feat(argo-cd): Update to use v2.3.1 release (#1162)

* feat(argo-cd): Update to use v2.3.1 release Signed-off-by: mikeeq <miotk.mikolaj@gmail.com> * Move applicationSet.* and notifications.* to a dedicated location Signed-off-by: Marco Kilchhofer <mkilchhofer@users.noreply.github.com> * Fix typo in deployment.yaml Signed-off-by: mikeeq <miotk.mikolaj@gmail.com> * Fix notifications bot deployment Signed-off-by: mikeeq <miotk.mikolaj@gmail.com> * Update README.md Signed-off-by: mikeeq <miotk.mikolaj@gmail.com> * Update README.md and fix slack bot image Signed-off-by: mikeeq <miotk.mikolaj@gmail.com> * Drop nameOverride for new components as we use the global one Signed-off-by: Marco Kilchhofer <mkilchhofer@users.noreply.github.com> * Drop "applicationSet.args.namespace" and "applicationSet.args.argocdRepoServer" Signed-off-by: Marco Kilchhofer <mkilchhofer@users.noreply.github.com> * Consistent use of volumes (gpg, tls, knownHosts, extra) Signed-off-by: Marco Kilchhofer <mkilchhofer@users.noreply.github.com> * Bump major chart version and place a note in teh Upgrading section Signed-off-by: Marco Kilchhofer <mkilchhofer@users.noreply.github.com> * Change "enableStatefulSet: true" as we are in a major release now Signed-off-by: Marco Kilchhofer <mkilchhofer@users.noreply.github.com> * Drop PSP of applicationSet Signed-off-by: Marco Kilchhofer <mkilchhofer@users.noreply.github.com> * Fix applicationset webhook-ingress Signed-off-by: Marco Kilchhofer <mkilchhofer@users.noreply.github.com> * Drop unused variables in values.yaml and README Signed-off-by: Marco Kilchhofer <mkilchhofer@users.noreply.github.com> * Also set namespace and argocd-repo-server args on notification-controller Signed-off-by: Marco Kilchhofer <mkilchhofer@users.noreply.github.com> * Consistent use of "Argo CD" instead of "ArgoCD" Signed-off-by: Marco Kilchhofer <mkilchhofer@users.noreply.github.com> * Trigger CI Signed-off-by: Marco Kilchhofer <mkilchhofer@users.noreply.github.com> Co-authored-by: Marco Kilchhofer <mkilchhofer@users.noreply.github.com>
2022-03-16 22:01:30 +01:00 · 2022-03-16 22:01:30 +01:00 · 32a06059c3
commit 32a06059c3
parent c8f0471bd0
28 changed files with 8325 additions and 64 deletions
--- a/charts/argo-cd/templates/_helpers.tpl
+++ b/charts/argo-cd/templates/_helpers.tpl
@ -67,6 +67,20 @@ Create argocd repo-server name and version as used by the chart label.
 {{- printf "%s-%s" (include "argo-cd.fullname" .) .Values.repoServer.name | trunc 63 | trimSuffix "-" -}}
 {{- end -}}

+{{/*
+Create argocd application set name and version as used by the chart label.
+*/}}
+{{- define "argo-cd.applicationSet.fullname" -}}
+{{- printf "%s-%s" (include "argo-cd.fullname" .) .Values.applicationSet.name | trunc 63 | trimSuffix "-" -}}
+{{- end -}}
+
+{{/*
+Create argocd notifications name and version as used by the chart label.
+*/}}
+{{- define "argo-cd.notifications.fullname" -}}
+{{- printf "%s-%s" (include "argo-cd.fullname" .) .Values.notifications.name | trunc 63 | trimSuffix "-" -}}
+{{- end -}}
+
 {{/*
 Create the name of the controller service account to use
 */}}
@ -101,7 +115,7 @@ Create the name of the redis service account to use
 {{- end -}}

 {{/*
-Create the name of the ArgoCD server service account to use
+Create the name of the Argo CD server service account to use
 */}}
 {{- define "argo-cd.serverServiceAccountName" -}}
 {{- if .Values.server.serviceAccount.create -}}
@ -122,6 +136,39 @@ Create the name of the repo-server service account to use
 {{- end -}}
 {{- end -}}

+{{/*
+Create the name of the application set service account to use
+*/}}
+{{- define "argo-cd.applicationSetServiceAccountName" -}}
+{{- if .Values.applicationSet.serviceAccount.create -}}
+    {{ default (include "argo-cd.applicationSet.fullname" .) .Values.applicationSet.serviceAccount.name }}
+{{- else -}}
+    {{ default "default" .Values.applicationSet.serviceAccount.name }}
+{{- end -}}
+{{- end -}}
+
+{{/*
+Create the name of the notifications service account to use
+*/}}
+{{- define "argo-cd.notificationsServiceAccountName" -}}
+{{- if .Values.notifications.serviceAccount.create -}}
+    {{ default (include "argo-cd.notifications.fullname" .) .Values.notifications.serviceAccount.name }}
+{{- else -}}
+    {{ default "default" .Values.notifications.serviceAccount.name }}
+{{- end -}}
+{{- end -}}
+
+{{/*
+Create the name of the notifications bots slack service account to use
+*/}}
+{{- define "argo-cd.notificationsBotsSlackServiceAccountName" -}}
+{{- if .Values.notifications.bots.slack.serviceAccount.create -}}
+    {{ default (include "argo-cd.notifications.fullname" .) .Values.notifications.bots.slack.serviceAccount.name }}
+{{- else -}}
+    {{ default "default" .Values.notifications.bots.slack.serviceAccount.name }}
+{{- end -}}
+{{- end -}}
+
 {{/*
 Create chart name and version as used by the chart label.
 */}}
@ -177,7 +224,7 @@ Return the target Kubernetes version
  {{- default .Capabilities.KubeVersion.Version .Values.kubeVersionOverride }}
 {{- end -}}

-{{/* 
+{{/*
 Argo Configuration Preset Values (Incluenced by Values configuration)
 */}}
 {{- define "argo-cd.config.presets" -}}
@ -186,7 +233,7 @@ ui.cssurl: "./custom/custom.styles.css"
  {{- end }}
 {{- end -}}

-{{/* 
+{{/*
 Merge Argo Configuration with Preset Configuration
 */}}
 {{- define "argo-cd.config" -}}
@ -196,8 +243,30 @@ Merge Argo Configuration with Preset Configuration
 {{- end -}}

 {{/*
-Return the default ArgoCD app version
+Return the default Argo CD app version
 */}}
 {{- define "argo-cd.defaultTag" -}}
  {{- default .Chart.AppVersion .Values.global.image.tag }}
 {{- end -}}
+
+{{/*
+Create the name of the notifications controller secret to use
+*/}}
+{{- define "argo-cd.notifications.secretName" -}}
+{{- if .Values.notifications.secret.create -}}
+    {{ default (printf "%s-secret" (include "argo-cd.notifications.fullname" .)) .Values.notifications.secret.name }}
+{{- else -}}
+    {{ default "argocd-notifications-secret" .Values.notifications.secret.name }}
+{{- end -}}
+{{- end -}}
+
+{{/*
+Create the name of the configmap to use
+*/}}
+{{- define "argo-cd.notifications.configMapName" -}}
+{{- if .Values.notifications.cm.create -}}
+    {{ default (printf "%s-cm" (include "argo-cd.notifications.fullname" .)) .Values.notifications.cm.name }}
+{{- else -}}
+    {{ default "argocd-notifications-cm" .Values.notifications.cm.name }}
+{{- end -}}
+{{- end -}}
--- a/charts/argo-cd/templates/argocd-applicationset/deployment.yaml
+++ b/charts/argo-cd/templates/argocd-applicationset/deployment.yaml
@ -0,0 +1,126 @@
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+  name: {{ template "argo-cd.applicationSet.fullname" . }}
+  labels:
+    {{- include "argo-cd.labels" (dict "context" . "component" .Values.applicationSet.name "name" .Values.applicationSet.name) | nindent 4 }}
+    app.kubernetes.io/version: {{ default (include "argo-cd.defaultTag" .) .Values.applicationSet.image.tag | quote }}
+spec:
+  replicas: {{ .Values.applicationSet.replicaCount }}
+  selector:
+    matchLabels:
+      {{- include "argo-cd.selectorLabels" (dict "context" . "name" .Values.applicationSet.name) | nindent 6 }}
+  template:
+    metadata:
+      {{- with .Values.applicationSet.podAnnotations }}
+      annotations:
+        {{- toYaml . | nindent 8 }}
+      {{- end }}
+      labels:
+        {{- include "argo-cd.labels" (dict "context" . "component" .Values.applicationSet.name "name" .Values.applicationSet.name) | nindent 8 }}
+        app.kubernetes.io/version: {{ default (include "argo-cd.defaultTag" .) .Values.applicationSet.image.tag | quote }}
+        {{- with (mergeOverwrite (deepCopy .Values.global.podLabels) .Values.applicationSet.podLabels) }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+    spec:
+      {{- with .Values.applicationSet.imagePullSecrets }}
+      imagePullSecrets:
+        {{- toYaml . | nindent 8 }}
+      {{- end }}
+      serviceAccountName: {{ include "argo-cd.applicationSetServiceAccountName" . }}
+      securityContext:
+        {{- toYaml .Values.applicationSet.podSecurityContext | nindent 8 }}
+      containers:
+        - name: {{ .Values.applicationSet.name }}
+          securityContext:
+            {{- toYaml .Values.applicationSet.securityContext | nindent 12 }}
+          command:
+            - applicationset-controller
+            - --metrics-addr={{ .Values.applicationSet.args.metricsAddr }}
+            - --probe-addr={{ .Values.applicationSet.args.probeBindAddr }}
+            {{- if or (gt ( .Values.applicationSet.replicaCount | int64) 1) .Values.applicationSet.args.enableLeaderElection }}
+            - --enable-leader-election=true
+            {{- end }}
+            - --namespace={{ .Release.Namespace }}
+            - --argocd-repo-server={{ template "argo-cd.repoServer.fullname" . }}:{{ .Values.repoServer.service.port }}
+            - --policy={{ .Values.applicationSet.args.policy }}
+            - --debug={{ .Values.applicationSet.args.debug }}
+            - --dry-run={{ .Values.applicationSet.args.dryRun }}
+            {{- with .Values.applicationSet.extraArgs }}
+              {{- toYaml . | nindent 12 }}
+            {{- end }}
+          image: {{ default .Values.global.image.repository .Values.applicationSet.image.repository }}:{{ default (include "argo-cd.defaultTag" .) .Values.applicationSet.image.tag }}
+          imagePullPolicy: {{ default .Values.global.image.imagePullPolicy .Values.applicationSet.image.imagePullPolicy }}
+          ports:
+            - name: http
+              containerPort: {{ (split ":" .Values.applicationSet.args.probeBindAddr)._1 }}
+              protocol: TCP
+            - name: metrics
+              containerPort: {{ (split ":" .Values.applicationSet.args.metricsAddr)._1 }}
+              protocol: TCP
+            - name: webhook
+              containerPort: 7000
+              protocol: TCP
+          {{- with .Values.applicationSet.extraEnv }}
+          env:
+            {{- toYaml . | nindent 12 }}
+          {{- end }}
+          {{- with .Values.applicationSet.extraEnvFrom }}
+          envFrom:
+            {{- toYaml . | nindent 12 }}
+          {{- end }}
+          resources:
+            {{- toYaml .Values.applicationSet.resources | nindent 12 }}
+          volumeMounts:
+            - mountPath: /tmp
+              name: tmp-dir
+            {{- if .Values.configs.knownHosts }}
+            - mountPath: /app/config/ssh
+              name: ssh-known-hosts
+            {{- end }}
+            - mountPath: /app/config/tls
+              name: tls-certs
+            - mountPath: /app/config/gpg/source
+              name: gpg-keys
+            - mountPath: /app/config/gpg/keys
+              name: gpg-keyring
+            {{- with .Values.applicationSet.extraVolumeMounts }}
+              {{- toYaml . | nindent 12 }}
+            {{- end }}
+        {{- with .Values.applicationSet.extraContainers }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+      volumes:
+      - emptyDir: {}
+        name: tmp-dir
+      {{- if .Values.configs.knownHosts }}
+      - configMap:
+          name: argocd-ssh-known-hosts-cm
+        name: ssh-known-hosts
+      {{- end }}
+      - configMap:
+          name: argocd-tls-certs-cm
+        name: tls-certs
+      - configMap:
+          name: argocd-gpg-keys-cm
+        name: gpg-keys
+      - emptyDir: {}
+        name: gpg-keyring
+      {{- with .Values.applicationSet.extraVolumes }}
+        {{- toYaml . | nindent 6 }}
+      {{- end }}
+      {{- with .Values.applicationSet.nodeSelector }}
+      nodeSelector:
+        {{- toYaml . | nindent 8 }}
+      {{- end }}
+      {{- with .Values.applicationSet.affinity }}
+      affinity:
+        {{- toYaml . | nindent 8 }}
+      {{- end }}
+      {{- with .Values.applicationSet.tolerations }}
+      tolerations:
+        {{- toYaml . | nindent 8 }}
+      {{- end }}
+      {{- with .Values.applicationSet.priorityClassName }}
+      priorityClassName: {{ . }}
+      {{- end }}
--- a/charts/argo-cd/templates/argocd-applicationset/metrics-service.yaml
+++ b/charts/argo-cd/templates/argocd-applicationset/metrics-service.yaml
@ -0,0 +1,25 @@
+{{- if .Values.applicationSet.metrics.enabled }}
+apiVersion: v1
+kind: Service
+metadata:
+  {{- if .Values.applicationSet.metrics.service.annotations }}
+  annotations:
+    {{- range $key, $value := .Values.applicationSet.metrics.service.annotations }}
+    {{ $key }}: {{ $value | quote }}
+    {{- end }}
+  {{- end }}
+  labels:
+    {{- include "argo-cd.labels" (dict "context" . "component" .Values.applicationSet.name "name" "metrics") | nindent 4 }}
+{{- if .Values.applicationSet.metrics.service.labels }}
+{{- toYaml .Values.applicationSet.metrics.service.labels | nindent 4 }}
+{{- end }}
+  name: {{ template "argo-cd.applicationSet.fullname" . }}-metrics
+spec:
+  ports:
+  - name: metrics
+    protocol: TCP
+    port: {{ .Values.applicationSet.metrics.service.servicePort }}
+    targetPort: metrics
+  selector:
+    {{- include "argo-cd.selectorLabels" (dict "context" . "name" .Values.applicationSet.name) | nindent 4 }}
+{{- end }}
--- a/charts/argo-cd/templates/argocd-applicationset/role.yaml
+++ b/charts/argo-cd/templates/argocd-applicationset/role.yaml
@ -0,0 +1,83 @@
+apiVersion: rbac.authorization.k8s.io/v1
+kind: Role
+metadata:
+  name: {{ template "argo-cd.applicationSet.fullname" . }}
+  labels:
+    {{- include "argo-cd.labels" (dict "context" . "component" .Values.applicationSet.name "name" .Values.applicationSet.name) | nindent 4 }}
+rules:
+  - apiGroups:
+    - argoproj.io
+    resources:
+    - applications
+    - appprojects
+    - applicationsets
+    - applicationsets/finalizers
+    verbs:
+    - create
+    - delete
+    - get
+    - list
+    - patch
+    - update
+    - watch
+  - apiGroups:
+    - argoproj.io
+    resources:
+    - applicationsets/status
+    verbs:
+    - get
+    - patch
+    - update
+  - apiGroups:
+    - ""
+    resources:
+    - events
+    verbs:
+    - create
+    - delete
+    - get
+    - list
+    - patch
+    - update
+    - watch
+  - apiGroups:
+    - ""
+    resources:
+    - secrets
+    verbs:
+    - get
+    - list
+    - watch
+  - apiGroups:
+    - ""
+    resources:
+    - configmaps
+    verbs:
+    - create
+    - delete
+    - get
+    - list
+    - patch
+    - update
+    - watch
+  - apiGroups:
+    - apps
+    - extensions
+    resources:
+    - deployments
+    verbs:
+    - get
+    - list
+    - watch
+  - apiGroups:
+    - coordination.k8s.io
+    resources:
+    - leases
+    verbs:
+    - create
+    - delete
+    - get
+    - list
+    - patch
+    - update
+    - watch
--- a/charts/argo-cd/templates/argocd-applicationset/rolebinding.yaml
+++ b/charts/argo-cd/templates/argocd-applicationset/rolebinding.yaml
@ -0,0 +1,14 @@
+apiVersion: rbac.authorization.k8s.io/v1
+kind: RoleBinding
+metadata:
+  name: {{ template "argo-cd.applicationSet.fullname" . }}
+  labels:
+    {{- include "argo-cd.labels" (dict "context" . "component" .Values.applicationSet.name "name" .Values.applicationSet.name) | nindent 4 }}
+roleRef:
+  apiGroup: rbac.authorization.k8s.io
+  kind: Role
+  name: {{ template "argo-cd.applicationSet.fullname" . }}
+subjects:
+  - kind: ServiceAccount
+    name: {{ template "argo-cd.applicationSetServiceAccountName" . }}
+    namespace: {{ .Release.Namespace }}
--- a/charts/argo-cd/templates/argocd-applicationset/service.yaml
+++ b/charts/argo-cd/templates/argocd-applicationset/service.yaml
@ -0,0 +1,19 @@
+apiVersion: v1
+kind: Service
+metadata:
+{{- if .Values.applicationSet.service.annotations }}
+  annotations:
+  {{- range $key, $value := .Values.applicationSet.service.annotations }}
+    {{ $key }}: {{ $value | quote }}
+  {{- end }}
+{{- end }}
+  name: {{ template "argo-cd.applicationSet.fullname" . }}
+  labels:
+    {{- include "argo-cd.labels" (dict "context" . "component" .Values.applicationSet.name "name" .Values.applicationSet.name) | nindent 4 }}
+spec:
+  ports:
+  - name: {{ .Values.applicationSet.service.portName }}
+    port: {{ .Values.applicationSet.service.port }}
+    targetPort: {{ .Values.applicationSet.containerPort }}
+  selector:
+    {{- include "argo-cd.selectorLabels" (dict "context" . "name" .Values.applicationSet.name) | nindent 4 }}
--- a/charts/argo-cd/templates/argocd-applicationset/serviceaccount.yaml
+++ b/charts/argo-cd/templates/argocd-applicationset/serviceaccount.yaml
@ -0,0 +1,15 @@
+{{- if .Values.applicationSet.serviceAccount.create }}
+apiVersion: v1
+kind: ServiceAccount
+automountServiceAccountToken: {{ .Values.applicationSet.serviceAccount.automountServiceAccountToken }}
+metadata:
+  name: {{ template "argo-cd.applicationSetServiceAccountName" . }}
+{{- if .Values.applicationSet.serviceAccount.annotations }}
+  annotations:
+  {{- range $key, $value := .Values.applicationSet.serviceAccount.annotations }}
+    {{ $key }}: {{ $value | quote }}
+  {{- end }}
+{{- end }}
+  labels:
+    {{- include "argo-cd.labels" (dict "context" . "component" .Values.applicationSet.name "name" .Values.applicationSet.name) | nindent 4 }}
+{{- end }}
--- a/charts/argo-cd/templates/argocd-applicationset/servicemonitor.yaml
+++ b/charts/argo-cd/templates/argocd-applicationset/servicemonitor.yaml
@ -0,0 +1,38 @@
+{{- if and .Values.applicationSet.metrics.enabled .Values.applicationSet.metrics.serviceMonitor.enabled }}
+apiVersion: monitoring.coreos.com/v1
+kind: ServiceMonitor
+metadata:
+  name: {{ template "argo-cd.applicationSet.fullname" . }}
+  {{- with .Values.applicationSet.metrics.serviceMonitor.namespace }}
+  namespace: {{ . }}
+  {{- end }}
+  labels:
+    {{- include "argo-cd.labels" (dict "context" . "component" .Values.applicationSet.name "name" .Values.applicationSet.name) | nindent 4 }}
+    {{- with .Values.applicationSet.metrics.serviceMonitor.selector }}
+      {{- toYaml . | nindent 4 }}
+    {{- end }}
+    {{- with .Values.applicationSet.metrics.serviceMonitor.additionalLabels }}
+      {{- toYaml . | nindent 4 }}
+    {{- end }}
+spec:
+  endpoints:
+    - port: metrics
+      {{- with .Values.applicationSet.metrics.serviceMonitor.interval }}
+      interval: {{ . }}
+      {{- end }}
+      path: /metrics
+      {{- with .Values.applicationSet.metrics.serviceMonitor.relabelings }}
+      relabelings:
+        {{- toYaml . | nindent 8 }}
+      {{- end }}
+      {{- with .Values.applicationSet.metrics.serviceMonitor.metricRelabelings }}
+      metricRelabelings:
+        {{- toYaml . | nindent 8 }}
+      {{- end }}
+  namespaceSelector:
+    matchNames:
+      - {{ .Release.Namespace }}
+  selector:
+    matchLabels:
+      {{- include "argo-cd.selectorLabels" (dict "context" . "component" .Values.applicationSet.name "name" "metrics") | nindent 6 }}
+{{- end }}
--- a/charts/argo-cd/templates/argocd-applicationset/webhook-ingress.yaml
+++ b/charts/argo-cd/templates/argocd-applicationset/webhook-ingress.yaml
@ -0,0 +1,89 @@
+{{- if .Values.applicationSet.webhook.ingress.enabled -}}
+{{- $serviceName := include "argo-cd.applicationSet.fullname" . -}}
+{{- $servicePort := .Values.applicationSet.service.portName -}}
+{{- $paths := .Values.applicationSet.webhook.ingress.paths -}}
+{{- $extraPaths := .Values.applicationSet.webhook.ingress.extraPaths -}}
+{{- $pathType := .Values.applicationSet.webhook.ingress.pathType -}}
+apiVersion: {{ include "argo-cd.ingress.apiVersion" . }}
+kind: Ingress
+metadata:
+{{- if .Values.applicationSet.webhook.ingress.annotations }}
+  annotations:
+  {{- range $key, $value := .Values.applicationSet.webhook.ingress.annotations }}
+    {{ $key }}: {{ $value | quote }}
+  {{- end }}
+{{- end }}
+  name: {{ template "argo-cd.applicationSet.fullname" . }}
+  labels:
+    {{- include "argo-cd.labels" (dict "context" . "component" .Values.applicationSet.name "name" .Values.applicationSet.name) | nindent 4 }}
+    {{- if .Values.applicationSet.webhook.ingress.labels }}
+    {{- toYaml .Values.applicationSet.webhook.ingress.labels | nindent 4 }}
+    {{- end }}
+spec:
+  {{- if eq (include "argo-cd.ingress.apiVersion" $) "networking.k8s.io/v1" }}
+  {{- with .Values.applicationSet.webhook.ingress.ingressClassName }}
+  ingressClassName: {{ . }}
+  {{- end }}
+  {{- end }}
+  rules:
+  {{- if .Values.applicationSet.webhook.ingress.hosts }}
+    {{- range $host := .Values.applicationSet.webhook.ingress.hosts }}
+    - host: {{ $host }}
+      http:
+        paths:
+          {{- if $extraPaths }}
+          {{- toYaml $extraPaths | nindent 10 }}
+          {{- end }}
+          {{- range $p := $paths }}
+          - path: {{ $p }}
+            {{- if eq (include "argo-cd.ingress.apiVersion" $) "networking.k8s.io/v1" }}
+            pathType: {{ $pathType }}
+            {{- end }}
+            backend:
+              {{- if eq (include "argo-cd.ingress.apiVersion" $) "networking.k8s.io/v1" }}
+              service:
+                name: {{ $serviceName }}
+                port:
+                  {{- if kindIs "float64" $servicePort }}
+                  number: {{ $servicePort }}
+                  {{- else }}
+                  name: {{ $servicePort }}
+                  {{- end }}
+              {{- else }}
+              serviceName: {{ $serviceName }}
+              servicePort: {{ $servicePort }}
+              {{- end }}
+          {{- end -}}
+    {{- end -}}
+  {{- else }}
+    - http:
+        paths:
+          {{- if $extraPaths }}
+          {{- toYaml $extraPaths | nindent 10 }}
+          {{- end }}
+          {{- range $p := $paths }}
+          - path: {{ $p }}
+            {{- if eq (include "argo-cd.ingress.apiVersion" $) "networking.k8s.io/v1" }}
+            pathType: {{ $pathType }}
+            {{- end }}
+            backend:
+              {{- if eq (include "argo-cd.ingress.apiVersion" $) "networking.k8s.io/v1" }}
+              service:
+                name: {{ $serviceName }}
+                port:
+                  {{- if kindIs "float64" $servicePort }}
+                  number: {{ $servicePort }}
+                  {{- else }}
+                  name: {{ $servicePort }}
+                  {{- end }}
+              {{- else }}
+              serviceName: {{ $serviceName }}
+              servicePort: {{ $servicePort }}
+              {{- end }}
+          {{- end -}}
+  {{- end -}}
+  {{- if .Values.applicationSet.webhook.ingress.tls }}
+  tls:
+    {{- toYaml .Values.applicationSet.webhook.ingress.tls | nindent 4 }}
+  {{- end -}}
+{{- end -}}
--- a/charts/argo-cd/templates/argocd-notifications/bots/slack/deployment.yaml
+++ b/charts/argo-cd/templates/argocd-notifications/bots/slack/deployment.yaml
@ -0,0 +1,55 @@
+{{ if .Values.notifications.bots.slack.enabled }}
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+  name: {{ template "argo-cd.notifications.fullname" . }}-bot
+  labels:
+    {{- include "argo-cd.labels" (dict "context" . "component" .Values.notifications.bots.slack.name "name" .Values.notifications.bots.slack.name) | nindent 4 }}
+spec:
+  strategy:
+    {{- .Values.notifications.bots.slack.updateStrategy | toYaml | nindent 4 }}
+  selector:
+    matchLabels:
+      {{- include "argo-cd.selectorLabels" (dict "context" . "component" .Values.notifications.bots.slack.name "name" "metrics") | nindent 6 }}
+  template:
+    metadata:
+      labels:
+        {{- include "argo-cd.selectorLabels" (dict "context" . "component" .Values.notifications.bots.slack.name "name" "metrics") | nindent 8 }}
+    spec:
+    {{- with .Values.notifications.bots.slack.imagePullSecrets }}
+      imagePullSecrets:
+        {{- toYaml . | nindent 8 }}
+    {{- end }}
+      serviceAccountName: {{ template "argo-cd.notificationsBotsSlackServiceAccountName" . }}
+      {{- with .Values.notifications.bots.slack.securityContext }}
+      securityContext: {{- toYaml . | nindent 8 }}
+      {{- end }}
+      containers:
+        - name: {{ template "argo-cd.notifications.fullname" . }}-bot
+          image: {{ default .Values.global.image.repository .Values.notifications.bots.slack.image.repository }}:{{ default (include "argo-cd.defaultTag" .) .Values.notifications.bots.slack.image.tag }}
+          imagePullPolicy: {{ default .Values.global.image.imagePullPolicy .Values.notifications.bots.slack.image.pullPolicy }}
+          resources:
+            {{- toYaml .Values.notifications.bots.slack.resources | nindent 12 }}
+          command:
+            - argocd-notifications
+            - bot
+          workingDir: /app
+          ports:
+          - containerPort: 8080
+            name: http
+          {{- with .Values.notifications.bots.slack.containerSecurityContext }}
+          securityContext: {{- toYaml . | nindent 12 }}
+          {{- end }}
+      {{- with .Values.notifications.bots.slack.nodeSelector }}
+      nodeSelector:
+        {{- toYaml . | nindent 8 }}
+      {{- end }}
+    {{- with .Values.notifications.bots.slack.affinity }}
+      affinity:
+        {{- toYaml . | nindent 8 }}
+    {{- end }}
+    {{- with .Values.notifications.bots.slack.tolerations }}
+      tolerations:
+        {{- toYaml . | nindent 8 }}
+    {{- end }}
+{{ end }}
--- a/charts/argo-cd/templates/argocd-notifications/bots/slack/role.yaml
+++ b/charts/argo-cd/templates/argocd-notifications/bots/slack/role.yaml
@ -0,0 +1,27 @@
+{{ if .Values.notifications.bots.slack.enabled }}
+apiVersion: rbac.authorization.k8s.io/v1
+kind: Role
+metadata:
+  name: {{ template "argo-cd.notifications.fullname" . }}-bot
+rules:
+- apiGroups:
+  - ""
+  resources:
+  - secrets
+  - configmaps
+  verbs:
+  - get
+  - list
+  - watch
+- apiGroups:
+  - argoproj.io
+  resources:
+  - applications
+  - appprojects
+  verbs:
+  - get
+  - list
+  - watch
+  - update
+  - patch
+{{ end }}
--- a/charts/argo-cd/templates/argocd-notifications/bots/slack/rolebinding.yaml
+++ b/charts/argo-cd/templates/argocd-notifications/bots/slack/rolebinding.yaml
@ -0,0 +1,13 @@
+{{ if .Values.notifications.bots.slack.enabled }}
+apiVersion: rbac.authorization.k8s.io/v1
+kind: RoleBinding
+metadata:
+  name: {{ template "argo-cd.notifications.fullname" . }}-bot
+roleRef:
+  apiGroup: rbac.authorization.k8s.io
+  kind: Role
+  name: {{ template "argo-cd.notifications.fullname" . }}-bot
+subjects:
+- kind: ServiceAccount
+  name: {{ template "argo-cd.notificationsBotsSlackServiceAccountName" . }}
+{{ end }}
--- a/charts/argo-cd/templates/argocd-notifications/bots/slack/service.yaml
+++ b/charts/argo-cd/templates/argocd-notifications/bots/slack/service.yaml
@ -0,0 +1,19 @@
+{{ if .Values.notifications.bots.slack.enabled }}
+apiVersion: v1
+kind: Service
+metadata:
+  name: {{ template "argo-cd.notifications.fullname" . }}-bot
+  {{- if .Values.notifications.bots.slack.service.annotations }}
+  annotations:
+    {{- toYaml .Values.notifications.bots.slack.service.annotations | nindent 4 }}
+  {{- end }}
+spec:
+  ports:
+  - name: http
+    port: {{ .Values.notifications.bots.slack.service.port }}
+    protocol: TCP
+    targetPort: http
+  selector:
+    {{- include "argo-cd.selectorLabels" (dict "context" . "component" .Values.notifications.bots.slack.name "name" "metrics") | nindent 6 }}
+  type: {{ .Values.notifications.bots.slack.service.type }}
+{{ end }}
--- a/charts/argo-cd/templates/argocd-notifications/bots/slack/serviceaccount.yaml
+++ b/charts/argo-cd/templates/argocd-notifications/bots/slack/serviceaccount.yaml
@ -0,0 +1,15 @@
+{{- if .Values.notifications.bots.slack.serviceAccount.create }}
+apiVersion: v1
+kind: ServiceAccount
+automountServiceAccountToken: {{ .Values.notifications.bots.slack.serviceAccount.automountServiceAccountToken }}
+metadata:
+  name: {{ template "argo-cd.notificationsBotsSlackServiceAccountName" . }}
+{{- if .Values.notifications.bots.slack.serviceAccount.annotations }}
+  annotations:
+  {{- range $key, $value := .Values.notifications.bots.slack.serviceAccount.annotations }}
+    {{ $key }}: {{ $value | quote }}
+  {{- end }}
+{{- end }}
+  labels:
+    {{- include "argo-cd.labels" (dict "context" . "component" .Values.notifications.bots.slack.name "name" .Values.notifications.bots.slack.name) | nindent 4 }}
+{{- end }}
--- a/charts/argo-cd/templates/argocd-notifications/configmap.yaml
+++ b/charts/argo-cd/templates/argocd-notifications/configmap.yaml
@ -0,0 +1,27 @@
+{{ if .Values.notifications.cm.create }}
+apiVersion: v1
+kind: ConfigMap
+metadata:
+  name: {{ include "argo-cd.notifications.configMapName" . }}
+  labels:
+    {{- include "argo-cd.labels" (dict "context" . "component" .Values.notifications.name "name" .Values.notifications.name) | nindent 4 }}
+data:
+  context: |
+    argocdUrl: {{ .Values.notifications.argocdUrl | quote }}
+  {{- with .Values.notifications.context }}
+    {{- toYaml . | nindent 4 }}
+  {{- end }}
+  {{- with .Values.notifications.notifiers }}
+    {{- toYaml . | nindent 2 }}
+  {{- end }}
+  {{- with .Values.notifications.subscriptions }}
+  subscriptions: |
+    {{- toYaml . | nindent 4 }}
+  {{- end }}
+  {{- with .Values.notifications.templates }}
+    {{- toYaml . | nindent 2 }}
+  {{- end }}
+  {{- with .Values.notifications.triggers }}
+    {{- toYaml . | nindent 2 }}
+  {{- end }}
+{{- end }}
--- a/charts/argo-cd/templates/argocd-notifications/deployment.yaml
+++ b/charts/argo-cd/templates/argocd-notifications/deployment.yaml
@ -0,0 +1,106 @@
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+  name: {{ template "argo-cd.notifications.fullname" . }}
+  labels:
+    {{- include "argo-cd.labels" (dict "context" . "component" .Values.notifications.name "name" .Values.notifications.name) | nindent 4 }}
+    app.kubernetes.io/version: {{ default (include "argo-cd.defaultTag" .) .Values.notifications.image.tag | quote }}
+spec:
+  strategy:
+    {{- .Values.notifications.updateStrategy | toYaml | nindent 4 }}
+  selector:
+    matchLabels:
+      {{- include "argo-cd.selectorLabels" (dict "context" . "name" .Values.notifications.name) | nindent 6 }}
+  template:
+    metadata:
+      {{- if .Values.notifications.podAnnotations }}
+      annotations:
+      {{- range $key, $value := .Values.notifications.podAnnotations }}
+        {{ $key }}: {{ $value | quote }}
+      {{- end }}
+      {{- end }}
+      labels:
+        {{- include "argo-cd.labels" (dict "context" . "component" .Values.notifications.name "name" .Values.notifications.name) | nindent 8 }}
+        app.kubernetes.io/version: {{ default (include "argo-cd.defaultTag" .) .Values.notifications.image.tag | quote }}
+        {{- with (mergeOverwrite (deepCopy .Values.global.podLabels) .Values.notifications.podLabels) }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+    spec:
+    {{- with .Values.notifications.imagePullSecrets }}
+      imagePullSecrets:
+        {{- toYaml . | nindent 8 }}
+    {{- end }}
+      serviceAccountName: {{ include "argo-cd.notificationsServiceAccountName" . }}
+      {{- if .Values.notifications.securityContext }}
+      securityContext: {{- toYaml .Values.notifications.securityContext | nindent 8 }}
+      {{- end }}
+      containers:
+        - name: {{ .Values.notifications.name }}
+          image: {{ default .Values.global.image.repository .Values.notifications.image.repository }}:{{ default (include "argo-cd.defaultTag" .) .Values.notifications.image.tag }}
+          imagePullPolicy: {{ default .Values.global.image.imagePullPolicy .Values.notifications.image.imagePullPolicy }}
+          resources:
+            {{- toYaml .Values.notifications.resources | nindent 12 }}
+          command:
+            - argocd-notifications
+            - --loglevel={{ .Values.notifications.logLevel }}
+            {{- if .Values.notifications.metrics.enabled }}
+            - --metrics-port={{ .Values.notifications.metrics.port }}
+            {{- end }}
+            - --namespace={{ .Release.Namespace }}
+            - --argocd-repo-server={{ template "argo-cd.repoServer.fullname" . }}:{{ .Values.repoServer.service.port }}
+            - --secret-name={{ include "argo-cd.notifications.secretName" . }}
+            - --config-map-name={{ include "argo-cd.notifications.configMapName" . }}
+            {{- range .Values.notifications.extraArgs }}
+            - {{ . | squote }}
+            {{- end }}
+          workingDir: /app
+          ports:
+          {{- if .Values.notifications.metrics.enabled }}
+          - containerPort: {{ .Values.notifications.metrics.port }}
+            name: metrics
+            protocol: TCP
+          {{- end }}
+          {{- if .Values.notifications.containerSecurityContext }}
+          securityContext: {{- toYaml .Values.notifications.containerSecurityContext | nindent 12 }}
+          {{- end }}
+          {{- with .Values.notifications.extraEnv }}
+          env: {{ toYaml . | nindent 12 }}
+          {{- end }}
+          volumeMounts:
+            - name: tls-certs
+              mountPath: /app/config/tls
+            - name: argocd-repo-server-tls
+              mountPath: /app/config/reposerver/tls
+            {{- with .Values.notifications.extraVolumeMounts }}
+              {{- toYaml . | nindent 12 }}
+            {{- end }}
+      volumes:
+        - configMap:
+            name: argocd-tls-certs-cm
+          name: tls-certs
+        - name: argocd-repo-server-tls
+          secret:
+            items:
+            - key: tls.crt
+              path: tls.crt
+            - key: tls.key
+              path: tls.key
+            - key: ca.crt
+              path: ca.crt
+            optional: true
+            secretName: argocd-repo-server-tls
+        {{- with .Values.notifications.extraVolumes }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+      {{- with .Values.notifications.nodeSelector }}
+      nodeSelector:
+        {{- toYaml . | nindent 8 }}
+      {{- end }}
+    {{- with .Values.notifications.affinity }}
+      affinity:
+        {{- toYaml . | nindent 8 }}
+    {{- end }}
+    {{- with .Values.notifications.tolerations }}
+      tolerations:
+        {{- toYaml . | nindent 8 }}
+    {{- end }}
--- a/charts/argo-cd/templates/argocd-notifications/role.yaml
+++ b/charts/argo-cd/templates/argocd-notifications/role.yaml
@ -0,0 +1,42 @@
+apiVersion: rbac.authorization.k8s.io/v1
+kind: Role
+metadata:
+  name: {{ template "argo-cd.notifications.fullname" . }}
+  labels:
+    {{- include "argo-cd.labels" (dict "context" . "component" .Values.notifications.name "name" .Values.notifications.name) | nindent 4 }}
+rules:
+- apiGroups:
+  - argoproj.io
+  resources:
+  - applications
+  - appprojects
+  verbs:
+  - get
+  - list
+  - watch
+  - update
+  - patch
+- apiGroups:
+  - ""
+  resources:
+  - configmaps
+  - secrets
+  verbs:
+  - list
+  - watch
+- apiGroups:
+  - ""
+  resourceNames:
+  - {{ template "argo-cd.notifications.fullname" . }}-cm
+  resources:
+  - configmaps
+  verbs:
+  - get
+- apiGroups:
+  - ""
+  resourceNames:
+  - {{ template "argo-cd.notifications.fullname" . }}-secret
+  resources:
+  - secrets
+  verbs:
+  - get
--- a/charts/argo-cd/templates/argocd-notifications/rolebinding.yaml
+++ b/charts/argo-cd/templates/argocd-notifications/rolebinding.yaml
@ -0,0 +1,14 @@
+apiVersion: rbac.authorization.k8s.io/v1
+kind: RoleBinding
+metadata:
+  name: {{ template "argo-cd.notifications.fullname" . }}
+  labels:
+    {{- include "argo-cd.labels" (dict "context" . "component" .Values.notifications.name "name" .Values.notifications.name) | nindent 4 }}
+roleRef:
+  apiGroup: rbac.authorization.k8s.io
+  kind: Role
+  name: {{ template "argo-cd.notifications.fullname" . }}
+subjects:
+  - kind: ServiceAccount
+    name: {{ template "argo-cd.notificationsServiceAccountName" . }}
+    namespace: {{ .Release.Namespace }}
--- a/charts/argo-cd/templates/argocd-notifications/secret.yaml
+++ b/charts/argo-cd/templates/argocd-notifications/secret.yaml
@ -0,0 +1,19 @@
+{{ if .Values.notifications.secret.create }}
+apiVersion: v1
+kind: Secret
+metadata:
+  name: {{ include "argo-cd.notifications.secretName" . }}
+  labels:
+    {{- include "argo-cd.labels" (dict "context" . "component" .Values.notifications.name "name" .Values.notifications.name) | nindent 4 }}
+  {{- if .Values.notifications.secret.annotations }}
+  annotations:
+  {{- range $key, $value := .Values.notifications.secret.annotations }}
+    {{ $key }}: {{ $value | quote }}
+  {{- end }}
+  {{- end }}
+type: Opaque
+stringData:
+  {{- with .Values.notifications.secret.items }}
+  {{ toYaml . | nindent 2 }}
+  {{- end }}
+{{- end }}
--- a/charts/argo-cd/templates/argocd-notifications/service-metrics.yaml
+++ b/charts/argo-cd/templates/argocd-notifications/service-metrics.yaml
@ -0,0 +1,22 @@
+{{- if .Values.notifications.metrics.enabled }}
+apiVersion: v1
+kind: Service
+metadata:
+  name: {{ template "argo-cd.notifications.fullname" . }}-metrics
+  labels:
+    {{- include "argo-cd.labels" (dict "context" . "component" .Values.notifications.name "name" .Values.notifications.name) | nindent 4 }}
+    {{- with .Values.notifications.metrics.service.labels }}
+      {{- toYaml . | nindent 4 }}
+    {{- end }}
+  {{- with .Values.notifications.metrics.service.annotations  }}
+  annotations:
+    {{- toYaml . | nindent 4 }}
+  {{- end }}
+spec:
+  selector:
+    {{- include "argo-cd.selectorLabels" (dict "context" . "component" .Values.notifications.name "name" "metrics") | nindent 6 }}
+  ports:
+  - name: metrics
+    port: {{ .Values.notifications.metrics.port }}
+    targetPort: {{ .Values.notifications.metrics.port }}
+{{- end }}
--- a/charts/argo-cd/templates/argocd-notifications/serviceaccount.yaml
+++ b/charts/argo-cd/templates/argocd-notifications/serviceaccount.yaml
@ -0,0 +1,15 @@
+{{- if .Values.notifications.serviceAccount.create }}
+apiVersion: v1
+kind: ServiceAccount
+automountServiceAccountToken: {{ .Values.notifications.serviceAccount.automountServiceAccountToken }}
+metadata:
+  name: {{ template "argo-cd.notificationsServiceAccountName" . }}
+{{- if .Values.notifications.serviceAccount.annotations }}
+  annotations:
+  {{- range $key, $value := .Values.notifications.serviceAccount.annotations }}
+    {{ $key }}: {{ $value | quote }}
+  {{- end }}
+{{- end }}
+  labels:
+    {{- include "argo-cd.labels" (dict "context" . "component" .Values.notifications.name "name" .Values.notifications.name) | nindent 4 }}
+{{- end }}
--- a/charts/argo-cd/templates/argocd-notifications/servicemonitor.yaml
+++ b/charts/argo-cd/templates/argocd-notifications/servicemonitor.yaml
@ -0,0 +1,30 @@
+{{- if and .Values.notifications.metrics.enabled .Values.notifications.metrics.serviceMonitor.enabled }}
+apiVersion: monitoring.coreos.com/v1
+kind: ServiceMonitor
+metadata:
+  name: {{ template "argo-cd.notifications.fullname" . }}-metrics
+  {{- if .Values.notifications.metrics.serviceMonitor.namespace }}
+  namespace: {{ .Values.notifications.metrics.serviceMonitor.namespace }}
+  {{- end }}
+  labels:
+    {{- include "argo-cd.labels" (dict "context" . "component" .Values.notifications.name "name" .Values.notifications.name) | nindent 4 }}
+    {{- if .Values.notifications.metrics.serviceMonitor.additionalLabels }}
+      {{- toYaml .Values.notifications.metrics.serviceMonitor.additionalLabels | nindent 4 }}
+    {{- end }}
+spec:
+  endpoints:
+    - port: metrics
+      path: /metrics
+      {{- if .Values.notifications.metrics.serviceMonitor.interval }}
+      interval: {{ .Values.notifications.metrics.serviceMonitor.interval }}
+      {{- end }}
+      {{- if .Values.notifications.metrics.serviceMonitor.scrapeTimeout }}
+      scrapeTimeout: {{ .Values.notifications.metrics.serviceMonitor.scrapeTimeout }}
+      {{- end }}
+  namespaceSelector:
+    matchNames:
+      - {{ .Release.Namespace }}
+  selector:
+    matchLabels:
+      {{- include "argo-cd.selectorLabels" (dict "context" . "component" .Values.notifications.name "name" "metrics") | nindent 6 }}
+{{- end }}