables additional labels in argocd_app_labels metric + enabled: false + # -- Additional labels + labels: [] + service: + # -- Metrics service type + type: ClusterIP + # -- Metrics service clusterIP. `None` makes a "headless service" (no virtual IP) + clusterIP: "" + # -- Metrics service annotations + annotations: {} + # -- Metrics service labels + labels: {} + # -- Metrics service port + servicePort: 8087 + # -- Metrics service port name + portName: http-metrics + serviceMonitor: + # -- Enable a prometheus ServiceMonitor + enabled: false + # -- Prometheus ServiceMonitor interval + interval: 30s + # -- Prometheus [RelabelConfigs] to apply to samples before scraping + relabelings: [] + # -- Prometheus [MetricRelabelConfigs] to apply to samples before ingestion + metricRelabelings: [] + # -- Prometheus ServiceMonitor selector + selector: {} + # prometheus: kube-prometheus + + # -- Prometheus ServiceMonitor scheme + scheme: "" + # -- Prometheus ServiceMonitor tlsConfig + tlsConfig: {} + # -- Prometheus ServiceMonitor namespace + namespace: "" # "monitoring" + # -- Prometheus ServiceMonitor labels + additionalLabels: {} + # -- Prometheus ServiceMonitor annotations + annotations: {} + rules: + # -- Deploy a PrometheusRule for the event reporter + enabled: false + # -- PrometheusRule namespace + namespace: "" # "monitoring" + # -- PrometheusRule selector + selector: {} + # prometheus: kube-prometheus + + # -- PrometheusRule labels + additionalLabels: {} + # -- PrometheusRule annotations + annotations: {} + + # -- PrometheusRule.Spec for the event reporter + spec: [] + # - alert: ArgoAppMissing + # expr: | + # absent(argocd_app_info) == 1 + # for: 15m + # labels: + # severity: critical + # annotations: + # summary: "[Argo CD] No reported applications" + # description: > + # Argo CD has not reported any applications data for the past 15 minutes which + # means that it must be down or not functioning properly. This needs to be + # resolved for this cloud to continue to maintain state. + # - alert: ArgoAppNotSynced + # expr: | + # argocd_app_info{sync_status!="Synced"} == 1 + # for: 12h + # labels: + # severity: warning + # annotations: + # summary: "[{{`{{$labels.name}}`}}] Application not synchronized" + # description: > + # The application [{{`{{$labels.name}}`}} has not been synchronized for over + # 12 hours which means that the state of this cloud has drifted away from the + # state inside Git. + + ## Enable this and set the rules: to whatever custom rules you want for the Cluster Role resource. + ## Defaults to off + clusterRoleRules: + # -- Enable custom rules for the event reporter's ClusterRole resource + enabled: false + # -- List of custom rules for the event reporter's ClusterRole resource + rules: [] From 28cfbb92909de228b5acfa379018d5147907506d Mon Sep 17 00:00:00 2001 From: ilia-medvedev-codefresh Date: Wed, 29 Nov 2023 17:06:18 +0200 Subject: [PATCH 350/356] add workflow dispatch Signed-off-by: ilia-medvedev-codefresh --- .github/workflows/publish.yml | 1 + 1 file changed, 1 insertion(+) diff --git a/.github/workflows/publish.yml b/.github/workflows/publish.yml index 3738002c3..64665dbcb 100644 --- a/.github/workflows/publish.yml +++ b/.github/workflows/publish.yml @@ -6,6 +6,7 @@ on: - argo-cd paths: - "charts/**" + workflow_dispatch: permissions: contents: read From b226367ab91d6d37c4330906c0cd5987250f4e00 Mon Sep 17 00:00:00 2001 From: ilia-medvedev-codefresh Date: Wed, 29 Nov 2023 17:07:26 +0200 Subject: [PATCH 351/356] remove wf dispatch Signed-off-by: ilia-medvedev-codefresh --- .github/workflows/publish.yml | 1 - 1 file changed, 1 deletion(-) diff --git a/.github/workflows/publish.yml b/.github/workflows/publish.yml index 64665dbcb..3738002c3 100644 --- a/.github/workflows/publish.yml +++ b/.github/workflows/publish.yml @@ -6,7 +6,6 @@ on: - argo-cd paths: - "charts/**" - workflow_dispatch: permissions: contents: read From 7d123e924a660a85eed0b7d6b99936cabe9077f8 Mon Sep 17 00:00:00 2001 From: ilia-medvedev-codefresh Date: Wed, 29 Nov 2023 17:08:18 +0200 Subject: [PATCH 352/356] Update artifacthub changelog Signed-off-by: ilia-medvedev-codefresh --- charts/argo-cd/Chart.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index db605e05a..40b70a99a 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -27,7 +27,7 @@ annotations: url: https://argoproj.github.io/argo-helm/pgp_keys.asc artifacthub.io/changes: | - kind: added - description: Add event reporter as a separate component + description: Add event-reporter as a separate component - kind: changed description: Update ArgoCD version to v2.8.1-cap-CR-21281-new-reporter - kind: changed From 7fd7b93c1a840db60a05dcd45162c7acdd848cdb Mon Sep 17 00:00:00 2001 From: Yaroslav Drachenko Date: Tue, 5 Dec 2023 14:48:32 +0200 Subject: [PATCH 353/356] Argocd latest fixes (#33) - kind: added description: Add priority queue to reporter - kind: fixed description: Fix bug with skip-current-step - kind: fixed description: Support creation of apps with empty dir in reporter --- charts/argo-cd/Chart.yaml | 14 +++++++------- 1 file changed, 7 insertions(+), 7 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index 40b70a99a..1317393e9 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -1,9 +1,9 @@ apiVersion: v2 -appVersion: v2.8.1-cap-CR-21281-new-reporter +appVersion: v2.8.1-cap-CR-create-apps-with-err kubeVersion: ">=1.23.0-0" description: A Helm chart for Argo CD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 5.50.1-1-cap-CR-21429 +version: 5.50.1-2-cap-CR-create-apps-with-err home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png sources: @@ -27,8 +27,8 @@ annotations: url: https://argoproj.github.io/argo-helm/pgp_keys.asc artifacthub.io/changes: | - kind: added - description: Add event-reporter as a separate component - - kind: changed - description: Update ArgoCD version to v2.8.1-cap-CR-21281-new-reporter - - kind: changed - description: Add ability to switch between reporters + description: Add priority queue to reporter + - kind: fixed + description: Fix bug with skip-current-step + - kind: fixed + description: Support creation of apps with empty dir in reporter From c3916ee2f41b5efbcd64d47e83f7017f4c42ff3d Mon Sep 17 00:00:00 2001 From: Yaroslav Drachenko Date: Fri, 8 Dec 2023 17:34:05 +0200 Subject: [PATCH 354/356] Release argo-cd 2.9.3 (#34) * merge upstream argo-cd chart 5.51.6-1 * change image to fork version v2.9-2023.12.06-e6258156d --- .clomonitor.yml | 6 + CODEOWNERS => .github/CODEOWNERS | 10 +- .github/workflows/lint-and-test.yml | 2 +- .github/workflows/pr-title.yml | 2 +- .github/workflows/publish.yml | 2 + CONTRIBUTING.md | 2 + README.md | 3 +- SECURITY-INSIGHTS.yml | 38 + SECURITY.md | 2 +- charts/argo-cd/Chart.yaml | 12 +- charts/argo-cd/README.md | 14 +- charts/argo-cd/README.md.gotmpl | 13 +- .../argocd-applicationset/deployment.yaml | 12 + .../argocd-repo-server/deployment.yaml | 12 + .../templates/argocd-server/clusterrole.yaml | 4 + .../templates/crds/crd-application.yaml | 389 ++++- .../templates/crds/crd-applicationset.yaml | 1495 ++++++++++++++++- charts/argo-cd/values.yaml | 12 +- charts/argo-rollouts/Chart.yaml | 8 +- .../templates/crds/analysis-template-crd.yaml | 51 +- .../crds/cluster-analysis-template-crd.yaml | 51 +- charts/argo-workflows/Chart.yaml | 6 +- charts/argo-workflows/README.md | 8 +- .../ci/enable-ingress-values.yaml | 2 +- charts/argo-workflows/templates/NOTES.txt | 4 + charts/argo-workflows/templates/_helpers.tpl | 7 + .../workflow-controller-config-map.yaml | 4 +- .../workflow-controller-deployment.yaml | 3 +- .../workflow-controller-service.yaml | 2 +- .../templates/server/server-deployment.yaml | 8 +- charts/argo-workflows/values.yaml | 22 +- 31 files changed, 2139 insertions(+), 67 deletions(-) rename CODEOWNERS => .github/CODEOWNERS (68%) create mode 100644 SECURITY-INSIGHTS.yml diff --git a/.clomonitor.yml b/.clomonitor.yml index 9f1fff8c4..c75e8a7b4 100644 --- a/.clomonitor.yml +++ b/.clomonitor.yml @@ -7,6 +7,12 @@ exemptions: reason: "Helm deps are not currently scanned. Maintainers are watching developments to dependabot-core #2237" # Justification of this exemption (mandatory, it will be displayed on the UI) - check: sbom reason: "Tracking Helm dependencies is not yet a stable practice." + - check: self_assessment + reason: "Refer to self assessments supplied by the codebases Argo Helm supports." + - check: signed_releases + reason: "Argo Helm releases are made via Artifact Hub, where they are signed. The unsigned GitHub releases are for reference only." + - check: license_scanning + reason: "Temporary exemption: pending response from CNCF Service Desk" # TODO: # License scanning information diff --git a/CODEOWNERS b/.github/CODEOWNERS similarity index 68% rename from CODEOWNERS rename to .github/CODEOWNERS index f7432a773..05c993b96 100644 --- a/CODEOWNERS +++ b/.github/CODEOWNERS @@ -1,14 +1,6 @@ -# All -* @mkilchhofer @jmeridth +* @mkilchhofer @jmeridth @yu-croco -# Argo Workflows /charts/argo-workflows/ @vladlosev @jmeridth @yu-croco @tico24 - -# Argo CD /charts/argo-cd/ @mbevc1 @mkilchhofer @yu-croco @jmeridth @pdrastil @tico24 - -# Argo Events /charts/argo-events/ @pdrastil @jmeridth @tico24 - -# Argo Rollouts /charts/argo-rollouts/ @jmeridth diff --git a/.github/workflows/lint-and-test.yml b/.github/workflows/lint-and-test.yml index c0a183e77..a7e865600 100644 --- a/.github/workflows/lint-and-test.yml +++ b/.github/workflows/lint-and-test.yml @@ -38,7 +38,7 @@ jobs: - name: Setup Chart Linting id: lint - uses: helm/chart-testing-action@b43128a8b25298e1e7b043b78ea6613844e079b1 # v2.6.0 + uses: helm/chart-testing-action@e6669bcd63d7cb57cb4380c33043eebe5d111992 # v2.6.1 with: # Note: Also update in scripts/lint.sh version: v3.10.0 diff --git a/.github/workflows/pr-title.yml b/.github/workflows/pr-title.yml index be77f1aef..256b1c382 100644 --- a/.github/workflows/pr-title.yml +++ b/.github/workflows/pr-title.yml @@ -19,7 +19,7 @@ jobs: name: Validate PR title runs-on: ubuntu-latest steps: - - uses: amannn/action-semantic-pull-request@47b15d52c5c30e94a17ec87eb8dd51ff5221fed9 # v5.3.0 + - uses: amannn/action-semantic-pull-request@e9fabac35e210fea40ca5b14c0da95a099eff26f # v5.4.0 env: GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} with: diff --git a/.github/workflows/publish.yml b/.github/workflows/publish.yml index 3738002c3..0b7ff8699 100644 --- a/.github/workflows/publish.yml +++ b/.github/workflows/publish.yml @@ -59,6 +59,8 @@ jobs: PGP_PASSPHRASE: "${{ secrets.PGP_PASSPHRASE }}" - name: Run chart-releaser + # todo: change later to v1.6.0 (also in agro-rollouts chart) + # issue: https://github.com/helm/chart-releaser-action/issues/171 uses: helm/chart-releaser-action@be16258da8010256c6e82849661221415f031968 # v1.5.0 with: config: "./.github/configs/cr.yaml" diff --git a/CONTRIBUTING.md b/CONTRIBUTING.md index d67ddefc5..f9861dcba 100644 --- a/CONTRIBUTING.md +++ b/CONTRIBUTING.md @@ -47,6 +47,8 @@ Any breaking changes to a chart (backwards incompatible) require: ### New Application Versions +Helm charts are intended to be created for all non-patched releases of Argo CD, Workflows, Rollouts, and Events. Associated dependencies, such as Redis, will use the version recommended by the associated release. + When selecting new application versions ensure you make the following changes: * `values.yaml`: Bump all instances of the container image version diff --git a/README.md b/README.md index b29bb3d13..3d57db36f 100644 --- a/README.md +++ b/README.md @@ -6,6 +6,7 @@ [![Artifact HUB](https://img.shields.io/endpoint?url=https://artifacthub.io/badge/repository/argo)](https://artifacthub.io/packages/search?repo=argo) [![CLOMonitor](https://img.shields.io/endpoint?url=https://clomonitor.io/api/projects/cncf/argo/badge)](https://clomonitor.io/projects/cncf/argo) [![OpenSSF Scorecard](https://api.securityscorecards.dev/projects/github.com/argoproj/argo-helm/badge)](https://api.securityscorecards.dev/projects/github.com/argoproj/argo-helm) +[![OpenSSF Best Practices](https://www.bestpractices.dev/projects/7942/badge)](https://www.bestpractices.dev/projects/7942) Argo Helm is a collection of **community maintained** charts for [https://argoproj.github.io](https://argoproj.github.io) projects. The charts can be added using following command: @@ -23,7 +24,7 @@ Some users would prefer to install the CRDs _outside_ of the chart. You can disa Helm cannot upgrade custom resource definitions in the `/crds` folder [by design](https://helm.sh/docs/chart_best_practices/custom_resource_definitions/#some-caveats-and-explanations). Our CRDs have been moved to `/templates` to address this design decision. -If you are using versions of a chart that have the CRDs in the root of the chart or have elected to manage the Argo Workflows CRDs outside of the chart, please use `kubectl` to upgrade CRDs manually from [templates/crds](templates/crds/) folder or via the manifests from the upstream project repo: +If you are using versions of a chart that have the CRDs in the root of the chart or have elected to manage the Argo CRDs outside of the chart, please use `kubectl` to upgrade CRDs manually from [templates/crds](templates/crds/) folder or via the manifests from the upstream project repo: Example: diff --git a/SECURITY-INSIGHTS.yml b/SECURITY-INSIGHTS.yml new file mode 100644 index 000000000..e3a6aeed1 --- /dev/null +++ b/SECURITY-INSIGHTS.yml @@ -0,0 +1,38 @@ +header: + schema-version: '1.0.0' + expiration-date: '2024-11-04T10:00:00.000Z' + project-url: https://github.com/argoproj/argo-helm +project-lifecycle: + status: active + bug-fixes-only: false + core-maintainers: + - https://github.com/mkilchhofer + - https://github.com/jmeridth +contribution-policy: + accepts-pull-requests: true + accepts-automated-pull-requests: true + automated-tools-list: + - automated-tool: dependabot + action: allowed + path: + - / + contributing-policy: https://github.com/argoproj/argo-helm/blob/main/CONTRIBUTING.md + code-of-conduct: https://github.com/cncf/foundation/blob/master/code-of-conduct.md +distribution-points: + - https://argoproj.github.io/argo-helm + - https://artifacthub.io/packages/search?org=argoproj&repo=argo +security-contacts: + - type: website + value: https://github.com/argoproj/argo-helm/security/advisories/new + primary: true +vulnerability-reporting: + accepts-vulnerability-reports: true + email-contact: cncf-argo-maintainers@lists.cncf.io + security-policy: https://github.com/argoproj/argo-helm/blob/main/SECURITY.md + comment: | + Our preferred contact method related to vulnerabilities is the Security tab on GitHub. + Click the button "Report a vulnerability" to open the advisory form. + Please refer to the security policy for reporting information prior to using the email contact. +dependencies: + env-dependencies-policy: + policy-url: https://github.com/argoproj/argo-helm/blob/master/CONTRIBUTING.md#new-application-versions diff --git a/SECURITY.md b/SECURITY.md index 7c30259c2..f4fb60022 100644 --- a/SECURITY.md +++ b/SECURITY.md @@ -2,7 +2,7 @@ ## Supported Versions and Upstream Reporting -Each helm chart currently supports the designated application version in the Chart.yaml. There is a chance a security issue you've discovered may not be with the helm chart but with the upstream application. Please visit that application's Security policy docueent to find out how to report the security issue. +Each helm chart currently supports the designated application version in the Chart.yaml. There is a chance a security issue you've discovered may not be with the helm chart but with the upstream application. Please visit that application's Security policy document to find out how to report the security issue. * [Security Policy for Argo Workflows](https://github.com/argoproj/argo-workflows/blob/master/SECURITY.md) * [Security Policy for Argo Events](https://github.com/argoproj/argo-events/blob/master/SECURITY.md) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index 1317393e9..5aa03524f 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -1,9 +1,9 @@ apiVersion: v2 -appVersion: v2.8.1-cap-CR-create-apps-with-err +appVersion: v2.9-2023.12.06-e6258156d kubeVersion: ">=1.23.0-0" description: A Helm chart for Argo CD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 5.50.1-2-cap-CR-create-apps-with-err +version: 5.51.6-1-cap-2.9-2023.12.06-e6258156d home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png sources: @@ -26,9 +26,5 @@ annotations: fingerprint: 2B8F22F57260EFA67BE1C5824B11F800CD9D2252 url: https://argoproj.github.io/argo-helm/pgp_keys.asc artifacthub.io/changes: | - - kind: added - description: Add priority queue to reporter - - kind: fixed - description: Fix bug with skip-current-step - - kind: fixed - description: Support creation of apps with empty dir in reporter + - kind: changed + description: Upgrade Argo CD to v2.9-2023.12.06-e6258156d diff --git a/charts/argo-cd/README.md b/charts/argo-cd/README.md index e1d141ce3..f55f7099c 100644 --- a/charts/argo-cd/README.md +++ b/charts/argo-cd/README.md @@ -115,14 +115,22 @@ The manifests are now using [`tini` as entrypoint][tini], instead of `entrypoint This means that the deployment manifests have to be updated after upgrading to Argo CD v2.7, and before upgrading to Argo CD v2.8 later. In case the manifests are updated before moving to Argo CD v2.8, the containers will not be able to start. +### 5.26.0 + +This version adds support for Config Management Plugins using the sidecar model and configured in a ConfigMap named `argocd-cmp-cm`. +Users will need to migrate from the previous `argocd-cm` ConfigMap method to using the sidecar method before Argo CD v2.8. See the [Argo CD CMP migration guide](https://argo-cd.readthedocs.io/en/stable/operator-manual/config-management-plugins/#migrating-from-argocd-cm-plugins) for more specifics. + +To migrate your plugins, you can now set the `configs.cmp.create` to `true` and move your plugins from `configs.cm` to `configs.cmp.plugins`. +You will also need to configure the sidecar containers under `repoServer.extraContainers` and ensure you are mounting any custom volumes you need from `repoServer.volumes` into here also. + ### 5.24.0 -This versions adds additional global parameters for scheduling (`nodeSelector`, `tolerations`, `topologySpreadConstraints`). +This version adds additional global parameters for scheduling (`nodeSelector`, `tolerations`, `topologySpreadConstraints`). Default `global.affinity` rules can be disabled when `none` value is used for the preset. ### 5.22.0 -This versions adds `global.affinity` options that are used as a presets. Override on component level works as before and replaces the default preset completely. +This version adds `global.affinity` options that are used as a presets. Override on component level works as before and replaces the default preset completely. ### 5.19.0 @@ -523,6 +531,7 @@ NAME: my-release | configs.credentialTemplatesAnnotations | object | `{}` | Annotations to be added to `configs.credentialTemplates` Secret | | configs.gpg.annotations | object | `{}` | Annotations to be added to argocd-gpg-keys-cm configmap | | configs.gpg.keys | object | `{}` (See [values.yaml]) | [GnuPG] public keys to add to the keyring | +| configs.params."application.namespaces" | string | `""` | Enables [Applications in any namespace] | | configs.params."applicationsetcontroller.enable.progressive.syncs" | bool | `false` | Enables use of the Progressive Syncs capability | | configs.params."applicationsetcontroller.policy" | string | `"sync"` | Modify how application is synced between the generator and the cluster. One of: `sync`, `create-only`, `create-update`, `create-delete` | | configs.params."controller.operation.processors" | int | `10` | Number of application operation processors | @@ -1327,3 +1336,4 @@ Autogenerated from chart metadata using [helm-docs](https://github.com/norwoodj/ [tini]: https://github.com/argoproj/argo-cd/pull/12707 [EKS EoL]: https://endoflife.date/amazon-eks [Kubernetes Compatibility Matrix]: https://argo-cd.readthedocs.io/en/stable/operator-manual/installation/#supported-versions +[Applications in any namespace]: https://argo-cd.readthedocs.io/en/stable/operator-manual/app-any-namespace/#applications-in-any-namespace diff --git a/charts/argo-cd/README.md.gotmpl b/charts/argo-cd/README.md.gotmpl index 5dc048b44..7df790782 100644 --- a/charts/argo-cd/README.md.gotmpl +++ b/charts/argo-cd/README.md.gotmpl @@ -115,14 +115,22 @@ The manifests are now using [`tini` as entrypoint][tini], instead of `entrypoint This means that the deployment manifests have to be updated after upgrading to Argo CD v2.7, and before upgrading to Argo CD v2.8 later. In case the manifests are updated before moving to Argo CD v2.8, the containers will not be able to start. +### 5.26.0 + +This version adds support for Config Management Plugins using the sidecar model and configured in a ConfigMap named `argocd-cmp-cm`. +Users will need to migrate from the previous `argocd-cm` ConfigMap method to using the sidecar method before Argo CD v2.8. See the [Argo CD CMP migration guide](https://argo-cd.readthedocs.io/en/stable/operator-manual/config-management-plugins/#migrating-from-argocd-cm-plugins) for more specifics. + +To migrate your plugins, you can now set the `configs.cmp.create` to `true` and move your plugins from `configs.cm` to `configs.cmp.plugins`. +You will also need to configure the sidecar containers under `repoServer.extraContainers` and ensure you are mounting any custom volumes you need from `repoServer.volumes` into here also. + ### 5.24.0 -This versions adds additional global parameters for scheduling (`nodeSelector`, `tolerations`, `topologySpreadConstraints`). +This version adds additional global parameters for scheduling (`nodeSelector`, `tolerations`, `topologySpreadConstraints`). Default `global.affinity` rules can be disabled when `none` value is used for the preset. ### 5.22.0 -This versions adds `global.affinity` options that are used as a presets. Override on component level works as before and replaces the default preset completely. +This version adds `global.affinity` options that are used as a presets. Override on component level works as before and replaces the default preset completely. ### 5.19.0 @@ -562,3 +570,4 @@ Autogenerated from chart metadata using [helm-docs](https://github.com/norwoodj/ [tini]: https://github.com/argoproj/argo-cd/pull/12707 [EKS EoL]: https://endoflife.date/amazon-eks [Kubernetes Compatibility Matrix]: https://argo-cd.readthedocs.io/en/stable/operator-manual/installation/#supported-versions +[Applications in any namespace]: https://argo-cd.readthedocs.io/en/stable/operator-manual/app-any-namespace/#applications-in-any-namespace diff --git a/charts/argo-cd/templates/argocd-applicationset/deployment.yaml b/charts/argo-cd/templates/argocd-applicationset/deployment.yaml index 100daf5f1..464b77b1e 100644 --- a/charts/argo-cd/templates/argocd-applicationset/deployment.yaml +++ b/charts/argo-cd/templates/argocd-applicationset/deployment.yaml @@ -90,6 +90,18 @@ spec: valueFrom: fieldRef: fieldPath: metadata.namespace + - name: ARGOCD_APPLICATIONSET_CONTROLLER_GLOBAL_PRESERVED_ANNOTATIONS + valueFrom: + configMapKeyRef: + key: applicationsetcontroller.global.preserved.annotations + name: argocd-cmd-params-cm + optional: true + - name: ARGOCD_APPLICATIONSET_CONTROLLER_GLOBAL_PRESERVED_LABELS + valueFrom: + configMapKeyRef: + key: applicationsetcontroller.global.preserved.labels + name: argocd-cmd-params-cm + optional: true - name: ARGOCD_APPLICATIONSET_CONTROLLER_ENABLE_LEADER_ELECTION valueFrom: configMapKeyRef: diff --git a/charts/argo-cd/templates/argocd-repo-server/deployment.yaml b/charts/argo-cd/templates/argocd-repo-server/deployment.yaml index 515984d7a..90941428e 100755 --- a/charts/argo-cd/templates/argocd-repo-server/deployment.yaml +++ b/charts/argo-cd/templates/argocd-repo-server/deployment.yaml @@ -231,6 +231,18 @@ spec: key: reposerver.streamed.manifest.max.extracted.size name: argocd-cmd-params-cm optional: true + - name: ARGOCD_REPO_SERVER_HELM_MANIFEST_MAX_EXTRACTED_SIZE + valueFrom: + configMapKeyRef: + key: reposerver.helm.manifest.max.extracted.size + name: argocd-cmd-params-cm + optional: true + - name: ARGOCD_REPO_SERVER_DISABLE_HELM_MANIFEST_MAX_EXTRACTED_SIZE + valueFrom: + configMapKeyRef: + name: argocd-cmd-params-cm + key: reposerver.disable.helm.manifest.max.extracted.size + optional: true - name: ARGOCD_GIT_MODULES_ENABLED valueFrom: configMapKeyRef: diff --git a/charts/argo-cd/templates/argocd-server/clusterrole.yaml b/charts/argo-cd/templates/argocd-server/clusterrole.yaml index 838016fa0..bd10316b4 100644 --- a/charts/argo-cd/templates/argocd-server/clusterrole.yaml +++ b/charts/argo-cd/templates/argocd-server/clusterrole.yaml @@ -21,6 +21,9 @@ rules: - events verbs: - list + {{- if (index .Values.configs.params "application.namespaces") }} + - create + {{- end }} - apiGroups: - "" resources: @@ -40,6 +43,7 @@ rules: - argoproj.io resources: - applications + - applicationsets verbs: - get - list diff --git a/charts/argo-cd/templates/crds/crd-application.yaml b/charts/argo-cd/templates/crds/crd-application.yaml index b4d13a15e..034015741 100644 --- a/charts/argo-cd/templates/crds/crd-application.yaml +++ b/charts/argo-cd/templates/crds/crd-application.yaml @@ -359,6 +359,37 @@ spec: description: Namespace sets the namespace that Kustomize adds to all resources type: string + patches: + description: Patches is a list of Kustomize patches + items: + properties: + options: + additionalProperties: + type: boolean + type: object + patch: + type: string + path: + type: string + target: + properties: + annotationSelector: + type: string + group: + type: string + kind: + type: string + labelSelector: + type: string + name: + type: string + namespace: + type: string + version: + type: string + type: object + type: object + type: array replicas: description: Replicas is a list of Kustomize Replicas override specifications @@ -657,6 +688,37 @@ spec: description: Namespace sets the namespace that Kustomize adds to all resources type: string + patches: + description: Patches is a list of Kustomize patches + items: + properties: + options: + additionalProperties: + type: boolean + type: object + patch: + type: string + path: + type: string + target: + properties: + annotationSelector: + type: string + group: + type: string + kind: + type: string + labelSelector: + type: string + name: + type: string + namespace: + type: string + version: + type: string + type: object + type: object + type: array replicas: description: Replicas is a list of Kustomize Replicas override specifications @@ -797,7 +859,8 @@ spec: properties: name: description: Name is an alternate way of specifying the target - cluster by its symbolic name + cluster by its symbolic name. This must be set if Server is + not set. type: string namespace: description: Namespace specifies the target namespace for the @@ -805,8 +868,9 @@ spec: namespace-scoped resources that have not set a value for .metadata.namespace type: string server: - description: Server specifies the URL of the target cluster and - must be set to the Kubernetes control plane API + description: Server specifies the URL of the target cluster's + Kubernetes control plane API. This must be set if Name is not + set. type: string type: object ignoreDifferences: @@ -1067,6 +1131,37 @@ spec: description: Namespace sets the namespace that Kustomize adds to all resources type: string + patches: + description: Patches is a list of Kustomize patches + items: + properties: + options: + additionalProperties: + type: boolean + type: object + patch: + type: string + path: + type: string + target: + properties: + annotationSelector: + type: string + group: + type: string + kind: + type: string + labelSelector: + type: string + name: + type: string + namespace: + type: string + version: + type: string + type: object + type: object + type: array replicas: description: Replicas is a list of Kustomize Replicas override specifications @@ -1355,6 +1450,37 @@ spec: description: Namespace sets the namespace that Kustomize adds to all resources type: string + patches: + description: Patches is a list of Kustomize patches + items: + properties: + options: + additionalProperties: + type: boolean + type: object + patch: + type: string + path: + type: string + target: + properties: + annotationSelector: + type: string + group: + type: string + kind: + type: string + labelSelector: + type: string + name: + type: string + namespace: + type: string + version: + type: string + type: object + type: object + type: array replicas: description: Replicas is a list of Kustomize Replicas override specifications @@ -1796,6 +1922,37 @@ spec: description: Namespace sets the namespace that Kustomize adds to all resources type: string + patches: + description: Patches is a list of Kustomize patches + items: + properties: + options: + additionalProperties: + type: boolean + type: object + patch: + type: string + path: + type: string + target: + properties: + annotationSelector: + type: string + group: + type: string + kind: + type: string + labelSelector: + type: string + name: + type: string + namespace: + type: string + version: + type: string + type: object + type: object + type: array replicas: description: Replicas is a list of Kustomize Replicas override specifications @@ -2097,6 +2254,37 @@ spec: description: Namespace sets the namespace that Kustomize adds to all resources type: string + patches: + description: Patches is a list of Kustomize patches + items: + properties: + options: + additionalProperties: + type: boolean + type: object + patch: + type: string + path: + type: string + target: + properties: + annotationSelector: + type: string + group: + type: string + kind: + type: string + labelSelector: + type: string + name: + type: string + namespace: + type: string + version: + type: string + type: object + type: object + type: array replicas: description: Replicas is a list of Kustomize Replicas override specifications @@ -2542,6 +2730,37 @@ spec: description: Namespace sets the namespace that Kustomize adds to all resources type: string + patches: + description: Patches is a list of Kustomize patches + items: + properties: + options: + additionalProperties: + type: boolean + type: object + patch: + type: string + path: + type: string + target: + properties: + annotationSelector: + type: string + group: + type: string + kind: + type: string + labelSelector: + type: string + name: + type: string + namespace: + type: string + version: + type: string + type: object + type: object + type: array replicas: description: Replicas is a list of Kustomize Replicas override specifications @@ -2860,6 +3079,38 @@ spec: description: Namespace sets the namespace that Kustomize adds to all resources type: string + patches: + description: Patches is a list of Kustomize + patches + items: + properties: + options: + additionalProperties: + type: boolean + type: object + patch: + type: string + path: + type: string + target: + properties: + annotationSelector: + type: string + group: + type: string + kind: + type: string + labelSelector: + type: string + name: + type: string + namespace: + type: string + version: + type: string + type: object + type: object + type: array replicas: description: Replicas is a list of Kustomize Replicas override specifications @@ -3292,6 +3543,37 @@ spec: description: Namespace sets the namespace that Kustomize adds to all resources type: string + patches: + description: Patches is a list of Kustomize patches + items: + properties: + options: + additionalProperties: + type: boolean + type: object + patch: + type: string + path: + type: string + target: + properties: + annotationSelector: + type: string + group: + type: string + kind: + type: string + labelSelector: + type: string + name: + type: string + namespace: + type: string + version: + type: string + type: object + type: object + type: array replicas: description: Replicas is a list of Kustomize Replicas override specifications @@ -3603,6 +3885,37 @@ spec: description: Namespace sets the namespace that Kustomize adds to all resources type: string + patches: + description: Patches is a list of Kustomize patches + items: + properties: + options: + additionalProperties: + type: boolean + type: object + patch: + type: string + path: + type: string + target: + properties: + annotationSelector: + type: string + group: + type: string + kind: + type: string + labelSelector: + type: string + name: + type: string + namespace: + type: string + version: + type: string + type: object + type: object + type: array replicas: description: Replicas is a list of Kustomize Replicas override specifications @@ -3804,7 +4117,8 @@ spec: properties: name: description: Name is an alternate way of specifying the - target cluster by its symbolic name + target cluster by its symbolic name. This must be set + if Server is not set. type: string namespace: description: Namespace specifies the target namespace @@ -3813,8 +4127,9 @@ spec: not set a value for .metadata.namespace type: string server: - description: Server specifies the URL of the target cluster - and must be set to the Kubernetes control plane API + description: Server specifies the URL of the target cluster's + Kubernetes control plane API. This must be set if Name + is not set. type: string type: object ignoreDifferences: @@ -4056,6 +4371,37 @@ spec: description: Namespace sets the namespace that Kustomize adds to all resources type: string + patches: + description: Patches is a list of Kustomize patches + items: + properties: + options: + additionalProperties: + type: boolean + type: object + patch: + type: string + path: + type: string + target: + properties: + annotationSelector: + type: string + group: + type: string + kind: + type: string + labelSelector: + type: string + name: + type: string + namespace: + type: string + version: + type: string + type: object + type: object + type: array replicas: description: Replicas is a list of Kustomize Replicas override specifications @@ -4367,6 +4713,37 @@ spec: description: Namespace sets the namespace that Kustomize adds to all resources type: string + patches: + description: Patches is a list of Kustomize patches + items: + properties: + options: + additionalProperties: + type: boolean + type: object + patch: + type: string + path: + type: string + target: + properties: + annotationSelector: + type: string + group: + type: string + kind: + type: string + labelSelector: + type: string + name: + type: string + namespace: + type: string + version: + type: string + type: object + type: object + type: array replicas: description: Replicas is a list of Kustomize Replicas override specifications diff --git a/charts/argo-cd/templates/crds/crd-applicationset.yaml b/charts/argo-cd/templates/crds/crd-applicationset.yaml index 0a758688a..47c4a1fd9 100644 --- a/charts/argo-cd/templates/crds/crd-applicationset.yaml +++ b/charts/argo-cd/templates/crds/crd-applicationset.yaml @@ -275,6 +275,36 @@ spec: type: string namespace: type: string + patches: + items: + properties: + options: + additionalProperties: + type: boolean + type: object + patch: + type: string + path: + type: string + target: + properties: + annotationSelector: + type: string + group: + type: string + kind: + type: string + labelSelector: + type: string + name: + type: string + namespace: + type: string + version: + type: string + type: object + type: object + type: array replicas: items: properties: @@ -461,6 +491,36 @@ spec: type: string namespace: type: string + patches: + items: + properties: + options: + additionalProperties: + type: boolean + type: object + patch: + type: string + path: + type: string + target: + properties: + annotationSelector: + type: string + group: + type: string + kind: + type: string + labelSelector: + type: string + name: + type: string + namespace: + type: string + version: + type: string + type: object + type: object + type: array replicas: items: properties: @@ -806,6 +866,36 @@ spec: type: string namespace: type: string + patches: + items: + properties: + options: + additionalProperties: + type: boolean + type: object + patch: + type: string + path: + type: string + target: + properties: + annotationSelector: + type: string + group: + type: string + kind: + type: string + labelSelector: + type: string + name: + type: string + namespace: + type: string + version: + type: string + type: object + type: object + type: array replicas: items: properties: @@ -992,6 +1082,36 @@ spec: type: string namespace: type: string + patches: + items: + properties: + options: + additionalProperties: + type: boolean + type: object + patch: + type: string + path: + type: string + target: + properties: + annotationSelector: + type: string + group: + type: string + kind: + type: string + labelSelector: + type: string + name: + type: string + namespace: + type: string + version: + type: string + type: object + type: object + type: array replicas: items: properties: @@ -1341,6 +1461,36 @@ spec: type: string namespace: type: string + patches: + items: + properties: + options: + additionalProperties: + type: boolean + type: object + patch: + type: string + path: + type: string + target: + properties: + annotationSelector: + type: string + group: + type: string + kind: + type: string + labelSelector: + type: string + name: + type: string + namespace: + type: string + version: + type: string + type: object + type: object + type: array replicas: items: properties: @@ -1527,6 +1677,36 @@ spec: type: string namespace: type: string + patches: + items: + properties: + options: + additionalProperties: + type: boolean + type: object + patch: + type: string + path: + type: string + target: + properties: + annotationSelector: + type: string + group: + type: string + kind: + type: string + labelSelector: + type: string + name: + type: string + namespace: + type: string + version: + type: string + type: object + type: object + type: array replicas: items: properties: @@ -1856,6 +2036,36 @@ spec: type: string namespace: type: string + patches: + items: + properties: + options: + additionalProperties: + type: boolean + type: object + patch: + type: string + path: + type: string + target: + properties: + annotationSelector: + type: string + group: + type: string + kind: + type: string + labelSelector: + type: string + name: + type: string + namespace: + type: string + version: + type: string + type: object + type: object + type: array replicas: items: properties: @@ -2042,6 +2252,36 @@ spec: type: string namespace: type: string + patches: + items: + properties: + options: + additionalProperties: + type: boolean + type: object + patch: + type: string + path: + type: string + target: + properties: + annotationSelector: + type: string + group: + type: string + kind: + type: string + labelSelector: + type: string + name: + type: string + namespace: + type: string + version: + type: string + type: object + type: object + type: array replicas: items: properties: @@ -2395,6 +2635,36 @@ spec: type: string namespace: type: string + patches: + items: + properties: + options: + additionalProperties: + type: boolean + type: object + patch: + type: string + path: + type: string + target: + properties: + annotationSelector: + type: string + group: + type: string + kind: + type: string + labelSelector: + type: string + name: + type: string + namespace: + type: string + version: + type: string + type: object + type: object + type: array replicas: items: properties: @@ -2581,6 +2851,36 @@ spec: type: string namespace: type: string + patches: + items: + properties: + options: + additionalProperties: + type: boolean + type: object + patch: + type: string + path: + type: string + target: + properties: + annotationSelector: + type: string + group: + type: string + kind: + type: string + labelSelector: + type: string + name: + type: string + namespace: + type: string + version: + type: string + type: object + type: object + type: array replicas: items: properties: @@ -2926,6 +3226,36 @@ spec: type: string namespace: type: string + patches: + items: + properties: + options: + additionalProperties: + type: boolean + type: object + patch: + type: string + path: + type: string + target: + properties: + annotationSelector: + type: string + group: + type: string + kind: + type: string + labelSelector: + type: string + name: + type: string + namespace: + type: string + version: + type: string + type: object + type: object + type: array replicas: items: properties: @@ -3112,6 +3442,36 @@ spec: type: string namespace: type: string + patches: + items: + properties: + options: + additionalProperties: + type: boolean + type: object + patch: + type: string + path: + type: string + target: + properties: + annotationSelector: + type: string + group: + type: string + kind: + type: string + labelSelector: + type: string + name: + type: string + namespace: + type: string + version: + type: string + type: object + type: object + type: array replicas: items: properties: @@ -3455,12 +3815,42 @@ spec: items: type: string type: array - namePrefix: - type: string - nameSuffix: - type: string - namespace: - type: string + namePrefix: + type: string + nameSuffix: + type: string + namespace: + type: string + patches: + items: + properties: + options: + additionalProperties: + type: boolean + type: object + patch: + type: string + path: + type: string + target: + properties: + annotationSelector: + type: string + group: + type: string + kind: + type: string + labelSelector: + type: string + name: + type: string + namespace: + type: string + version: + type: string + type: object + type: object + type: array replicas: items: properties: @@ -3647,6 +4037,36 @@ spec: type: string namespace: type: string + patches: + items: + properties: + options: + additionalProperties: + type: boolean + type: object + patch: + type: string + path: + type: string + target: + properties: + annotationSelector: + type: string + group: + type: string + kind: + type: string + labelSelector: + type: string + name: + type: string + namespace: + type: string + version: + type: string + type: object + type: object + type: array replicas: items: properties: @@ -3976,6 +4396,36 @@ spec: type: string namespace: type: string + patches: + items: + properties: + options: + additionalProperties: + type: boolean + type: object + patch: + type: string + path: + type: string + target: + properties: + annotationSelector: + type: string + group: + type: string + kind: + type: string + labelSelector: + type: string + name: + type: string + namespace: + type: string + version: + type: string + type: object + type: object + type: array replicas: items: properties: @@ -4162,6 +4612,36 @@ spec: type: string namespace: type: string + patches: + items: + properties: + options: + additionalProperties: + type: boolean + type: object + patch: + type: string + path: + type: string + target: + properties: + annotationSelector: + type: string + group: + type: string + kind: + type: string + labelSelector: + type: string + name: + type: string + namespace: + type: string + version: + type: string + type: object + type: object + type: array replicas: items: properties: @@ -4501,6 +4981,36 @@ spec: type: string namespace: type: string + patches: + items: + properties: + options: + additionalProperties: + type: boolean + type: object + patch: + type: string + path: + type: string + target: + properties: + annotationSelector: + type: string + group: + type: string + kind: + type: string + labelSelector: + type: string + name: + type: string + namespace: + type: string + version: + type: string + type: object + type: object + type: array replicas: items: properties: @@ -4687,6 +5197,36 @@ spec: type: string namespace: type: string + patches: + items: + properties: + options: + additionalProperties: + type: boolean + type: object + patch: + type: string + path: + type: string + target: + properties: + annotationSelector: + type: string + group: + type: string + kind: + type: string + labelSelector: + type: string + name: + type: string + namespace: + type: string + version: + type: string + type: object + type: object + type: array replicas: items: properties: @@ -5206,6 +5746,36 @@ spec: type: string namespace: type: string + patches: + items: + properties: + options: + additionalProperties: + type: boolean + type: object + patch: + type: string + path: + type: string + target: + properties: + annotationSelector: + type: string + group: + type: string + kind: + type: string + labelSelector: + type: string + name: + type: string + namespace: + type: string + version: + type: string + type: object + type: object + type: array replicas: items: properties: @@ -5392,6 +5962,36 @@ spec: type: string namespace: type: string + patches: + items: + properties: + options: + additionalProperties: + type: boolean + type: object + patch: + type: string + path: + type: string + target: + properties: + annotationSelector: + type: string + group: + type: string + kind: + type: string + labelSelector: + type: string + name: + type: string + namespace: + type: string + version: + type: string + type: object + type: object + type: array replicas: items: properties: @@ -5684,6 +6284,8 @@ spec: type: string group: type: string + includeSharedProjects: + type: boolean includeSubgroups: type: boolean insecure: @@ -5698,6 +6300,8 @@ spec: - key - secretName type: object + topic: + type: string required: - group type: object @@ -5902,6 +6506,36 @@ spec: type: string namespace: type: string + patches: + items: + properties: + options: + additionalProperties: + type: boolean + type: object + patch: + type: string + path: + type: string + target: + properties: + annotationSelector: + type: string + group: + type: string + kind: + type: string + labelSelector: + type: string + name: + type: string + namespace: + type: string + version: + type: string + type: object + type: object + type: array replicas: items: properties: @@ -6088,6 +6722,36 @@ spec: type: string namespace: type: string + patches: + items: + properties: + options: + additionalProperties: + type: boolean + type: object + patch: + type: string + path: + type: string + target: + properties: + annotationSelector: + type: string + group: + type: string + kind: + type: string + labelSelector: + type: string + name: + type: string + namespace: + type: string + version: + type: string + type: object + type: object + type: array replicas: items: properties: @@ -6431,6 +7095,36 @@ spec: type: string namespace: type: string + patches: + items: + properties: + options: + additionalProperties: + type: boolean + type: object + patch: + type: string + path: + type: string + target: + properties: + annotationSelector: + type: string + group: + type: string + kind: + type: string + labelSelector: + type: string + name: + type: string + namespace: + type: string + version: + type: string + type: object + type: object + type: array replicas: items: properties: @@ -6617,6 +7311,36 @@ spec: type: string namespace: type: string + patches: + items: + properties: + options: + additionalProperties: + type: boolean + type: object + patch: + type: string + path: + type: string + target: + properties: + annotationSelector: + type: string + group: + type: string + kind: + type: string + labelSelector: + type: string + name: + type: string + namespace: + type: string + version: + type: string + type: object + type: object + type: array replicas: items: properties: @@ -6964,12 +7688,42 @@ spec: items: type: string type: array - namePrefix: - type: string - nameSuffix: - type: string - namespace: - type: string + namePrefix: + type: string + nameSuffix: + type: string + namespace: + type: string + patches: + items: + properties: + options: + additionalProperties: + type: boolean + type: object + patch: + type: string + path: + type: string + target: + properties: + annotationSelector: + type: string + group: + type: string + kind: + type: string + labelSelector: + type: string + name: + type: string + namespace: + type: string + version: + type: string + type: object + type: object + type: array replicas: items: properties: @@ -7156,6 +7910,36 @@ spec: type: string namespace: type: string + patches: + items: + properties: + options: + additionalProperties: + type: boolean + type: object + patch: + type: string + path: + type: string + target: + properties: + annotationSelector: + type: string + group: + type: string + kind: + type: string + labelSelector: + type: string + name: + type: string + namespace: + type: string + version: + type: string + type: object + type: object + type: array replicas: items: properties: @@ -7501,6 +8285,36 @@ spec: type: string namespace: type: string + patches: + items: + properties: + options: + additionalProperties: + type: boolean + type: object + patch: + type: string + path: + type: string + target: + properties: + annotationSelector: + type: string + group: + type: string + kind: + type: string + labelSelector: + type: string + name: + type: string + namespace: + type: string + version: + type: string + type: object + type: object + type: array replicas: items: properties: @@ -7687,6 +8501,36 @@ spec: type: string namespace: type: string + patches: + items: + properties: + options: + additionalProperties: + type: boolean + type: object + patch: + type: string + path: + type: string + target: + properties: + annotationSelector: + type: string + group: + type: string + kind: + type: string + labelSelector: + type: string + name: + type: string + namespace: + type: string + version: + type: string + type: object + type: object + type: array replicas: items: properties: @@ -8036,6 +8880,36 @@ spec: type: string namespace: type: string + patches: + items: + properties: + options: + additionalProperties: + type: boolean + type: object + patch: + type: string + path: + type: string + target: + properties: + annotationSelector: + type: string + group: + type: string + kind: + type: string + labelSelector: + type: string + name: + type: string + namespace: + type: string + version: + type: string + type: object + type: object + type: array replicas: items: properties: @@ -8222,6 +9096,36 @@ spec: type: string namespace: type: string + patches: + items: + properties: + options: + additionalProperties: + type: boolean + type: object + patch: + type: string + path: + type: string + target: + properties: + annotationSelector: + type: string + group: + type: string + kind: + type: string + labelSelector: + type: string + name: + type: string + namespace: + type: string + version: + type: string + type: object + type: object + type: array replicas: items: properties: @@ -8551,6 +9455,36 @@ spec: type: string namespace: type: string + patches: + items: + properties: + options: + additionalProperties: + type: boolean + type: object + patch: + type: string + path: + type: string + target: + properties: + annotationSelector: + type: string + group: + type: string + kind: + type: string + labelSelector: + type: string + name: + type: string + namespace: + type: string + version: + type: string + type: object + type: object + type: array replicas: items: properties: @@ -8737,6 +9671,36 @@ spec: type: string namespace: type: string + patches: + items: + properties: + options: + additionalProperties: + type: boolean + type: object + patch: + type: string + path: + type: string + target: + properties: + annotationSelector: + type: string + group: + type: string + kind: + type: string + labelSelector: + type: string + name: + type: string + namespace: + type: string + version: + type: string + type: object + type: object + type: array replicas: items: properties: @@ -9076,6 +10040,36 @@ spec: type: string namespace: type: string + patches: + items: + properties: + options: + additionalProperties: + type: boolean + type: object + patch: + type: string + path: + type: string + target: + properties: + annotationSelector: + type: string + group: + type: string + kind: + type: string + labelSelector: + type: string + name: + type: string + namespace: + type: string + version: + type: string + type: object + type: object + type: array replicas: items: properties: @@ -9262,6 +10256,36 @@ spec: type: string namespace: type: string + patches: + items: + properties: + options: + additionalProperties: + type: boolean + type: object + patch: + type: string + path: + type: string + target: + properties: + annotationSelector: + type: string + group: + type: string + kind: + type: string + labelSelector: + type: string + name: + type: string + namespace: + type: string + version: + type: string + type: object + type: object + type: array replicas: items: properties: @@ -9781,6 +10805,36 @@ spec: type: string namespace: type: string + patches: + items: + properties: + options: + additionalProperties: + type: boolean + type: object + patch: + type: string + path: + type: string + target: + properties: + annotationSelector: + type: string + group: + type: string + kind: + type: string + labelSelector: + type: string + name: + type: string + namespace: + type: string + version: + type: string + type: object + type: object + type: array replicas: items: properties: @@ -9967,6 +11021,36 @@ spec: type: string namespace: type: string + patches: + items: + properties: + options: + additionalProperties: + type: boolean + type: object + patch: + type: string + path: + type: string + target: + properties: + annotationSelector: + type: string + group: + type: string + kind: + type: string + labelSelector: + type: string + name: + type: string + namespace: + type: string + version: + type: string + type: object + type: object + type: array replicas: items: properties: @@ -10259,6 +11343,8 @@ spec: type: string group: type: string + includeSharedProjects: + type: boolean includeSubgroups: type: boolean insecure: @@ -10273,6 +11359,8 @@ spec: - key - secretName type: object + topic: + type: string required: - group type: object @@ -10477,6 +11565,36 @@ spec: type: string namespace: type: string + patches: + items: + properties: + options: + additionalProperties: + type: boolean + type: object + patch: + type: string + path: + type: string + target: + properties: + annotationSelector: + type: string + group: + type: string + kind: + type: string + labelSelector: + type: string + name: + type: string + namespace: + type: string + version: + type: string + type: object + type: object + type: array replicas: items: properties: @@ -10663,6 +11781,36 @@ spec: type: string namespace: type: string + patches: + items: + properties: + options: + additionalProperties: + type: boolean + type: object + patch: + type: string + path: + type: string + target: + properties: + annotationSelector: + type: string + group: + type: string + kind: + type: string + labelSelector: + type: string + name: + type: string + namespace: + type: string + version: + type: string + type: object + type: object + type: array replicas: items: properties: @@ -11010,6 +12158,36 @@ spec: type: string namespace: type: string + patches: + items: + properties: + options: + additionalProperties: + type: boolean + type: object + patch: + type: string + path: + type: string + target: + properties: + annotationSelector: + type: string + group: + type: string + kind: + type: string + labelSelector: + type: string + name: + type: string + namespace: + type: string + version: + type: string + type: object + type: object + type: array replicas: items: properties: @@ -11196,6 +12374,36 @@ spec: type: string namespace: type: string + patches: + items: + properties: + options: + additionalProperties: + type: boolean + type: object + patch: + type: string + path: + type: string + target: + properties: + annotationSelector: + type: string + group: + type: string + kind: + type: string + labelSelector: + type: string + name: + type: string + namespace: + type: string + version: + type: string + type: object + type: object + type: array replicas: items: properties: @@ -11532,6 +12740,36 @@ spec: type: string namespace: type: string + patches: + items: + properties: + options: + additionalProperties: + type: boolean + type: object + patch: + type: string + path: + type: string + target: + properties: + annotationSelector: + type: string + group: + type: string + kind: + type: string + labelSelector: + type: string + name: + type: string + namespace: + type: string + version: + type: string + type: object + type: object + type: array replicas: items: properties: @@ -11718,6 +12956,36 @@ spec: type: string namespace: type: string + patches: + items: + properties: + options: + additionalProperties: + type: boolean + type: object + patch: + type: string + path: + type: string + target: + properties: + annotationSelector: + type: string + group: + type: string + kind: + type: string + labelSelector: + type: string + name: + type: string + namespace: + type: string + version: + type: string + type: object + type: object + type: array replicas: items: properties: @@ -12237,6 +13505,36 @@ spec: type: string namespace: type: string + patches: + items: + properties: + options: + additionalProperties: + type: boolean + type: object + patch: + type: string + path: + type: string + target: + properties: + annotationSelector: + type: string + group: + type: string + kind: + type: string + labelSelector: + type: string + name: + type: string + namespace: + type: string + version: + type: string + type: object + type: object + type: array replicas: items: properties: @@ -12423,6 +13721,36 @@ spec: type: string namespace: type: string + patches: + items: + properties: + options: + additionalProperties: + type: boolean + type: object + patch: + type: string + path: + type: string + target: + properties: + annotationSelector: + type: string + group: + type: string + kind: + type: string + labelSelector: + type: string + name: + type: string + namespace: + type: string + version: + type: string + type: object + type: object + type: array replicas: items: properties: @@ -12715,6 +14043,8 @@ spec: type: string group: type: string + includeSharedProjects: + type: boolean includeSubgroups: type: boolean insecure: @@ -12729,6 +14059,8 @@ spec: - key - secretName type: object + topic: + type: string required: - group type: object @@ -12933,6 +14265,36 @@ spec: type: string namespace: type: string + patches: + items: + properties: + options: + additionalProperties: + type: boolean + type: object + patch: + type: string + path: + type: string + target: + properties: + annotationSelector: + type: string + group: + type: string + kind: + type: string + labelSelector: + type: string + name: + type: string + namespace: + type: string + version: + type: string + type: object + type: object + type: array replicas: items: properties: @@ -13119,6 +14481,36 @@ spec: type: string namespace: type: string + patches: + items: + properties: + options: + additionalProperties: + type: boolean + type: object + patch: + type: string + path: + type: string + target: + properties: + annotationSelector: + type: string + group: + type: string + kind: + type: string + labelSelector: + type: string + name: + type: string + namespace: + type: string + version: + type: string + type: object + type: object + type: array replicas: items: properties: @@ -13270,12 +14662,31 @@ spec: items: type: string type: array + ignoreApplicationDifferences: + items: + properties: + jqPathExpressions: + items: + type: string + type: array + jsonPointers: + items: + type: string + type: array + name: + type: string + type: object + type: array preservedFields: properties: annotations: items: type: string type: array + labels: + items: + type: string + type: array type: object strategy: properties: @@ -13518,6 +14929,36 @@ spec: type: string namespace: type: string + patches: + items: + properties: + options: + additionalProperties: + type: boolean + type: object + patch: + type: string + path: + type: string + target: + properties: + annotationSelector: + type: string + group: + type: string + kind: + type: string + labelSelector: + type: string + name: + type: string + namespace: + type: string + version: + type: string + type: object + type: object + type: array replicas: items: properties: @@ -13704,6 +15145,36 @@ spec: type: string namespace: type: string + patches: + items: + properties: + options: + additionalProperties: + type: boolean + type: object + patch: + type: string + path: + type: string + target: + properties: + annotationSelector: + type: string + group: + type: string + kind: + type: string + labelSelector: + type: string + name: + type: string + namespace: + type: string + version: + type: string + type: object + type: object + type: array replicas: items: properties: diff --git a/charts/argo-cd/values.yaml b/charts/argo-cd/values.yaml index 52ce703d9..2e1bcf12d 100644 --- a/charts/argo-cd/values.yaml +++ b/charts/argo-cd/values.yaml @@ -266,6 +266,12 @@ configs: # -- Enables use of the Progressive Syncs capability applicationsetcontroller.enable.progressive.syncs: false + # -- Enables [Applications in any namespace] + ## List of additional namespaces where applications may be created in and reconciled from. + ## The namespace where Argo CD is installed to will always be allowed. + ## Set comma-separated list. (e.g. app-team-one, app-team-two) + application.namespaces: "" + # Argo CD RBAC policy configuration ## Ref: https://github.com/argoproj/argo-cd/blob/master/docs/operator-manual/rbac.md rbac: @@ -407,7 +413,7 @@ configs: ## - https://argo-cd.readthedocs.io/en/stable/user-guide/projects/#project-scoped-repositories-and-clusters clusterCredentials: [] # - name: mycluster - # server: https://mycluster.com + # server: https://mycluster.example.com # labels: {} # annotations: {} # config: @@ -416,7 +422,7 @@ configs: # insecure: false # caData: "" # - name: mycluster2 - # server: https://mycluster2.com + # server: https://mycluster2.example.com # labels: {} # annotations: {} # namespaces: namespace1,namespace2 @@ -427,7 +433,7 @@ configs: # insecure: false # caData: "" # - name: mycluster3-project-scoped - # server: https://mycluster3.com + # server: https://mycluster3.example.com # labels: {} # annotations: {} # project: my-project1 diff --git a/charts/argo-rollouts/Chart.yaml b/charts/argo-rollouts/Chart.yaml index 6d343fdce..933cc9d34 100644 --- a/charts/argo-rollouts/Chart.yaml +++ b/charts/argo-rollouts/Chart.yaml @@ -1,8 +1,8 @@ apiVersion: v2 -appVersion: v1.6.0 +appVersion: v1.6.2 description: A Helm chart for Argo Rollouts name: argo-rollouts -version: 2.32.2 +version: 2.32.5 home: https://github.com/argoproj/argo-helm icon: https://argoproj.github.io/argo-rollouts/assets/logo.png keywords: @@ -18,5 +18,5 @@ annotations: fingerprint: 2B8F22F57260EFA67BE1C5824B11F800CD9D2252 url: https://argoproj.github.io/argo-helm/pgp_keys.asc artifacthub.io/changes: | - - kind: fixed - description: Update AnalysisRun CRD to match upstream + - kind: changed + description: Upgrade Argo Rollouts CRDs to match them mainstream from v1.6.2 diff --git a/charts/argo-rollouts/templates/crds/analysis-template-crd.yaml b/charts/argo-rollouts/templates/crds/analysis-template-crd.yaml index 934790970..d97a6ce98 100644 --- a/charts/argo-rollouts/templates/crds/analysis-template-crd.yaml +++ b/charts/argo-rollouts/templates/crds/analysis-template-crd.yaml @@ -185,13 +185,22 @@ spec: datadog: properties: apiVersion: + default: v1 + enum: + - v1 + - v2 + type: string + formula: type: string interval: + default: 5m type: string + queries: + additionalProperties: + type: string + type: object query: type: string - required: - - query type: object graphite: properties: @@ -2805,6 +2814,19 @@ spec: type: string authentication: properties: + oauth2: + properties: + clientId: + type: string + clientSecret: + type: string + scopes: + items: + type: string + type: array + tokenUrl: + type: string + type: object sigv4: properties: profile: @@ -2853,6 +2875,31 @@ spec: type: object web: properties: + authentication: + properties: + oauth2: + properties: + clientId: + type: string + clientSecret: + type: string + scopes: + items: + type: string + type: array + tokenUrl: + type: string + type: object + sigv4: + properties: + profile: + type: string + region: + type: string + roleArn: + type: string + type: object + type: object body: type: string headers: diff --git a/charts/argo-rollouts/templates/crds/cluster-analysis-template-crd.yaml b/charts/argo-rollouts/templates/crds/cluster-analysis-template-crd.yaml index 669773748..335f06a24 100644 --- a/charts/argo-rollouts/templates/crds/cluster-analysis-template-crd.yaml +++ b/charts/argo-rollouts/templates/crds/cluster-analysis-template-crd.yaml @@ -185,13 +185,22 @@ spec: datadog: properties: apiVersion: + default: v1 + enum: + - v1 + - v2 + type: string + formula: type: string interval: + default: 5m type: string + queries: + additionalProperties: + type: string + type: object query: type: string - required: - - query type: object graphite: properties: @@ -2805,6 +2814,19 @@ spec: type: string authentication: properties: + oauth2: + properties: + clientId: + type: string + clientSecret: + type: string + scopes: + items: + type: string + type: array + tokenUrl: + type: string + type: object sigv4: properties: profile: @@ -2853,6 +2875,31 @@ spec: type: object web: properties: + authentication: + properties: + oauth2: + properties: + clientId: + type: string + clientSecret: + type: string + scopes: + items: + type: string + type: array + tokenUrl: + type: string + type: object + sigv4: + properties: + profile: + type: string + region: + type: string + roleArn: + type: string + type: object + type: object body: type: string headers: diff --git a/charts/argo-workflows/Chart.yaml b/charts/argo-workflows/Chart.yaml index 44d16babd..d71407c90 100644 --- a/charts/argo-workflows/Chart.yaml +++ b/charts/argo-workflows/Chart.yaml @@ -1,9 +1,9 @@ apiVersion: v2 -appVersion: v3.5.0 +appVersion: v3.5.2 name: argo-workflows description: A Helm chart for Argo Workflows type: application -version: 0.37.0 +version: 0.39.5 icon: https://argoproj.github.io/argo-workflows/assets/logo.png home: https://github.com/argoproj/argo-helm sources: @@ -17,4 +17,4 @@ annotations: url: https://argoproj.github.io/argo-helm/pgp_keys.asc artifacthub.io/changes: | - kind: changed - description: Updated supported scaling parameters based on https://argoproj.github.io/argo-workflows/scaling/ + description: Upgrade Argo Workflows to v3.5.2 diff --git a/charts/argo-workflows/README.md b/charts/argo-workflows/README.md index 038111696..64bd81918 100644 --- a/charts/argo-workflows/README.md +++ b/charts/argo-workflows/README.md @@ -142,6 +142,8 @@ Fields to note: | controller.affinity | object | `{}` | Assign custom [affinity] rules | | controller.clusterWorkflowTemplates.enabled | bool | `true` | Create a ClusterRole and CRB for the controller to access ClusterWorkflowTemplates. | | controller.columns | list | `[]` | Configure Argo Server to show custom [columns] | +| controller.configMap.create | bool | `true` | Create a ConfigMap for the controller | +| controller.configMap.name | string | `""` | ConfigMap name | | controller.cronWorkflowWorkers | string | `nil` | Number of cron workflow workers Only valid for 3.5+ | | controller.deploymentAnnotations | object | `{}` | deploymentAnnotations is an optional map of annotations to be applied to the controller Deployment | | controller.extraArgs | list | `[]` | Extra arguments to be added to the controller | @@ -197,6 +199,7 @@ Fields to note: | controller.resourceRateLimit | object | `{}` | Globally limits the rate at which pods are created. This is intended to mitigate flooding of the Kubernetes API server by workflows with a large amount of parallel nodes. | | controller.resources | object | `{}` | Resource limits and requests for the controller | | controller.retentionPolicy | object | `{}` | Workflow retention by number of workflows | +| controller.revisionHistoryLimit | int | `10` | The number of revisions to keep. | | controller.securityContext | object | `{"allowPrivilegeEscalation":false,"capabilities":{"drop":["ALL"]},"readOnlyRootFilesystem":true,"runAsNonRoot":true}` | the controller container's securityContext | | controller.serviceAccount.annotations | object | `{}` | Annotations applied to created service account | | controller.serviceAccount.create | bool | `true` | Create a service account for the controller | @@ -260,7 +263,8 @@ Fields to note: | server.GKEmanagedCertificate.domains | list | `["argoworkflows.example.com"]` | Domains for the Google Managed Certificate | | server.GKEmanagedCertificate.enabled | bool | `false` | Enable ManagedCertificate custom resource for Google Kubernetes Engine. | | server.affinity | object | `{}` | Assign custom [affinity] rules | -| server.authMode | string | `""` | Auth Mode is available from `server` , `client` or `sso`. If you chose `sso` , please configure `.Values.server.sso` as well. | +| server.authMode | string | `""` | Deprecated; use server.authModes instead. | +| server.authModes | list | `[]` | A list of supported authentication modes. Available values are `server`, `client`, or `sso`. If you provide sso, please configure `.Values.server.sso` as well. | | server.autoscaling.behavior | object | `{}` | Configures the scaling behavior of the target in both Up and Down directions. This is only available on HPA apiVersion `autoscaling/v2beta2` and newer | | server.autoscaling.enabled | bool | `false` | Enable Horizontal Pod Autoscaler ([HPA]) for the Argo Server | | server.autoscaling.maxReplicas | int | `5` | Maximum number of replicas for the Argo Server [HPA] | @@ -303,6 +307,7 @@ Fields to note: | server.rbac.create | bool | `true` | Adds Role and RoleBinding for the server. | | server.replicas | int | `1` | The number of server pods to run | | server.resources | object | `{}` | Resource limits and requests for the server | +| server.revisionHistoryLimit | int | `10` | The number of revisions to keep. | | server.secure | bool | `false` | Run the argo server in "secure" mode. Configure this value instead of `--secure` in extraArgs. | | server.securityContext | object | `{"allowPrivilegeEscalation":false,"capabilities":{"drop":["ALL"]},"readOnlyRootFilesystem":false,"runAsNonRoot":true}` | Servers container-level security context | | server.serviceAccount.annotations | object | `{}` | Annotations applied to created service account | @@ -330,6 +335,7 @@ Fields to note: | server.sso.scopes | list | `[]` | Scopes requested from the SSO ID provider | | server.sso.sessionExpiry | string | `""` | Define how long your login is valid for (in hours) | | server.sso.userInfoPath | string | `""` | Specify the user info endpoint that contains the groups claim | +| server.tmpVolume | object | `{"emptyDir":{}}` | Volume to be mounted in Pods for temporary files. | | server.tolerations | list | `[]` | [Tolerations] for use with node taints | | server.topologySpreadConstraints | list | `[]` | Assign custom [TopologySpreadConstraints] rules to the argo server | | server.volumeMounts | list | `[]` | Additional volume mounts to the server main container. | diff --git a/charts/argo-workflows/ci/enable-ingress-values.yaml b/charts/argo-workflows/ci/enable-ingress-values.yaml index 05dae8861..bfcc37c3f 100644 --- a/charts/argo-workflows/ci/enable-ingress-values.yaml +++ b/charts/argo-workflows/ci/enable-ingress-values.yaml @@ -5,4 +5,4 @@ server: ingress: enabled: true hosts: - - argo-workflows.127.0.0.1.xip.io + - argo-workflows.example.com diff --git a/charts/argo-workflows/templates/NOTES.txt b/charts/argo-workflows/templates/NOTES.txt index b4933a7dd..43c1c8f84 100644 --- a/charts/argo-workflows/templates/NOTES.txt +++ b/charts/argo-workflows/templates/NOTES.txt @@ -1,3 +1,7 @@ +{{- if .Values.server.authMode }} +DEPRECATED option server.authMode - Use server.authModes +{{- end }} + 1. Get Argo Server external IP/domain by running: kubectl --namespace {{ .Release.Namespace }} get services -o wide | grep {{ template "argo-workflows.server.fullname" . }} diff --git a/charts/argo-workflows/templates/_helpers.tpl b/charts/argo-workflows/templates/_helpers.tpl index 0713264fb..0d170ec98 100644 --- a/charts/argo-workflows/templates/_helpers.tpl +++ b/charts/argo-workflows/templates/_helpers.tpl @@ -97,6 +97,13 @@ app.kubernetes.io/component: {{ .component }} {{- end }} {{- end }} +{{/* +Create the name of the controller configMap +*/}} +{{- define "argo-workflows.controller.config-map.name" -}} +{{- .Values.controller.configMap.name | default (printf "%s-%s" (include "argo-workflows.controller.fullname" .) "configmap") | trunc 63 | trimSuffix "-" -}} +{{- end -}} + {{/* Create the name of the server service account to use */}} diff --git a/charts/argo-workflows/templates/controller/workflow-controller-config-map.yaml b/charts/argo-workflows/templates/controller/workflow-controller-config-map.yaml index d4728a30f..bff3e1218 100644 --- a/charts/argo-workflows/templates/controller/workflow-controller-config-map.yaml +++ b/charts/argo-workflows/templates/controller/workflow-controller-config-map.yaml @@ -1,7 +1,8 @@ +{{- if .Values.controller.configMap.create }} apiVersion: v1 kind: ConfigMap metadata: - name: {{ template "argo-workflows.controller.fullname" . }}-configmap + name: {{ template "argo-workflows.controller.config-map.name" . }} namespace: {{ .Release.Namespace | quote }} labels: {{- include "argo-workflows.labels" (dict "context" . "component" .Values.controller.name "name" "cm") | nindent 4 }} @@ -191,3 +192,4 @@ data: {{- with .Values.controller.podGCDeleteDelayDuration }} podGCDeleteDelayDuration: {{ . }} {{- end }} +{{- end }} diff --git a/charts/argo-workflows/templates/controller/workflow-controller-deployment.yaml b/charts/argo-workflows/templates/controller/workflow-controller-deployment.yaml index 132d7f8ce..2cc8a9036 100644 --- a/charts/argo-workflows/templates/controller/workflow-controller-deployment.yaml +++ b/charts/argo-workflows/templates/controller/workflow-controller-deployment.yaml @@ -12,6 +12,7 @@ metadata: {{- end }} spec: replicas: {{ .Values.controller.replicas }} + revisionHistoryLimit: {{ .Values.controller.revisionHistoryLimit }} selector: matchLabels: {{- include "argo-workflows.selectorLabels" (dict "context" . "name" .Values.controller.name) | nindent 6 }} @@ -44,7 +45,7 @@ spec: command: [ "workflow-controller" ] args: - "--configmap" - - "{{ template "argo-workflows.controller.fullname" . }}-configmap" + - "{{ template "argo-workflows.controller.config-map.name" . }}" - "--executor-image" - "{{- include "argo-workflows.image" (dict "context" . "image" .Values.executor.image) }}:{{ default (include "argo-workflows.defaultTag" .) .Values.executor.image.tag }}" - "--loglevel" diff --git a/charts/argo-workflows/templates/controller/workflow-controller-service.yaml b/charts/argo-workflows/templates/controller/workflow-controller-service.yaml index 5ade3d401..1959eb2e0 100644 --- a/charts/argo-workflows/templates/controller/workflow-controller-service.yaml +++ b/charts/argo-workflows/templates/controller/workflow-controller-service.yaml @@ -6,7 +6,7 @@ metadata: namespace: {{ .Release.Namespace | quote }} labels: {{- include "argo-workflows.labels" (dict "context" . "component" .Values.controller.name "name" .Values.controller.name) | nindent 4 }} - app.kubernetes.io/version: {{ default (include "argo-workflows.defaultTag" .) .Values.controller.image.tag | trunc 63 | quote }} + app.kubernetes.io/version: {{ include "argo-workflows.controller_chart_version_label" . }} {{- with .Values.controller.serviceLabels }} {{ toYaml . | nindent 4 }} {{- end }} diff --git a/charts/argo-workflows/templates/server/server-deployment.yaml b/charts/argo-workflows/templates/server/server-deployment.yaml index cea885da7..f44fa57d1 100644 --- a/charts/argo-workflows/templates/server/server-deployment.yaml +++ b/charts/argo-workflows/templates/server/server-deployment.yaml @@ -15,6 +15,7 @@ spec: {{- if not .Values.server.autoscaling.enabled }} replicas: {{ .Values.server.replicas }} {{- end }} + revisionHistoryLimit: {{ .Values.server.revisionHistoryLimit }} selector: matchLabels: {{- include "argo-workflows.selectorLabels" (dict "context" . "name" .Values.server.name) | nindent 6 }} @@ -48,13 +49,16 @@ spec: {{- toYaml .Values.server.securityContext | nindent 12 }} args: - server - - --configmap={{ template "argo-workflows.controller.fullname" . }}-configmap + - --configmap={{ template "argo-workflows.controller.config-map.name" . }} {{- with .Values.server.extraArgs }} {{- toYaml . | nindent 10 }} {{- end }} {{- if .Values.server.authMode }} - "--auth-mode={{ .Values.server.authMode }}" {{- end }} + {{- range .Values.server.authModes }} + - "--auth-mode={{ . }}" + {{- end }} - "--secure={{ .Values.server.secure }}" {{- if .Values.singleNamespace }} - "--namespaced" @@ -109,7 +113,7 @@ spec: {{- end }} volumes: - name: tmp - emptyDir: {} + {{- toYaml .Values.server.tmpVolume | nindent 8 }} {{- with .Values.server.volumes }} {{- toYaml . | nindent 6}} {{- end }} diff --git a/charts/argo-workflows/values.yaml b/charts/argo-workflows/values.yaml index cae5f749e..a1a101d53 100644 --- a/charts/argo-workflows/values.yaml +++ b/charts/argo-workflows/values.yaml @@ -91,6 +91,12 @@ controller: # -- Allows controller to create and update ConfigMaps. Enables memoization feature writeConfigMaps: false + configMap: + # -- Create a ConfigMap for the controller + create: true + # -- ConfigMap name + name: "" + # -- Limits the maximum number of incomplete workflows in a namespace namespaceParallelism: # -- Resolves ongoing, uncommon AWS EKS bug: https://github.com/argoproj/argo-workflows/pull/4224 @@ -124,7 +130,7 @@ controller: # -- Service metrics port name servicePortName: metrics # -- ServiceMonitor relabel configs to apply to samples before scraping - ## Ref: https://github.com/prometheus-operator/prometheus-operator/blob/master/Documentation/api.md#relabelconfig + ## Ref: https://github.com/prometheus-operator/prometheus-operator/blob/main/Documentation/api.md#relabelconfig relabelings: [] # -- ServiceMonitor metric relabel configs to apply to samples before ingestion ## Ref: https://github.com/prometheus-operator/prometheus-operator/blob/main/Documentation/api.md#endpoint @@ -295,6 +301,8 @@ controller: volumes: [] # -- The number of controller pods to run replicas: 1 + # -- The number of revisions to keep. + revisionHistoryLimit: 10 pdb: # -- Configure [Pod Disruption Budget] for the controller pods @@ -472,6 +480,8 @@ server: resources: {} # -- The number of server pods to run replicas: 1 + # -- The number of revisions to keep. + revisionHistoryLimit: 10 ## Argo Server Horizontal Pod Autoscaler autoscaling: # -- Enable Horizontal Pod Autoscaler ([HPA]) for the Argo Server @@ -536,10 +546,13 @@ server: # - name: FOO # value: "bar" - # -- Auth Mode is available from `server` , `client` or `sso`. If you chose `sso` , please configure `.Values.server.sso` as well. - ## Ref: https://argoproj.github.io/argo-workflows/argo-server-auth-mode/ + # -- Deprecated; use server.authModes instead. authMode: "" + # -- A list of supported authentication modes. Available values are `server`, `client`, or `sso`. If you provide sso, please configure `.Values.server.sso` as well. + ## Ref: https://argoproj.github.io/argo-workflows/argo-server-auth-mode/ + authModes: [] + # -- Extra arguments to provide to the Argo server binary. ## Ref: https://argoproj.github.io/argo-workflows/argo-server/#options extraArgs: [] @@ -552,6 +565,9 @@ server: # -- Set the logging format (one of: `text`, `json`) format: "text" + # -- Volume to be mounted in Pods for temporary files. + tmpVolume: + emptyDir: {} # -- Additional volume mounts to the server main container. volumeMounts: [] # -- Additional volumes to the server pod. From 370482c2a49edcc397daf7b4053b7235562fa24a Mon Sep 17 00:00:00 2001 From: pashakostohrys Date: Tue, 26 Dec 2023 13:09:27 +0200 Subject: [PATCH 355/356] feat: update argocd to 2.9-2023.12.22-f5398c630 --- charts/argo-cd/Chart.yaml | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index 5aa03524f..16f552f41 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -1,9 +1,9 @@ apiVersion: v2 -appVersion: v2.9-2023.12.06-e6258156d +appVersion: v2.9-2023.12.22-f5398c630 kubeVersion: ">=1.23.0-0" description: A Helm chart for Argo CD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 5.51.6-1-cap-2.9-2023.12.06-e6258156d +version: 5.51.6-2-cap-2.9-2023.12.22-f5398c630 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png sources: @@ -27,4 +27,4 @@ annotations: url: https://argoproj.github.io/argo-helm/pgp_keys.asc artifacthub.io/changes: | - kind: changed - description: Upgrade Argo CD to v2.9-2023.12.06-e6258156d + description: Upgrade Argo CD to v2.9-2023.12.22-f5398c630 From 6376f1d4cfdbf526b7383bc7b8a1befcf2a90563 Mon Sep 17 00:00:00 2001 From: pashakostohrys Date: Thu, 28 Dec 2023 12:06:24 +0200 Subject: [PATCH 356/356] feat: update argocd to 2.9-2023.12.28-a52e719a5 --- charts/argo-cd/Chart.yaml | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index 16f552f41..69aa7126d 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -1,9 +1,9 @@ apiVersion: v2 -appVersion: v2.9-2023.12.22-f5398c630 +appVersion: v2.9-2023.12.28-a52e719a5 kubeVersion: ">=1.23.0-0" description: A Helm chart for Argo CD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 5.51.6-2-cap-2.9-2023.12.22-f5398c630 +version: 5.51.6-3-cap-2.9-2023.12.28-a52e719a5 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png sources: @@ -27,4 +27,4 @@ annotations: url: https://argoproj.github.io/argo-helm/pgp_keys.asc artifacthub.io/changes: | - kind: changed - description: Upgrade Argo CD to v2.9-2023.12.22-f5398c630 + description: Upgrade Argo CD to v2.9-2023.12.28-a52e719a5