feat(argo-cd): Update to use v2.3.1 release (#1162)

* feat(argo-cd): Update to use v2.3.1 release Signed-off-by: mikeeq <miotk.mikolaj@gmail.com> * Move applicationSet.* and notifications.* to a dedicated location Signed-off-by: Marco Kilchhofer <mkilchhofer@users.noreply.github.com> * Fix typo in deployment.yaml Signed-off-by: mikeeq <miotk.mikolaj@gmail.com> * Fix notifications bot deployment Signed-off-by: mikeeq <miotk.mikolaj@gmail.com> * Update README.md Signed-off-by: mikeeq <miotk.mikolaj@gmail.com> * Update README.md and fix slack bot image Signed-off-by: mikeeq <miotk.mikolaj@gmail.com> * Drop nameOverride for new components as we use the global one Signed-off-by: Marco Kilchhofer <mkilchhofer@users.noreply.github.com> * Drop "applicationSet.args.namespace" and "applicationSet.args.argocdRepoServer" Signed-off-by: Marco Kilchhofer <mkilchhofer@users.noreply.github.com> * Consistent use of volumes (gpg, tls, knownHosts, extra) Signed-off-by: Marco Kilchhofer <mkilchhofer@users.noreply.github.com> * Bump major chart version and place a note in teh Upgrading section Signed-off-by: Marco Kilchhofer <mkilchhofer@users.noreply.github.com> * Change "enableStatefulSet: true" as we are in a major release now Signed-off-by: Marco Kilchhofer <mkilchhofer@users.noreply.github.com> * Drop PSP of applicationSet Signed-off-by: Marco Kilchhofer <mkilchhofer@users.noreply.github.com> * Fix applicationset webhook-ingress Signed-off-by: Marco Kilchhofer <mkilchhofer@users.noreply.github.com> * Drop unused variables in values.yaml and README Signed-off-by: Marco Kilchhofer <mkilchhofer@users.noreply.github.com> * Also set namespace and argocd-repo-server args on notification-controller Signed-off-by: Marco Kilchhofer <mkilchhofer@users.noreply.github.com> * Consistent use of "Argo CD" instead of "ArgoCD" Signed-off-by: Marco Kilchhofer <mkilchhofer@users.noreply.github.com> * Trigger CI Signed-off-by: Marco Kilchhofer <mkilchhofer@users.noreply.github.com> Co-authored-by: Marco Kilchhofer <mkilchhofer@users.noreply.github.com>
2022-03-16 22:01:30 +01:00 · 2022-03-16 22:01:30 +01:00 · 32a06059c3
commit 32a06059c3
parent c8f0471bd0
28 changed files with 8325 additions and 64 deletions
--- a/charts/argo-cd/templates/argocd-applicationset/deployment.yaml
+++ b/charts/argo-cd/templates/argocd-applicationset/deployment.yaml
@ -0,0 +1,126 @@
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+  name: {{ template "argo-cd.applicationSet.fullname" . }}
+  labels:
+    {{- include "argo-cd.labels" (dict "context" . "component" .Values.applicationSet.name "name" .Values.applicationSet.name) | nindent 4 }}
+    app.kubernetes.io/version: {{ default (include "argo-cd.defaultTag" .) .Values.applicationSet.image.tag | quote }}
+spec:
+  replicas: {{ .Values.applicationSet.replicaCount }}
+  selector:
+    matchLabels:
+      {{- include "argo-cd.selectorLabels" (dict "context" . "name" .Values.applicationSet.name) | nindent 6 }}
+  template:
+    metadata:
+      {{- with .Values.applicationSet.podAnnotations }}
+      annotations:
+        {{- toYaml . | nindent 8 }}
+      {{- end }}
+      labels:
+        {{- include "argo-cd.labels" (dict "context" . "component" .Values.applicationSet.name "name" .Values.applicationSet.name) | nindent 8 }}
+        app.kubernetes.io/version: {{ default (include "argo-cd.defaultTag" .) .Values.applicationSet.image.tag | quote }}
+        {{- with (mergeOverwrite (deepCopy .Values.global.podLabels) .Values.applicationSet.podLabels) }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+    spec:
+      {{- with .Values.applicationSet.imagePullSecrets }}
+      imagePullSecrets:
+        {{- toYaml . | nindent 8 }}
+      {{- end }}
+      serviceAccountName: {{ include "argo-cd.applicationSetServiceAccountName" . }}
+      securityContext:
+        {{- toYaml .Values.applicationSet.podSecurityContext | nindent 8 }}
+      containers:
+        - name: {{ .Values.applicationSet.name }}
+          securityContext:
+            {{- toYaml .Values.applicationSet.securityContext | nindent 12 }}
+          command:
+            - applicationset-controller
+            - --metrics-addr={{ .Values.applicationSet.args.metricsAddr }}
+            - --probe-addr={{ .Values.applicationSet.args.probeBindAddr }}
+            {{- if or (gt ( .Values.applicationSet.replicaCount | int64) 1) .Values.applicationSet.args.enableLeaderElection }}
+            - --enable-leader-election=true
+            {{- end }}
+            - --namespace={{ .Release.Namespace }}
+            - --argocd-repo-server={{ template "argo-cd.repoServer.fullname" . }}:{{ .Values.repoServer.service.port }}
+            - --policy={{ .Values.applicationSet.args.policy }}
+            - --debug={{ .Values.applicationSet.args.debug }}
+            - --dry-run={{ .Values.applicationSet.args.dryRun }}
+            {{- with .Values.applicationSet.extraArgs }}
+              {{- toYaml . | nindent 12 }}
+            {{- end }}
+          image: {{ default .Values.global.image.repository .Values.applicationSet.image.repository }}:{{ default (include "argo-cd.defaultTag" .) .Values.applicationSet.image.tag }}
+          imagePullPolicy: {{ default .Values.global.image.imagePullPolicy .Values.applicationSet.image.imagePullPolicy }}
+          ports:
+            - name: http
+              containerPort: {{ (split ":" .Values.applicationSet.args.probeBindAddr)._1 }}
+              protocol: TCP
+            - name: metrics
+              containerPort: {{ (split ":" .Values.applicationSet.args.metricsAddr)._1 }}
+              protocol: TCP
+            - name: webhook
+              containerPort: 7000
+              protocol: TCP
+          {{- with .Values.applicationSet.extraEnv }}
+          env:
+            {{- toYaml . | nindent 12 }}
+          {{- end }}
+          {{- with .Values.applicationSet.extraEnvFrom }}
+          envFrom:
+            {{- toYaml . | nindent 12 }}
+          {{- end }}
+          resources:
+            {{- toYaml .Values.applicationSet.resources | nindent 12 }}
+          volumeMounts:
+            - mountPath: /tmp
+              name: tmp-dir
+            {{- if .Values.configs.knownHosts }}
+            - mountPath: /app/config/ssh
+              name: ssh-known-hosts
+            {{- end }}
+            - mountPath: /app/config/tls
+              name: tls-certs
+            - mountPath: /app/config/gpg/source
+              name: gpg-keys
+            - mountPath: /app/config/gpg/keys
+              name: gpg-keyring
+            {{- with .Values.applicationSet.extraVolumeMounts }}
+              {{- toYaml . | nindent 12 }}
+            {{- end }}
+        {{- with .Values.applicationSet.extraContainers }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
+      volumes:
+      - emptyDir: {}
+        name: tmp-dir
+      {{- if .Values.configs.knownHosts }}
+      - configMap:
+          name: argocd-ssh-known-hosts-cm
+        name: ssh-known-hosts
+      {{- end }}
+      - configMap:
+          name: argocd-tls-certs-cm
+        name: tls-certs
+      - configMap:
+          name: argocd-gpg-keys-cm
+        name: gpg-keys
+      - emptyDir: {}
+        name: gpg-keyring
+      {{- with .Values.applicationSet.extraVolumes }}
+        {{- toYaml . | nindent 6 }}
+      {{- end }}
+      {{- with .Values.applicationSet.nodeSelector }}
+      nodeSelector:
+        {{- toYaml . | nindent 8 }}
+      {{- end }}
+      {{- with .Values.applicationSet.affinity }}
+      affinity:
+        {{- toYaml . | nindent 8 }}
+      {{- end }}
+      {{- with .Values.applicationSet.tolerations }}
+      tolerations:
+        {{- toYaml . | nindent 8 }}
+      {{- end }}
+      {{- with .Values.applicationSet.priorityClassName }}
+      priorityClassName: {{ . }}
+      {{- end }}
--- a/charts/argo-cd/templates/argocd-applicationset/metrics-service.yaml
+++ b/charts/argo-cd/templates/argocd-applicationset/metrics-service.yaml
@ -0,0 +1,25 @@
+{{- if .Values.applicationSet.metrics.enabled }}
+apiVersion: v1
+kind: Service
+metadata:
+  {{- if .Values.applicationSet.metrics.service.annotations }}
+  annotations:
+    {{- range $key, $value := .Values.applicationSet.metrics.service.annotations }}
+    {{ $key }}: {{ $value | quote }}
+    {{- end }}
+  {{- end }}
+  labels:
+    {{- include "argo-cd.labels" (dict "context" . "component" .Values.applicationSet.name "name" "metrics") | nindent 4 }}
+{{- if .Values.applicationSet.metrics.service.labels }}
+{{- toYaml .Values.applicationSet.metrics.service.labels | nindent 4 }}
+{{- end }}
+  name: {{ template "argo-cd.applicationSet.fullname" . }}-metrics
+spec:
+  ports:
+  - name: metrics
+    protocol: TCP
+    port: {{ .Values.applicationSet.metrics.service.servicePort }}
+    targetPort: metrics
+  selector:
+    {{- include "argo-cd.selectorLabels" (dict "context" . "name" .Values.applicationSet.name) | nindent 4 }}
+{{- end }}
--- a/charts/argo-cd/templates/argocd-applicationset/role.yaml
+++ b/charts/argo-cd/templates/argocd-applicationset/role.yaml
@ -0,0 +1,83 @@
+apiVersion: rbac.authorization.k8s.io/v1
+kind: Role
+metadata:
+  name: {{ template "argo-cd.applicationSet.fullname" . }}
+  labels:
+    {{- include "argo-cd.labels" (dict "context" . "component" .Values.applicationSet.name "name" .Values.applicationSet.name) | nindent 4 }}
+rules:
+  - apiGroups:
+    - argoproj.io
+    resources:
+    - applications
+    - appprojects
+    - applicationsets
+    - applicationsets/finalizers
+    verbs:
+    - create
+    - delete
+    - get
+    - list
+    - patch
+    - update
+    - watch
+  - apiGroups:
+    - argoproj.io
+    resources:
+    - applicationsets/status
+    verbs:
+    - get
+    - patch
+    - update
+  - apiGroups:
+    - ""
+    resources:
+    - events
+    verbs:
+    - create
+    - delete
+    - get
+    - list
+    - patch
+    - update
+    - watch
+  - apiGroups:
+    - ""
+    resources:
+    - secrets
+    verbs:
+    - get
+    - list
+    - watch
+  - apiGroups:
+    - ""
+    resources:
+    - configmaps
+    verbs:
+    - create
+    - delete
+    - get
+    - list
+    - patch
+    - update
+    - watch
+  - apiGroups:
+    - apps
+    - extensions
+    resources:
+    - deployments
+    verbs:
+    - get
+    - list
+    - watch
+  - apiGroups:
+    - coordination.k8s.io
+    resources:
+    - leases
+    verbs:
+    - create
+    - delete
+    - get
+    - list
+    - patch
+    - update
+    - watch
--- a/charts/argo-cd/templates/argocd-applicationset/rolebinding.yaml
+++ b/charts/argo-cd/templates/argocd-applicationset/rolebinding.yaml
@ -0,0 +1,14 @@
+apiVersion: rbac.authorization.k8s.io/v1
+kind: RoleBinding
+metadata:
+  name: {{ template "argo-cd.applicationSet.fullname" . }}
+  labels:
+    {{- include "argo-cd.labels" (dict "context" . "component" .Values.applicationSet.name "name" .Values.applicationSet.name) | nindent 4 }}
+roleRef:
+  apiGroup: rbac.authorization.k8s.io
+  kind: Role
+  name: {{ template "argo-cd.applicationSet.fullname" . }}
+subjects:
+  - kind: ServiceAccount
+    name: {{ template "argo-cd.applicationSetServiceAccountName" . }}
+    namespace: {{ .Release.Namespace }}
--- a/charts/argo-cd/templates/argocd-applicationset/service.yaml
+++ b/charts/argo-cd/templates/argocd-applicationset/service.yaml
@ -0,0 +1,19 @@
+apiVersion: v1
+kind: Service
+metadata:
+{{- if .Values.applicationSet.service.annotations }}
+  annotations:
+  {{- range $key, $value := .Values.applicationSet.service.annotations }}
+    {{ $key }}: {{ $value | quote }}
+  {{- end }}
+{{- end }}
+  name: {{ template "argo-cd.applicationSet.fullname" . }}
+  labels:
+    {{- include "argo-cd.labels" (dict "context" . "component" .Values.applicationSet.name "name" .Values.applicationSet.name) | nindent 4 }}
+spec:
+  ports:
+  - name: {{ .Values.applicationSet.service.portName }}
+    port: {{ .Values.applicationSet.service.port }}
+    targetPort: {{ .Values.applicationSet.containerPort }}
+  selector:
+    {{- include "argo-cd.selectorLabels" (dict "context" . "name" .Values.applicationSet.name) | nindent 4 }}
--- a/charts/argo-cd/templates/argocd-applicationset/serviceaccount.yaml
+++ b/charts/argo-cd/templates/argocd-applicationset/serviceaccount.yaml
@ -0,0 +1,15 @@
+{{- if .Values.applicationSet.serviceAccount.create }}
+apiVersion: v1
+kind: ServiceAccount
+automountServiceAccountToken: {{ .Values.applicationSet.serviceAccount.automountServiceAccountToken }}
+metadata:
+  name: {{ template "argo-cd.applicationSetServiceAccountName" . }}
+{{- if .Values.applicationSet.serviceAccount.annotations }}
+  annotations:
+  {{- range $key, $value := .Values.applicationSet.serviceAccount.annotations }}
+    {{ $key }}: {{ $value | quote }}
+  {{- end }}
+{{- end }}
+  labels:
+    {{- include "argo-cd.labels" (dict "context" . "component" .Values.applicationSet.name "name" .Values.applicationSet.name) | nindent 4 }}
+{{- end }}
--- a/charts/argo-cd/templates/argocd-applicationset/servicemonitor.yaml
+++ b/charts/argo-cd/templates/argocd-applicationset/servicemonitor.yaml
@ -0,0 +1,38 @@
+{{- if and .Values.applicationSet.metrics.enabled .Values.applicationSet.metrics.serviceMonitor.enabled }}
+apiVersion: monitoring.coreos.com/v1
+kind: ServiceMonitor
+metadata:
+  name: {{ template "argo-cd.applicationSet.fullname" . }}
+  {{- with .Values.applicationSet.metrics.serviceMonitor.namespace }}
+  namespace: {{ . }}
+  {{- end }}
+  labels:
+    {{- include "argo-cd.labels" (dict "context" . "component" .Values.applicationSet.name "name" .Values.applicationSet.name) | nindent 4 }}
+    {{- with .Values.applicationSet.metrics.serviceMonitor.selector }}
+      {{- toYaml . | nindent 4 }}
+    {{- end }}
+    {{- with .Values.applicationSet.metrics.serviceMonitor.additionalLabels }}
+      {{- toYaml . | nindent 4 }}
+    {{- end }}
+spec:
+  endpoints:
+    - port: metrics
+      {{- with .Values.applicationSet.metrics.serviceMonitor.interval }}
+      interval: {{ . }}
+      {{- end }}
+      path: /metrics
+      {{- with .Values.applicationSet.metrics.serviceMonitor.relabelings }}
+      relabelings:
+        {{- toYaml . | nindent 8 }}
+      {{- end }}
+      {{- with .Values.applicationSet.metrics.serviceMonitor.metricRelabelings }}
+      metricRelabelings:
+        {{- toYaml . | nindent 8 }}
+      {{- end }}
+  namespaceSelector:
+    matchNames:
+      - {{ .Release.Namespace }}
+  selector:
+    matchLabels:
+      {{- include "argo-cd.selectorLabels" (dict "context" . "component" .Values.applicationSet.name "name" "metrics") | nindent 6 }}
+{{- end }}
--- a/charts/argo-cd/templates/argocd-applicationset/webhook-ingress.yaml
+++ b/charts/argo-cd/templates/argocd-applicationset/webhook-ingress.yaml
@ -0,0 +1,89 @@
+{{- if .Values.applicationSet.webhook.ingress.enabled -}}
+{{- $serviceName := include "argo-cd.applicationSet.fullname" . -}}
+{{- $servicePort := .Values.applicationSet.service.portName -}}
+{{- $paths := .Values.applicationSet.webhook.ingress.paths -}}
+{{- $extraPaths := .Values.applicationSet.webhook.ingress.extraPaths -}}
+{{- $pathType := .Values.applicationSet.webhook.ingress.pathType -}}
+apiVersion: {{ include "argo-cd.ingress.apiVersion" . }}
+kind: Ingress
+metadata:
+{{- if .Values.applicationSet.webhook.ingress.annotations }}
+  annotations:
+  {{- range $key, $value := .Values.applicationSet.webhook.ingress.annotations }}
+    {{ $key }}: {{ $value | quote }}
+  {{- end }}
+{{- end }}
+  name: {{ template "argo-cd.applicationSet.fullname" . }}
+  labels:
+    {{- include "argo-cd.labels" (dict "context" . "component" .Values.applicationSet.name "name" .Values.applicationSet.name) | nindent 4 }}
+    {{- if .Values.applicationSet.webhook.ingress.labels }}
+    {{- toYaml .Values.applicationSet.webhook.ingress.labels | nindent 4 }}
+    {{- end }}
+spec:
+  {{- if eq (include "argo-cd.ingress.apiVersion" $) "networking.k8s.io/v1" }}
+  {{- with .Values.applicationSet.webhook.ingress.ingressClassName }}
+  ingressClassName: {{ . }}
+  {{- end }}
+  {{- end }}
+  rules:
+  {{- if .Values.applicationSet.webhook.ingress.hosts }}
+    {{- range $host := .Values.applicationSet.webhook.ingress.hosts }}
+    - host: {{ $host }}
+      http:
+        paths:
+          {{- if $extraPaths }}
+          {{- toYaml $extraPaths | nindent 10 }}
+          {{- end }}
+          {{- range $p := $paths }}
+          - path: {{ $p }}
+            {{- if eq (include "argo-cd.ingress.apiVersion" $) "networking.k8s.io/v1" }}
+            pathType: {{ $pathType }}
+            {{- end }}
+            backend:
+              {{- if eq (include "argo-cd.ingress.apiVersion" $) "networking.k8s.io/v1" }}
+              service:
+                name: {{ $serviceName }}
+                port:
+                  {{- if kindIs "float64" $servicePort }}
+                  number: {{ $servicePort }}
+                  {{- else }}
+                  name: {{ $servicePort }}
+                  {{- end }}
+              {{- else }}
+              serviceName: {{ $serviceName }}
+              servicePort: {{ $servicePort }}
+              {{- end }}
+          {{- end -}}
+    {{- end -}}
+  {{- else }}
+    - http:
+        paths:
+          {{- if $extraPaths }}
+          {{- toYaml $extraPaths | nindent 10 }}
+          {{- end }}
+          {{- range $p := $paths }}
+          - path: {{ $p }}
+            {{- if eq (include "argo-cd.ingress.apiVersion" $) "networking.k8s.io/v1" }}
+            pathType: {{ $pathType }}
+            {{- end }}
+            backend:
+              {{- if eq (include "argo-cd.ingress.apiVersion" $) "networking.k8s.io/v1" }}
+              service:
+                name: {{ $serviceName }}
+                port:
+                  {{- if kindIs "float64" $servicePort }}
+                  number: {{ $servicePort }}
+                  {{- else }}
+                  name: {{ $servicePort }}
+                  {{- end }}
+              {{- else }}
+              serviceName: {{ $serviceName }}
+              servicePort: {{ $servicePort }}
+              {{- end }}
+          {{- end -}}
+  {{- end -}}
+  {{- if .Values.applicationSet.webhook.ingress.tls }}
+  tls:
+    {{- toYaml .Values.applicationSet.webhook.ingress.tls | nindent 4 }}
+  {{- end -}}
+{{- end -}}